Hi, I'm trying to set up HAProxy (v2.6.12) as a reverse proxy for 2 Proxmox VE servers (v8.1.3).
The web UI works fine, but connections to noVNC consoles break randomly, sometimes every ~15 seconds, sometimes every minute or so, sometimes 10 times over the course of 2 seconds. It's incredibly inconsistent.
The current HAProxy config looks like this:
If the backend section looks cluttered it's because I tried many different solutions, but to no avail. The cookies are definitely necessary, as everything breaks without them.
TIA. Any help is much appreciated. If you need any more info just ask.
The web UI works fine, but connections to noVNC consoles break randomly, sometimes every ~15 seconds, sometimes every minute or so, sometimes 10 times over the course of 2 seconds. It's incredibly inconsistent.
The current HAProxy config looks like this:
Code:
global
log stdout syslog
defaults
log global
timeout client 300s
timeout server 300s
timeout connect 5s
timeout http-request 5s
frontend http_front
bind :80
mode http
option httplog
redirect scheme https code 301 if !{ ssl_fc }
frontend https_front
bind 192.168.100.20:443 ssl crt /etc/haproxy/certs
mode http
option httplog
http-request redirect location https://%[hdr(host)].local.domain.com%[pathq] if !{ hdr_sub(host) -i local.domain.com }
...
use_backend pve if { hdr(host) -i pve.local.domain.com }
backend pve
mode http
balance roundrobin
option http-server-close
cookie SERVER insert indirect nocache
option forwardfor
timeout tunnel 1h
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
server pve-0 192.168.100.40:8006 ssl verify none check port 8006 inter 5s rise 2 fall 2 cookie pve-0
server pve-1 192.168.100.41:8006 ssl verify none check port 8006 inter 5s rise 2 fall 2 cookie pve-1
...
If the backend section looks cluttered it's because I tried many different solutions, but to no avail. The cookies are definitely necessary, as everything breaks without them.
TIA. Any help is much appreciated. If you need any more info just ask.