Proxy (TCP)
Overview
Section titled “Overview”proxy.core.lef (instance np-proxy) runs HAProxy for long-lived TCP routing, especially database endpoints under *.db.lef.
This VM runs on np-leftec-hipervisorA-1.
Purpose
Section titled “Purpose”- Provide stable database endpoints (
<name>.db.lef) while backends move or restart. - Health-check backends and fail closed when targets are down.
Inventory
Section titled “Inventory”| Item | Value |
|---|---|
| Provider | EVEO private cloud (VM) |
| Instance | np-proxy |
| VMID (Proxmox) | 101 |
| OS | Debian 12 |
| vCPU | 1 |
| RAM | 512 MB |
| Disk | 2 GB |
| LAN IP | 192.168.20.3 |
Entry points
Section titled “Entry points”- SSH (VPN/LAN required):
proxy.core.lef - DB endpoints: see TCP proxy
- (If enabled) HAProxy stats: http://proxy.core.lef:8404/haproxy?stats (VPN/LAN)
Host entries (login profiles)
Section titled “Host entries (login profiles)”| Host entry | User | Purpose | Related |
|---|---|---|---|
np-proxy | root | HAProxy (DB endpoints, TCP routing) | TCP proxy |
Hosted services
Section titled “Hosted services”- HAProxy (TCP mode) for SQL Server and other DB endpoints
Dependencies
Section titled “Dependencies”- Internal DNS resolution for
*.db.lefand backend hosts (see db.lef). - Backend DB instances on
lab.core.lef,alma.core.lef,coragem.core.lef,tokio.core.lef, and EVEO DBaaS.
Operational notes
Section titled “Operational notes”- When a DB endpoint is down, start with the
*.db.lefmap (see TCP proxy) and validate backend reachability over VPN/LAN. - Prefer DNS hostnames in HAProxy backends; avoid hardcoding IPs unless required.
Backup & recovery
Section titled “Backup & recovery”- This VM is backed up daily via EVEO (see
np-leftec-hipervisorA-1).
Known risks / failure modes
Section titled “Known risks / failure modes”- If HAProxy is down, multiple DB endpoints appear down at once.
- Split-horizon DNS issues can cause clients to route incorrectly (see DNS split horizon).