Or put keepalived in front of 2 or more machines with stud/stunnel/nginx for
SSL termination and HAProxy for distributing the traffic to all backends.
Keepalived can move a floating IP between multiple machines, and as long as
each machine can do ssl termination and load balancing, you've got no single
machine that can cause a failure.
A crude ASCII drawing should illustrate what I mean:
/---<machine 1>--\
/ \
<internet>---<floating ip>*-----<machine 2>----*---<all backend servers>
\ /
\---<machine 3>--/
Regards,
Jens Dueholm Christensen
________________________________________
From: Hervé COMMOWICK [[email protected]]
Sent: 23 May 2012 16:37
To: [email protected]
Subject: Re: SSL farm
just use HAProxy to load balance to multiple stud, with send-proxy on
HAProxy side, and --read-proxy on stud side.
Hervé.
On 05/23/2012 04:27 PM, Allan Wind wrote:
> On 2012-05-23 16:21:35, Hervé COMMOWICK wrote:
>> No, you may have multiple stud.
>
> And how do you load balance between them? DNS round robin is not
> good enough.
>
>
> /Allan
--
Hervé COMMOWICK
Ingénieur systèmes et réseaux.
http://www.rezulteo.com
by Lizeo Online Media Group <http://www.lizeo-online-media-group.com/>
42 quai Rambaud - 69002 Lyon (France) ⎮ ☎ +33 (0)4 63 05 95 30
