2014-06-23 13:54:01 +02:00
|
|
|
[[Kategorie:Infrastruktur]]
|
|
|
|
|
|
|
|
== Hardware Info ==
|
|
|
|
Virtualisiert durch [[intern:Freebert]]
|
|
|
|
|
|
|
|
== Software Info ==
|
|
|
|
FreeBSD Jail Container
|
|
|
|
* haproxy
|
|
|
|
|
|
|
|
== Verwendungszweck ==
|
2014-06-23 14:54:35 +02:00
|
|
|
* haproxy (high availability) für reverseproxy1/2 - CARP jails
|
2014-06-23 13:54:01 +02:00
|
|
|
* dev version 1.5 für ssl support
|
|
|
|
|
2014-06-23 14:40:40 +02:00
|
|
|
[https://haproxy.hq.c3d2.de/ https://haproxy.hq.c3d2.de]
|
2014-06-23 13:54:01 +02:00
|
|
|
== haproxy.conf ==
|
|
|
|
|
|
|
|
<source lang=bash>
|
|
|
|
### ### ### C3D2 ### ### ###
|
|
|
|
|
|
|
|
global
|
|
|
|
log 127.0.0.1 local0
|
|
|
|
log 127.0.0.1 local1 notice
|
|
|
|
maxconn 4096
|
|
|
|
user haproxy
|
|
|
|
group nogroup
|
|
|
|
daemon
|
|
|
|
|
|
|
|
defaults
|
|
|
|
log global
|
|
|
|
mode http
|
|
|
|
option httplog
|
|
|
|
option dontlognull
|
|
|
|
option forwardfor
|
|
|
|
option http-server-close
|
|
|
|
stats enable
|
|
|
|
stats auth topsecret:topsecret
|
|
|
|
stats uri /haproxyStats
|
|
|
|
contimeout 5000
|
|
|
|
clitimeout 50000
|
|
|
|
srvtimeout 50000
|
|
|
|
|
|
|
|
#frontend http-in
|
|
|
|
# bind *:80
|
|
|
|
# reqadd X-Forwarded-Proto:\ http
|
|
|
|
# default_backend saugbert
|
|
|
|
|
|
|
|
frontend https-in
|
|
|
|
bind *:443 ssl crt /usr/local/etc/haproxy/haproxy.pem
|
|
|
|
reqadd X-Forwarded-Proto:\ https
|
|
|
|
default_backend saugbert
|
|
|
|
|
|
|
|
backend saugbert
|
|
|
|
redirect scheme https if !{ ssl_fc }
|
|
|
|
#balance leastconn
|
|
|
|
balance roundrobin
|
|
|
|
option httpclose
|
|
|
|
option forwardfor
|
|
|
|
cookie JSESSIONID prefix
|
|
|
|
|
|
|
|
# #enter the IP of your application here
|
|
|
|
# server reverseproxy1 172.22.99.79:80 weight 1 maxconn 1024 check #cookie A check
|
|
|
|
# server reverseproxy2 172.22.99.99:80 weight 1 maxconn 1024 check #cookie B check
|
|
|
|
|
|
|
|
### CARP // ###
|
|
|
|
server reverseproxy 172.22.99.247:80 check
|
|
|
|
### // CARP ###
|
|
|
|
|
|
|
|
#backend saugbert
|
|
|
|
# mode http
|
|
|
|
# balance roundrobin
|
|
|
|
# cookie SERVERID insert indirect nocache
|
|
|
|
# server reverseproxy1 172.22.99.79:80 check cookie reverseproxy1
|
|
|
|
# server reverseproxy2 172.22.99.99:80 check cookie reverseproxy1
|
|
|
|
|
|
|
|
### ### ### C3D2 ### ### ###
|
|
|
|
# EOF
|
|
|
|
</source>
|
|
|
|
|
|
|
|
== SternenLogBuch ==
|
|
|
|
* 23.06.2014 - Basis Setup
|