haproxy

The order in which the cert and key files appear in the pem is important. Use the following to create the pem file. cat example.com.crt example.com.key > example.com.pem

The official HaProxy configuration file check was buried in the help sections. /usr/local/sbin/haproxy –help There are two ways to check the haproxy.cfg syntax is to use.. One way is the /usr/local/sbin/haproxy -c -V -f /etc/haproxy/haproxy.cfg which validates the file syntax. The -c switch in the command represents the Check, while the others denote “Verbose” & … Read more

Willy got me an answer by email. I thought I would share it. His answers are in bold. I have a question about my haproxy config: #——————————————————————— # Global settings #——————————————————————— global log 127.0.0.1 syslog emerg maxconn 4000 quiet user haproxy group haproxy daemon #——————————————————————— # common defaults that all the ‘listen’ and ‘backend’ sections … Read more

Nice picture 🙂 timeout connect is on server side, it is the maximum time to run the TCP handshake http-request starts from the ACK on the client side until whole HTTP headers have been received Tq starts from the client Handshake TCP. Tr is until we receive the response Headers Baptiste

No, you can’t do this and expect sensible behavior. The requests for port 80 will arrive seemingly randomly at one front end or the other. The result of such a configuration is undefined, and though not technically i valid, it is for all practical purposes a nonsensical configuration. All of the rules applying on port … Read more

Haproxy does not have a facility to log POST content or HTTP bodies. Use Wireshark instead.

You can try setting up custom header, like this: http-request set-header X-Client-IP %[src] Or, you can even copy it from X-Forwarded-For header, I think syntax would go something like: http-request set-header X-Client-IP req.hdr_ip([X-Forwarded-For])