Hello, On 10 May 2016 at 14:23, Jonathan Matthews <[email protected]> wrote:
> On 5 May 2016 at 12:11, Hector Rivas Gandara > <[email protected]> wrote: >> * If not, is there a better way to 'chain' the config as I did above. > Take a look at the "abns@" syntax and feature documented here: > https://cbonte.github.io/haproxy-dconv/configuration-1.6.html#bind. > It's excellent for HAP->HAP links, as you're using. I'm using it in > production *inside* Cloud Foundry, for the record :-) I did not try the `abns@` thing because I did not really understand it, but I think it is a nice proposal. Our case is also for Cloud Foundry. > As an aside, I'd be interested in even a brief summary of how/if you > resolved your problem, given that I've not seen it described on the > list before. I wonder if you're the first to run into this specific > problem ... As commented, I implemented it first using two frontends chained: https://github.com/alphagov/paas-haproxy-release/commit/394a7ccf4dfe9b495f671bd3f971e4b91653e58b Then we discussed it internally and we decided drop the requirement of encrypting the traffic between ELB and the HAProxy for the time being. -- Regards Hector Rivas | GDS / Multi-Cloud PaaS
