Re: Need help to configure ha proxy

Tue, 30 Aug 2016 06:36:11 -0700 

This config appears to be a decent start.  and looks to meet your
requirements for http.

Now you just need another frontend configured for 443,  it would match
the :80 frontend, aside from port, using SSL, and a path to the
certificates.



On Tue, Aug 30, 2016 at 8:47 AM, Harish Chander
<harish.chan...@hotmail.com> wrote:
> Hi,
>
>
> I shall be really thankful you if you help in configure haproxy or its
> possible or not.
>
>
> External ELB - In external AWS ELB i have 2 Ha proxy server
>
>
> HA Proxy
>
> connect
>
> haproxy > beta.example.com
>
> beta.example.com > api-example.com
>
>
> beta.example.com server work's on 80 and 443 both, If i add A Name in DNS of
> direct server IP then work everything.
>
>
> Requirement - beta.example.com should work on both 443 and 80. now its
> working for 80 only. Please help me out. you can call me +918529142143 any
> time.
>
>
> Current haproxy conf under below
>
>
>
> haproxy.conf
>
>
> global
>
> log /dev/log local0
>
> log /dev/log local1 notice
>
> chroot /var/lib/haproxy
>
> stats socket /run/haproxy/admin.sock mode 660 level admin
>
> stats timeout 30s
>
> user haproxy
>
> group haproxy
>
> daemon
>
>
> # Default SSL material locations
>
> ca-base /etc/ssl/certs
>
> crt-base /etc/ssl/private
>
>
> # Default ciphers to use on SSL-enabled listening sockets.
>
> # For more information, see ciphers(1SSL). This list is from:
>
> #  https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
>
> ssl-default-bind-ciphers
> ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
>
> ssl-default-bind-options no-sslv3
>
>
> defaults
>
> log global
>
> mode http
>
> option httplog
>
> option dontlognull
>
>         timeout connect 5000
>
>         timeout client  50000
>
>         timeout server  50000
>
>
> frontend haproxy
>
>    bind *:80
>
>    stats uri /stats
>
>    stats realm Strictly\ Private
>
>    stats auth pass:word
>
>
> # Define hosts
>
> #urls
>
>         acl beta.example hdr(host) -i beta.example.com
>
>
>
>         acl api.example hdr(host) -i api-example.com
>
>
>
> #cluster
>
>         use_backend b.example if beta.example
>
>
>         use_backend z.api if api.example
>
>
> #Frontend Server
>
>
> backend b.example
>
>         mode http
>
>         balance roundrobin
>
>         option forwardfor
>
>        server server01 10.0.0.1:80 check
>
>
> ##API
>
> backend z.api
>
>         mode http
>
>         balance roundrobin
>
>         option forwardfor
>
>         server api01 192.168.1.1:80 check
>
>
>
> Regard's
> Harish Chander
> 8529142143
>
>



-- 
Jeff Palmer
https://PalmerIT.net

Reply via email to