blob: 9e8aa234e558d4b9dbf6897cd1bc5c843d8bd25e [file] [log] [blame]
Filip Pytloun48d38302015-10-06 16:28:31 +02001=======
2HAproxy
3=======
4
5The Reliable, High Performance TCP/HTTP Load Balancer.
6
Jiri Konecny371c6de2016-03-02 11:32:46 +01007
8Sample pillars
9==============
10
11Simple admin listener
12
13.. code-block:: yaml
14
15 haproxy:
16 proxy:
17 enabled: True
18 listen:
19 admin_page:
20 type: admin
21 binds:
22 - address: 0.0.0.0
23 port: 8801
24 user: fsdfdsfds
25 password: dsfdsf
26
Jiri Konecny371c6de2016-03-02 11:32:46 +010027Simple stats listener
28
29.. code-block:: yaml
30
31 haproxy:
32 proxy:
33 enabled: True
34 listen:
35 admin_page:
36 type: stats
37 binds:
38 - address: 0.0.0.0
39 port: 8801
40
41
42
43Sample pillar with admin
Filip Pytloun48d38302015-10-06 16:28:31 +020044
45.. code-block:: yaml
46
47 haproxy:
48 proxy:
49 enabled: True
50 mode: http/tcp
Jiri Konecny371c6de2016-03-02 11:32:46 +010051 logging: syslog
Filip Pytloun98f7a4f2016-09-19 14:07:24 +020052 maxconn: 1024
53 timeout:
54 connect: 5000
55 client: 50000
56 server: 50000
Filip Pytloun48d38302015-10-06 16:28:31 +020057 listens:
58 - name: https-in
59 bind:
60 address: 0.0.0.0
61 port: 443
62 servers:
63 - name: server1
64 host: 10.0.0.1
65 port: 8443
66 - name: server2
67 host: 10.0.0.2
68 port: 8443
69 params: 'maxconn 256'
70
Jiri Konecny371c6de2016-03-02 11:32:46 +010071
Filip Pytloun48d38302015-10-06 16:28:31 +020072Sample pillar with custom logging
Filip Pytloun48d38302015-10-06 16:28:31 +020073
74.. code-block:: yaml
75
76 haproxy:
77 proxy:
78 enabled: True
79 mode: http/tcp
80 logging: syslog
Filip Pytloun98f7a4f2016-09-19 14:07:24 +020081 maxconn: 1024
82 timeout:
83 connect: 5000
84 client: 50000
85 server: 50000
Filip Pytloun48d38302015-10-06 16:28:31 +020086 listens:
87 - name: https-in
88 bind:
89 address: 0.0.0.0
90 port: 443
91 servers:
92 - name: server1
93 host: 10.0.0.1
94 port: 8443
95 - name: server2
96 host: 10.0.0.2
97 port: 8443
98 params: 'maxconn 256'
99
100.. code-block:: yaml
101
102 haproxy:
103 proxy:
104 enabled: true
105 mode: tcp
106 logging: syslog
107 max_connections: 1024
108 listens:
109 - name: mysql
110 type: mysql
111 binds:
112 - address: 10.0.88.70
113 port: 3306
114 servers:
115 - name: node1
116 host: 10.0.88.13
117 port: 3306
118 params: check inter 15s fastinter 2s downinter 1s rise 5 fall 3
119 - name: node2
120 host: 10.0.88.14
121 port: 3306
122 params: check inter 15s fastinter 2s downinter 1s rise 5 fall 3 backup
123 - name: node3
124 host: 10.0.88.15
125 port: 3306
126 params: check inter 15s fastinter 2s downinter 1s rise 5 fall 3 backup
127 - name: rabbitmq
128 type: rabbitmq
129 binds:
130 - address: 10.0.88.70
131 port: 5672
132 servers:
133 - name: node1
134 host: 10.0.88.13
135 port: 5673
136 params: check inter 5000 rise 2 fall 3
137 - name: node2
138 host: 10.0.88.14
139 port: 5673
140 params: check inter 5000 rise 2 fall 3 backup
141 - name: node3
142 host: 10.0.88.15
143 port: 5673
144 params: check inter 5000 rise 2 fall 3 backup
145 -name: keystone-1
146 type: general-service
147 bins:
148 - address: 10.0.106.170
149 port: 5000
150 servers:
151 -name: node1
152 host: 10.0.88.13
153 port: 5000
154 params: check
155
156.. code-block:: yaml
157
158 haproxy:
159 proxy:
160 enabled: true
161 mode: tcp
162 logging: syslog
163 max_connections: 1024
164 listens:
165 - name: mysql
166 type: mysql
167 binds:
168 - address: 10.0.88.70
169 port: 3306
170 servers:
171 - name: node1
172 host: 10.0.88.13
173 port: 3306
174 params: check inter 15s fastinter 2s downinter 1s rise 5 fall 3
175 - name: node2
176 host: 10.0.88.14
177 port: 3306
178 params: check inter 15s fastinter 2s downinter 1s rise 5 fall 3 backup
179 - name: node3
180 host: 10.0.88.15
181 port: 3306
182 params: check inter 15s fastinter 2s downinter 1s rise 5 fall 3 backup
183 - name: rabbitmq
184 type: rabbitmq
185 binds:
186 - address: 10.0.88.70
187 port: 5672
188 servers:
189 - name: node1
190 host: 10.0.88.13
191 port: 5673
192 params: check inter 5000 rise 2 fall 3
193 - name: node2
194 host: 10.0.88.14
195 port: 5673
196 params: check inter 5000 rise 2 fall 3 backup
197 - name: node3
198 host: 10.0.88.15
199 port: 5673
200 params: check inter 5000 rise 2 fall 3 backup
201 -name: keystone-1
202 type: general-service
203 bins:
204 - address: 10.0.106.170
205 port: 5000
206 servers:
207 -name: node1
208 host: 10.0.88.13
209 port: 5000
210 params: check
211
Filip Pytloune1a6f062016-08-26 15:13:38 +0200212Custom more complex listener (for Artifactory and subdomains for docker
213registries)
214
215.. code-block:: yaml
216
217 haproxy:
218 proxy:
219 listen:
220 artifactory:
221 mode: http
222 options:
223 - forwardfor
224 - forwardfor header X-Real-IP
225 - httpchk
226 - httpclose
227 - httplog
Jakub Pavlikc9f84c42016-12-10 16:16:08 +0100228 sticks:
229 - stick on src
230 - stick-table type ip size 200k expire 2m
Filip Pytloune1a6f062016-08-26 15:13:38 +0200231 acl:
232 is_docker: "path_reg ^/v[12][/.]*"
233 http_request:
234 - action: "set-path /artifactory/api/docker/%[req.hdr(host),lower,field(1,'.')]%[path]"
235 condition: "if is_docker"
236 balance: source
237 binds:
238 - address: ${_param:cluster_vip_address}
239 port: 8082
Filip Pytloun4201b382016-09-09 12:21:18 +0200240 ssl:
241 enabled: true
242 # This PEM file needs to contain key, cert, CA and possibly
243 # intermediate certificates
244 pem_file: /etc/haproxy/ssl/server.pem
Filip Pytloune1a6f062016-08-26 15:13:38 +0200245 servers:
246 - name: ${_param:cluster_node01_name}
247 host: ${_param:cluster_node01_address}
248 port: 8082
249 params: check
250 - name: ${_param:cluster_node02_name}
251 host: ${_param:cluster_node02_address}
252 port: 8082
253 params: backup check
254
Adam Tengler4cf961b2017-01-26 16:05:21 +0000255Custom listener with tcp-check options specified (for Redis cluster with Sentinel)
256
257.. code-block:: yaml
258
259 haproxy:
260 proxy:
261 listen:
262 redis_cluster:
263 service_name: redis
264 check:
265 tcp:
266 enabled: True
267 options:
268 - send PING\r\n
269 - expect string +PONG
270 - send info\ replication\r\n
271 - expect string role:master
272 - send QUIT\r\n
273 - expect string +OK
274 binds:
275 - address: ${_param:cluster_address}
276 port: 6379
277 servers:
278 - name: ${_param:cluster_node01_name}
279 host: ${_param:cluster_node01_address}
280 port: 6379
281 params: check inter 1s
282 - name: ${_param:cluster_node02_name}
283 host: ${_param:cluster_node02_address}
284 port: 6379
285 params: check inter 1s
286 - name: ${_param:cluster_node03_name}
287 host: ${_param:cluster_node03_address}
288 port: 6379
289 params: check inter 1s
290
Filip Pytloun48d38302015-10-06 16:28:31 +0200291Read more
292=========
293
294* https://github.com/jesusaurus/hpcs-salt-state/tree/master/haproxy
295* http://www.nineproductions.com/saltstack-ossec-state-using-reactor/ - example reactor usage.
296* https://gist.github.com/tomeduarte/6340205 - example on how to use peer from within a config file (using jinja)
297* http://youtu.be/jJJ8cfDjcTc?t=8m58s - from 9:00 on, a good overview of peer vs mine
298* https://github.com/russki/cluster-agents