stunnel's what we used before Haproxy had it built in, which worked fine,
but SSL offloading in Haproxy's been excellent in our experience, so my
guess would be that you could make it work with some config tuning.
On Thu, Mar 31, 2016, 12:45 PM Lukas Tribus wrote:
> > Hi
:
On 8/27/2015 6:52 PM, Nathan Williams wrote:
There's a sysctl for that, net.ipv4.ip_nonlocal_bind.
Interesting. That's one I had never seen before. I would assume that
the OS does this intelligently so that when the IP address *does*
suddenly appear at a later time, the application works
On Fri, 2015-08-28 at 01:25 +, Nathan Williams wrote:
Yeah, keepalived handles the gratuitous arp on failover, it works
nicely. I do miss the admin tools for pacemaker though. I'm AFK, but
I'll write up a full explanation of our HA setup when I'm back at a
PC.
Cheers,
Nathan
Okay
There's a sysctl for that, net.ipv4.ip_nonlocal_bind.
On Thu, Aug 27, 2015, 5:49 PM Shawn Heisey hapr...@elyograg.org wrote:
On 8/24/2015 12:06 PM, Dennis Jacobfeuerborn wrote:
There is no need to run a full Pacemaker stack. Just run HAProxy on both
nodes and manage the virtual ips using
We use a file for about 40 cidr blocks, and don't have any problems with
load speed. Presumably large means more than that, though.
We use comments as well, but they have to be at the beginning of their own
line, not tagged on after the address.
On Fri, Aug 14, 2015, 9:09 PM CJ Ess
oh, i think this comment thread explains it:
http://comments.gmane.org/gmane.comp.web.haproxy/20366. I'll see about
assigning
CAP_NET_ADMIN
On Wed, Jul 15, 2015 at 4:56 PM Nathan Williams nath.e.w...@gmail.com
wrote:
Hi Baptiste,
Sorry for the delayed response, had some urgent things come
?
Please give a try to the following source line, instead of your current
one:
source 0.0.0.0 usesrc 10.240.36.13
Baptiste
On Tue, Jul 14, 2015 at 9:06 PM, Nathan Williams nath.e.w...@gmail.com
wrote:
OK, that did not seem to work, so I think the correct interpretation
by haproxy as L4CON
network timeouts.
i'm going to try the addr config and report back; fingers crossed!
cheers,
Nathan W
On Tue, Jul 14, 2015 at 5:21 AM Baptiste bed...@gmail.com wrote:
On Mon, Jul 13, 2015 at 6:03 PM, Nathan Williams nath.e.w...@gmail.com
wrote:
Hi all,
I'm hoping I can
do you want to use the VIP to get connected on
your backend server?
Please give a try to the following source line, instead of your current
one:
source 0.0.0.0 usesrc 10.240.36.13
Baptiste
On Tue, Jul 14, 2015 at 9:06 PM, Nathan Williams nath.e.w...@gmail.com
wrote:
OK, that did
as up, the
proxied requests to the backends came from the local IP instead of the VIP.
Regards,
Nathan W
On Tue, Jul 14, 2015 at 8:58 AM Nathan Williams nath.e.w...@gmail.com
wrote:
Hi Baptiste/Jarno,
Thanks so much for responding.
addr does indeed look like a promising option (though
Hi all,
I'm hoping I can get some advice on how we can improve our failover setup.
At present, we have an active-standby setup. Failover works really well,
but on the standby, none of the backend servers are marked as up since
haproxy is bound to the VIP that is currently on the active member
we use redirect scheme https code 301 if !{ ssl_fc } on our SSL-only
backends, many of which are accessed by multiple hostnames. if i understand
correctly what you're trying to accomplish, i think that should do the
trick?
On Wed, May 27, 2015 at 8:38 AM Sean Patronis spatro...@add123.com wrote:
arg. ok, it was SELinux... we recently re-worked how we prepare our base
image and the new method seems to leave SELinux enabled... turned that off
and everything's working peachy.
Thanks!
On Wed, May 20, 2015 at 4:16 PM Lukas Tribus luky...@hotmail.com wrote:
hi all,
I'm working on
hi all,
I'm working on standing up a new haproxy instance to manage redis directly
on our redis hosts since our main load-balancer does periodic reloads and
restarts for things like OCSP stapling that good ol' amnesiac HTTP handles
just fine, but longer-lived TCP connections like our redis
:55 PM, Nathan Williams nath.e.w...@gmail.com
wrote:
Hey Jim,
Here's the configuration we're using for our redis pool:
defaults TCP
mode tcp
log global
option tcplog
option clitcpka
option srvtcpka
timeout connect 5s
timeout client 300s
timeout server 300s
source
16 matches
Mail list logo