Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do you make HAProxy load balance for Search Head Pooling?

rayutsw
Engager
‎08-06-2013 09:19 AM

I'd like to use HAProxy for Search Head Pooling with SSL.

Reply
1 Solution
Solved! Jump to solution
Solution

rayutsw
Engager
‎08-06-2013 09:26 AM

This solution relies on HAProxy to terminate the SSL connection and the Search Heads to run in non-SSL Mode.

Download HAProxy from source (Currently only 1.5 supports SSL).

Build with SSL:

make TARGET=linux2628 USE_STATIC_PCRE=1 USE_OPENSSL=1

haproxy.cfg:

global
  maxconn     4096
  nbproc      1
  debug
  daemon
  log         127.0.0.1    local0
defaults
  mode        http
  option      httplog
  log         global
  timeout connect 5000ms
  timeout client 50000ms
  timeout server 50000ms

frontend splunk_secured
  mode http
  bind :443 ssl crt /etc/haproxy/splunk.pem # Includes Cert/Root/Intermediate/PrivateKey
  bind :80
  reqadd X-Forwarded-Proto:\ https
  redirect scheme https if !{ ssl_fc }
  default_backend splunk_search_heads


backend splunk_search_heads
        mode http
        balance roundrobin # Load Balancing algorithm
        cookie SRV insert indirect nocache # Allows sticky sessions
        ## Define your servers to balance
        server splnksh1 192.168.0.1:8000 cookie splnksh1 weight 1 maxconn 512 check port 8000
        server splnksh2 192.168.0.2:8000 cookie splnksh2 weight 1 maxconn 512 check port 8000
        server splnksh3 192.168.0.3:8000 cookie splnksh3 weight 1 maxconn 512 check port 8000

Restart HAProxy. Connect to HAProxy via https and verify everything works.

View solution in original post

Reply
Solved! Jump to solution
Solution

rayutsw
Engager
‎08-06-2013 09:26 AM

This solution relies on HAProxy to terminate the SSL connection and the Search Heads to run in non-SSL Mode.

Download HAProxy from source (Currently only 1.5 supports SSL).

Build with SSL:

make TARGET=linux2628 USE_STATIC_PCRE=1 USE_OPENSSL=1

haproxy.cfg:

global
  maxconn     4096
  nbproc      1
  debug
  daemon
  log         127.0.0.1    local0
defaults
  mode        http
  option      httplog
  log         global
  timeout connect 5000ms
  timeout client 50000ms
  timeout server 50000ms

frontend splunk_secured
  mode http
  bind :443 ssl crt /etc/haproxy/splunk.pem # Includes Cert/Root/Intermediate/PrivateKey
  bind :80
  reqadd X-Forwarded-Proto:\ https
  redirect scheme https if !{ ssl_fc }
  default_backend splunk_search_heads


backend splunk_search_heads
        mode http
        balance roundrobin # Load Balancing algorithm
        cookie SRV insert indirect nocache # Allows sticky sessions
        ## Define your servers to balance
        server splnksh1 192.168.0.1:8000 cookie splnksh1 weight 1 maxconn 512 check port 8000
        server splnksh2 192.168.0.2:8000 cookie splnksh2 weight 1 maxconn 512 check port 8000
        server splnksh3 192.168.0.3:8000 cookie splnksh3 weight 1 maxconn 512 check port 8000

Restart HAProxy. Connect to HAProxy via https and verify everything works.

Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...