Created
May 29, 2018 19:58
-
-
Save Getty/c0a4f9bd474d1fd884daa3066a27f4c6 to your computer and use it in GitHub Desktop.
HAProxy config for splitting between Rancher (raw http/https) and a Traefik container (L4 Proxy before L7 Proxy)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
defaults | |
maxconn 1000 | |
timeout connect 5000ms | |
timeout client 50000ms | |
timeout server 50000ms | |
frontend https | |
mode tcp | |
bind *:443 | |
option tcplog | |
acl tls req.ssl_hello_type 1 | |
tcp-request inspect-delay 5s | |
tcp-request content accept if tls | |
acl is_rancher_sni req.ssl_sni -i rancher.conflict.industries | |
use_backend rancher-https if is_rancher_sni | |
default_backend traefik-https | |
frontend http | |
mode http | |
bind *:80 | |
use_backend rancher-http if { hdr(host) -i rancher.conflict.industries } | |
default_backend traefik-http | |
backend rancher-http | |
mode http | |
server rancher-http-1 rancher:80 | |
backend traefik-http | |
mode http | |
server traefik-http-1 traefik:80 | |
backend rancher-https | |
mode tcp | |
option ssl-hello-chk | |
server rancher-https-1 rancher:443 check | |
backend traefik-https | |
mode tcp | |
option ssl-hello-chk | |
server traefik-https-1 traefik:443 check |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment