HAProxy Cluster Setup Example

From Brian Nelson Ramblings
Revision as of 03:48, 28 June 2019 by Brian (Talk | contribs) (Created page with " [root@us ~]# cat /etc/haproxy/haproxy.cfg global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats timeout 30s user haproxy group...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

[root@us ~]# cat /etc/haproxy/haproxy.cfg global

  log /dev/log local0
  log /dev/log local1 notice
  chroot /var/lib/haproxy
  stats timeout 30s
  user haproxy
  group haproxy
  daemon


listen stats

 bind :1936
 stats enable
 stats uri /
 stats refresh 10s
 stats hide-version
 stats auth esg:pw4nexcess

defaults

  log global
  mode http
  option httplog
  option dontlognull
   option forwardfor
  timeout connect 5000
  timeout client 50000
  timeout server 50000

frontend http_front

  bind *:80
  stats uri /haproxy?stats
  1. default_backend http_back
 # redirect all to https
 redirect scheme https if !{ ssl_fc }

frontend https_front

  bind *:443 ssl crt /etc/haproxy/ssl/dev.briansnelson.com.pem
  1. reqadd X-Forwarded-Proto:\ https
  mode http
  acl https ssl_fc
 # Add the X-Forwarded-Proto header if we're on https
 http-request add-header X-Forwarded-Proto https if https
 http-request set-header Ssl-Offloaded 1 if https
 http-request set-header X-Forwarded-Port %[dst_port]
  default_backend https_back

backend http_back

  mode http
  balance roundrobin
  1. server web01 108.61.205.235:80 check ssl verify none
  2. server web02 108.61.205.235:80 check ssl verify none

backend https_back

  mode http
  balance leastconn
  server web01 127.0.0.1:6081 check ssl verify none
  server web02 108.61.205.235:443 check ssl verify none backup