Migrate from single instance to cluster (redis storage)

aiozufh · March 28, 2024, 10:14am

1. The problem I’m having:

I’m currenlty using a single Caddy instance (one server) to serve as public proxy to my internal services. I would like to put 2 Caddy instances into production by sharing the same storage (redis).

Something like:

storage redis {
    host {$CADDY_CLUSTERING_REDIS_HOST}
    tls_enabled {$CADDY_CLUSTERING_REDIS_TLS}
}

But i have concerns of how to do it correctly, as for now, everything is stored (by default) locally.

By moving the storage to Redis on production server (basically, inserting the above code snippet) will everything be moved to that storage by Caddy? Should I do it manually (is there any docs)?

2. Error messages and/or full log output:

Not related.

3. Caddy version:

v2.7.6

4. How I installed and ran Caddy:

a. System environment:

Installe from distribution repos, Ubuntu 22.04 LTS x64

b. Command:

Run by systemd

c. Service/unit/compose file:

d. My complete Caddy config:

# GLOBAL options
{
        servers {
                strict_sni_host on
        }

        on_demand_tls {
                ask http://ask.localhost/check
        }
}

# Define LOGS block
(logs) {
        log {
                output file /var/log/caddy/{args[0]}.log
                level ERROR
        }
}

# Common server parameters
(serveroptions) {
        header -Server
        tls {
                resolvers 1.1.1.2 1.0.0.2
                on_demand
        }
}

# Common options applied to upstream servers
(proxyoptions) {
        transport http {
                keepalive off
                proxy_protocol v2
        }
}

# auto_https "ASK" Server
import Allowedsites

# Server 1
server1.example.com {
        import serveroptions
        import logs server1.example.com

        reverse_proxy {
                to 192.168.1.6:4443
                import proxyoptions
        }
}

# Server 2
server2.example.com {
        import serveroptions
        import logs server2.example.com

        reverse_proxy {
                to 192.168.1.8:4443
                import proxyoptions
        }
}

5. Links to relevant resources:

francislavoie · March 28, 2024, 6:16pm

You can use the caddy storage export and caddy storage import commands to migrate your existing certificates.

But if you only have a few certificates, you could just let Caddy re-issue them naturally. Up to you.

Before you do though, I recommend using GitHub - pberkel/caddy-storage-redis which is a more modern Redis storage implementation for Caddy.

aiozufh · March 29, 2024, 7:18am

Hi @francislavoie thanks, this seems to cover all my needs.

One further question, once storage is shared, are servers and configurations (basically, Caddyfile content) shared too or they need to be managed separately on each server? To be clear, are Caddyfile changes propagated across all instances?

Thanks again.

francislavoie · March 29, 2024, 8:19pm

No, config is not automatically synced currently. You’ll need to do that yourself for now. The problem is Caddy needs an initial config to know to load config from somewhere, and the next config needs to also have similar config to watch for a reload.

aiozufh · March 29, 2024, 8:24pm

Ok got it, thanks.