我正在使用haproxy 1.5.18在起搏器集群上运行Centos 7。 我可以打到我的网站的HTTPS版本没有问题,但是,当我尝试击中http站点时,我得到一个503错误。 我最终会喜欢httpredirect到https为最终用户的易用性。
redacted /etc/haproxy/haproxy.cfg:
#--------------------------------------------------------------------- # Example configuration for a possible web application. See the # full configuration options online. # # http://haproxy.1wt.eu/download/1.4/doc/configuration.txt # #--------------------------------------------------------------------- #--------------------------------------------------------------------- # Global settings #--------------------------------------------------------------------- global # to have these messages end up in /var/log/haproxy.log you will # need to: # # 1) configure syslog to accept network log events. This is done # by adding the '-r' option to the SYSLOGD_OPTIONS in # /etc/sysconfig/syslog # # 2) configure local2 events to go to the /var/log/haproxy.log # file. A line like the following can be added to # /etc/sysconfig/syslog # # local2.* /var/log/haproxy.log # log 127.0.0.1 local2 chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket stats socket /var/lib/haproxy/stats #--------------------------------------------------------------------- # common defaults that all the 'listen' and 'backend' sections will # use if not designated in their block #--------------------------------------------------------------------- defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 3000 option forwardfor option http-server-close #--------------------------------------------------------------------- # main frontend which proxys to the backends #--------------------------------------------------------------------- #frontend main *:5000 # acl url_static path_beg -i /static /images /javascript /stylesheets # acl url_static path_end -i .jpg .gif .png .css .js # # use_backend static if url_static # default_backend app #frontend http # bind *:80 # redirect location <url>:443 # redirect scheme https if !{ ssl_fc } frontend localhost # redirect scheme https code 301 if !{ ssl_fc } # redirect scheme https if !{ ssl_fc } bind *:80 bind *:443 option tcplog mode tcp default_backend app #--------------------------------------------------------------------- # static backend for serving up images, stylesheets and such #--------------------------------------------------------------------- backend static balance roundrobin server static 127.0.0.1:4331 check #--------------------------------------------------------------------- # round robin balancing between the various backends #--------------------------------------------------------------------- backend app # redirect scheme https code 301 if !{ ssl_fc } redirect scheme https if !{ ssl_fc } # redirect location https://<url> mode tcp option ssl-hello-chk balance roundrobin server almaceweb <ip>:443 check server almaceweb2 <ip>:443 check # server app3 127.0.0.1:5003 check # server app4 127.0.0.1:5004 check 有任何想法吗? 我已经尝试了一切我可以在网上find,但似乎没有解决问题。
谢谢。