mrlesmithjr/haproxy.cfg

## haproxy.cfg
# Ansible managed

global
    # Remote syslog servers
    log 10.0.102.102:514 local0
    #log-send-hostname
    daemon
    chroot /var/lib/haproxy
    group haproxy
    maxconn 40000
    spread-checks 3
    stats socket /var/run/haproxy.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    # Default SSL material locations
    ca-base /etc/ssl/certs
    crt-base /etc/ssl/private

    # Default ciphers to use on SSL-enabled listening sockets.
    # For more information, see ciphers(1SSL).
    ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
    ssl-default-bind-options no-sslv3

defaults
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http
    log global
    maxconn 40000
    mode tcp
    option dontlognull
    option redispatch
    option tcp-smart-accept
    option tcp-smart-connect
    option tcplog
    retries 3
    timeout client 50000
    timeout connect 50000
    timeout queue 5000
    timeout server 50000

userlist STATSUSERS
    group admin users admin
    user admin insecure-password admin

listen stats
    bind *:9090
    mode http
    stats enable
    stats refresh 60s
    stats uri /
    acl AuthOkay_ReadOnly http_auth(STATSUSERS)
    acl AuthOkay_Admin http_auth_group(STATSUSERS) admin
    stats http-request auth realm stats unless AuthOkay_ReadOnly

frontend elasticsearch-in-9200
    mode http
    bind 10.0.102.102:9200
    default_backend elasticsearch-nodes-9200

frontend grafana-in-3000
    mode http
    bind 10.0.102.102:3000
    default_backend grafana-nodes-3000

frontend grafana-mysql-in-3306
    mode tcp
    bind 10.0.102.102:3306
    default_backend grafana-mysql-nodes-3306

frontend influxdb-in-8086
    mode tcp
    bind 10.0.102.102:8086
    default_backend influxdb-nodes-8086

frontend influxdb-relay-in-9096
    mode tcp
    bind 10.0.102.102:9096
    default_backend influxdb-relay-nodes-9096

frontend kibana-in-5601
    mode http
    bind 10.0.102.102:5601
    default_backend kibana-nodes-5601

frontend rabbitmq-in-5672
    mode tcp
    bind 10.0.102.102:5672
    default_backend rabbitmq-nodes-5672

frontend rabbitmq-in-15672
    mode tcp
    bind 10.0.102.102:15672
    default_backend rabbitmq-nodes-15672

frontend syslog-in-10514
    mode tcp
    bind 10.0.102.102:10514
    default_backend pre_processors-nodes-10514

backend elasticsearch-nodes-9200
    mode http
    balance roundrobin
    option httplog
    default-server maxconn 256 maxqueue 128 weight 100
    server elk-es-1 elk-es-1:9200 check
    server elk-es-2 elk-es-2:9200 check
    server elk-es-3 elk-es-3:9200 check

backend grafana-nodes-3000
    mode http
    balance roundrobin
    cookie HA_BACKEND_ID insert indirect nocache
    option httplog
    default-server maxconn 256 maxqueue 128 weight 100
    server elk-dashboard-1 elk-dashboard-1:3000 check cookie 1
    server elk-dashboard-2 elk-dashboard-2:3000 check cookie 2
    server elk-dashboard-3 elk-dashboard-3:3000 check cookie 3

backend grafana-mysql-nodes-3306
    mode tcp
    balance roundrobin
    option tcplog
    default-server maxconn 256 maxqueue 128 weight 100
    server elk-dashboard-1 elk-dashboard-1:3306 check
    server elk-dashboard-2 elk-dashboard-2:3306 backup check
    server elk-dashboard-3 elk-dashboard-3:3306 backup check

backend influxdb-nodes-8086
    mode tcp
    balance roundrobin
    option tcplog
    default-server maxconn 256 maxqueue 128 weight 100
    server influxdb-1 influxdb-1:8086 check
    server influxdb-2 influxdb-2:8086 check

backend influxdb-relay-nodes-9096
    mode tcp
    balance roundrobin
    option tcplog
    default-server maxconn 256 maxqueue 128 weight 100
    server influxdb-1 influxdb-1:9096 check
    server influxdb-2 influxdb-2:9096 check

backend kibana-nodes-5601
    mode http
    balance roundrobin
    cookie HA_BACKEND_ID insert indirect nocache
    option httplog
    default-server maxconn 256 maxqueue 128 weight 100
    server elk-dashboard-1 elk-dashboard-1:5601 check cookie 1
    server elk-dashboard-2 elk-dashboard-2:5601 check cookie 2
    server elk-dashboard-3 elk-dashboard-3:5601 check cookie 3

backend rabbitmq-nodes-5672
    mode tcp
    balance roundrobin
    option tcplog
    default-server maxconn 256 maxqueue 128 weight 100
    server elk-broker-1 elk-broker-1:5672 check
    server elk-broker-2 elk-broker-2:5672 check
    server elk-broker-3 elk-broker-3:5672 check

backend rabbitmq-nodes-15672
    mode tcp
    balance roundrobin
    option tcplog
    default-server maxconn 256 maxqueue 128 weight 100
    server elk-broker-1 elk-broker-1:15672 check
    server elk-broker-2 elk-broker-2:15672 check
    server elk-broker-3 elk-broker-3:15672 check

backend pre_processors-nodes-10514
    mode tcp
    balance roundrobin
    option tcplog
    default-server maxconn 256 maxqueue 128 weight 100
    server elk-pre-processor-1 elk-pre-processor-1:10514 check
    server elk-pre-processor-2 elk-pre-processor-2:10514 check
	# Ansible managed

	global
	# Remote syslog servers
	log 10.0.102.102:514 local0
	#log-send-hostname
	daemon
	chroot /var/lib/haproxy
	group haproxy
	maxconn 40000
	spread-checks 3
	stats socket /var/run/haproxy.sock mode 660 level admin
	stats timeout 30s
	user haproxy
	# Default SSL material locations
	ca-base /etc/ssl/certs
	crt-base /etc/ssl/private

