Hello, have just started to explore HAProxy and am finding it amazing! As a long time Zimbra user I wanted to see how one could balance the front-end web client so had a play around. What I have at present is the following configuration:
frontend zimbra-zwc-frontend-https bind 172.30.8.21:443 ssl crt /etc/haproxy/certs/zimbra.pem mode tcp option tcplog reqadd X-Forwarded-Proto:\ https default_backend zimbra-zwc-backend-http backend zimbra-zwc-backend-http mode http balance roundrobin stick-table type ip size 200k expire 30m stick on src server zwc1 zm1:80 check port 80 server zwc2 zm2:80 check port 80 I admit that the configuration has been cobbled together from other peoples thoughts and ideas; though it does actually work! I did try to go the route of HTTPS -> HTTPS but that completely fell apart due to Zimbra using NGINX and automatically re-routing HTTP -> HTTPS. The other stumbling block was I could not see how to check that the report HTTPS (443) port was available. I have seen "check port" and "check id" used but neither worked as expected. So at present I have HAProxy acting as the SSL terminator and backing off the requests to a HTTP backend. I can take one backend node down, upgrade it, and restart it with affecting any new connections again a single destination IP address; NICE! :) This is all very new to me so any expert advice, or directions to further reading, would be very grateful and encouraged. Thank you. P.