HAproxy
Installation
apt-get install haproxy
Un restart du service rsyslog est nécessaire pour qu'il créé la socket /dev/log dans le chroot d'HAproxy.
Configuration de base
global log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s user haproxy group haproxy daemon # Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL ssl-default-bind-options no-sslv3 defaults log global mode http option httplog option dontlognull option log-health-checks option log-separate-errors option logasap option contstats option abortonclose option forwardfor timeout connect 3s timeout client 60s timeout server 60s timeout http-request 5s timeout check 2s retries 3 option splice-auto option tcp-smart-connect errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http # See https://code.google.com/p/chromium/issues/detail?id=377581 #errorfile 408 /etc/haproxy/errors/408.http errorfile 408 /dev/null errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http frontend www-example-com bind 1.2.3.4:80 mode http maxconn 10000 default_backend web-backends backend web-backends mode http balance roundrobin cookie SERVERID insert indirect nocache option httpchk GET /is_alive option redispatch default-server inter 10000 fastinter 1000 downinter 20000 error-limit 5 on-error mark-down server web-frontal-01-ha 192.168.1.1:80 cookie c1 weight 100 check observe layer4 server web-frontal-02-ha 192.168.1.2:80 cookie c2 weight 100 check observe layer4