HAproxy config for Rancher
-
I'm using PFsense to provide an HA Proxy LB for Rancher's UI. I've got 3 servers in the pool and things seem to mostly work, but Rancher complains about websockets not working correctly.
The error I see in Rancher is:
Error connecting to WebSocket Unable to establish a WebSocket connection to the server. If your server is behind a proxy or SSL-termination device, Browser can not connect to WebSocket. If you run the server behind a proxy, please make sure the proxy supports WebSockets. Streaming stats, logs, shell/console, and auto-updating of the state of resources may not work until this is resolved.I don't know much about HAProxy, so I'm not sure where to start. Has anyone used either Rancher or other websocket based services behind HAProxy on PFSense?
Is there a way to install NGINX?
- PFSense: 2.4.4-RELEASE-p2
- HAProxy: 1.7.11
- Rancher: 2.3.5
haproxy.cfg:
# Automaticaly generated, dont edit manually. # Generated on: 2020-12-12 14:52 global maxconn 100 stats socket /tmp/haproxy.socket level admin uid 80 gid 80 nbproc 1 hard-stop-after 15m chroot /tmp/haproxy_chroot daemon server-state-file /tmp/haproxy_server_state listen HAProxyLocalStats bind 127.0.0.1:2200 name localstats mode http stats enable stats admin if TRUE stats show-legends stats uri /haproxy/haproxy_stats.php?haproxystats=1 timeout client 5000 timeout connect 5000 timeout server 5000 frontend rancher bind 10.168.12.20:443 name 10.168.12.20:443 mode tcp log global timeout client 30000 default_backend rancher_ipvANY backend rancher_ipvANY mode tcp id 101 log global balance roundrobin timeout connect 30000 timeout server 30000 retries 3 option httpchk GET /healthz timeout tunnel 24h server swarth-dok-001 10.168.12.247:443 id 102 check-ssl check inter 1000 verify none server swarth-dok-003 10.168.12.248:443 id 103 check-ssl check inter 1000 verify none server swarth-dok-002 10.168.12.246:443 id 104 check-ssl check inter 1000 verify none