| global | |
| chroot /var/lib/haproxy | |
| daemon | |
| group haproxy | |
| log 127.0.0.1 local0 | |
| maxconn 4000 | |
| pidfile /var/run/haproxy.pid | |
| stats socket /var/lib/haproxy/stats | |
| user haproxy | |
| defaults | |
| balance roundrobin | |
| log global | |
| mode http | |
| option allbackups | |
| option forceclose | |
| option httpchk GET / | |
| timeout connect 15s | |
| timeout client 60s | |
| timeout server 600s | |
| timeout queue 10s | |
| frontend tsdb | |
| bind *:80 | |
| acl path_get path -m beg /api/query | |
| acl path_put path -m beg /api/put | |
| acl path_put path -m beg /api/metadata/put | |
| acl path_put path -m beg /api/count | |
| default_backend bosun | |
| option httplog | |
| stats enable | |
| stats uri /haproxy | |
| use_backend tsdb_read if path_get | |
| use_backend tsdb_write if path_put | |
| backend bosun | |
| server ny-bosun01 ny-bosun01:8080 | |
| backend tsdb_read | |
| server ny-tsdb01 ny-tsdb01:4242 check | |
| server ny-tsdb02 ny-tsdb02:4242 check | |
| server ny-tsdb03 ny-tsdb03:4242 check backup | |
| backend tsdb_write | |
| # A bunch of ACLs to make sure we don't get writes accidently from dev machines, vpn, etc | |
| acl allowed src .... | |
| acl blocked src .... | |
| http-request deny if blocked | |
| http-request deny unless allowed | |
| server ny-tsdb03 ny-tsdb03:5252 check | |
| server ny-tsdb01 ny-tsdb01:5252 check backup | |
| server ny-tsdb02 ny-tsdb02:5252 check backup |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment