infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions
ansible/roles/haproxy/templates/haproxy.cfg

407 lines
14 KiB
INI
Raw Normal View History

Start working on the haproxy role
2014-12-07 23:35:44 +00:00
# this config needs haproxy-1.1.28 or haproxy-1.2.1
global
log 127.0.0.1 local0 warning
# Set this to 4096 + 16384
# 16384 for the fedmsg gateway and 4096 for everybody else.
maxconn 20480
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
stats socket /var/run/haproxy-stat user haproxy group nrpe mode 0664
#debug
#quiet
defaults
log global
mode http
option httplog
option dontlognull
option httpclose
option redispatch
retries 3
Bump maxconns to 5000 and disable keepalive for geoip and mirrorlist
2015-01-27 18:37:51 +00:00
maxconn 5000
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
timeout connect 5s
timeout client 500s
timeout server 500s
errorfile 503 /etc/haproxy/503.http
listen stats 0.0.0.0:8080
mode http
balance hdr(appserver)
stats enable
stats uri /
listen fp-wiki 0.0.0.0:10001
balance hdr(appserver)
server wiki01 wiki01:80 check inter 15s rise 2 fall 5
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server wiki02 wiki02:80 check inter 15s rise 2 fall 5
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /wiki/Main_Page
listen mirror-lists 0.0.0.0:10002
balance hdr(appserver)
timeout connect 30s
Deploy mirrorlist as docker container on staging Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-10-09 00:38:52 +00:00
{% if env == "staging" %}
server mirrorlist-local1 localhost:18081 check inter 5s rise 2 fall 3 weight 100
server mirrorlist-local2 localhost:18082 check inter 5s rise 2 fall 3 weight 100
{% endif %}
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
server mirrorlist-phx2 mirrorlist-phx2:80 check inter 5s rise 2 fall 3
{% if env == "production" %}
Revert things and ponder a better solution for the https issues
2015-05-31 19:31:54 +00:00
server mirrorlist-dedicatedsolutions mirrorlist-dedicatedsolutions:80 check inter 5s rise 2 fall 3
server mirrorlist-host1plus mirrorlist-host1plus:80 check inter 5s rise 2 fall 3
server mirrorlist-ibiblio mirrorlist-ibiblio:80 check inter 5s rise 2 fall 3
Add mirrorlist-ibiblio02 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2015-10-24 23:54:35 +00:00
server mirrorlist-ibiblio02 mirrorlist-ibiblio02:80 check inter 5s rise 2 fall 3
Revert things and ponder a better solution for the https issues
2015-05-31 19:31:54 +00:00
server mirrorlist-osuosl mirrorlist-osuosl:80 check inter 5s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Revert this also back to the http check method
2015-05-31 19:44:42 +00:00
option httpchk GET /mirrorlist
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option allbackups
listen pkgdb 0.0.0.0:10003
balance hdr(appserver)
server pkgdb01 pkgdb01:80 check inter 10s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server pkgdb02 pkgdb02:80 check inter 10s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /pkgdb/collections/
listen fas 0.0.0.0:10004
# These values are set extremely low so any issues are recovered from very
# quickly. Setting these higher will cause odd behavior in apps that
# depend on fas (like pkgdb, bodhi, etc)
balance hdr(appserver)
server fas01 fas01:80 check inter 5s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server fas02 fas02:80 check inter 5s rise 1 fall 2
server fas03 fas03:80 check inter 5s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /accounts/
listen voting 0.0.0.0:10007
balance hdr(appserver)
server elections01 elections01:80 check inter 10s rise 2 fall 4
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server elections02 elections02:80 check inter 10s rise 2 fall 4
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /voting/
listen mirrormanager 0.0.0.0:10008
balance hdr(appserver)
Drop torrent02, it's gone. Add torrent01 to acls for downloads.
2015-05-05 14:08:11 +00:00
server mm-frontend01 mm-frontend01:80 check inter 60s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Add mm-frontend02 to haproxy
2015-07-28 17:54:21 +00:00
server mm-frontend02 mm-frontend02:80 check inter 60s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Switch to another URL for mirrormanager haproxy check The haproxy check URL for the MirrorManager web frontend was a URL which resulted in a large DB query. Every proxy, every minute. This resulted in two much memory and CPU consumption. This switches the check to a small static file to reduce the load on mm-frontend01.
