>
> # This file is generated by cephadm.
> global
> log127.0.0.1 local2
> chroot/var/lib/haproxy
> pidfile/var/lib/haproxy/haproxy.pid
> maxconn8000
> daemon
> stats socket /var/lib/haproxy/stats
>
> defaults
> modehttp
> logglobal
> optionhttplog
> optiondontlognull
> option http-server-close
> option forwardforexcept 127.0.0.0/8
> optionredispatch
> retries3
> timeout queue20s
> timeout connect5s
> timeout http-request1s
> timeout http-keep-alive 5s
> timeout client1s
> timeout server1s
> timeout check5s
> maxconn8000
>
> frontend stats
> mode http
> bind 172.16.1.130:1967
> bind localhost:1967
> stats enable
> stats uri /stats
> stats refresh 10s
> stats auth admin:abcdefg
> http-request use-service prometheus-exporter if { path /metrics }
> monitor-uri /health
>
> frontend frontend
> bind 172.16.1.130:443 ssl crt /var/lib/haproxy/haproxy.pem
> default_backend backend
>
> backend backend
> option forwardfor
> balance static-rr
> option httpchk HEAD / HTTP/1.0
> server rgw.rgw.cephrgw01.euvqmd 172.16.1.131:6443 check weight 100
> server rgw.rgw.cephrgw01.aphsnx 172.16.1.131:6444 check weight 100
> server rgw.rgw.cephrgw02.ovckaw 172.16.1.132:6443 check weight 100
> server rgw.rgw.cephrgw02.jevtrb 172.16.1.132:6444 check weight 100
> server rgw.rgw.cephrgw03.gzdame 172.16.1.133:6443 check weight 100
> server rgw.rgw.cephrgw03.bchspq 172.16.1.133:6444 check weight 100
>
>
> This of course does not work as the backend use SSL.
>
> Is there some configuration that I have missed or should I file a bug
> report?
Can this be because of your http check on https? Maybe you have to add ssl at the server as well? I have this
option httpchk GET /swift/healthcheck
..
server-template rgw2 1 _https._rgw2.prod.xxx ssl
server-template rgw1 1 _https._rgw1.prod.xxx ssl
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
