【发布时间】:2014-01-27 21:07:31
【问题描述】:
我在 LB 后面运行 HAProxy 1.4.24。 SSL 在 LB 上终止。我想将http请求重定向到https。我有以下配置:
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend httpIn *:7258
maxconn 100000
option forwardfor header x-forwarded-for
acl is_http hdr(X-Forwarded-Proto) http
redirect scheme https code 301 if is_http
default_backend app
backend app
balance roundrobin
cookie LBSTICKY insert indirect nocache httponly secure maxlife 8h
server app1 10.10.10.10:8080 cookie app1
server app2 10.10.10.11:8080 cookie app2
我的问题是线路
redirect scheme https code 301 if is_http
运行haproxy -f /etc/haproxy/haproxy.cfg -c时会产生以下错误:
[ALERT] 026/210541 (8482) : parsing [/etc/haproxy/haproxy.cfg:67] : 'redirect' expects 'code', 'prefix', 'location', 'set-cookie', 'clear-cookie', 'drop-query' or 'append-slash' (was 'scheme').`
我重新检查了文档,上面说我使用了正确的重定向语法。有什么想法吗?
【问题讨论】:
标签: haproxy