haproxy_config/haproxy_config_template.cfg at master · pitdive/haproxy_config · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
# Related to HyperStore Load-Balancing Guide v14
# Template for haproxy_config v=1.4
#
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------

global
    log             /dev/log local0
    # Add those 2 lines below in /etc/rsyslog.conf (restart it + haproxy to have logfile)
    # Save HAProxy messages to haproxy.log
    # local1.*                                                /var/log/haproxy.log
    log             /dev/log local1 notice
    chroot          /var/lib/haproxy
    pidfile         /var/run/haproxy.pid
    user            haproxy
    group           haproxy
    spread-checks   5
    tune.bufsize    32768
    tune.maxrewrite 1024
    daemon
    # Adjust the default bind options if needed --> avoid to forward requests to Cloudian cluster
    ssl-default-bind-options ssl-min-ver TLSv1.2

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats mode 660 level admin

#---------------------------------------------------------------------
# Defaults settings
#---------------------------------------------------------------------

defaults
    mode                    tcp         # keep it for performances and SSL streams
    log                     global
    timeout connect         5s
    timeout client          1m
    timeout server          1m
    timeout check           5s
    maxconn                 16384
    balance                 leastconn
    option                  tcplog
    option                  allbackups

#---------------------------------------------------------------------
# Statistics settings
#---------------------------------------------------------------------

listen stats
    bind :8080
    mode http
    maxconn 128
    stats enable
    stats uri /
    stats realm HAProxy\ Statistics\ for\ Cloudian\ HyperStore\ Cluster
    stats show-desc " Cloudian HyperStore cluster"
    stats show-legends
    # Show the hostname on the GUI - Useful for the KeepAlived Configuration
    stats show-node
    stats auth admin:Stat-HAPr0xy
    # For Admin tasks allowed under stats, uncomment this line # stats admin if TRUE
    stats refresh 5s

#---------------------------------------------------------------------
# Mail settings
#---------------------------------------------------------------------
$mailserver_line

#---------------------------------------------------------------------
# HyperStore configuration
#---------------------------------------------------------------------

# HTTP for CMC
listen $cmc_endpoint
    bind :8888
    mode http   # needed to redirect it automatically to HTTPS
    description Cloudian HyperStore CMC - HTTP --> redirect to CMC - HTTPS
    http-request replace-value Host (.*):8888 \1:8443
    http-request redirect code 302 location https://%[hdr(host)]%[capture.req.uri]

# HTTPS for CMC
listen https.$cmc_endpoint
    bind :8443
    description Cloudian HyperStore CMC - HTTPS
    stick-table type ip size 100k expire 30m
    stick on src
    option httpchk OPTIONS /Cloudian/login.htm
    # the maxconn parameter allows you to limit the number of connections per node, you can adjust it easily
$cmc_https_list

# HTTP for s3
listen $s3_endpoint
    bind :80
    description Cloudian HyperStore S3 - HTTP
    option httpchk
    http-check send meth HEAD uri /.healthCheck
    http-check expect status 200
    # the maxconn parameter allows you to limit the number of connections per node, you can adjust it easily
$s3_http_list

# HTTPS for s3
listen https.$s3_endpoint
    bind :443
    description Cloudian HyperStore S3 - HTTPS
    option httpchk
    http-check send meth HEAD uri /.healthCheck
    http-check expect status 200
    # the maxconn parameter allows you to limit the number of connections per node, you can adjust it easily
$mail_list
$s3_https_list

# ADMIN API
listen $admin_endpoint
    bind :19443
    description Cloudian HyperStore Admin API
    option httpchk
    http-check send meth HEAD uri /.healthCheck
    http-check expect status 200
    # the maxconn parameter allows you to limit the number of connections per node, you can adjust it easily
$mail_list
$admin_https_list

# HTTP for IAM
listen $iam_endpoint
    bind :16080
    description Cloudian HyperStore IAM - HTTP
    option httpchk
    http-check send meth HEAD uri /.healthCheck
    http-check expect status 200
    # the maxconn parameter allows you to limit the number of connections per node, you can adjust it easily
$iam_http_list

# HTTPS for IAM
listen https.$iam_endpoint
    bind :16443
    description Cloudian HyperStore IAM - HTTPS
    option httpchk
    http-check send meth HEAD uri /.healthCheck
    http-check expect status 200
    # the maxconn parameter allows you to limit the number of connections per node, you can adjust it easily
$iam_https_list

# End of file // (let LF at the end please)