59 lines
2.0 KiB
Django/Jinja
59 lines
2.0 KiB
Django/Jinja
#jinja2: lstrip_blocks: True
|
|
global
|
|
chroot /var/lib/haproxy
|
|
user haproxy
|
|
group haproxy
|
|
daemon
|
|
log {{ syslog_server }}:{{ syslog_udp_port }} {{ syslog_haproxy_facility }}
|
|
maxconn {{ haproxy_max_connections }}
|
|
nbthread {{ haproxy_threads }}
|
|
{% if (haproxy_threads | int > 1) and (haproxy_thread_cpu_map | bool) %}
|
|
cpu-map auto:1/all 0-63
|
|
{% endif %}
|
|
stats socket /var/lib/kolla/haproxy/haproxy.sock group kolla mode 660{% if haproxy_socket_level_admin | bool %} level admin{% endif %}
|
|
|
|
{% if kolla_enable_tls_external | bool or kolla_enable_tls_internal | bool %}
|
|
ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES
|
|
ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11
|
|
tune.ssl.default-dh-param 4096
|
|
ca-base {{ haproxy_backend_cacert_dir }}
|
|
{% endif %}
|
|
|
|
defaults
|
|
log global
|
|
option redispatch
|
|
retries 3
|
|
timeout http-request {{ haproxy_http_request_timeout }}
|
|
timeout http-keep-alive {{ haproxy_http_keep_alive_timeout }}
|
|
timeout queue {{ haproxy_queue_timeout }}
|
|
timeout connect {{ haproxy_connect_timeout }}
|
|
timeout client {{ haproxy_client_timeout }}
|
|
timeout server {{ haproxy_server_timeout }}
|
|
timeout check {{ haproxy_check_timeout }}
|
|
balance {{ haproxy_defaults_balance }}
|
|
maxconn {{ haproxy_defaults_max_connections }}
|
|
|
|
listen stats
|
|
bind {{ api_interface_address }}:{{ haproxy_stats_port }}
|
|
mode http
|
|
stats enable
|
|
stats uri /
|
|
stats refresh 15s
|
|
stats realm Haproxy\ Stats
|
|
stats auth {{ haproxy_user }}:{{ haproxy_password }}
|
|
|
|
{% if enable_prometheus_haproxy_exporter | bool %}
|
|
listen metrics
|
|
bind {{ api_interface_address }}:{{ prometheus_haproxy_exporter_port }}
|
|
mode http
|
|
http-request use-service prometheus-exporter if { path /metrics }
|
|
{% endif %}
|
|
|
|
frontend status
|
|
bind {{ api_interface_address }}:{{ haproxy_monitor_port }}
|
|
{% if api_interface_address != kolla_internal_vip_address %}
|
|
bind {{ kolla_internal_vip_address }}:{{ haproxy_monitor_port }}
|
|
{% endif %}
|
|
mode http
|
|
monitor-uri /
|