Fili wrote:
L.s.,
I actually have three seperate questions concerning the pound
load-balancer.
So here goes in order of importance:
1. Pound+SSL transparently passes https requests as http requests to
backends:
Client <--- https ---> Pound <--- http ---> Backend
The problem I have with this is that the Apache servers on the backends
are not aware of the original nature of the request. Therefor the
enviroment variable "HTTPS" is never set to "on". There are however a
lot of webapplications (for example: Magento) that heavily rely on this
to detect if the connection is secured. Is there a way to trick Apache
into setting this variable when applicable?
I believe you can set environment variables based on apache config
directives, for this I'll point you to the apache docs and wave my
hands. Start with mod_env, I think the examples there are helpful.
For my customers, I pass the X-Forwarded-Proto header, and provide them
instructions on hooking their sites up to that.
2. Using Poundctl one can enable/disable backends without restarting pound.
Great I thought, until I discovered that restarting pound results in a
loss of the poundctl instructions (all backends are automatically
enabled again). For me this cripples the use of poundctl because Pound
gets restarted every night by logrotate.d. In the end one still has to
manually comment out a backend in pound.cfg to disable it for a longer
period then one day. Which is risky business because of possible
configuration errors and thus has to be done at night-time.
Maybe poundctl could have a flag which rewrites the config file to
reflect the current state of the backends and such?
My suggestion is tangential - log via syslog, and then do your rotation
against syslog, not pound. This way you don't have to restart pound,
and you don't interrupt web traffic flow.
3. There isn't a lot of documentation/discussion related to the DynScale
option in Pound.
I guess i'm mainly interested to find out what people's experience with
it is.
Is it any good? Or would it be better to manually prioritize?
I don't use it. I thought it was somewhat unstable in the past, and I
don't really need it.
--
Dave Steinberg
http://www.geekisp.com/
http://www.steinbergcomputing.com/
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
