-
-
Save v1k0d3n/9dcbb7d04b9952248a28b60008291b7e to your computer and use it in GitHub Desktop.
Standard HAProxy Configuration for OpenShift 4.7+
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#--------------------------------------------------------------------- | |
# Example configuration for a possible web application. See the | |
# full configuration options online. | |
# | |
# https://www.haproxy.org/download/1.8/doc/configuration.txt | |
# | |
#--------------------------------------------------------------------- | |
# Globals: | |
global | |
log 127.0.0.1 local2 | |
chroot /var/lib/haproxy | |
pidfile /var/run/haproxy.pid | |
maxconn 4000 | |
user haproxy | |
group haproxy | |
daemon | |
stats socket /var/lib/haproxy/stats | |
# Defaults: | |
defaults | |
mode tcp | |
log global | |
option httplog | |
option dontlognull | |
option http-server-close | |
option forwardfor except 127.0.0.0/8 | |
option redispatch | |
retries 3 | |
timeout http-request 10s | |
timeout queue 1m | |
timeout connect 10s | |
timeout client 1m | |
timeout server 1m | |
timeout http-keep-alive 10s | |
timeout check 10s | |
maxconn 3000 | |
# Stats: | |
listen HAProxyLocalStats | |
bind *:8404 name localstats | |
mode http | |
stats enable | |
stats refresh 10 | |
stats show-legends | |
stats uri /haproxy/haproxy_stats.php?haproxystats=1 | |
timeout client 5000 | |
timeout connect 5000 | |
timeout server 5000 | |
# Frontends: | |
frontend api | |
bind 192.168.5.50:6443 | |
default_backend controlplaneapi | |
frontend apiinternal | |
bind 192.168.5.50:22623 | |
default_backend controlplaneapiinternal | |
frontend secure | |
bind 192.168.5.51:443 | |
default_backend secure | |
frontend insecure | |
bind 192.168.5.51:80 | |
stats uri /haproxy?stats | |
default_backend insecure | |
# Backends: | |
backend controlplaneapi | |
balance source | |
# server bootstrap 192.168.3.21:6443 check | |
server master0 192.168.3.31:6443 check | |
server master1 192.168.3.32:6443 check | |
server master2 192.168.3.33:6443 check | |
backend controlplaneapiinternal | |
balance source | |
# server bootstrap 192.168.3.21:22623 check | |
server master0 192.168.3.31:22623 check | |
server master1 192.168.3.32:22623 check | |
server master2 192.168.3.33:22623 check | |
backend secure | |
balance source | |
server master0 192.168.3.31:443 check | |
server master1 192.168.3.32:443 check | |
server master2 192.168.3.33:443 check | |
backend insecure | |
balance source | |
server master0 192.168.3.31:80 check | |
server master1 192.168.3.32:80 check | |
server master2 192.168.3.33:80 check |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[bjozsa@lb01 ~]$ ip addr | |
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 | |
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 | |
inet 127.0.0.1/8 scope host lo | |
valid_lft forever preferred_lft forever | |
inet6 ::1/128 scope host | |
valid_lft forever preferred_lft forever | |
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 | |
link/ether 00:50:56:95:96:b1 brd ff:ff:ff:ff:ff:ff | |
altname enp11s0 | |
inet 192.168.4.90/22 brd 192.168.7.255 scope global noprefixroute ens192 | |
valid_lft forever preferred_lft forever | |
inet 192.168.5.50/22 scope global secondary ens192 | |
valid_lft forever preferred_lft forever | |
inet 192.168.5.51/22 scope global secondary ens192 | |
valid_lft forever preferred_lft forever | |
inet6 fe80::250:56ff:fe95:96b1/64 scope link noprefixroute | |
valid_lft forever preferred_lft forever | |
[bjozsa@lb01 ~]$ sudo cat /etc/sys^C | |
[bjozsa@lb01 ~]$ sudo nmcli con show | |
NAME UUID TYPE DEVICE | |
ens192 c7f557af-77bb-35bc-b48c-a045f60c2fac ethernet ens192 | |
[bjozsa@lb01 ~]$ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vrrp_script chk_haproxy { | |
script "killall -0 haproxy" | |
interval 2 | |
weight 2 | |
} | |
vrrp_instance api { | |
interface ens192 | |
state MASTER | |
virtual_router_id 50 | |
priority 10 | |
virtual_ipaddress { | |
192.168.5.50/22 | |
} | |
track_script { | |
chk_haproxy | |
} | |
} | |
vrrp_instance apps { | |
interface ens192 | |
state MASTER | |
virtual_router_id 51 | |
priority 10 | |
virtual_ipaddress { | |
192.168.5.51/22 | |
} | |
track_script { | |
chk_haproxy | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment