vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-12-16 10:32:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1472 from Embezzle/T6434

Browse Source 
reverse-proxy: T6434: Support additional health-check protocols
This commit is contained in:
Robert Göhler 2024-06-05 21:27:47 +02:00 committed by GitHub
commit 411850b907
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 44 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
docs/configuration/loadbalancing/reverse-proxy.rst
View File

@ -161,8 +161,34 @@ Backend
Set custom HTTP headers to be included in all responses using the backend Set custom HTTP headers to be included in all responses using the backend
HTTP health check Global
^^^^^^^^^^^^^^^^^ -------
Global parameters
.. cfgcmd:: set load-balancing reverse-proxy global-parameters max-connections
<num>
Limit maximum number of connections
.. cfgcmd:: set load-balancing reverse-proxy global-parameters ssl-bind-ciphers
<ciphers>
Limit allowed cipher algorithms used during SSL/TLS handshake
.. cfgcmd:: set load-balancing reverse-proxy global-parameters tls-version-min
<version>
Specify the minimum required TLS version 1.2 or 1.3
Health checks
=============
HTTP checks
-----------
For web application providing information about their state HTTP health For web application providing information about their state HTTP health
checks can be used to determine their availability. checks can be used to determine their availability.
@ -185,31 +211,32 @@ checks can be used to determine their availability.
expect <condition> expect <condition>
Sets the expected result condition for considering a server healthy. Sets the expected result condition for considering a server healthy.
Some possible examples are: Some possible examples are:
* ``status 200`` Expecting a 200 response code * ``status 200`` Expecting a 200 response code
* ``status 200-399`` Expecting a non-failure response code * ``status 200-399`` Expecting a non-failure response code
* ``string success`` Expecting the string `success` in the response body * ``string success`` Expecting the string `success` in the response body
Global TCP checks
------- ----------
Global parameters Health checks can also be configured for TCP mode backends. You can configure
protocol aware checks for a range of Layer 7 protocols:
.. cfgcmd:: set load-balancing reverse-proxy global-parameters max-connections .. cfgcmd:: set load-balancing reverse-proxy backend <name> health-check <protocol>
<num>
Limit maximum number of connections Available health check protocols:
* ``ldap`` LDAP protocol check.
* ``redis`` Redis protocol check.
* ``mysql`` MySQL protocol check.
* ``pgsql`` PostgreSQL protocol check.
* ``smtp`` SMTP protocol check.
.. cfgcmd:: set load-balancing reverse-proxy global-parameters ssl-bind-ciphers .. note:: If you specify a server to be checked but do not configure a
<ciphers> protocol, a basic TCP health check will be attempted. A server shall be
deemed online if it responses to a connection attempt with a valid
Limit allowed cipher algorithms used during SSL/TLS handshake ``SYN/ACK`` packet.
.. cfgcmd:: set load-balancing reverse-proxy global-parameters tls-version-min
<version>
Specify the minimum required TLS version 1.2 or 1.3
Redirect HTTP to HTTPS Redirect HTTP to HTTPS