Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Ansible managed
- global
- log 127.0.0.1 local0
- log 127.0.0.1 local1 notice
- chroot /var/lib/haproxy
- user haproxy
- group haproxy
- daemon
- maxconn 4096
- stats socket /var/run/haproxy.stat level admin mode 600
- ssl-default-bind-options force-tlsv12
- tune.ssl.default-dh-param 2048
- defaults
- log global
- option dontlognull
- option redispatch
- option forceclose
- retries 3
- timeout client 50s
- timeout connect 10s
- timeout http-request 5s
- timeout server 50s
- maxconn 4096
- # Ansible managed
- frontend cinder_api-front-1
- bind 10.1.14.10:8776 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend cinder_api-back
- frontend cinder_api-front-2
- bind 172.10.10.2:8776
- option httplog
- option forwardfor except 127.0.0.0/8
- mode http
- default_backend cinder_api-back
- backend cinder_api-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_cinder_api_container-a0706266 172.10.10.41:8776 check port 8776 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend galera-front-1
- bind 172.10.10.2:3306
- option tcplog
- timeout client 5000s
- acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
- tcp-request content accept if white_list
- tcp-request content reject
- mode tcp
- default_backend galera-back
- backend galera-back
- mode tcp
- balance leastconn
- timeout server 5000s
- stick store-request src
- stick-table type ip size 256k expire 30m
- option tcplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_galera_container-f535a7c8 172.10.10.116:3306 check port 9200 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend glance_api-front-1
- bind 10.1.14.10:9292 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend glance_api-back
- frontend glance_api-front-2
- bind 172.10.10.2:9292
- option httplog
- option forwardfor except 127.0.0.0/8
- mode http
- default_backend glance_api-back
- backend glance_api-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk GET / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_glance_container-63249d03 172.10.10.151:9292 check port 9292 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend heat_api-front-1
- bind 10.1.14.10:8004 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend heat_api-back
- frontend heat_api-front-2
- bind 172.10.10.2:8004
- option httplog
- option forwardfor except 127.0.0.0/8
- mode http
- default_backend heat_api-back
- backend heat_api-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_heat_api_container-277c1627 172.10.10.134:8004 check port 8004 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend heat_api_cfn-front-1
- bind 10.1.14.10:8000 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend heat_api_cfn-back
- frontend heat_api_cfn-front-2
- bind 172.10.10.2:8000
- option httplog
- option forwardfor except 127.0.0.0/8
- mode http
- default_backend heat_api_cfn-back
- backend heat_api_cfn-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_heat_api_container-277c1627 172.10.10.134:8000 check port 8000 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend horizon-redirect-front-1
- bind 10.1.14.10:80
- mode http
- redirect scheme https if !{ ssl_fc }
- frontend horizon-front-1
- bind 10.1.14.10:443 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend horizon-back
- frontend horizon-redirect-front-2
- bind 172.10.10.2:80
- mode http
- redirect scheme https if !{ ssl_fc }
- frontend horizon-front-2
- bind 172.10.10.2:443 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend horizon-back
- backend horizon-back
- mode http
- balance source
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_horizon_container-2f155fb6 172.10.10.173:80 check port 80 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend keystone_service-front-1
- bind 10.1.14.10:5000 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend keystone_service-back
- frontend keystone_service-front-2
- bind 172.10.10.2:5000
- option httplog
- option forwardfor except 127.0.0.0/8
- mode http
- default_backend keystone_service-back
- backend keystone_service-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_keystone_container-c43ef6bb 172.10.10.243:5000 check port 5000 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend neutron_server-front-1
- bind 10.1.14.10:9696 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend neutron_server-back
- frontend neutron_server-front-2
- bind 172.10.10.2:9696
- option httplog
- option forwardfor except 127.0.0.0/8
- mode http
- default_backend neutron_server-back
- backend neutron_server-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk GET / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_neutron_server_container-f26d5c3d 172.10.10.85:9696 check port 9696 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend nova_api_metadata-front-1
- bind 172.10.10.2:8775
- option httplog
- option forwardfor except 127.0.0.0/8
- acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
- tcp-request content accept if white_list
- tcp-request content reject
- mode http
- default_backend nova_api_metadata-back
- backend nova_api_metadata-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_nova_api_container-144db8ca 172.10.10.181:8775 check port 8775 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend nova_api_os_compute-front-1
- bind 10.1.14.10:8774 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend nova_api_os_compute-back
- frontend nova_api_os_compute-front-2
- bind 172.10.10.2:8774
- option httplog
- option forwardfor except 127.0.0.0/8
- mode http
- default_backend nova_api_os_compute-back
- backend nova_api_os_compute-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_nova_api_container-144db8ca 172.10.10.181:8774 check port 8774 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend nova_console-front-1
- bind 10.1.14.10:6082 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
- option httplog
- option forwardfor except 127.0.0.0/8
- timeout client 60m
- reqadd X-Forwarded-Proto:\ https
- mode http
- default_backend nova_console-back
- frontend nova_console-front-2
- bind 172.10.10.2:6082
- option httplog
- option forwardfor except 127.0.0.0/8
- timeout client 60m
- mode http
- default_backend nova_console-back
- backend nova_console-back
- mode http
- balance source
- timeout server 60m
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD /spice_auto.html HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- http-check expect status 200
- server infra1_nova_api_container-144db8ca 172.10.10.181:6082 check port 6082 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend rabbitmq_mgmt-front-1
- bind 172.10.10.2:15672
- option httplog
- option forwardfor except 127.0.0.0/8
- acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
- tcp-request content accept if white_list
- tcp-request content reject
- mode http
- default_backend rabbitmq_mgmt-back
- backend rabbitmq_mgmt-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_rabbit_mq_container-f73f504e 172.10.10.192:15672 check port 15672 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend repo_all-front-1
- bind 172.10.10.2:8181
- option httplog
- option forwardfor except 127.0.0.0/8
- mode http
- default_backend repo_all-back
- backend repo_all-back
- mode http
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option forwardfor
- option httplog
- option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
- server infra1_repo_container-e97a35c8 172.10.10.251:8181 check port 8181 inter 12000 rise 1 fall 1
- # Ansible managed
- frontend repo_git-front-1
- bind 172.10.10.2:9418
- option tcplog
- acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
- tcp-request content accept if white_list
- tcp-request content reject
- mode tcp
- default_backend repo_git-back
- backend repo_git-back
- mode tcp
- balance leastconn
- stick store-request src
- stick-table type ip size 256k expire 30m
- option tcplog
- option tcp-check
- server infra1_repo_container-e97a35c8 172.10.10.251:9418 check port 9418 inter 12000 rise 1 fall 1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement