HAproxy config for Rancher
-
I'm using PFsense to provide an HA Proxy LB for Rancher's UI. I've got 3 servers in the pool and things seem to mostly work, but Rancher complains about websockets not working correctly.
The error I see in Rancher is:
Error connecting to WebSocket Unable to establish a WebSocket connection to the server. If your server is behind a proxy or SSL-termination device, Browser can not connect to WebSocket. If you run the server behind a proxy, please make sure the proxy supports WebSockets. Streaming stats, logs, shell/console, and auto-updating of the state of resources may not work until this is resolved.
I don't know much about HAProxy, so I'm not sure where to start. Has anyone used either Rancher or other websocket based services behind HAProxy on PFSense?
Is there a way to install NGINX?
- PFSense: 2.4.4-RELEASE-p2
- HAProxy: 1.7.11
- Rancher: 2.3.5
haproxy.cfg:
# Automaticaly generated, dont edit manually. # Generated on: 2020-12-12 14:52 global maxconn 100 stats socket /tmp/haproxy.socket level admin uid 80 gid 80 nbproc 1 hard-stop-after 15m chroot /tmp/haproxy_chroot daemon server-state-file /tmp/haproxy_server_state listen HAProxyLocalStats bind 127.0.0.1:2200 name localstats mode http stats enable stats admin if TRUE stats show-legends stats uri /haproxy/haproxy_stats.php?haproxystats=1 timeout client 5000 timeout connect 5000 timeout server 5000 frontend rancher bind 10.168.12.20:443 name 10.168.12.20:443 mode tcp log global timeout client 30000 default_backend rancher_ipvANY backend rancher_ipvANY mode tcp id 101 log global balance roundrobin timeout connect 30000 timeout server 30000 retries 3 option httpchk GET /healthz timeout tunnel 24h server swarth-dok-001 10.168.12.247:443 id 102 check-ssl check inter 1000 verify none server swarth-dok-003 10.168.12.248:443 id 103 check-ssl check inter 1000 verify none server swarth-dok-002 10.168.12.246:443 id 104 check-ssl check inter 1000 verify none