HAProxy設定

cat xxx.crt xxx.key > /etc/haproxy/cert/xxx.com.pem

/etc/haproxy/haproxy.cfg

Statistics Report

listen stats
bind *:1080 ssl crt /etc/haproxy/cert/xxx.pem
stats refresh 30s
stats uri /stats
stats realm HAProxy\ Stats
stats auth admin:admin

Option 1 直接指到後面的Server

listen Web1
bind *:80
bind *:443
mode tcp
option tcp-check
server WebServer1 xxx.xxx.xxx.xxx:443 check
server WebServer2 xxx.xxx.xxx.xxx:443 check

Option 2 進階設定

frontend Web1
bind *:80
redirect scheme https if !{ ssl_fc }
bind *:443 ssl crt /etc/haproxy/cert/xxx.com.pem
mode http
acl acl-Web1 hdr_dom(host) -i xxx.com
http-request return status 200 content-type text/html file /etc/haproxy/errors/500.http if acl-Web1
use_backend Web1 if acl-Web1
# default_backend Web1
backend Web1
mode http
stick-table type ip size 1m expire 30m
stick on src
server WebServer1 xxx.xxx.xxx.xxx:443 ssl verify none check
server WebServer2 xxx.xxx.xxx.xxx:443 ssl verify none check

Comments

No comments yet. Why don’t you start the discussion?

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *

*