diff options
author | Robert Göhler <github@ghlr.de> | 2024-06-05 21:27:47 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-06-05 21:27:47 +0200 |
commit | 411850b9076e5a6638c15e980e094f5f97f74329 (patch) | |
tree | de7630a6dc63b5ffe441c7d744dd4524ade5dc48 /docs/configuration | |
parent | ccf1e09e345f1f5bd8d2ec37838ad3d267b24cb9 (diff) | |
parent | a5354a65be668f10136b2f65ba1c9a41bf2708ca (diff) | |
download | vyos-documentation-411850b9076e5a6638c15e980e094f5f97f74329.tar.gz vyos-documentation-411850b9076e5a6638c15e980e094f5f97f74329.zip |
Merge pull request #1472 from Embezzle/T6434
reverse-proxy: T6434: Support additional health-check protocols
Diffstat (limited to 'docs/configuration')
-rw-r--r-- | docs/configuration/loadbalancing/reverse-proxy.rst | 61 |
1 files changed, 44 insertions, 17 deletions
diff --git a/docs/configuration/loadbalancing/reverse-proxy.rst b/docs/configuration/loadbalancing/reverse-proxy.rst index 3edc4283..9cb49a7f 100644 --- a/docs/configuration/loadbalancing/reverse-proxy.rst +++ b/docs/configuration/loadbalancing/reverse-proxy.rst @@ -161,8 +161,34 @@ Backend Set custom HTTP headers to be included in all responses using the backend -HTTP health check -^^^^^^^^^^^^^^^^^ +Global +------- + +Global parameters + +.. cfgcmd:: set load-balancing reverse-proxy global-parameters max-connections + <num> + + Limit maximum number of connections + +.. cfgcmd:: set load-balancing reverse-proxy global-parameters ssl-bind-ciphers + <ciphers> + + Limit allowed cipher algorithms used during SSL/TLS handshake + +.. cfgcmd:: set load-balancing reverse-proxy global-parameters tls-version-min + <version> + + Specify the minimum required TLS version 1.2 or 1.3 + + +Health checks +============= + + +HTTP checks +----------- + For web application providing information about their state HTTP health checks can be used to determine their availability. @@ -185,31 +211,32 @@ checks can be used to determine their availability. expect <condition> Sets the expected result condition for considering a server healthy. + Some possible examples are: * ``status 200`` Expecting a 200 response code * ``status 200-399`` Expecting a non-failure response code * ``string success`` Expecting the string `success` in the response body -Global -------- - -Global parameters - -.. cfgcmd:: set load-balancing reverse-proxy global-parameters max-connections - <num> - - Limit maximum number of connections +TCP checks +---------- -.. cfgcmd:: set load-balancing reverse-proxy global-parameters ssl-bind-ciphers - <ciphers> +Health checks can also be configured for TCP mode backends. You can configure +protocol aware checks for a range of Layer 7 protocols: - Limit allowed cipher algorithms used during SSL/TLS handshake +.. cfgcmd:: set load-balancing reverse-proxy backend <name> health-check <protocol> -.. cfgcmd:: set load-balancing reverse-proxy global-parameters tls-version-min - <version> + Available health check protocols: + * ``ldap`` LDAP protocol check. + * ``redis`` Redis protocol check. + * ``mysql`` MySQL protocol check. + * ``pgsql`` PostgreSQL protocol check. + * ``smtp`` SMTP protocol check. - Specify the minimum required TLS version 1.2 or 1.3 +.. note:: If you specify a server to be checked but do not configure a + protocol, a basic TCP health check will be attempted. A server shall be + deemed online if it responses to a connection attempt with a valid + ``SYN/ACK`` packet. Redirect HTTP to HTTPS |