2015-05-20 12:13:49 +00:00
option httpchk GET /mirrormanager/static/mirrormanager2.css
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
Proxy darkserver Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-01-27 21:18:38 +00:00
listen darkserver 0.0.0.0:10009
balance hdr(appserver)
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Proxy darkserver Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-01-27 21:18:38 +00:00
server darkserver02 darkserver02:80 check inter 20s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% else %}
server darkserver-web01 darkserver-web01:80 check inter 20s rise 2 fall 3
server darkserver-web02 darkserver-web02:80 check inter 20s rise 2 fall 3
{% endif %}
This needs /darkserver/ Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-01-27 21:24:35 +00:00
option httpchk GET /darkserver/
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
bodhi2 haproxy entry (prod).
2015-08-18 22:22:38 +00:00
listen bodhi2 0.0.0.0:10010
balance hdr(appserver)
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
bodhi2 haproxy entry (prod).
2015-08-18 22:22:38 +00:00
server bodhi03 bodhi03:80 check inter 20s rise 2 fall 3
server bodhi04 bodhi04:80 check inter 20s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% else %}
Move bodhi02.stg to bodhi01.stg since it's not booting right anyhow.
2016-04-11 19:28:13 +00:00
server bodhi01 bodhi01:80 check inter 20s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
bodhi2 haproxy entry (prod).
2015-08-18 22:22:38 +00:00
option httpchk GET /
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
listen freemedia 0.0.0.0:10011
balance hdr(appserver)
server sundries01 sundries01:80 check inter 60s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server sundries02 sundries01:80 check inter 60s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /freemedia/FreeMedia-form.html
listen packages 0.0.0.0:10016
balance hdr(appserver)
server packages03 packages03:80 check inter 5s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server packages04 packages04:80 check inter 5s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /packages/_heartbeat
listen tagger 0.0.0.0:10017
balance hdr(appserver)
server tagger01 tagger01:80 check inter 60s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server tagger02 tagger02:80 check inter 60s rise 2 fall 3
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /tagger/_heartbeat
listen totpcgiprovision 0.0.0.0:10019
balance hdr(appserver)
http-check expect status 401
server fas01 fas01:8444 check inter 5s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server fas02 fas02:8444 check inter 5s rise 1 fall 2
server fas03 fas03:8444 check inter 5s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /index.cgi
Swap prod to ipsilon Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2015-07-15 08:24:16 +00:00
listen ipsilon 0.0.0.0:10020
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
balance hdr(appserver)
Swap prod to ipsilon Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2015-07-15 08:24:16 +00:00
server ipsilon01 ipsilon01:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Swap prod to ipsilon Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2015-07-15 08:24:16 +00:00
server ipsilon02 ipsilon02:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /
listen askbot 0.0.0.0:10021
balance hdr(appserver)
server ask01 ask01:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server ask02 ask02:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /questions/
listen blockerbugs 0.0.0.0:10022
balance hdr(appserver)
server blockerbugs01 blockerbugs01:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server blockerbugs02 blockerbugs02:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /blockerbugs
listen fedocal 0.0.0.0:10023
balance hdr(appserver)
server fedocal01 fedocal01:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server fedocal02 fedocal02:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /calendar
# IMPORTANT: 10023-10026 will NOT work because of selinux policies
listen paste 0.0.0.0:10027
balance hdr(appserver)
server paste01 paste01:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server paste02 paste02:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /
listen datagrepper 0.0.0.0:10028
balance hdr(appserver)
Back in you go.
