Aleksandar Lazic wrote:
> Hi Hugo,
Hello,
> On Fre 04.01.2008 15:16, Hugo Silva wrote:
>> Hi list,
>>
>> Apologies if these have been asked already, I have not played with
>> haproxy for awhile, and so I have been busy reading the documentation,
>> which seems to contradict itself in a few places.
>>
>> I am hoping someone on the list can help me with some doubts/issues I
>> am encountering..
>
> I will try ;-)
>
>> a) Is keep alive supported on haproxy these days ? If yes, any
>> drawbacks / gotchas I should be aware of ?
>
> Not yet, but is is planed ;-)
>
> A nice article about tis issue is here:
>
> http://www.die.net/musings/page_load_time/
Interesting stuff, thanks for the link.
I guess what I really wanted to ask though is, if I don't use httpclose+forceclose, what would happen to keep alive requests ?
According to the documentation only the 1st request would be logged & processed on each connection, but since the documentation seems to outdated in certain parts, I wanted to make sure this is still so.
>
>> b) How would I protect the stats page via ACLs ? I don't need
>> authentication, but I would like to limit access to /haproxy-status
>> (stats uri) to a certain subnet. I am having some trouble
>> understanding the ACL syntax so far.
>
> Well I will try but I haven't test it.
>
>
> ---
> acl stats_permitters src 192.168.1.0/16
> use_backend my_stats if stats_permitters
>
> backend my_stats
> .
> .
> .
> ---
>
> You can also take a look into examples directory.
I did it in a slightly different way, but end result is the same (confirmed working):
@ the frontend:
acl url_stats path_beg /haproxy-status
use_backend stats if url_stats
@ the backend:
acl stats_allow src ip1/32 ip2/32 ip3/32
block unless stats_allow
>> d) How would I redirect all *.css, *.jpg, *.gif to a specific server ?
>> Is it possible to do this EXCEPT for a certain path ? ie ("redirect
>> all css, jpg, gif to the 'static' server, unless the path is
>> /keepme). I have been reading the documentation on this, but again, I
>> am a bit confused so far.. so practical examples would be veryHere's how I've done it:
acl url_static path_beg /static
acl file_static path_end .gif .png .jpg .css .js
use_backend static if url_static or file_static
I've got around the need to exclude a specific path by other means, the above is not exactly what I wanted, but after a few changes, it also works well.
>
>> e) Is SSL support fully operational?
>
> Not yet, you can find i the doc/architecture.txt some possible
> solutions.
Okay, thanks for the information.
>
> Hth
>
> Aleks
>
Again, thanks for your reply and sorry for the delay, been busy experimenting, you know how it goes.. :-)
Begards,
Hugo Received on 2008/01/11 01:16
This archive was generated by hypermail 2.2.0 : 2008/01/11 01:30 CET