We're moving to running a 3 cluster backend with Haproxy as our loadbalancer. I've only got a little bit of experience with haproxy. I know its generally considered to be fairly simple to configure.
I'm still playing with the logging.
My timeouts settings are a bit high, but my test environment is a bit under powered...
This is what I have deployed in my test environment. Modest sized environment 1500 licensed users. Probably a few hundred active sessions at any given time.
This is my config. Anything I'm missing here or have wrong? In my test environment it seems to work fine, but I'm not really simulating much on the load side of things.
global
log /var/log/haproxy local0
log /var/log/haproxy local1 notice
tune.ssl.default-dh-param 2048
defaults
timeout connect 30s
timeout client 50s
timeout server 50s
log global
frontend ft_web
bind :8443 ssl crt /xxx/xxx/xxx/xxx.pem
mode http
http-request redirect scheme https unless { ssl_fc }
default_backend bk_web
backend bk_web
balance roundrobin
mode http
cookie JSESSIONID prefix nocache
server s1 XXXX:8443 ssl verify none cookie s1
server s2 XXXX:8443 ssl verify none cookie s2
server s3 XXXX:8443 ssl verify none cookie s3