2016-02-26 22:10:30 +00:00
server datagrepper01 datagrepper01:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server datagrepper02 datagrepper02:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /datagrepper/reference/
listen geoip-city 0.0.0.0:10029
balance hdr(appserver)
server sundries01 sundries01:80 check inter 30s rise 2 fall 3
Fix two copy-paste errors in the merge Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:48:36 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server sundries02 sundries02:80 check inter 30s rise 2 fall 3
Fix two copy-paste errors in the merge Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:48:36 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /city?ip=18.0.0.1
# IMPORTANT: 10031 will NOT work because of selinux policies
listen badges 0.0.0.0:10032
balance hdr(appserver)
server badges-web01 badges-web01:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
server badges-web02 badges-web02:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% endif %}
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
option httpchk GET /heartbeat
listen nuancier 0.0.0.0:10035
balance hdr(appserver)
server nuancier01 nuancier01:80 check inter 10s rise 1 fall 2
server nuancier02 nuancier02:80 check inter 10s rise 1 fall 2
option httpchk GET /nuancier/
listen notifs-web 0.0.0.0:10036
balance hdr(appserver)
server notifs-web01 notifs-web01:80 check inter 10s rise 1 fall 2
server notifs-web02 notifs-web02:80 check inter 10s rise 1 fall 2
option httpchk GET /notifications/_heartbeat
listen github2fedmsg 0.0.0.0:10037
balance hdr(appserver)
server github2fedmsg01 github2fedmsg01:80 check inter 10s rise 1 fall 2
option httpchk GET /github2fedmsg/
listen kerneltest 0.0.0.0:10038
balance hdr(appserver)
server kerneltest01 kerneltest01:80 check inter 10s rise 1 fall 2
option httpchk GET /kerneltest
OK, lets try this change again now that the koschei01 vpn is all fixed up.
2015-06-24 17:20:49 +00:00
listen koschei 0.0.0.0:10040
balance hdr(appserver)
Point haproxy at koschei-web in stg
2016-04-15 01:21:08 +02:00
server koschei-web01 koschei-web01:80 check inter 10s rise 1 fall 2
OK, lets try this change again now that the koschei01 vpn is all fixed up.
2015-06-24 17:20:49 +00:00
option httpchk GET /koschei/
Add proxy configuration for Koschei staging
2015-05-04 13:19:42 +02:00
Prod haproxy entry for autocloud.
2015-09-28 18:55:28 +00:00
listen autocloud 0.0.0.0:10041
balance hdr(appserver)
server autocloud-web01 autocloud-web01:80 check inter 10s rise 1 fall 2
server autocloud-web02 autocloud-web02:80 check inter 10s rise 1 fall 2
option httpchk GET /autocloud/
prod haproxy entry for statscache.
2015-11-05 16:22:28 +00:00
listen statscache 0.0.0.0:10042
balance hdr(appserver)
server statscache-web01 statscache-web01:80 check inter 10s rise 1 fall 2
server statscache-web02 statscache-web02:80 check inter 10s rise 1 fall 2
option httpchk GET /statscache/
Push mdapi in prod
2015-11-17 15:45:24 +01:00
listen mdapi 0.0.0.0:10043
balance hdr(appserver)
Move mdapi to run at port 8080
2016-07-27 14:20:04 +02:00
server mdapi01 mdapi01:8080 check inter 10s rise 1 fall 2
Push mdapi in prod
2015-11-17 15:45:24 +01:00
option httpchk GET /mdapi
adding openqa01 to prod haproxy
2015-12-01 22:47:08 +00:00
listen openqa 0.0.0.0:10044
balance hdr(appserver)
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% if env == "production" %}
adding openqa01 to prod haproxy
2015-12-01 22:47:08 +00:00
server openqa01 openqa01:80 check inter 10s rise 1 fall 2
Merge stg and prod haproxy config Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 16:45:38 +00:00
{% else %}
server openqa-stg01.qa.fedoraproject.org openqa-stg01.qa.fedoraproject.org:80 check inter 10s rise 1 fall 2
{% endif %}
Revert "Drop the openqa haproxy check in production too." This reverts commit d50a8c145321f89a1cd2ad36a84181c24f922674.
2016-01-27 22:20:24 +00:00
option httpchk GET /api/v1/jobs/1
adding openqa01 to prod haproxy
2015-12-01 22:47:08 +00:00
Proxy information for pdc.
2016-01-12 13:26:56 -05:00
listen pdc 0.0.0.0:10045
balance hdr(appserver)
Fix pdc haproxy typoes.
2016-01-12 13:33:45 -05:00
server pdc-web01 pdc-web01:80 check inter 10s rise 1 fall 2
Revert "Enable sticky sessions for PDC" This reverts commit 54272e4addd6a563b70d7eae30a9edce98578e3b.
2016-01-26 01:41:06 +00:00
## pdc-web02 is commented out because we don't currently know how to configure
## mod_auth_mellon to work when distributed across more than one app node. It
## expects to be able to share some state between requests in-process. Boo.
# server pdc-web02 pdc-web02:80 check inter 10s rise 1 fall 2
Try this without the url prefix.
2016-01-12 13:52:32 -05:00
option httpchk GET /rest_api/v1/
Some timeout options for prod pdc.
2016-01-25 16:45:03 +00:00
timeout server 3600000
timeout connect 3600000
Proxy information for pdc.
2016-01-12 13:26:56 -05:00
Proxy config for zanata2fedmsg.
2016-03-04 19:37:25 +00:00
listen zanata2fedmsg 0.0.0.0:10046
balance hdr(appserver)
server zanata2fedmsg01 zanata2fedmsg01:80 check inter 10s rise 1 fall 2
Add haproxy entries for osbs, docker-registry, retrace and faf Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 17:02:10 +00:00
listen osbs 0.0.0.0:10047
balance hdr(appserver)
Seems OSBS requires port 8443 Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-15 11:01:02 +00:00
server osbs-master01 osbs-master01:8443 check inter 10s rise 1 fall 2 check ssl verify none
Add haproxy entries for osbs, docker-registry, retrace and faf Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 17:02:10 +00:00
listen docker-registry 0.0.0.0:10048
balance hdr(appserver)
Use Fedora proxies as only proxy for Docker Registry Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-12 13:56:13 +00:00
server docker-registry01 docker-registry01:5000 check inter 10s rise 1 fall 2
These were supposed to be staging-only, not production-only Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 17:03:23 +00:00
{% if env == "staging" %}
Rework haproxy template so we do not have a block of whitespace changes with staging conditionals
2016-08-08 17:08:42 +00:00
Add haproxy entries for osbs, docker-registry, retrace and faf Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 17:02:10 +00:00
listen retrace 0.0.0.0:10049
balance hdr(appserver)
server retrace01 retrace01:80 check inter 10s rise 1 fall 2
Rework haproxy template so we do not have a block of whitespace changes with staging conditionals
2016-08-08 17:08:42 +00:00
{% endif %}
These were supposed to be staging-only, not production-only Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 17:03:23 +00:00
{% if env == "staging" %}
Rework haproxy template so we do not have a block of whitespace changes with staging conditionals
2016-08-08 17:08:42 +00:00
Add haproxy entries for osbs, docker-registry, retrace and faf Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-04-05 17:02:10 +00:00
listen faf 0.0.0.0:10050
balance hdr(appserver)
server faf01 faf01:80 check inter 10s rise 1 fall 2
Rework haproxy template so we do not have a block of whitespace changes with staging conditionals
2016-08-08 17:08:42 +00:00
{% endif %}
Add ++ service to the proxies
2016-07-27 15:19:24 +02:00
{% if env == "staging" %}
Rework haproxy template so we do not have a block of whitespace changes with staging conditionals
2016-08-08 17:08:42 +00:00
Add ++ service to the proxies
2016-07-27 15:19:24 +02:00
listen pps 0.0.0.0:10051
balance hdr(appserver)
pps is port 80
2016-07-27 15:59:00 +02:00
server mdapi01 mdapi01:80 check inter 10s rise 1 fall 2
Add ++ service to the proxies
2016-07-27 15:19:24 +02:00
option httpchk GET /pps
pps is port 80
2016-07-27 15:59:00 +02:00
Rework haproxy template so we do not have a block of whitespace changes with staging conditionals
2016-08-08 17:08:42 +00:00
{% endif %}
try adding fas3 to haproxy stg? Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
2016-08-03 07:34:38 +00:00
{% if env == "staging" %}
Rework haproxy template so we do not have a block of whitespace changes with staging conditionals
2016-08-08 17:08:42 +00:00
try adding fas3 to haproxy stg? Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
2016-08-03 07:34:38 +00:00
listen fas3 0.0.0.0:10052
# These values are set extremely low so any issues are recovered from very
# quickly. Setting these higher will cause odd behavior in apps that
# depend on fas (like pkgdb, bodhi, etc)
balance hdr(appserver)
server fas3-01.stg fas3-01.stg:80 check inter 5s rise 1 fall 2
missed this one Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
2016-08-03 09:26:16 +00:00
option httpchk GET /fas3/
try adding fas3 to haproxy stg? Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
2016-08-03 07:34:38 +00:00
Rework haproxy template so we do not have a block of whitespace changes with staging conditionals
2016-08-08 17:08:42 +00:00
{% endif %}
Proxy IPA through haproxy Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-08-04 21:23:07 +00:00
