File: haproxy.cfg

package info (click to toggle)
python-haproxyadmin 0.2.4-3
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 436 kB
  • sloc: python: 1,500; makefile: 165; sh: 1
file content (137 lines) | stat: -rw-r--r-- 4,445 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
 
global
	log /dev/log	local0 debug
	log /dev/log	local1 debug
	chroot /var/lib/haproxy
	stats socket /run/haproxy/admin1.sock mode 666 level admin process 1
	stats socket /run/haproxy/admin2.sock mode 666 level admin process 2
	stats socket /run/haproxy/admin3.sock mode 666 level admin process 3
	stats socket /run/haproxy/admin4.sock mode 666 level admin process 4
	stats timeout 30s
	user haproxy
	group haproxy
	daemon
	nbproc 4
	cpu-map 1 0
 	cpu-map 2 1
 	cpu-map 3 1
 	cpu-map 4 0
	# Default SSL material locations
	ca-base /etc/ssl/certs
	crt-base /etc/ssl/private

	# Default ciphers to use on SSL-enabled listening sockets.
	# For more information, see ciphers(1SSL).
	ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
        ssl-default-bind-options no-sslv3
	maxconn 10000
defaults
	log	global
        rate-limit sessions 100000
        maxconn 1000000
	mode	http
	option	httplog
	option	dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http

listen haproxy-stats
    bind-process 1
    bind :8080
    stats uri /
    stats show-node
    stats refresh 10s
    stats show-legends
    no log
    acl wl_stats src -f /etc/haproxy/wl_stats
    tcp-request connection reject unless wl_stats

listen haproxy-stats2
    bind-process 2
    bind :8081
    stats uri /
    stats show-node
    stats refresh 10s
    stats show-legends
    no log
listen haproxy-stats3
    bind-process 3
    bind :8082
    stats uri /
    stats show-node
    stats refresh 10s
    stats show-legends
    no log

listen haproxy-stats4
    bind-process 4
    bind :8083
    stats uri /
    stats show-node
    stats refresh 10s
    stats show-legends
    no log
frontend frontend_proc1
    bind-process 1
    bind 0.0.0.0:81
    http-request add-header X-rand %[rand(2),map(/etc/haproxy/v-m1-bk,www.foo.com-0)]
    acl https_traffic ssl_fc
    default_backend backend_proc1
backend backend_proc1
    bind-process 1
    default-server inter 1000s
    option httpchk GET / HTTP/1.1\r\nHost:\ app.foo.com\r\nUser-Agent:\ HAProxy
    server member1_proc1 10.196.70.109:80
    server member2_proc1 10.196.70.109:80
    server bck_all_srv1 10.196.70.109:88 weight 100 check fall 2 inter 5s rise 3

frontend frontend_proc2
    bind :82
    acl bl_frontend src -f /etc/haproxy/bl_frontend
    tcp-request connection reject if bl_frontend
    acl catch_static path_beg /static/js/ /static/css/
    bind-process 2
    default_backend backend_proc2
backend backend_proc2
    bind-process 2
    default-server inter 1000s
    option httpchk GET / HTTP/1.1\r\nHost:\ app.foo.com\r\nUser-Agent:\ HAProxy
    server bck_proc2_srv1_proc2 127.0.0.1:8001 check fall 2 inter 5s rise 3
    server bck_proc2_srv2_proc2 127.0.0.1:8002 check fall 2 inter 5s rise 3
    server bck_proc2_srv3_proc2 127.0.0.1:8003 check fall 2 inter 5s rise 3
    server bck_proc2_srv4_proc2 127.0.0.1:8004 check fall 2 inter 5s rise 3

frontend frontend1_proc34
    bind :83 process 3
    bind :83 process 4
    acl vuvuzela_found      req.cook(vuvuzela)  -m found
    acl vuvuzela_0          req.cook(vuvuzela)  ver%3A27%3Bvar%3A0
    acl vuvuzela_1          req.cook(vuvuzela)  ver%3A27%3Bvar%3A1

    stick-table type ip size 1m expire 5m store gpc0
    default_backend backend1_proc34
backend backend1_proc34
    bind-process 3,4
    default-server inter 1000s
    option httpchk GET / HTTP/1.1\r\nHost:\ app.foo.com\r\nUser-Agent:\ HAProxy
    server bck1_proc34_srv1 10.196.70.109:80 check fall 2 inter 5s rise 3
    server bck1_proc34_srv2 10.196.70.109:80 check fall 2 inter 5s rise 3
    server bck_all_srv1 10.196.70.109:80 check fall 2 inter 5s rise 3
frontend frontend2_proc34
    bind :84 process 3
    bind :84 process 4
    default_backend backend2_proc34
backend backend2_proc34
    bind-process 3,4
    default-server inter 1000s
    option httpchk GET / HTTP/1.1\r\nHost:\ app.foo.com\r\nUser-Agent:\ HAProxy
    server bck2_proc34_srv1 10.196.70.109:80
    server bck2_proc34_srv2 10.196.70.109:80 check weight 100 fall 2 inter 5s rise 3
    server bck_all_srv1 10.196.70.109:80