Server/haproxy

Aus C3D2
Zur Navigation springen Zur Suche springen


Hardware Info

Virtualisiert durch intern:Freebert

Software Info

FreeBSD Jail Container

  • haproxy

Verwendungszweck

  • haproxy (high availability) für reverseproxy1/2 jails
  • dev version 1.5 für ssl support

https://haproxy.hq.c3d2.de

haproxy.conf

### ### ### C3D2 ### ### ###

global
    log 127.0.0.1   local0
    log 127.0.0.1   local1 notice
    maxconn 4096
    user haproxy
    group nogroup
    daemon

defaults
    log global
    mode    http
    option  httplog
    option  dontlognull
    option forwardfor
    option http-server-close
    stats enable
     stats auth topsecret:topsecret
     stats uri /haproxyStats
contimeout 5000
clitimeout 50000
srvtimeout 50000

#frontend http-in
#    bind *:80
#    reqadd X-Forwarded-Proto:\ http
#    default_backend saugbert

frontend https-in
    bind *:443 ssl crt /usr/local/etc/haproxy/haproxy.pem
    reqadd X-Forwarded-Proto:\ https
    default_backend saugbert

backend saugbert
    redirect scheme https if !{ ssl_fc }
#balance leastconn
    balance roundrobin
    option httpclose
    option forwardfor
    cookie JSESSIONID prefix

#    #enter the IP of your application here
#    server reverseproxy1 172.22.99.79:80 weight 1 maxconn 1024 check #cookie A check
#    server reverseproxy2 172.22.99.99:80 weight 1 maxconn 1024 check #cookie B check

### CARP // ###
    server reverseproxy 172.22.99.247:80 check
### // CARP ###

#backend saugbert
#  mode http
#  balance roundrobin
#  cookie SERVERID insert indirect nocache
#  server reverseproxy1 172.22.99.79:80 check cookie reverseproxy1
#  server reverseproxy2 172.22.99.99:80 check cookie reverseproxy1

### ### ### C3D2 ### ### ###
# EOF

SternenLogBuch

  • 23.06.2014 - Basis Setup