zap51 commented on issue #8221:
URL: https://github.com/apache/cloudstack/issues/8221#issuecomment-1820071003
> Hello @zap51 , Everything alright?
>
> As mentioned earlier, we were analyzing the choice between nginx and
haproxy, and we ended up preferring the use of haproxy. So, I'll be setting up
this proxy for load balancing between the managements and also for access via
URL and the use of SSL certificates to access by name. I just had one doubt: I
would like to know if it won't be necessary to configure port 8250 as well, in
addition to the http/s ports.
>
> Team, I just set up this file for ports 8250, 8080, and 443.
>
> global
> log 127.0.0.1 local0
> log 127.0.0.1 local1 notice
> #log loghost local0 info
> maxconn 8192
> chroot /usr/share/haproxy
> user haproxy
> group haproxy
> daemon
>
> defaults
> option http-server-close
> log global
> mode http
> option dontlognull
> retries 3
> option redispatch
> maxconn 2000
> timeout connect 5s
> timeout client 120s
> timeout server 120s
>
> listen stats
> bind <HA-PROXY-02>:9245
> mode http
> stats hide-version
> stats enable
> stats uri /admin?stats
> stats realm Haproxy\ Statistics
> stats auth admin:<PASSWORD>.
>
>
> frontend vs-acs-gui-http
> bind <IP-MGMT>:80
> http-request redirect scheme https if !{ ssl_fc }
>
> bind <IP-MGMT>:443 ssl crt /etc/haproxy/certs/wildcard.crt
> mode http
> option httplog
> option forwardfor
> maxconn 2000
> acl path_root path /
> redirect location https://acs.<domain>.com.br/client/ if path_root
> default_backend pool-acs-gui-http
>
> frontend vs-acs-gui-https-int
> bind <IP-MGMT>:443 ssl crt /etc/haproxy/certs/wildcard.crt
> mode http
> option httplog
> option forwardfor
> maxconn 2000
> acl path_root path /
> redirect location https://acs.<domain>.com.br/client if path_root
> default_backend pool-acs-gui-http
>
> backend pool-acs-gui-http
> mode http
> option httplog
> option forwardfor
> balance leastconn
> fullconn 2000
> cookie SERVERID insert indirect
> server <NAME> <IP-MGMT>:8080 maxconn 1000 check inter 5s cookie
<NAME>
> server <NAME> <IP-MGMT>:8080 maxconn 1000 check inter 5s cookie
<NAME>
>
> frontend vs-acs-tcp-8250
> bind <IP-MGMT>:8250
> mode tcp
> option tcplog
> maxconn 2000
> default_backend pool-acs-tcp-8250
>
> backend pool-acs-tcp-8250
> mode tcp
> option tcplog
> balance source
> fullconn 2000
> hash-type consistent
> server <NAME> <IP-MGMT>:8250 maxconn 1000 check inter 5s
> server <NAME> <IP-MGMT>:8250 maxconn 1000 check inter 5s
>
>
>
Hi,
Please read https://www.shapeblue.com/software-based-agent-lb-for-cloudstack
Thanks,
Jayanth
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
