HAProxy Cluster Setup Example
From Brian Nelson Ramblings
Revision as of 03:48, 28 June 2019 by Brian (Talk | contribs) (Created page with " [root@us ~]# cat /etc/haproxy/haproxy.cfg global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats timeout 30s user haproxy group...")
[root@us ~]# cat /etc/haproxy/haproxy.cfg global
log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats timeout 30s user haproxy group haproxy daemon
listen stats
bind :1936 stats enable stats uri / stats refresh 10s stats hide-version stats auth esg:pw4nexcess
defaults
log global mode http option httplog option dontlognull option forwardfor
timeout connect 5000 timeout client 50000 timeout server 50000
frontend http_front
bind *:80 stats uri /haproxy?stats
- default_backend http_back
# redirect all to https
redirect scheme https if !{ ssl_fc }
frontend https_front
bind *:443 ssl crt /etc/haproxy/ssl/dev.briansnelson.com.pem
- reqadd X-Forwarded-Proto:\ https
mode http acl https ssl_fc
# Add the X-Forwarded-Proto header if we're on https http-request add-header X-Forwarded-Proto https if https http-request set-header Ssl-Offloaded 1 if https http-request set-header X-Forwarded-Port %[dst_port]
default_backend https_back
backend http_back
mode http balance roundrobin
- server web01 108.61.205.235:80 check ssl verify none
- server web02 108.61.205.235:80 check ssl verify none
backend https_back
mode http balance leastconn server web01 127.0.0.1:6081 check ssl verify none server web02 108.61.205.235:443 check ssl verify none backup