listen ipa 0.0.0.0:10053
balance hdr(appserver)
This is not a client cert... Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-08-04 21:26:40 +00:00
server ipa01 ipa01:443 check inter 10s rise 1 fall 2 ssl verify required ca-file /etc/haproxy/ipa.pem
Add IPA to proxies Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-10-13 11:21:46 +00:00
{% if env != "staging" %}
server ipa02 ipa02:443 check inter 10s rise 1 fall 2 ssl verify required ca-file /etc/haproxy/ipa.pem
Create candidate registry at proxy Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-08-29 16:44:36 +00:00
{% endif %}
Add IPA to proxies Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-10-13 11:21:46 +00:00
option httpchk GET /
Create candidate registry at proxy Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-08-29 16:44:36 +00:00
Add krb:1088 to haproxy Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-10-25 16:46:32 +00:00
listen krb5 0.0.0.0:1088
mode tcp
option tcplog
balance roundrobin
maxconn 16384
timeout queue 5000
timeout server 86400000
timeout connect 86400000
server ipa01 ipa01:1088 weight 1 maxconn 16384
{% if env == "production" %}
server ipa02 ipa02:1088 weight 1 maxconn 16384
{% endif %}
Create candidate registry at proxy Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-08-29 16:44:36 +00:00
listen docker-candidate-registry 0.0.0.0:10054
balance hdr(appserver)
server docker-candidate-registry01 docker-candidate-registry01:5000 check inter 10s rise 1 fall 2
Add proxy config for stg only Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
2016-09-06 04:54:06 +00:00
{% if env == "staging" %}
listen modernpaste 0.0.0.0:10055
balance hdr(appserver)
server modernpaste01 modernpaste01:80 check inter 10s rise 1 fall 2
option httpchk GET /
{% endif %}
Proxy IPA through haproxy Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2016-08-04 21:23:07 +00:00
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
# Apache doesn't handle the initial connection here like the other proxy
# entries. This proxy also doesn't use the http mode like the others.
# stunnel should be sitting on port 9939 (public) and redirecting
# connections from there to here, port 9938. This then proxies to the
# fedmsg-hub's websocket server on busgateway01, port 9919.
listen fedmsg-websockets 0.0.0.0:9938
mode tcp
Prevent haproxy warnings by telling it to use tcplog Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2015-11-24 22:20:14 +00:00
option tcplog
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
balance roundrobin
maxconn 16384
timeout queue 5000
timeout server 86400000
timeout connect 86400000
server busgateway01 busgateway01:9919 weight 1 maxconn 16384
# This, unlike the websockets entry just above, is listening directly to the
# outside world with no stunnel inbetween.
# Simply redirect tcp connections to a local fedmsg-gateway slave. It should be
# forwarding messages from the master gateway on busgateway01.
listen fedmsg-raw-zmq-outbound 0.0.0.0:9940
mode tcp
Prevent haproxy warnings by telling it to use tcplog Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2015-11-24 22:20:14 +00:00
option tcplog
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
balance roundrobin
maxconn 16384
timeout queue 5000
timeout server 86400000
timeout connect 86400000
server localhost localhost:9942 weight 1 maxconn 16384
# While the above fedmsg-raw-zmq-outbound forwards incoming connections to an
# instance of the "fedmsg-gateway" daemon (which pushes internal messages out),
# this entry forwards incoming connections to a secondary instance of the
# "fedmsg-relay" daemon (which pushes messages *onto* the internal bus). We
# have a primary instance of fedmsg-relay running on app01 for most internal
# use. Here we forward to a secondary one on busgateway01.
listen fedmsg-raw-zmq-inbound 0.0.0.0:9941
mode tcp
Prevent haproxy warnings by telling it to use tcplog Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2015-11-24 22:20:14 +00:00
option tcplog
Start working on the haproxy role
2014-12-07 23:35:44 +00:00
balance roundrobin
maxconn 16384
timeout queue 5000
timeout server 86400000
timeout connect 86400000
server busgateway01 busgateway01:9941 weight 1 maxconn 16384
Copy permalink