On Wed, Jul 15, 2015 at 1:14 PM, mlist <ml...@apsystems.it> wrote: >>> Hi, >>> we see there is a new feature of HAProxy, peer and share table >>> (sticky-table). This peer feature can be used to have in synch stick cookie >>> so if one haproxy goes down the other can take over connections ? > > >> Yes, the stick table remember and share each which is sticked to which >> server. You can use any criteria of the connexion, and of course you >> can use a cookie set by your application. > >> In othe way, HAProxy can put his own cookie in the HTTP response and >> use it for the persistance. This mode is useful because you don't need >> to share the stick table and two "unconnected" haproxy can assure the >> high avalaibility without loosing the session affinity. > > > So if we'll use share stick table between 2 HAProxy LB we'll do not need > cookie to maintain backend server sessions and if we'll use cookie we do not > need to share stick table ? in the latter case how the surviving HAProxy know > where to route the request to the correct backend server using some > haproxy.cfg with some beckend server definition ?
It does not work like this :) Persistence is based on your client and server capabilities as well as the type of protocol. IE, if you want persistence over POP protocol, then use source IP and a stick table. If you want persistence for a web mail application where clients are browsers and they can use a cookie, then use a cookie set by HAProxy. If you want persistence over a PHP or Java application, without inserting a new cookie, then store cookies generated by the application servers in a stick table you share between your HAProxy... etc... > >>> What is your choice ? > > >> The choice depends of each problem. HAProxy is very rich and permits to >> solve many LB and HA issues. Generally I prefer the simplest solution >> able to solve my issues. > > I mean your choice to take in sync haproxy.cfg file between 2 or more haproxy > LB (rsync, custom script, etc.) rsync or scp... I mean, it's not only a cfg file, but also your SSL certificates, your ACLs, MAPs, etc... Baptiste