例如,在此配置文件中,Haproxy 仅平衡第一个 HTTP 连接请求。
自签名证书适用于这种情况吗?我不知道如何为 Haproxy 的每个网站生成一个自签名证书。
defaults
timeout connect 5000s
timeout client 5000s
timeout server 5000s
listen main-proxy
bind 127.0.0.1:8080
mode http
balance leastconn
server proxy1 127.0.0.1:8081 no-check
server proxy2 127.0.0.1:8082 no-check
HTTPS 与 HTTP 平衡示例:
#HTTTP(multiple balance, this is what I want to things)
$ nc -l 127.0.0.1 -p 514 -u |grep -F 'www.haproxy.org'
<14>Mar 6 18:56:44 haproxy[4684]: 127.0.0.1:47754 [06/Mar/2019:18:56:43.170] main-proxy main-proxy/proxy1 0/0/0/360/844 200 37955 - - ---- 3/3/2/1/0 0/0 "GET http://www.haproxy.org/ HTTP/1.1"
<14>Mar 6 18:56:44 haproxy[4684]: 127.0.0.1:47758 [06/Mar/2019:18:56:43.629] main-proxy main-proxy/proxy2 0/0/0/548/548 200 488 - - ---- 2/2/1/1/0 0/0 "GET http://www.haproxy.org/size.js HTTP/1.1"
<14>Mar 6 18:56:44 haproxy[4684]: 127.0.0.1:47766 [06/Mar/2019:18:56:44.195] main-proxy main-proxy/proxy2 0/0/1/557/558 200 215 - - ---- 4/4/2/1/0 0/0 "GET http://www.haproxy.org/size.css?1436x801 HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47776 [06/Mar/2019:18:56:45.547] main-proxy main-proxy/proxy1 0/0/0/575/593 200 1830 - - ---- 13/13/11/7/0 0/0 "GET http://www.haproxy.org/img/btn_donate_SM_eur.gif HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47758 [06/Mar/2019:18:56:45.542] main-proxy main-proxy/proxy1 0/0/0/377/605 200 15400 - - ---- 12/12/10/6/0 0/0 "GET http://www.haproxy.org/img/HAProxyCommunityEdition_60px.png HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47792 [06/Mar/2019:18:56:45.558] main-proxy main-proxy/proxy1 0/0/0/593/594 200 495 - - ---- 11/11/9/4/0 0/0 "GET http://www.haproxy.org/img/fr-off.png HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47800 [06/Mar/2019:18:56:45.585] main-proxy main-proxy/proxy1 0/0/0/566/566 200 949 - - ---- 11/11/8/3/0 0/0 "GET http://www.haproxy.org/img/ipv6nok.gif HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47784 [06/Mar/2019:18:56:45.553] main-proxy main-proxy/proxy1 0/0/0/600/600 200 3319 - - ---- 9/9/7/1/0 0/0 "GET http://www.haproxy.org/img/haproxy-pmode.png HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47780 [06/Mar/2019:18:56:45.550] main-proxy main-proxy/proxy2 0/0/0/551/829 200 19247 - - ---- 7/7/5/5/0 0/0 "GET http://www.haproxy.org/img/World_IPv6_launch_banner_256.png HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47812 [06/Mar/2019:18:56:45.711] main-proxy main-proxy/proxy2 0/0/0/668/668 200 376 - - ---- 7/7/4/4/0 0/0 "GET http://www.haproxy.org/img/ipv6back.png HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47788 [06/Mar/2019:18:56:45.555] main-proxy main-proxy/proxy2 0/0/0/824/824 200 441 - - ---- 7/7/3/3/0 0/0 "GET http://www.haproxy.org/img/en-off.png HTTP/1.1"
<14>Mar 6 18:56:46 haproxy[4684]: 127.0.0.1:47804 [06/Mar/2019:18:56:45.698] main-proxy main-proxy/proxy2 0/0/0/681/681 200 2261 - - ---- 7/7/2/2/0 0/0 "GET http://www.haproxy.org/img/pwby.gif HTTP/1.1"
<14>Mar 6 18:56:47 haproxy[4684]: 127.0.0.1:47766 [06/Mar/2019:18:56:45.546] main-proxy main-proxy/proxy2 0/0/0/1572/1572 200 1729 - - ---- 8/8/2/1/0 0/0 "GET http://www.haproxy.org/img/btn_donate_SM_usd.gif HTTP/1.1"
#HTTPS(just one balance, this is not what I want):
$ nc -l 127.0.0.1 -p 514 -u |grep -F 'www.haproxy.org'
<14>Mar 6 18:54:33 haproxy[4630]: 127.0.0.1:47380 [06/Mar/2019:18:51:44.606] main-proxy main-proxy/proxy1 0/0/0/1088/169260 200 84273 - - ---- 2/2/1/0/0 0/0 "CONNECT www.haproxy.org:443 HTTP/1.1"