2009/6/10 Tom Potwin <wxman2#gmail.com>:
> I've read that all I need is to change mode http to mode tcp, balance
> roundrobin to balance source, and option httpchk to option ssl-hello-chk,
> and all should work. Then I also read that HAProxy can't do SSL so you have
> to install something like stunnel to get it to work. I'm trying to keep
> things as simple as I can, so what is the correct way for me to handle this?
Another option is to have Pound (http://www.apsis.ch/pound/) doing your HTTPS proxying. It does the SSL authentication and then sends the request for the actual content to the backend servers. Not sure of performance if you've got a site with very heavy traffic though. I'm currently using HAProxy and Pound side by side for my web load balancing and it works just fine with webmail servers that get a fair bit of traffic.
On the subject of load balancing, I'd be careful about going the Heartbeat route. I've used it before and had headaches. I was using it with DRBD though, so it may work just fine in your situation.
Cheers
Guy
-- Don't just do something...sit there!Received on 2009/06/11 16:38
This archive was generated by hypermail 2.2.0 : 2009/06/11 16:45 CEST