We're trying to set up HAProxy (v1.5.1) to use SSL.
While we managed to do that, we're having some issues with the round robin settings:
We do want to have stick sessions, but haproxy seems to send all sessions (from different browsers) to the same node (my.vm.2
), even though the other node (my.vm.1
) is also available. So it looks like the round robin setting isn't working properly.
This is our current configuration, we would appreciate some help/ideas. :):
global
debug
stats socket /etc/haproxy/haproxysock level admin
tune.ssl.default-dh-param 2048
defaults
mode http
balance roundrobin
timeout connect 5s
timeout queue 300s
timeout client 300s
timeout server 300s
frontend https_frontend
bind *:8443
mode tcp
reqadd X-Forwarded-Proto:\ https
default_backend my_backend
backend my_backend
mode tcp
stick-table type ip size 200k expire 30m
stick on src
default-server inter 1s
server my.vm.1 my.vm.1:8443 check id 1 maxconn 500
server my.vm.2 my.vm.2:8443 check id 2 maxconn 500
option httpclose
option redispatch
retries 15
listen admin
bind *:8081
stats enable
stats refresh 1s