HAProxy Configuration: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 29: Line 29:
==Configure HAProxy to Log into a File==
==Configure HAProxy to Log into a File==


Configure local2 events to go to the /var/log/haproxy.log  file. Add the following line in /etc/rsyslog.conf:
Assuming that logging was configured as described in the previous section, configure local2 events to go to the /var/log/haproxy.log  file. Add the following line in /etc/rsyslog.conf:


  local2.*  /var/log/haproxy.log
  local2.*  /var/log/haproxy.log

Revision as of 03:35, 4 July 2017

Internal

Overview

If installed with yum, the default configuration file is deployed in /etc/haproxy/haproxy.cfg and the systemd configuration file in /etc/sysconfig/haproxy.

Logging Configuration

HAProxy logging concepts:

HAProxy Concepts - Logging

Logging configuration consists of the following steps:

Add the following to the "global" section of the configuration file:

log 127.0.0.1:514 local2

and then add the following to each "defaults" section or to each frontend and backend section:

log global

Then make sure the local syslogd does listen to the UDP traffic. For details on how to do this for rsyslogd, see:

Enable rsyslogd to Listen for UDP Traffic

Configure HAProxy to Log into a File

Assuming that logging was configured as described in the previous section, configure local2 events to go to the /var/log/haproxy.log file. Add the following line in /etc/rsyslog.conf:

local2.*  /var/log/haproxy.log

SSL Configuration

HAProxy SSL Pass-Through Configuration

Configuration

Options

httplog

tcplog

Logging is set to tcp instead of the default http.

ssl-hello-chk

A health check that verifies the the connection and its ability to handle SSL (SSLv3 specifically) connections.

global

defaults

mode

Possible values:

http

tcp

Used to pass secure connections off to a backend server without encrypting it.