Follow

All traffic only hitting one Endpoint node

If an environment is configured with multiple endpoint nodes, and no external load balancing, it may be required that the Nginx configuration(s) be updated to perform round-robin load balancing.

 

For example:

An environment has 3 Endpoint (Flow) servers named flow1, flow2, and flow3.

All of the Interset Sensors deployed are configured to connect to flow1.

This will result in all sessions and traffic being handled only by the Flow processes on the flow1 server, while the others remain idle.

 

In order to resolve this, open /etc/nginx/conf.d/interset.conf on the flow1 server in an editor (e.g. vi), and perform the following:

Change:

upstream flowd {
server 127.0.0.1:8000 max_fails=2 fail_timeout=60s;
server 127.0.0.1:8001 max_fails=2 fail_timeout=60s;
server 127.0.0.1:8002 max_fails=2 fail_timeout=60s;
server 127.0.0.1:8003 max_fails=2 fail_timeout=60s;
}

To:

upstream flowd {
server 127.0.0.1:8000 max_fails=2 fail_timeout=60s;
server 127.0.0.1:8001 max_fails=2 fail_timeout=60s;
server 127.0.0.1:8002 max_fails=2 fail_timeout=60s;
server 127.0.0.1:8003 max_fails=2 fail_timeout=60s;
server flow2:8000 max_fails=2 fail_timeout=60s;
server flow2:8001 max_fails=2 fail_timeout=60s;
server flow2:8002 max_fails=2 fail_timeout=60s;
server flow3:8003 max_fails=2 fail_timeout=60s;
server flow3:8000 max_fails=2 fail_timeout=60s;
server flow3:8001 max_fails=2 fail_timeout=60s;
server flow3:8002 max_fails=2 fail_timeout=60s;
server flow3:8003 max_fails=2 fail_timeout=60s;
}

and restart nginx by running "sudo systemctl restart nginx" to ensure the updated configuration is utilized.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk