-
Notifications
You must be signed in to change notification settings - Fork 0
/
haproxy.cfg
130 lines (118 loc) · 3.53 KB
/
haproxy.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# _md5hash=571055a2d8bb0201ee5cd503ad12462b
# _version=66
# Dataplaneapi managed File
# changing file directly can cause a conflict if dataplaneapi is running
global
daemon
# start multiprocess settings
# nbproc 3
master-worker
# end
pidfile /var/run/haproxy/haproxy.pid
# stats socket /var/run/haproxy/admin.sock level admin
stats socket /var/run/haproxy/admin.sock process 3 user amel group hapee mode 660 level admin
defaults
# http-check expect status 200
# bind-process all
mode http
log global
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
userlist dataplaneapi
user admin insecure-password admin
frontend fe_map
mode http
bind-process 1
use_backend %[str(example.com),map(/tmp/maps/hosts.map)]
# bind :443 ssl crt /tmp/certs/
frontend fe_map2
bind-process 2
http-request deny if { path -i -m beg /api/ } { src -f /tmp/acl/acl1.acl }
use_backend %[str(example.com),map(/tmp/maps/host2.map)]
frontend proc3
bind *:7858
bind-process 3
use_backend bck_proc_3 if TRUE
default_backend bck_proc_3
frontend test_2
mode http
maxconn 50
bind :443
bind 0.0.0.0:8080 name test
bind 0.0.0.0:8081 name test2
acl h_xff_exists req.hdr(X-Forwarded-For) -m found
bind-process 2
# http-response del-header X-Powered-By
# bind 0.0.0.1:3456 name xxxx process 2
# bind 192.168.1.100:3423 name xxxxxxxx
option tcplog
option httplog
http-request replace-header X-Forwarded-For (.*) %[src],1 if h_xff_exists
use_backend secondary if TRUE
default_backend test_bck
http-response del-header X-Powered-By
backend bck_proc_3
balance uri
bind-process 3
server proc3 192.168.1.2:7755
backend secondary
mode http
balance uri
bind-process 2
option forwardfor
option redispatch 0
option httpchk POST
http-check expect status 200
timeout server 10
timeout connect 5
default-server fall 1 inter 1 port 1 rise 1
# http-request set-uri %[url,regsub(^/appA,/,)] if { path_beg /appA }
# http-request set-path /foo%[path] if !{ path_beg /foo }
http-request set-query %[query,regsub(%3D,=,g)]
cookie myCookie domain .mydomain.com domain .yourdomain.com httponly maxidle 10 maxlife 5 nocache postonly preserve insert secure
stick-table type string len 256 size 25600 expire 3600000 store gpc0,conn_cnt,conn_cur,sess_cnt,http_req_cnt
# server secondary 192.168.1.2:8000
server secondary 127.0.0.1
retries 12
bind :8075
backend test_bck
balance uri
bind-process 2
server test 192.168.1.1:8080
server test2 192.168.1.1:8888
server test3 192.168.1.1:8889
server www-send-proxy-10 10.1.1.10:8080 check weight 80 send-proxy
server s1 192.168.10.11:80 check cookie myCookie
server app2 127.0.0.1:8585 check disabled
server s3 127.0.0.1:8082 check
server s7 127.0.0.5:8083 check
server s8 127.0.0.6:8083 check
# Stats
listen careful
bind-process 2
bind 127.0.0.1:10901
acl careful_ips src 127.0.0.1/32
http-request deny if !careful_ips
stats enable
stats show-legends
stats admin if careful_ips
stats uri /server-status
stats show-node mynet-xx-foo-web5200-eth3
monitor-uri /aliveordead
# Another stats
listen stats
bind-process 2
bind *:8404
stats enable
stats uri /
stats refresh 5s