Apache as a reverse proxy for Wildlfly (best practice question)

[Haitham Alkhatib]

Hi, 

This is a best practice question rather than a technical issue with wildfly. 

we've been running wildfly behind Apache httpd using mod_proxy for years. Now we working on containerising our application using openshift. Some of our team members argued that we don't need Apache httpd as it adds complexity to the deployment. 

I wish if someone can share experience running Wildly with or without Apache httpd and what's the pros and cons.

Thanks,

Tim 

[Martin Choma]

OpenShift provide by default HaProxy in Router object which is tuned for working properly with Service objects. That is what is used in Wildfly/EAP documentation and what is tested.

I agree migrating Apache httpd mod_proxy design from baremetal to OpenShift will go against nature of OpenShift and could complicate things.  Is there any particular mod_proxy feature which you are missing in HAProxy on OpenShift?

[Paul Ferraro]

WildFly tries to guide subsequent requests to the server that most efficiently handle a given session via affinity hints embedded with the session cookie.

This mechanism used by WildFly is completely supported by (and indeed was designed for) the mod_cluster/mod_proxy and mod_jk httpd load balancing modules.

This mechanism is important since the ideal affinity for a given distributed web session can change as the result of scaling (both up and down).

Unfortunately, HAProxy's sticky session implementation ignores these hints - and is therefore a less efficient load balancer for use with distributed web applications in WildFly.

https://issues.redhat.com/browse/WFLY-16043 aims to make the existing mechanism more flexible, to work with a broader range of load balancers - though, AIUI, HAProxy's stick session implementation will continue to be problematic, as it will always overwrite any explicit routing cookies that WildFly adds to the response.