English Forums > Web Proxy Filtering and Caching
After some help with HAProxy
dustymiller259:
Now I've posted this in the correct forum, heres hoping for some assistance - Gotta love being a newbie at this.
I'm trying to understand how HAProxy work, and get it setup, but despite my limited understanding, i think i have the config correct, but it does not seem to work as expected at all. does anyone know of any good resources out there ?
I'm only trying to get it to work for a couple of webservers behind my firewall (Home Setup)
I have one rule working, but cant get the second to play without killing the first rule.
I basically have 1 rule working that say if "path contains string" = VirtualRadar then use one backend pool. That works
When I add an anti rule so if the "path Contains string" - VirtualRadar + then negate that condition, in the second rule, it all falls apart.
What am I missing
cmdr.adama:
Could you please post the whole config so we can get a better idea of the whole set up?
dustymiller259:
#
# Automatically generated configuration.
# Do not edit this file manually.
#
global
# NOTE: Could be a security issue, but required for some feature.
uid 80
gid 80
chroot /var/haproxy
daemon
stats socket /var/run/haproxy.socket group proxy mode 775 level admin expose-fd listeners
nbproc 1
nbthread 1
tune.ssl.default-dh-param 1024
spread-checks 0
tune.chksize 16384
tune.bufsize 16384
tune.lua.maxmem 0
log /var/run/log local0 debug
defaults
log global
option redispatch -1
timeout client 30s
timeout connect 30s
timeout server 30s
retries 3
# autogenerated entries for ACLs
# autogenerated entries for config in backends/frontends
# autogenerated entries for stats
# Frontend: VirtualRadar_Real (VRS Server)
frontend VirtualRadar_Real
bind www.millersmail.net:80 name www.millersmail.net:80
mode http
option http-keep-alive
default_backend VirtualRadar_Backend
# tuning options
timeout client 30s
# logging options
# Frontend: Web_Traffic_Real (Normal_HTTP)
frontend Web_Traffic_Real
bind www.millersmail.net:80 name www.millersmail.net:80
mode http
option http-keep-alive
default_backend Web_Traffic_Backend
# tuning options
timeout client 30s
# logging options
option httplog
# Backend: VirtualRadar_Backend (VRS Server)
backend VirtualRadar_Backend
# health checking is DISABLED
mode http
balance source
# stickiness
stick-table type ip size 50k expire 30m
stick on src
# tuning options
timeout connect 30s
timeout server 30s
http-reuse safe
server VirtualRadar_80 192.168.0.41:80
# Backend: Web_Traffic_Backend (Synology_NAS)
backend Web_Traffic_Backend
# health checking is DISABLED
mode http
balance source
# stickiness
stick-table type ip size 50k expire 30m
stick on src
# tuning options
timeout connect 30s
timeout server 30s
http-reuse safe
server Synology 192.168.0.11:80 ssl verify required ca-file /etc/ssl/cert.pem
dustymiller259:
Cant seem to find the rules in the proxy config, where are they stored ???
cmdr.adama:
Ok... First things first...
How the config is set up currently the second front end will never be hit... You have two front ends on the same port doing the exact same thing.. Ideally only have one front end per service so one for http and one for https...
Secondly I don't see in that config any ACLs for the front end or backend.
The back ends look ok just change the frontends and add ACLs to direct to each server.
Navigation
[0] Message Index
[#] Next page
Go to full version