Hello,
have just started to explore HAProxy and am finding it amazing! As a long time
Zimbra user I wanted to see how one could balance the front-end web client so
had a play around. What I have at present is the following configuration:
frontend zimbra-zwc-frontend-https
bind 172.30.8.21:443 ssl crt /etc/haproxy/certs/zimbra.pem
mode tcp
option tcplog
reqadd X-Forwarded-Proto:\ https
default_backend zimbra-zwc-backend-http
backend zimbra-zwc-backend-http
mode http
balance roundrobin
stick-table type ip size 200k expire 30m
stick on src
server zwc1 zm1:80 check port 80
server zwc2 zm2:80 check port 80
I admit that the configuration has been cobbled together from other peoples
thoughts and ideas; though it does actually work! I did try to go the route of
HTTPS -> HTTPS but that completely fell apart due to Zimbra using NGINX and
automatically re-routing HTTP -> HTTPS. The other stumbling block was I could
not see how to check that the report HTTPS (443) port was available. I have
seen "check port" and "check id" used but neither worked as expected. So at
present I have HAProxy acting as the SSL terminator and backing off the
requests to a HTTP backend. I can take one backend node down, upgrade it, and
restart it with affecting any new connections again a single destination IP
address; NICE! :)
This is all very new to me so any expert advice, or directions to further
reading, would be very grateful and encouraged.
Thank you.
P.
