High Availability with Multiple SSL Certificates
I'm interested in setting up another HAProxy "clone" to setup for IP failover (As per
It seems like I need the base IP address for each machine + 2 IPs used as floating IPs. That would give me 2 HA IPs that I could fail over if either of the HAProxy instances went down – one floating IP per SSL cert.
Is my logic correct? I know Linode has strict IP address policies (and rightly so!) -- does this usage fit with the requirements of extra IPs?
Thanks in advance for any advice/tips regarding this!
1 Reply
Setup a private network between the two machines and use that address as the primary address, and then the "real" IP address can be the VIP service address for each web site. This will mean that if one node isn't running either site then it won't be accessible except via the private network or via LISH, but it is a solution that would save you needing 2 IP addresses.
Alternatively, and similarly, use IPv6 for the server address and just use IPv4 for the HA service address. Then each machine can always be reached by its IPv6 address for admin/maintenance. (If you don't have IPv6 at your work location/home/where-ever then consider a HE tunnel; works pretty well for me!)