0
我們嘗試配置兩回在HAProxy的負載均衡方案HTTPS結束。HAProxy的與miltiple後端
我們試圖終止SSL,hrd_beg,...但不能預期結果 來作爲我們試圖請求被轉移到的,而不是默認後端到其他後端每個配置。
下面是我的配置文件。
global
log 127.0.0.1 local0 notice
log 127.0.0.1 local1 debug
maxconn 5000 # Total Max Connections. This is dependent on ulimit
daemon
quiet
nbproc 1 # Number of processing cores. Dual Dual-core Opteron is 4 cores for example.
chroot /usr/share/haproxy
user haproxy
group haproxy
#stats socket /var/run/haproxy.stat mode 600
defaults
log global
# Setting options
option dontlognull #Disable logging of null connections as these can pollute the logs
option redispatch # Enable session redistribution in case of connection failure, which is important in a HA environment
option tcp-smart-accept # Performance tweak, saving one ACK packet during the accept sequence
option tcp-smart-connect # Performance tweak, saving of one ACK packet during the connect sequence
# Setting timeouts
timeout connect 5s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 5s
retries 3
# Slowloris protection
timeout http-request 10s # Slowloris protection
timeout tarpit 1m # tarpit hold time
timeout queue 1m
backlog 10000
frontend ap_ft_https
bind *:443 ssl crt /home/mykey.pem
mode tcp
acl dcall url_sub dc
use_backend dc_bk_https if dcall
use_backend ap_bk_https if { hdr_beg(host) -i ap }
use_backend dc_bk_https if { hdr_beg(host) -i dc }
default_backend ap_bk_https
# Configuration for AP Portals
backend ap_bk_https
mode tcp
balance roundrobin # Load Balancing algorithm
reqadd X-Forwarded-Proto:\ https
#option tcplog
default-server inter 5s rise 2 fall 5
server server1 x.x.x.x:443 weight 1 maxconn 512 check
# server server2 x.x.x.x:443 weight 1 maxconn 512 check
#Configuration for DC Portals
backend dc_bk_https
mode tcp
balance roundrobin # Load Balancing algorithm
reqadd X-Forwarded-Proto:\ https
#option tcplog
default-server inter 5s rise 2 fall 5
server server1 x.x.x.x:443 weight 1 maxconn 512 check
server server2 x.x.x.x:443 weight 1 maxconn 512 check
#HAProxy Stats configuration
listen stats
mode http
bind 0.0.0.0:8880
clitimeout 100s
srvtimeout 100s
contimeout 100s
timeout queue 100s
stats enable
stats hide-version
stats refresh 30s
stats show-node
stats uri /haproxy?stats
stats realm Admin\ Portal\ HAProxy\ Statistics
stats auth admin:xxxx
我的網址開頭像apxxx.domain.com和dcxxx.domain.com。
我想配置HAProxy的這樣一種方式,如果請求的是apxxx.domain.com那麼就應該去HAProxy的後端ap_bk_https並以同樣的方式,如果它是dcxxx.domain.com它應該去HAProxy的後端dc_bk_https。
您的幫助將是讚賞!
這聽起來不錯,但在我們的情況下,我在這種情況下domain.com提到apxxx.domain.com和dcxxx.domain.com我們的域名是相同的兩個後端是相同的區別是apxxx和dcxxx及再怎麼這將在端口443上工作,在端口80上它已經工作了! – bankat
試試這個,如果有任何問題請告訴我。 前端HTTP-在 綁定*:80 ACL app_ap hdr_end(主機)-i apxxx.domain.com ACL app_dc hdr_end(主機)-i dcxxx.domain.com use_backend ap_bk_https如果app_ap use_backend dc_bk_https如果app_dc –
我已根據您的需要編輯了答案。嘗試一下,並在發生任何問題時通知我。 –