232 lines
7.7 KiB
Text
232 lines
7.7 KiB
Text
# this config needs haproxy-1.1.28 or haproxy-1.2.1
|
|
|
|
global
|
|
log 127.0.0.1 local0 warning
|
|
# Set this to 4096 + 16384
|
|
# 16384 for the fedmsg gateway and 4096 for everybody else.
|
|
maxconn 20480
|
|
chroot /var/lib/haproxy
|
|
user haproxy
|
|
group haproxy
|
|
daemon
|
|
stats socket /var/run/haproxy-stat user haproxy group nrpe mode 0664
|
|
#debug
|
|
#quiet
|
|
|
|
defaults
|
|
log global
|
|
mode http
|
|
option httplog
|
|
option dontlognull
|
|
option httpclose
|
|
option redispatch
|
|
retries 3
|
|
maxconn 5000
|
|
timeout connect 5s
|
|
timeout client 500s
|
|
timeout server 500s
|
|
errorfile 503 /etc/haproxy/503.http
|
|
|
|
listen stats 0.0.0.0:8080
|
|
mode http
|
|
balance hdr(appserver)
|
|
stats enable
|
|
stats uri /
|
|
|
|
listen fp-wiki 0.0.0.0:10001
|
|
balance hdr(appserver)
|
|
server wiki01 wiki01:80 check inter 15s rise 2 fall 5
|
|
option httpchk GET /wiki/Main_Page
|
|
|
|
listen mirror-lists 0.0.0.0:10002
|
|
balance hdr(appserver)
|
|
timeout connect 30s
|
|
server mirrorlist-phx2 mirrorlist-phx2:80 check inter 10s rise 2 fall 3
|
|
option httpchk GET /mirrorlist
|
|
|
|
listen pkgdb 0.0.0.0:10003
|
|
balance hdr(appserver)
|
|
server pkgdb01 pkgdb01:80 check inter 10s rise 2 fall 3
|
|
option httpchk GET /pkgdb/collections/
|
|
|
|
listen fas 0.0.0.0:10004
|
|
# These values are set extremely low so any issues are recovered from very
|
|
# quickly. Setting these higher will cause odd behavior in apps that
|
|
# depend on fas (like pkgdb, bodhi, etc)
|
|
balance hdr(appserver)
|
|
server fas01 fas01:80 check inter 5s rise 1 fall 2
|
|
option httpchk GET /accounts/
|
|
|
|
listen voting 0.0.0.0:10007
|
|
balance hdr(appserver)
|
|
server elections01 elections01:80 check inter 10s rise 2 fall 4
|
|
option httpchk GET /voting/
|
|
|
|
listen mirrormanager 0.0.0.0:10008
|
|
balance hdr(appserver)
|
|
server sundries01 sundries01:80 check inter 60s rise 2 fall 3
|
|
option httpchk GET /mirrormanager/rsync_acl
|
|
|
|
listen bodhi 0.0.0.0:10009
|
|
balance hdr(appserver)
|
|
server bodhi01 bodhi01:80 check inter 20s rise 2 fall 3
|
|
option httpchk GET /updates/nagios
|
|
|
|
listen freemedia 0.0.0.0:10011
|
|
balance hdr(appserver)
|
|
server sundries01 sundries01:80 check inter 60s rise 2 fall 3
|
|
option httpchk GET /freemedia/FreeMedia-form.html
|
|
|
|
listen packages 0.0.0.0:10016
|
|
balance hdr(appserver)
|
|
server packages03 packages03:80 check inter 5s rise 2 fall 3
|
|
option httpchk GET /packages/_heartbeat
|
|
|
|
listen tagger 0.0.0.0:10017
|
|
balance hdr(appserver)
|
|
server tagger01 tagger01:80 check inter 60s rise 2 fall 3
|
|
option httpchk GET /tagger/_heartbeat
|
|
|
|
listen totpcgiprovision 0.0.0.0:10019
|
|
balance hdr(appserver)
|
|
http-check expect status 401
|
|
server fas01 fas01:8444 check inter 5s rise 1 fall 2
|
|
option httpchk GET /index.cgi
|
|
|
|
listen ipsilon 0.0.0.0:10020
|
|
balance hdr(appserver)
|
|
server ipsilon01 ipsilon01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /ui/fedora/repeater.png
|
|
|
|
listen askbot 0.0.0.0:10021
|
|
balance hdr(appserver)
|
|
server ask01 ask01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /questions/
|
|
|
|
listen blockerbugs 0.0.0.0:10022
|
|
balance hdr(appserver)
|
|
server blockerbugs01 blockerbugs01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /blockerbugs
|
|
|
|
listen fedocal 0.0.0.0:10023
|
|
balance hdr(appserver)
|
|
server fedocal01 fedocal01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /calendar
|
|
|
|
listen geoip-city 0.0.0.0:10029
|
|
balance hdr(appserver)
|
|
server sundries01 sundries01:80 check inter 30s rise 2 fall 3
|
|
option httpchk GET /city?ip=18.0.0.1
|
|
|
|
# IMPORTANT: 10023-10026 will NOT work because of selinux policies
|
|
|
|
listen paste 0.0.0.0:10027
|
|
balance hdr(appserver)
|
|
server paste01 paste01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /
|
|
|
|
listen datagrepper 0.0.0.0:10028
|
|
balance hdr(appserver)
|
|
