45 lines
1.1 KiB
INI
45 lines
1.1 KiB
INI
|
global
|
||
|
|
log stdout local0
|
||
|
|
user haproxy
|
||
|
|
group haproxy
|
||
|
|
chroot /var/lib/haproxy
|
||
|
|
pidfile /var/run/haproxy.pid
|
||
|
|
# https://stackoverflow.com/a/74536649
|
||
|
|
maxconn 1000
|
||
|
|
|
||
|
|
defaults
|
||
|
|
timeout client 10s
|
||
|
|
timeout connect 5s
|
||
|
|
timeout server 10s
|
||
|
|
timeout http-request 10s
|
||
|
|
log global
|
||
|
|
mode http
|
||
|
|
option httplog
|
||
|
|
|
||
|
|
listen stats
|
||
|
|
bind *:9000
|
||
|
|
mode http
|
||
|
|
stats enable
|
||
|
|
stats hide-version
|
||
|
|
stats uri /stats
|
||
|
|
stats refresh 30s
|
||
|
|
stats realm Haproxy\ Statistics
|
||
|
|
stats auth admin:$ADMIN_PASSWORD
|
||
|
|
|
||
|
|
frontend k8s-https
|
||
|
|
bind *:6442
|
||
|
|
mode tcp
|
||
|
|
option tcplog
|
||
|
|
tcp-request inspect-delay 5s
|
||
|
|
tcp-request content accept if { req.ssl_hello_type 1 }
|
||
|
|
default_backend k8s-https
|
||
|
|
|
||
|
|
backend k8s-https
|
||
|
|
balance roundrobin
|
||
|
|
mode tcp
|
||
|
|
option tcp-check
|
||
|
|
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
|
||
|
|
server peer-0 $PEER_0 check
|
||
|
|
server peer-1 $PEER_1 check
|
||
|
|
server peer-2 $PEER_2 check
|