API tools faq
paste
Advertisement
SanabriaRusso

Untitled

SanabriaRusso
May 21st, 2019
182
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.67 KB | None | 0 0
raw download clone embed print report
  1. # Ansible managed
  2.  
  3. global
  4. log 127.0.0.1 local0
  5. log 127.0.0.1 local1 notice
  6. chroot /var/lib/haproxy
  7. user haproxy
  8. group haproxy
  9. daemon
  10. maxconn 4096
  11. stats socket /var/run/haproxy.stat level admin mode 600
  12. ssl-default-bind-options force-tlsv12
  13. tune.ssl.default-dh-param 2048
  14.  
  15. defaults
  16. log global
  17. option dontlognull
  18. option redispatch
  19. option forceclose
  20. retries 3
  21. timeout client 50s
  22. timeout connect 10s
  23. timeout http-request 5s
  24. timeout server 50s
  25. maxconn 4096
  26.  
  27. # Ansible managed
  28.  
  29.  
  30. frontend cinder_api-front-1
  31. bind 10.1.14.10:8776 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  32. option httplog
  33. option forwardfor except 127.0.0.0/8
  34. reqadd X-Forwarded-Proto:\ https
  35. mode http
  36. default_backend cinder_api-back
  37.  
  38. frontend cinder_api-front-2
  39. bind 172.10.10.2:8776
  40. option httplog
  41. option forwardfor except 127.0.0.0/8
  42. mode http
  43. default_backend cinder_api-back
  44.  
  45.  
  46. backend cinder_api-back
  47. mode http
  48. balance leastconn
  49. stick store-request src
  50. stick-table type ip size 256k expire 30m
  51. option forwardfor
  52. option httplog
  53. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  54.  
  55.  
  56. server infra1_cinder_api_container-a0706266 172.10.10.41:8776 check port 8776 inter 12000 rise 1 fall 1
  57.  
  58. # Ansible managed
  59.  
  60.  
  61. frontend galera-front-1
  62. bind 172.10.10.2:3306
  63. option tcplog
  64. timeout client 5000s
  65. acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
  66. tcp-request content accept if white_list
  67. tcp-request content reject
  68. mode tcp
  69. default_backend galera-back
  70.  
  71.  
  72. backend galera-back
  73. mode tcp
  74. balance leastconn
  75. timeout server 5000s
  76. stick store-request src
  77. stick-table type ip size 256k expire 30m
  78. option tcplog
  79. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  80.  
  81.  
  82. server infra1_galera_container-f535a7c8 172.10.10.116:3306 check port 9200 inter 12000 rise 1 fall 1
  83.  
  84. # Ansible managed
  85.  
  86.  
  87. frontend glance_api-front-1
  88. bind 10.1.14.10:9292 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  89. option httplog
  90. option forwardfor except 127.0.0.0/8
  91. reqadd X-Forwarded-Proto:\ https
  92. mode http
  93. default_backend glance_api-back
  94.  
  95. frontend glance_api-front-2
  96. bind 172.10.10.2:9292
  97. option httplog
  98. option forwardfor except 127.0.0.0/8
  99. mode http
  100. default_backend glance_api-back
  101.  
  102.  
  103. backend glance_api-back
  104. mode http
  105. balance leastconn
  106. stick store-request src
  107. stick-table type ip size 256k expire 30m
  108. option forwardfor
  109. option httplog
  110. option httpchk GET / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  111.  
  112.  
  113. server infra1_glance_container-63249d03 172.10.10.151:9292 check port 9292 inter 12000 rise 1 fall 1
  114.  
  115. # Ansible managed
  116.  
  117.  
  118. frontend heat_api-front-1
  119. bind 10.1.14.10:8004 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  120. option httplog
  121. option forwardfor except 127.0.0.0/8
  122. reqadd X-Forwarded-Proto:\ https
  123. mode http
  124. default_backend heat_api-back
  125.  
  126. frontend heat_api-front-2
  127. bind 172.10.10.2:8004
  128. option httplog
  129. option forwardfor except 127.0.0.0/8
  130. mode http
  131. default_backend heat_api-back
  132.  
  133.  
  134. backend heat_api-back
  135. mode http
  136. balance leastconn
  137. stick store-request src
  138. stick-table type ip size 256k expire 30m
  139. option forwardfor
  140. option httplog
  141. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  142.  
  143.  
  144. server infra1_heat_api_container-277c1627 172.10.10.134:8004 check port 8004 inter 12000 rise 1 fall 1
  145.  
  146. # Ansible managed
  147.  
  148.  
  149. frontend heat_api_cfn-front-1
  150. bind 10.1.14.10:8000 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  151. option httplog
  152. option forwardfor except 127.0.0.0/8
  153. reqadd X-Forwarded-Proto:\ https
  154. mode http
  155. default_backend heat_api_cfn-back
  156.  
  157. frontend heat_api_cfn-front-2
  158. bind 172.10.10.2:8000
  159. option httplog
  160. option forwardfor except 127.0.0.0/8
  161. mode http
  162. default_backend heat_api_cfn-back
  163.  
  164.  
  165. backend heat_api_cfn-back
  166. mode http
  167. balance leastconn
  168. stick store-request src
  169. stick-table type ip size 256k expire 30m
  170. option forwardfor
  171. option httplog
  172. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  173.  
  174.  
  175. server infra1_heat_api_container-277c1627 172.10.10.134:8000 check port 8000 inter 12000 rise 1 fall 1
  176.  
  177. # Ansible managed
  178.  
  179.  
  180. frontend horizon-redirect-front-1
  181. bind 10.1.14.10:80
  182. mode http
  183. redirect scheme https if !{ ssl_fc }
  184.  
  185. frontend horizon-front-1
  186. bind 10.1.14.10:443 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  187. option httplog
  188. option forwardfor except 127.0.0.0/8
  189. reqadd X-Forwarded-Proto:\ https
  190. mode http
  191. default_backend horizon-back
  192.  
  193. frontend horizon-redirect-front-2
  194. bind 172.10.10.2:80
  195. mode http
  196. redirect scheme https if !{ ssl_fc }
  197.  
  198. frontend horizon-front-2
  199. bind 172.10.10.2:443 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  200. option httplog
  201. option forwardfor except 127.0.0.0/8
  202. reqadd X-Forwarded-Proto:\ https
  203. mode http
  204. default_backend horizon-back
  205.  
  206.  
  207. backend horizon-back
  208. mode http
  209. balance source
  210. stick store-request src
  211. stick-table type ip size 256k expire 30m
  212. option forwardfor
  213. option httplog
  214. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  215.  
  216.  
  217. server infra1_horizon_container-2f155fb6 172.10.10.173:80 check port 80 inter 12000 rise 1 fall 1
  218.  
  219. # Ansible managed
  220.  
  221.  
  222. frontend keystone_service-front-1
  223. bind 10.1.14.10:5000 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  224. option httplog
  225. option forwardfor except 127.0.0.0/8
  226. reqadd X-Forwarded-Proto:\ https
  227. mode http
  228. default_backend keystone_service-back
  229.  
  230. frontend keystone_service-front-2
  231. bind 172.10.10.2:5000
  232. option httplog
  233. option forwardfor except 127.0.0.0/8
  234. mode http
  235. default_backend keystone_service-back
  236.  
  237.  
  238. backend keystone_service-back
  239. mode http
  240. balance leastconn
  241. stick store-request src
  242. stick-table type ip size 256k expire 30m
  243. option forwardfor
  244. option httplog
  245. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  246.  
  247.  
  248. server infra1_keystone_container-c43ef6bb 172.10.10.243:5000 check port 5000 inter 12000 rise 1 fall 1
  249.  
  250. # Ansible managed
  251.  
  252.  
  253. frontend neutron_server-front-1
  254. bind 10.1.14.10:9696 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  255. option httplog
  256. option forwardfor except 127.0.0.0/8
  257. reqadd X-Forwarded-Proto:\ https
  258. mode http
  259. default_backend neutron_server-back
  260.  
  261. frontend neutron_server-front-2
  262. bind 172.10.10.2:9696
  263. option httplog
  264. option forwardfor except 127.0.0.0/8
  265. mode http
  266. default_backend neutron_server-back
  267.  
  268.  
  269. backend neutron_server-back
  270. mode http
  271. balance leastconn
  272. stick store-request src
  273. stick-table type ip size 256k expire 30m
  274. option forwardfor
  275. option httplog
  276. option httpchk GET / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  277.  
  278.  
  279. server infra1_neutron_server_container-f26d5c3d 172.10.10.85:9696 check port 9696 inter 12000 rise 1 fall 1
  280.  
  281. # Ansible managed
  282.  
  283.  
  284. frontend nova_api_metadata-front-1
  285. bind 172.10.10.2:8775
  286. option httplog
  287. option forwardfor except 127.0.0.0/8
  288. acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
  289. tcp-request content accept if white_list
  290. tcp-request content reject
  291. mode http
  292. default_backend nova_api_metadata-back
  293.  
  294.  
  295. backend nova_api_metadata-back
  296. mode http
  297. balance leastconn
  298. stick store-request src
  299. stick-table type ip size 256k expire 30m
  300. option forwardfor
  301. option httplog
  302. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  303.  
  304.  
  305. server infra1_nova_api_container-144db8ca 172.10.10.181:8775 check port 8775 inter 12000 rise 1 fall 1
  306.  
  307. # Ansible managed
  308.  
  309.  
  310. frontend nova_api_os_compute-front-1
  311. bind 10.1.14.10:8774 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  312. option httplog
  313. option forwardfor except 127.0.0.0/8
  314. reqadd X-Forwarded-Proto:\ https
  315. mode http
  316. default_backend nova_api_os_compute-back
  317.  
  318. frontend nova_api_os_compute-front-2
  319. bind 172.10.10.2:8774
  320. option httplog
  321. option forwardfor except 127.0.0.0/8
  322. mode http
  323. default_backend nova_api_os_compute-back
  324.  
  325.  
  326. backend nova_api_os_compute-back
  327. mode http
  328. balance leastconn
  329. stick store-request src
  330. stick-table type ip size 256k expire 30m
  331. option forwardfor
  332. option httplog
  333. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  334.  
  335.  
  336. server infra1_nova_api_container-144db8ca 172.10.10.181:8774 check port 8774 inter 12000 rise 1 fall 1
  337.  
  338. # Ansible managed
  339.  
  340.  
  341. frontend nova_console-front-1
  342. bind 10.1.14.10:6082 ssl crt /etc/ssl/private/haproxy.pem ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
  343. option httplog
  344. option forwardfor except 127.0.0.0/8
  345. timeout client 60m
  346. reqadd X-Forwarded-Proto:\ https
  347. mode http
  348. default_backend nova_console-back
  349.  
  350. frontend nova_console-front-2
  351. bind 172.10.10.2:6082
  352. option httplog
  353. option forwardfor except 127.0.0.0/8
  354. timeout client 60m
  355. mode http
  356. default_backend nova_console-back
  357.  
  358.  
  359. backend nova_console-back
  360. mode http
  361. balance source
  362. timeout server 60m
  363. stick store-request src
  364. stick-table type ip size 256k expire 30m
  365. option forwardfor
  366. option httplog
  367. option httpchk HEAD /spice_auto.html HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  368. http-check expect status 200
  369.  
  370.  
  371. server infra1_nova_api_container-144db8ca 172.10.10.181:6082 check port 6082 inter 12000 rise 1 fall 1
  372.  
  373. # Ansible managed
  374.  
  375.  
  376. frontend rabbitmq_mgmt-front-1
  377. bind 172.10.10.2:15672
  378. option httplog
  379. option forwardfor except 127.0.0.0/8
  380. acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
  381. tcp-request content accept if white_list
  382. tcp-request content reject
  383. mode http
  384. default_backend rabbitmq_mgmt-back
  385.  
  386.  
  387. backend rabbitmq_mgmt-back
  388. mode http
  389. balance leastconn
  390. stick store-request src
  391. stick-table type ip size 256k expire 30m
  392. option forwardfor
  393. option httplog
  394. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  395.  
  396.  
  397. server infra1_rabbit_mq_container-f73f504e 172.10.10.192:15672 check port 15672 inter 12000 rise 1 fall 1
  398.  
  399. # Ansible managed
  400.  
  401.  
  402. frontend repo_all-front-1
  403. bind 172.10.10.2:8181
  404. option httplog
  405. option forwardfor except 127.0.0.0/8
  406. mode http
  407. default_backend repo_all-back
  408.  
  409.  
  410. backend repo_all-back
  411. mode http
  412. balance leastconn
  413. stick store-request src
  414. stick-table type ip size 256k expire 30m
  415. option forwardfor
  416. option httplog
  417. option httpchk HEAD / HTTP/1.0\r\nUser-agent:\ osa-haproxy-healthcheck
  418.  
  419.  
  420. server infra1_repo_container-e97a35c8 172.10.10.251:8181 check port 8181 inter 12000 rise 1 fall 1
  421.  
  422. # Ansible managed
  423.  
  424.  
  425. frontend repo_git-front-1
  426. bind 172.10.10.2:9418
  427. option tcplog
  428. acl white_list src 127.0.0.1/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
  429. tcp-request content accept if white_list
  430. tcp-request content reject
  431. mode tcp
  432. default_backend repo_git-back
  433.  
  434.  
  435. backend repo_git-back
  436. mode tcp
  437. balance leastconn
  438. stick store-request src
  439. stick-table type ip size 256k expire 30m
  440. option tcplog
  441. option tcp-check
  442.  
  443.  
  444. server infra1_repo_container-e97a35c8 172.10.10.251:9418 check port 9418 inter 12000 rise 1 fall 1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!