server datagrepper01 datagrepper01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /datagrepper
|
|
|
|
# IMPORTANT: 10031 will NOT work because of selinux policies
|
|
|
|
listen badges 0.0.0.0:10032
|
|
balance hdr(appserver)
|
|
server badges-web01 badges-web01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /heartbeat
|
|
|
|
listen lists 0.0.0.0:10033
|
|
balance hdr(appserver)
|
|
server mailman01 mailman01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /
|
|
|
|
listen gallery 0.0.0.0:10034
|
|
balance hdr(appserver)
|
|
server gallery01 gallery01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /
|
|
|
|
listen nuancier 0.0.0.0:10035
|
|
balance hdr(appserver)
|
|
server nuancier01 nuancier01:80 check inter 10s rise 1 fall 2
|
|
server nuancier02 nuancier02:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /nuancier/
|
|
|
|
listen notifs-web 0.0.0.0:10036
|
|
balance hdr(appserver)
|
|
server notifs-web01 notifs-web01:80 check inter 10s rise 1 fall 2
|
|
server notifs-web02 notifs-web02:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /notifications/_heartbeat
|
|
|
|
listen github2fedmsg 0.0.0.0:10037
|
|
balance hdr(appserver)
|
|
server github2fedmsg01 github2fedmsg01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /github2fedmsg/
|
|
|
|
listen kerneltest 0.0.0.0:10038
|
|
balance hdr(appserver)
|
|
server kerneltest01 kerneltest01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /kerneltest
|
|
|
|
listen mirrormanager2 0.0.0.0:10039
|
|
balance hdr(appserver)
|
|
server mm-frontend01 mm-frontend01:80 check inter 60s rise 2 fall 3
|
|
option httpchk GET /mirrormanager2
|
|
|
|
listen koschei 0.0.0.0:10040
|
|
balance hdr(appserver)
|
|
server koschei01 koschei01:80 check inter 10s rise 1 fall 2
|
|
option httpchk GET /koschei/
|
|
|
|
# Apache doesn't handle the initial connection here like the other proxy
|
|
# entries. This proxy also doesn't use the http mode like the others.
|
|
# stunnel should be sitting on port 9939 (public) and redirecting
|
|
# connections from there to here, port 9938. This then proxies to the
|
|
# fedmsg-hub's websocket server on busgateway01, port 9919.
|
|
listen fedmsg-websockets 0.0.0.0:9938
|
|
mode tcp
|
|
balance roundrobin
|
|
maxconn 16384
|
|
timeout queue 5000
|
|
timeout server 86400000
|
|
timeout connect 86400000
|
|
server busgateway01 busgateway01:9919 weight 1 maxconn 16384
|
|
|
|
# This, unlike the websockets entry just above, is listening directly to the
|
|
# outside world with no stunnel inbetween.
|
|
# Simply redirect tcp connections to a local fedmsg-gateway slave. It should be
|
|
# forwarding messages from the master gateway on busgateway01.
|
|
listen fedmsg-raw-zmq-outbound 0.0.0.0:9940
|
|
mode tcp
|
|
balance roundrobin
|
|
maxconn 16384
|
|
timeout queue 5000
|
|
timeout server 86400000
|
|
timeout connect 86400000
|
|
server localhost localhost:9942 weight 1 maxconn 16384
|
|
|
|
# While the above fedmsg-raw-zmq-outbound forwards incoming connections to an
|
|
# instance of the "fedmsg-gateway" daemon (which pushes internal messages out),
|
|
# this entry forwards incoming connections to a secondary instance of the
|
|
# "fedmsg-relay" daemon (which pushes messages *onto* the internal bus). We
|
|
# have a primary instance of fedmsg-relay running on app01 for most internal
|
|
# use. Here we forward to a secondary one on busgateway01.
|
|
listen fedmsg-raw-zmq-inbound 0.0.0.0:9941
|
|
mode tcp
|
|
balance roundrobin
|
|
maxconn 16384
|
|
timeout queue 5000
|
|
timeout server 86400000
|
|
timeout connect 86400000
|
|
server busgateway01 busgateway01:9941 weight 1 maxconn 16384
|
|
|
|
#listen membership-map 0.0.0.0:10001
|
|
# balance hdr(appserver)
|
|
# server app1 app1:80 check inter 5s rise 2 fall 3
|
|
# server app2 app2:80 check inter 5s rise 2 fall 3
|
|
# server app3 app3:80 check inter 5s rise 2 fall 3
|
|
# server app4 app4:80 check inter 5s rise 2 fall 3
|
|
# server app05 app05:80 backup check inter 5s rise 2 fall 3
|
|
# server bapp1 bapp1:80 backup check inter 5s rise 2 fall 3
|
|
# option httpchk GET /membership-map
|