一、简介
本文示例运行环境:
- 操作系统:CentOS Linux release 7
- haproxy版本 : haproxy-1.5
二、haproxy 配置
haproxy.cfg 配置文件
global
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
defaults
mode tcp
log global
#option httplog
option dontlognull
option http-server-close
#option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend ssl-in
bind *:443
mode tcp
tcp-request inspect-delay 3s
tcp-request content accept if { req.ssl_hello_type 1 }
acl api req_ssl_sni -i v-api.stardustgod.com
acl cf req_ssl_sni -i d1k8g7qaebqd28.cloudfront.net
use_backend api if api { req.ssl_hello_type 1 }
use_backend cf if cf { req.ssl_hello_type 1 }
backend api
balance roundrobin
mode tcp
option ssl-hello-chk
server cppla31-8887 v-api.stardustgod.com:443 check maxconn 20480000
backend cf
balance roundrobin
mode tcp
option ssl-hello-chk
server cppla31-7779 d1k8g7qaebqd28.cloudfront.net:443 check maxconn 20480000
张贴您的评论