Healthcheck monitor to internal HAProxy servers (inbound traffic)

Started by user290920, June 09, 2025, 05:23:15 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 09, 2025, 05:23:15 PM Last Edit: June 09, 2025, 05:24:47 PM by user290920
We have OPNsense sitting between our internal network and the Internet. Once allowed through OPNsense, inbound web requests coming in from the Internet to our web servers are proxied by 2x HAProxy servers. Is there a way to get OPNsense to perform regular "Healthcheck" monitors to the HAProxy servers to ensure that the servers are healthy, and prepared to serve requests? Ideally OPNsense should perform regular HTTP requests, and close the path to the faulting HAProxy server (e.g. http://ip.to.haproxy.server/I/am/healthy). But, at this point, I'll settle for a simple PING test.

Forgive me if this is obvious, but I haven't found anything after 2HRs of searching...
June 09, 2025, 08:18:54 PM #1
You can install the HAproxy package, which can do, what you want.

If running additional HAproxies behind makes sense, is another good question then.
June 11, 2025, 05:05:15 AM #2
I explored that option, but decided not to go that route. Didn't like the idea of multiple HAProxy server (potentially running at different versions). And, trying to keep my OPNsense server as "clean" as possible, with only the core services running on it.

Anyone else, please?
June 11, 2025, 03:05:57 PM #3
Quote from: user290920 on June 11, 2025, 05:05:15 AMDidn't like the idea of multiple HAProxy server (potentially running at different versions).
You can configure it as very basic TCP load balancer, which might do, what you want to get according to your upper post.
Don't think, that there is any other option providing the desired features.
June 11, 2025, 03:15:12 PM #4
Indeed to my knowledge there is no facility/utility/ to act as a health checker and load balancer like F5s
Print
Go Up Pages1
User actions