jack
8a54cac61f
- Ansible: 部署时自动配置 CoreDNS forward 为 IPv4,避免 ACME 解析失败 - 01-01/01-07: 文档增加 CoreDNS 设置说明 - 03-03: Tomcat webapps.dist 复制、HTTP/HTTPS 双 Ingress、显式 Dashboard IngressRoute - traefik-dashboard-acme: tomcat-acme.yaml、404 排查说明 - HAProxy: 健康检查与 PROXY 配置拆分,18080/18443 部署与验证脚本 Made-with: Cursor
40 lines
1.1 KiB
INI
40 lines
1.1 KiB
INI
# 01-08 HAProxy - 健康检查升级(HTTP+TLS)+ PROXY Protocol
|
||
# 组合:k3s_http 用 option httpchk,k3s_https 用 ssl-hello-chk,均带 send-proxy-v2
|
||
# 文档:docs/01-08-openwrt-haproxy.md 第 5 节「健康检查与 PROXY 组合」
|
||
global
|
||
log /dev/log local0
|
||
maxconn 4096
|
||
|
||
defaults
|
||
mode http
|
||
option httplog
|
||
timeout connect 5s
|
||
timeout client 30s
|
||
timeout server 30s
|
||
|
||
frontend http_in
|
||
bind *:18080
|
||
default_backend k3s_http
|
||
|
||
frontend https_in
|
||
bind *:18443
|
||
mode tcp
|
||
default_backend k3s_https
|
||
|
||
backend k3s_http
|
||
option httpchk GET /
|
||
balance roundrobin
|
||
server ylc61 192.168.2.61:80 check send-proxy-v2
|
||
server ylc62 192.168.2.62:80 check send-proxy-v2
|
||
server ylc63 192.168.2.63:80 check send-proxy-v2
|
||
server ylc64 192.168.2.64:80 check send-proxy-v2
|
||
|
||
backend k3s_https
|
||
mode tcp
|
||
option ssl-hello-chk
|
||
balance roundrobin
|
||
server ylc61 192.168.2.61:443 check send-proxy-v2
|
||
server ylc62 192.168.2.62:443 check send-proxy-v2
|
||
server ylc63 192.168.2.63:443 check send-proxy-v2
|
||
server ylc64 192.168.2.64:443 check send-proxy-v2
|