I a have setup a Graylog cluster with two nodes and configured ssl certificates; all are working fine.
The next step is to configure a load balancing for the cluster; I passed thorough all the documentation related to the topic but still don’t find the right way to do it.
Lately I installed nginx on both nodes and also configured https on each
The example I try to follow is the one on https://docs.graylog.org/en/4.0/pages/configuration/web_interface.html Multiple Backends (roundrobin) with Health-Check (using HTTP) :
Following are my questions:
This listing is for backend with HTTP, as in my setup I use HTTPS , should I just change the top part and adapt to https ?
Should this listing (modified according to my setup) be copied on virtual host of the nginx web server on each node ? or somewhere else ?
http-request add-header X-Forwarded-Host %[req.hdr(host)]
http-request add-header X-Forwarded-Server %[req.hdr(host)]
http-request add-header X-Forwarded-Port %[dst_port]
acl is_graylog hdr_dom(host) -i -m str graylog.example.org
description The Graylog Web backend.
option httpchk HEAD /api/system/lbstatus
http-request set-header X-Graylog-Server-URL http://graylog.example.org/
server graylog1 192.168.0.10:9000 maxconn 20 check
server graylog2 192.168.0.11:9000 maxconn 20 check
server graylog3 192.168.0.12:9000 maxconn 20 check
In the Graylog configuration file /etc/graylog/server/server.conf I already setup HTTPS, should I keep or remove it because ssl certificate has been installed in the nginx ?
Or may I get a sample configuration for HA Proxy in order to lad balance between the nodes with a health check with HTTPS ?
Thank you for the quick, response
To resume what I understand,
On both of my (2) Graylog servers I install and configure HAProxy according to the documentation on links your you referred ?