Yup. I accomplish what you're describing by using HTTP mode along with stunnel for the SSL.
David From: Vivek Malik [mailto:[email protected]] Sent: Monday, November 07, 2011 11:10 AM To: Mir Islam Cc: [email protected] Subject: Re: SSL Pass through and sticky session You are running haproxy in a tcp mode since you are relaying SSL and decrypting on the backend. Cookies can only be analyzed in HTTP mode. Not sure how to do sticky sessions in tcp mode. Vivek On Mon, Nov 7, 2011 at 2:03 PM, Mir Islam <[email protected]> wrote: Is it possible to utilize some sort of sticky session for incoming requests? SSL connections are terminated at the servers in the backend. Right now I can do source IP based balance. But then users behind a firewall/NAT will not get load balanced correctly. Instead, they all end up on same server. That is my main problem. Here is a portion of my config. I added the cookie param but I guess it will work with http only. Anyway, any help/pointer is appreciated. listen ssl-relay 0.0.0.0:443 option ssl-hello-chk balance source server inst1 10.254.2.145:443 check inter 2000 fall 3 server inst2 10.46.19.211:443 check inter 2000 fall 3 option httpclose # disable keep-alive option checkcache # block response if set-cookie & cacheable cookie HASERVERID inser
