vkhatri/haproxy.cfg

## haproxy.cfg
global
    log         127.0.0.1 local1
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     350000
    user        haproxy
    group       haproxy
    nbproc      2
    cpu-map 1 0
    cpu-map 2 1
    daemon
    ssl-default-bind-options no-sslv3 no-tls-tickets

defaults
    mode    http
    log     global
    option  httplog
    option  dontlognull
    option  http-server-close
    option  forwardfor except 127.0.0.0/8
    option  redispatch
    retries 3
    timeout http-request    60s
    timeout queue           1m
    timeout connect         60s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 60s
    timeout check           60s
    maxconn 350000
    balance roundrobin

listen admin_9101
    bind    0.0.0.0:9101
    mode    http
    stats   enable
    stats   uri /status
    stats   auth user:pass
    bind-process 1
listen admin_9102
    bind    0.0.0.0:9102
    mode    http
    stats   enable
    stats   uri /status
    stats   auth user:pass
    bind-process 2

frontend http
    bind *:80
    mode http
    option forwardfor
    default_backend  api_backend

frontend ssl
    # file /etc/haproxy/server.crt content - server cert -> server key -> ca certs
    bind *:443 ssl crt /etc/haproxy/server.crt no-tls-tickets
    mode http
    option forwardfor
    option tcpka
    reqadd X-Forwarded-Proto:\ https
    default_backend  api_backend

# Backend
backend api_backend
  option httpchk GET /health HTTP/1.0\r\nUser-Agent:\ HAProxyUserAgent
  option  forwardfor
  balance roundrobin
  server  stbacken0001apse01 10.0.0.1:80 check port 80 inter 30s rise 2 fall 2
	global
	log 127.0.0.1 local1
	chroot /var/lib/haproxy
	pidfile /var/run/haproxy.pid
	maxconn 350000
	user haproxy
	group haproxy
	nbproc 2
	cpu-map 1 0
	cpu-map 2 1
	daemon
	ssl-default-bind-options no-sslv3 no-tls-tickets

	defaults
	mode http
	log global
	option httplog
	option dontlognull
	option http-server-close
	option forwardfor except 127.0.0.0/8
	option redispatch
	retries 3
	timeout http-request 60s
	timeout queue 1m
	timeout connect 60s
	timeout client 1m
	timeout server 1m
	timeout http-keep-alive 60s
	timeout check 60s
	maxconn 350000
	balance roundrobin

	listen admin_9101
	bind 0.0.0.0:9101
	mode http
	stats enable
	stats uri /status
	stats auth user:pass
	bind-process 1
	listen admin_9102
	bind 0.0.0.0:9102
	mode http
	stats enable
	stats uri /status
	stats auth user:pass
	bind-process 2

	frontend http
	bind *:80
	mode http
	option forwardfor
	default_backend api_backend

	frontend ssl
	# file /etc/haproxy/server.crt content - server cert -> server key -> ca certs
	bind *:443 ssl crt /etc/haproxy/server.crt no-tls-tickets
	mode http
	option forwardfor
	option tcpka
	reqadd X-Forwarded-Proto:\ https
	default_backend api_backend

	# Backend
	backend api_backend
	option httpchk GET /health HTTP/1.0\r\nUser-Agent:\ HAProxyUserAgent
	option forwardfor
	balance roundrobin
	server stbacken0001apse01 10.0.0.1:80 check port 80 inter 30s rise 2 fall 2