Last active
August 16, 2018 04:17
-
-
Save jeka-kiselyov/75837f71121f8a9f993ed148ae9e505e to your computer and use it in GitHub Desktop.
Haproxy 1.6 node server balancer on Ubuntu, works on aws
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo add-apt-repository ppa:vbernat/haproxy-1.6 | |
| sudo apt-get update | |
| sudo apt-get install haproxy | |
| # restart service | |
| sudo service haproxy restart | |
| # configuration file | |
| sudo nano /etc/haproxy/haproxy.cfg | |
| # check configuration file for alerts | |
| haproxy -c -V -f /etc/haproxy/haproxy.cfg | |
| # don't forget to remove any ubuntu port forwarding (usually in defined in /etc/rc.local) | |
| # add node server to autoloading: | |
| crontab -e | |
| # add: | |
| @reboot PORT=9090 forever start /home/ubuntu/app/index.js | |
| @reboot PORT=9091 forever start /home/ubuntu/app/index.js | |
| @reboot PORT=9092 forever start /home/ubuntu/app/index.js | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend localnodes | |
| bind *:443 ssl crt /home/ubuntu/cert.pem no-sslv3 | |
| acl secure dst_port eq 443 | |
| mode tcp | |
| default_backend nodes | |
| backend nodes | |
| mode tcp | |
| balance roundrobin | |
| option httpchk GET / HTTP/1.1\r\nHost:localhost | |
| server web01 127.0.0.1:9090 check | |
| server web02 127.0.0.1:9091 check | |
| server web03 127.0.0.1:9092 check | |
| global | |
| log /dev/log local0 | |
| log /dev/log local1 notice | |
| chroot /var/lib/haproxy | |
| user haproxy | |
| group haproxy | |
| daemon | |
| ssl-default-bind-ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EEC$ | |
| ssl-default-bind-options no-sslv3 no-tlsv10 | |
| tune.ssl.default-dh-param 4096 | |
| defaults | |
| log global | |
| mode http | |
| option httplog | |
| option dontlognull | |
| contimeout 5000 | |
| clitimeout 50000 | |
| srvtimeout 50000 | |
| errorfile 400 /etc/haproxy/errors/400.http | |
| errorfile 403 /etc/haproxy/errors/403.http | |
| errorfile 408 /etc/haproxy/errors/408.http | |
| errorfile 500 /etc/haproxy/errors/500.http | |
| errorfile 502 /etc/haproxy/errors/502.http | |
| errorfile 503 /etc/haproxy/errors/503.http | |
| errorfile 504 /etc/haproxy/errors/504.http | |
| listen stats | |
| bind *:1936 | |
| mode http | |
| balance | |
| timeout client 5000 | |
| timeout connect 4000 | |
| timeout server 30000 | |
| #This is the virtual URL to access the stats page | |
| stats uri /haproxy_stats | |
| stats auth admin:password | |
| #This allows you to take down and bring up back end servers. | |
| #This will produce an error on older versions of HAProxy. | |
| stats admin if TRUE | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment