Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi Im trying to get HaProxy working in a test enviroment, to see how it all works.
1 x Centos 6.5 running V1.5 haproxy
2 x redhat 6.5 server running a test app that uses SSL
I want to connect to the haproxy which in turn forwards to either of the two backend servers, which run an app that uses ssl.
Im new to the haproxy config and my head is in a spin, so just looking for some tips or advise on how I might be able to get this working. (Its only a test enviroment, for me to get my head around the haproxy aspect).
I have the haproxy.cfg configured as below, Im sure its not complete, but the process starts and I can see the log which indicates its trying to get to one of the backedn servers, but fails to complete.
Log states "GET / HTTP/1.1", and this is I think is because http will not talk to https...
If anyone has some expertise on this aspect and can shed some light on what I would need to do, that would be great.
haproxy.cfg File contents
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
ssl-server-verify none
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 1m
maxconn 3000
#---------------------------------------------------------------------
#HAProxy Monitoring Config
#---------------------------------------------------------------------
listen haproxy3-monitoring *:8080 #Haproxy Monitoring run on port 8080
mode http
option forwardfor
option httpclose
stats enable
stats show-legends
stats refresh 5s
stats uri /stats #URL for HAProxy monitoring
stats realm Haproxy\ Statistics
stats auth howtoforge:howtoforge #User and Password for login to the monitoring dashboard
stats admin if TRUE
default_backend app-main #This is optionally for monitoring backend
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main
bind *:80
option http-server-close
option forwardfor
default_backend app-main
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app-main
balance roundrobin #Balance algorithm
option httpchk GET /health_check
server myserver1.test.com 192.168.0.1:443 #test1
server myserver1.test.com 192.168.0.1:443 #test2
Hi Im trying to get HaProxy working in a test enviroment, to see how it all works.
1 x Centos 6.5 running V1.5 haproxy
2 x redhat 6.5 server running a test app that uses SSL
I want to connect to the haproxy which in turn forwards to either of the two backend servers, which run an app that uses ssl.
Im new to the haproxy config and my head is in a spin, so just looking for some tips or advise on how I might be able to get this working. (Its only a test enviroment, for me to get my head around the haproxy aspect).
I have the haproxy.cfg configured as below, Im sure its not complete, but the process starts and I can see the log which indicates its trying to get to one of the backedn servers, but fails to complete.
Log states "GET / HTTP/1.1", and this is I think is because http will not talk to https...
If anyone has some expertise on this aspect and can shed some light on what I would need to do, that would be great.
haproxy.cfg File contents
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
ssl-server-verify none
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 1m
maxconn 3000
#---------------------------------------------------------------------
#HAProxy Monitoring Config
#---------------------------------------------------------------------
listen haproxy3-monitoring *:8080 #Haproxy Monitoring run on port 8080
mode http
option forwardfor
option httpclose
stats enable
stats show-legends
stats refresh 5s
stats uri /stats #URL for HAProxy monitoring
stats realm Haproxy\ Statistics
stats auth howtoforge:howtoforge #User and Password for login to the monitoring dashboard
stats admin if TRUE
default_backend app-main #This is optionally for monitoring backend
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main
bind *:80
option http-server-close
option forwardfor
default_backend app-main
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app-main
balance roundrobin #Balance algorithm
option httpchk GET /health_check
server myserver1.test.com 192.168.0.1:443 #test1
server myserver1.test.com 192.168.0.1:443 #test2
I found an example file within the haproxy files, ssl.cfg, so all is good now
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
