Here is my working config,
Any recommandations are more then welcome.
version running on ubuntu server
sudo dpkg -l | grep haproxy
ii haproxy 1.3.14.3-1
fast and reliable load balancing reverse pro
I know it's old but it work !
global
log 127.0.0.1 local0 debug
stats socket /var/run/haproxy-socket-stats
maxconn 4096
user haproxy
group haproxy
defaults
log global
option tcplog
retries 3
maxconn 2000
contimeout 5000
clitimeout 14400000
srvtimeout 14400000
listen stats :8080
mode http
option httpclose
stats enable
stats uri /
balance source
server web-1 192.168.4.30:80
listen rdpfarm :3389
mode tcp
balance source
option tcpka
server TS-1 10.0.0.102 check port 3300
server TS-1 10.0.0.102 check port 3389 backup
server TS-2 10.0.0.152 check port 3300
server TS-2 10.0.0.152 check port 3389 backup
I use this setup to enable phasing "out an in" of TS server wihout to
much user interruption. When the TS server are online they listen on
port 3389 and port 3300, when we want to put the server in maintenance
mode we just close port 3300. This is really nice since currently open
RDP session will continue to work but new connection get to another TS
server. Then you just informe your user to finish there work and reopen
a TS session and they will end on another server.
has an ADMIN you can connect to the server directly to the server IP in
maintenance mode and upgrade any software on it will no user are on the
server with you.
We love this way of working.
Voila
Feel free to comment.
Guillaume
Paul Dickson a écrit :
Has anyone had any luck in setting HAPROXY up as a front end for
terminal services clusters? My connections keep dropping, but have
become a bit more reliable since my last email on the topic with the
following conf file:
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global
log 127.0.0.1 local0
log 127.0.0.1 local1 notice
#log loghost local0 info
maxconn 4096
#chroot /usr/share/haproxy
user haproxy
group haproxy
daemon
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
retries 3
option redispatch
maxconn 2000
# Time to wait for the opening connection to a server to succeed.
5000ms=5sec
contimeout 10000
# Time to wait for a client to respond to packets. Set below to
50000ms=50sec
timeout client 50000
# Time to wait for a server to respond to packets. Set below to
50000ms=50sec
timeout server 50000
option srvtcpka
listen rdp 0.0.0.0:3389
mode tcp
# All three tcpka options: TCP protocol, Keep alive. All of them are
suggested for sessions with long amounts of idle time such as remote
desktops.
# option tcpka
option clitcpka
option srvtcpka
option redispatch
option tcplog
#Balance specifies load balance method. Search
"http://haproxy.1wt.eu/download/1.3/doc/configuration.txt"; for
"balance roundrobin" to see all the available modes and what they do.
balance roundrobin
#
# NOTES ABOUT STATEMENTS AND PARAMETERS BELOW IN MATCHING ORDER.
#
# "server" is a haproxy internal statement
# `server name` can be listed as anything.. i put the real name for
clarity
# "IP:port#" if you don't know this you need to wipe the drule off
your chin.
# "check" see if the server is up
# "port #" what port to check. I'm not sure this is needed since the
port is already specified with the IP. Can't hurt
# "inter" interval to run the check in ms. 1000ms = 1sec
# "fastinter #". By default a server is checked 3 times then
determined to fail. This specifies if it fails the first check, the
next will happen at the interval specified. 500ms=0.5 sec.
# "downinter #". Oposite of fastinter, this specifies how long the
waits should be between checks when a server has been determined to be
down. To reduce network traffic I have set this to 10000ms, which is
10seconds.
# server nt1s77 10.58.240.248:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
# server nt1s21z 10.12.20.172:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
# server dcwh03 10.12.20.150:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
# server nt1s23vm 10.12.20.116:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
# server dceoc01 10.2.128.250:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tswh01 10.14.3.111:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tswh02 10.14.3.102:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tswh03 10.14.3.113:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tswh04 10.14.3.104:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tslec01 10.14.3.131:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tslec02 10.14.3.122:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tslec03 10.14.3.133:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
server tslec04 10.14.3.134:3389 check port 3389 inter 2000
fastinter 500 downinter 10000
# Web stats interface
listen admin_stats 10.14.2.157:8080
mode http
stats uri /
stats realm Global\ statistics
stats auth admin:fakepassword
balance roundrobin
#errorloc 502 http://192.168.114.58/error502.html
#errorfile 503 /etc/haproxy/errors/503.http
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
Paul K. Dickson
Systems Administrator
Frederick County Government, IIT
[email protected]
301-600-2399/x12399
------ End of Forwarded Message
--
Guillaume Bourque, B.Sc.,
consultant, infrastructures technologiques libres !
514 576-7638
