As another update, I realized I could add ssl verify none to the backend config
to allow for passthrough.
On 2/15/17, 3:12 PM, "Birdwell, Rob" wrote:
Apologies, I did not see your other comment. I do not have access to the
logs of the remote server as it is 3rd
On 15 Feb 2017 7:59 pm, "Juho Mäkinen" wrote:
We have a setup which requires us to have two haproxy tiers so that first
forwards connections to the second. What I want to know is the theory how
(and why) I should tune my maxconn, backlog and timeout settings to handle
queues
Apologies, I did not see your other comment. I do not have access to the logs
of the remote server as it is 3rd party.
On 2/14/17, 11:06 PM, "Cyril Bonté" wrote:
Le 15/02/2017 à 00:10, Birdwell, Rob a écrit :
> Hi Cyril!
>
> Responses below:
>
>
Hi Cyril,
I’ve attempted an alternate solution utilizing the initial solution as well as
the following:
frontend ft_global
mode http
bind *:443 ssl crt /etc/haproxy/ssl/lp..com.pem
acl host_lp..comreq.hdr(Host) lp..com
acl path_mirror_foo path -m beg /
use_backend bk_myapp if host_lp..com
I see what you mean. I see a similar setup on the web here:
http://blog.haproxy.com/2014/04/28/howto-write-apache-proxypass-rules-in-haproxy/
Is this what you’re suggesting?
On 2/14/17, 11:06 PM, "Cyril Bonté" wrote:
Le 15/02/2017 à 00:10, Birdwell, Rob a écrit :
Thanks for the feedback. Could you keep me in CC? I'm not subscribed to the
list.
> I don't understand much, your e-mail talks about openssl and you're changing
> a line afecting boringssl. You need to provide a bit of description about
> what your patch does and tries to solve, that we'll use
We have a setup which requires us to have two haproxy tiers so that first
forwards connections to the second. What I want to know is the theory how
(and why) I should tune my maxconn, backlog and timeout settings to handle
queues overloads and back pressure in situations where my backends are
8 matches
Mail list logo