	# Default ciphers to use on SSL-enabled listening sockets.
	# For more information, see ciphers(1SSL).
	ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
	ssl-default-bind-options no-sslv3

	defaults
	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http
	log global
	maxconn 40000
	mode tcp
	option dontlognull
	option redispatch
	option tcp-smart-accept
	option tcp-smart-connect
	option tcplog
	retries 3
	timeout client 50000
	timeout connect 50000
	timeout queue 5000
	timeout server 50000

	userlist STATSUSERS
	group admin users admin
	user admin insecure-password admin

	listen stats
	bind *:9090
	mode http
	stats enable
	stats refresh 60s
	stats uri /
	acl AuthOkay_ReadOnly http_auth(STATSUSERS)
	acl AuthOkay_Admin http_auth_group(STATSUSERS) admin
	stats http-request auth realm stats unless AuthOkay_ReadOnly

	frontend elasticsearch-in-9200
	mode http
	bind 10.0.102.102:9200
	default_backend elasticsearch-nodes-9200

	frontend grafana-in-3000
	mode http
	bind 10.0.102.102:3000
	default_backend grafana-nodes-3000

	frontend grafana-mysql-in-3306
	mode tcp
	bind 10.0.102.102:3306
	default_backend grafana-mysql-nodes-3306

	frontend influxdb-in-8086
	mode tcp
	bind 10.0.102.102:8086
	default_backend influxdb-nodes-8086

	frontend influxdb-relay-in-9096
	mode tcp
	bind 10.0.102.102:9096
	default_backend influxdb-relay-nodes-9096

	frontend kibana-in-5601
	mode http
	bind 10.0.102.102:5601
	default_backend kibana-nodes-5601

	frontend rabbitmq-in-5672
	mode tcp
	bind 10.0.102.102:5672
	default_backend rabbitmq-nodes-5672

	frontend rabbitmq-in-15672
	mode tcp
	bind 10.0.102.102:15672
	default_backend rabbitmq-nodes-15672

	frontend syslog-in-10514
	mode tcp
	bind 10.0.102.102:10514
	default_backend pre_processors-nodes-10514

	backend elasticsearch-nodes-9200
	mode http
	balance roundrobin
	option httplog
	default-server maxconn 256 maxqueue 128 weight 100
	server elk-es-1 elk-es-1:9200 check
	server elk-es-2 elk-es-2:9200 check
	server elk-es-3 elk-es-3:9200 check

	backend grafana-nodes-3000
	mode http
	balance roundrobin
	cookie HA_BACKEND_ID insert indirect nocache
	option httplog
	default-server maxconn 256 maxqueue 128 weight 100
	server elk-dashboard-1 elk-dashboard-1:3000 check cookie 1
	server elk-dashboard-2 elk-dashboard-2:3000 check cookie 2
	server elk-dashboard-3 elk-dashboard-3:3000 check cookie 3

	backend grafana-mysql-nodes-3306
	mode tcp
	balance roundrobin
	option tcplog
	default-server maxconn 256 maxqueue 128 weight 100
	server elk-dashboard-1 elk-dashboard-1:3306 check
	server elk-dashboard-2 elk-dashboard-2:3306 backup check
	server elk-dashboard-3 elk-dashboard-3:3306 backup check

	backend influxdb-nodes-8086
	mode tcp
	balance roundrobin
	option tcplog
	default-server maxconn 256 maxqueue 128 weight 100
	server influxdb-1 influxdb-1:8086 check
	server influxdb-2 influxdb-2:8086 check

	backend influxdb-relay-nodes-9096
	mode tcp
	balance roundrobin
	option tcplog
	default-server maxconn 256 maxqueue 128 weight 100
	server influxdb-1 influxdb-1:9096 check
	server influxdb-2 influxdb-2:9096 check

	backend kibana-nodes-5601
	mode http
	balance roundrobin
	cookie HA_BACKEND_ID insert indirect nocache
	option httplog
	default-server maxconn 256 maxqueue 128 weight 100
	server elk-dashboard-1 elk-dashboard-1:5601 check cookie 1
	server elk-dashboard-2 elk-dashboard-2:5601 check cookie 2
	server elk-dashboard-3 elk-dashboard-3:5601 check cookie 3

	backend rabbitmq-nodes-5672
	mode tcp
	balance roundrobin
	option tcplog
	default-server maxconn 256 maxqueue 128 weight 100
	server elk-broker-1 elk-broker-1:5672 check
	server elk-broker-2 elk-broker-2:5672 check
	server elk-broker-3 elk-broker-3:5672 check

	backend rabbitmq-nodes-15672
	mode tcp
	balance roundrobin
	option tcplog
	default-server maxconn 256 maxqueue 128 weight 100
	server elk-broker-1 elk-broker-1:15672 check
	server elk-broker-2 elk-broker-2:15672 check
	server elk-broker-3 elk-broker-3:15672 check

	backend pre_processors-nodes-10514
	mode tcp
	balance roundrobin
	option tcplog
	default-server maxconn 256 maxqueue 128 weight 100
	server elk-pre-processor-1 elk-pre-processor-1:10514 check
	server elk-pre-processor-2 elk-pre-processor-2:10514 check