Here is my working config,
Any recommandations are more then welcome.
version running on ubuntu server
sudo dpkg -l | grep haproxy
ii haproxy 1.3.14.3-1fast and reliable load balancing reverse pro
I know it's old but it work !
global
log 127.0.0.1 local0 debug
stats socket /var/run/haproxy-socket-stats
maxconn 4096
user haproxy
group haproxy
defaults
log global
option tcplog
retries 3
maxconn 2000
contimeout 5000
clitimeout 14400000
srvtimeout 14400000
listen stats :8080
mode http
option httpclose
stats enable
stats uri /
balance source
server web-1 192.168.4.30:80
listen rdpfarm :3389
mode tcp
balance source
option tcpka
server TS-1 10.0.0.102 check port 3300
server TS-1 10.0.0.102 check port 3389 backup
server TS-2 10.0.0.152 check port 3300
server TS-2 10.0.0.152 check port 3389 backup
I use this setup to enable phasing "out an in" of TS server wihout to much user interruption. When the TS server are online they listen on port 3389 and port 3300, when we want to put the server in maintenance mode we just close port 3300. This is really nice since currently open RDP session will continue to work but new connection get to another TS server. Then you just informe your user to finish there work and reopen a TS session and they will end on another server.
has an ADMIN you can connect to the server directly to the server IP in maintenance mode and upgrade any software on it will no user are on the server with you.
We love this way of working.
Voila
Feel free to comment.
Guillaume
Paul Dickson a écrit :
>
> Has anyone had any luck in setting HAPROXY up as a front end for
> terminal services clusters? My connections keep dropping, but have
> become a bit more reliable since my last email on the topic with the
> following conf file:
>
> # this config needs haproxy-1.1.28 or haproxy-1.2.1
>
> global
> log 127.0.0.1 local0
> log 127.0.0.1 local1 notice
> #log loghost local0 info
> maxconn 4096
> #chroot /usr/share/haproxy
> user haproxy
> group haproxy
> daemon
> #debug
> #quiet
>
> defaults
> log global
> mode http
> option httplog
> option dontlognull
> retries 3
> option redispatch
> maxconn 2000
> # Time to wait for the opening connection to a server to succeed.
> 5000ms=5sec
> contimeout 10000
> # Time to wait for a client to respond to packets. Set below to
> 50000ms=50sec
> timeout client 50000
> # Time to wait for a server to respond to packets. Set below to
> 50000ms=50sec
> timeout server 50000
> option srvtcpka
>
>
>
> listen rdp 0.0.0.0:3389
> mode tcp
> # All three tcpka options: TCP protocol, Keep alive. All of them are
> suggested for sessions with long amounts of idle time such as remote
> desktops.
> # option tcpka
> option clitcpka
> option srvtcpka
> option redispatch
> option tcplog
> #Balance specifies load balance method. Search
> "http://haproxy.1wt.eu/download/1.3/doc/configuration.txt" for
> "balance roundrobin" to see all the available modes and what they do.
> balance roundrobin
> #
> # NOTES ABOUT STATEMENTS AND PARAMETERS BELOW IN MATCHING ORDER.
> #
> # "server" is a haproxy internal statement
> # `server name` can be listed as anything.. i put the real name for
> clarity
> # "IP:port#" if you don't know this you need to wipe the drule off
> your chin.
> # "check" see if the server is up
> # "port #" what port to check. I'm not sure this is needed since the
> port is already specified with the IP. Can't hurt
> # "inter" interval to run the check in ms. 1000ms = 1sec
> # "fastinter #". By default a server is checked 3 times then
> determined to fail. This specifies if it fails the first check, the
> next will happen at the interval specified. 500ms=0.5 sec.
> # "downinter #". Oposite of fastinter, this specifies how long the
> waits should be between checks when a server has been determined to be
> down. To reduce network traffic I have set this to 10000ms, which is
> 10seconds.
>
> # server nt1s77 10.58.240.248:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> # server nt1s21z 10.12.20.172:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> # server dcwh03 10.12.20.150:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> # server nt1s23vm 10.12.20.116:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> # server dceoc01 10.2.128.250:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> server tswh01 10.14.3.111:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> server tswh02 10.14.3.102:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> server tswh03 10.14.3.113:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> server tswh04 10.14.3.104:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> server tslec01 10.14.3.131:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> server tslec02 10.14.3.122:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> server tslec03 10.14.3.133:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> server tslec04 10.14.3.134:3389 check port 3389 inter 2000
> fastinter 500 downinter 10000
> # Web stats interface
> listen admin_stats 10.14.2.157:8080
> mode http
> stats uri /
> stats realm Global\ statistics
> stats auth admin:fakepassword
> balance roundrobin
>
>
>
> #errorloc 502 http://192.168.114.58/error502.html
> #errorfile 503 /etc/haproxy/errors/503.http
> errorfile 400 /etc/haproxy/errors/400.http
> errorfile 403 /etc/haproxy/errors/403.http
> errorfile 408 /etc/haproxy/errors/408.http
> errorfile 500 /etc/haproxy/errors/500.http
> errorfile 502 /etc/haproxy/errors/502.http
> errorfile 503 /etc/haproxy/errors/503.http
> errorfile 504 /etc/haproxy/errors/504.http
>
>
>
> Paul K. Dickson
> Systems Administrator
> Frederick County Government, IIT
> pdickson#fredco-md.net
> 301-600-2399/x12399
>
>
>
> ------ End of Forwarded Message
-- Guillaume Bourque, B.Sc., consultant, infrastructures technologiques libres ! 514 576-7638Received on 2009/07/22 15:14
This archive was generated by hypermail 2.2.0 : 2009/07/22 15:30 CEST