Re: Do I need more than HAProxy for SSL webserver

From: Guy <>
Date: Thu, 11 Jun 2009 15:38:26 +0100

2009/6/10 Tom Potwin <>:
> I've read that all I need is to change mode http to mode tcp, balance
> roundrobin to balance source, and option httpchk to option ssl-hello-chk,
> and all should work. Then I also read that HAProxy can't do SSL so you have
> to install something like stunnel to get it to work. I'm trying to keep
> things as simple as I can, so what is the correct way for me to handle this?

Another option is to have Pound ( doing your HTTPS proxying. It does the SSL authentication and then sends the request for the actual content to the backend servers. Not sure of performance if you've got a site with very heavy traffic though. I'm currently using HAProxy and Pound side by side for my web load balancing and it works just fine with webmail servers that get a fair bit of traffic.

On the subject of load balancing, I'd be careful about going the Heartbeat route. I've used it before and had headaches. I was using it with DRBD though, so it may work just fine in your situation.


Don't just do something...sit there!
Received on 2009/06/11 16:38

This archive was generated by hypermail 2.2.0 : 2009/06/11 16:45 CEST