Hey there,
A few months ago, users on this site helped me get my HAProxy config working load balancing one service across three backends. Thank you again for that!!
Now we’d like to add a new service. For ease of writing, we’ll say the first service is a file upload service that runs on three servers. We’d now like to add a VDI gateway, i.e. if a user heads to fileupload.example.com, traffic is sent to one of the three fileupload servers, certificate in tow. Users going to gateway.example.com should be sent to the gateway server, a different certificate in tow.
I am new to this, so forgive me if I’m not giving the appropriate information
Looking at other configs, I see users creating frontend HTTP and frontend HTTPS, and then backend servers. That makes sense to me. But I don’t see where they’re passing along certificates. My bind *:443 SSL crt line is in my frontend currently. Please see below for my (obfuscated) config.
frontend FILEUPLOAD
bind *:80
bind *:443 ssl crt /etc/letsencrypt/live/fileupload.example.com/fullchain.pem
redirect scheme https if !{ ssl_fc }
#option tcplog
mode http
default_backend web-servers
frontend STATS
mode http
bind *:8080
stats enable
stats uri /stats
stats refresh 10s
backend web-servers
mode http
balance source
#option tcp-check
serverfileupload1 12.1.2.12:80 check fall 3 rise 2
server fileupload2 12.1.2.12:80 check fall 3 rise 2
server fileupload3 12.1.2.12:80 check fall 3 rise 2