我们正在尝试在haproxy负载平衡方案中使用https配置两个后端。
我们尝试了ssl终止,hrd_beg,......但是无法达到预期的结果 正如在我们尝试的每个配置中,请求仅被转移到默认后端而不是其他后端。
以下是我的配置文件。
global
log 127.0.0.1 local0 notice
log 127.0.0.1 local1 debug
maxconn 5000 # Total Max Connections. This is dependent on ulimit
daemon
quiet
nbproc 1 # Number of processing cores. Dual Dual-core Opteron is 4 cores for example.
chroot /usr/share/haproxy
user haproxy
group haproxy
#stats socket /var/run/haproxy.stat mode 600
defaults
log global
# Setting options
option dontlognull #Disable logging of null connections as these can pollute the logs
option redispatch # Enable session redistribution in case of connection failure, which is important in a HA environment
option tcp-smart-accept # Performance tweak, saving one ACK packet during the accept sequence
option tcp-smart-connect # Performance tweak, saving of one ACK packet during the connect sequence
# Setting timeouts
timeout connect 5s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 5s
retries 3
# Slowloris protection
timeout http-request 10s # Slowloris protection
timeout tarpit 1m # tarpit hold time
timeout queue 1m
backlog 10000
frontend ap_ft_https
bind *:443 ssl crt /home/mykey.pem
mode tcp
acl dcall url_sub dc
use_backend dc_bk_https if dcall
use_backend ap_bk_https if { hdr_beg(host) -i ap }
use_backend dc_bk_https if { hdr_beg(host) -i dc }
default_backend ap_bk_https
# Configuration for AP Portals
backend ap_bk_https
mode tcp
balance roundrobin # Load Balancing algorithm
reqadd X-Forwarded-Proto:\ https
#option tcplog
default-server inter 5s rise 2 fall 5
server server1 x.x.x.x:443 weight 1 maxconn 512 check
# server server2 x.x.x.x:443 weight 1 maxconn 512 check
#Configuration for DC Portals
backend dc_bk_https
mode tcp
balance roundrobin # Load Balancing algorithm
reqadd X-Forwarded-Proto:\ https
#option tcplog
default-server inter 5s rise 2 fall 5
server server1 x.x.x.x:443 weight 1 maxconn 512 check
server server2 x.x.x.x:443 weight 1 maxconn 512 check
#HAProxy Stats configuration
listen stats
mode http
bind 0.0.0.0:8880
clitimeout 100s
srvtimeout 100s
contimeout 100s
timeout queue 100s
stats enable
stats hide-version
stats refresh 30s
stats show-node
stats uri /haproxy?stats
stats realm Admin\ Portal\ HAProxy\ Statistics
stats auth admin:xxxx
我的网址开始于apxxx.domain.com和dcxxx.domain.com。
我想配置haproxy这样一种方式,如果请求是apxxx.domain.com那么它应该转到haproxy后端 ap_bk_https ,如果它是针对dcxxx.domain.com它同样的方式应该去haproxy后端 dc_bk_https 。
您的帮助将赞赏!
答案 0 :(得分:1)
/****************************************************/
ROUTING BY SUB-Domain
frontend http-in
bind *:80
acl app_ap hdr_end(host) -i apxxx.domain.com
acl app_dc hdr_end(host) -i dcxxx.domain.com
use_backend ap_bk_https if app_ap
use_backend dc_bk_https if app_dc
Now all request from apxxx.domain.com and dcxxx.domain.com will be redirected to your respected backends.
/**********************************/
/*************** OLD ANSWER ************************///
Basically what you want is to route by domain name.
Here's an example which does exactly what you want. Have a look at it. Its simple .
http://seanmcgary.com/posts/haproxy---route-by-domain-name
/** OLD ANSWER ENDS ************/
我希望这能解决你的问题。