The solution is to use to the raw tcp-check and write a health check script sequence which match all the conditions.
For example, you want to ensure the server’s response has:
HTTP status code is 200
absence of keyword Error
1
2
3
4
5
6
7
8
9
10
| backend myapp[...] option tcp-check tcp-check send GET\ /my/check/url\ HTTP/1.1\r\n tcp-check send Host:\ myhost\r\n tcp-check send Connection:\ close\r\n tcp-check send \r\n tcp-check expect string HTTP/1.1\ 200\ OK tcp-check expect ! string Error |
https://alohalb.wordpress.com/2012/10/12/scalable-waf-protection-with-haproxy-and-apache-with-modsecurity/
#####
https://www.haproxy.com/documentation/aloha/10-0/traffic-management/lb-layer7/health-checks/
#####
https://www.haproxy.com/documentation/aloha/10-0/traffic-management/lb-layer7/health-checks/
Equivalent of the configuration above, with all default options:
backend bk_myapp
[...]
option httpchk OPTIONS / HTTP/1.0
http-check expect rstatus (2|3)[0-9][0-9]
default-server inter 3s fall 3 rise 2
server srv1 10.0.0.1:80 check
server srv2 10.0.0.2:80 check
No comments:
Post a Comment