Hello Baptiste, Thanks a lot, I have a working configuration ! I ended up having HAProxy answering to SSL requests, and forwarding them to SSL backends. I guess it's a bit overkill and even a bad performance hint, but right now, I cannot change the application that easily.
Hoggins! Le 12/10/2014 17:47, Baptiste a écrit : > On Sun, Oct 12, 2014 at 1:34 PM, Hoggins! <[email protected]> wrote: >> Hello list, >> >> This must be a stupid question, but I'm still wondering, because this >> would help me : I would like to perform some load-balancing between two >> HTTP / HTTPS backends. The HTTP operations do not pose a problem, and >> it's actually working absolutely fine, based on L7 checks (specific web >> page that returns OK when all the applicative checks are performed). >> >> Because the underneath application often switches from HTTP to HTTPS, I >> couldn't find a better way to balance it than to use TCP load-balancing >> to achieve this : the HTTP / HTTPS switch is handled by the application >> itself. >> >> Also, I use some websockets that I would like to load-balance. >> >> Anyway, here is the question : for my TCP mode sections, I would like to >> know if it's possible for HAProxy to take decisions based on L7 tests. I >> hope my question is clear, I'm fairly new to this and it might be a very >> fuzzy setup for an expert point of view. >> >> Thanks for your help. >> > > Hi Hoggins, > > Just perform you 'option httpchk' on your TCP backend. > Then you have 2 options: > - tell HAProxy that the check should be ciphered. See 'check-ssl' > - tell HAProxy to run the check on an unciphered port. See 'port' > > Baptiste >
signature.asc
Description: OpenPGP digital signature
