Sane HAProxy Config #151
Comments
|
|
|
How does this look for a set of resources? haproxy_global_config do
user 'haproxy'
group 'haproxy'
pidfile '/var/run/haproxy.pid'
log '/dev/log syslog info'
? 'daemon'
? 'quiet'
stats_socket '/var/run/haproxy.sock user haproxy group haproxy'
maxconn 4106
endhapoxy_default_config do
client_timeout 10 # document these settings should be in seconds
server_timeout 10
connect_timeout 10
log 'global'
mode 'http'
balance 'roundrobin'
option httplog* # should these be an options hash? there isn't anything distinguishable about them
option dontlognull*
option redispatch*
httpcheck 'GET /'
stats_uri '/haproxy-status'
http_check 'disable-on-404'
cookie 'SERVERID insert indirect nocache'
endhaproxy_frontend '1' do
requests 'all_requests'
default_backend 'example'
bind '0.0.0.0:80'
maxconn 4096
acl ['acl_test_example hdr_dom(host) -i -m dom test.example.com',
'acl_appserver path_dom -i /appserver',
'acl_example hdr_dom(host) -i -m dom example.com']
use_backend ['test_example if acl_test_example',
'appserver if acl_appserver',
'example if acl_example']
bind '0.0.0.0:445 ssl crt /usr/local/etc/haproxy/ssl_cert.pem no-sslv3'
redirect_scheme 'https if !{ ssl_fc }'
endhaproxy_backend 'test_example' do
disabled_server ['disabled-server 127.0.0.1:1 disabled']
enabled_server ['01-ABCDEFGH0123 192.0.2.2:8080 inter 300 rise 3 fall 2 maxconn 100 check cookie 01-ABCDEFGH0123']
endhaproxy_backend 'appserver' do
disabled_server ['disabled-server 127.0.0.1:1 disabled']
enabled_server ['02-ABCDEFGH0123 192.0.2.2:8080 inter 300 rise 3 fall 2 maxconn 100 check cookie 02-ABCDEFGH0123']
endhaproxy_backend 'example' do
disabled_server ['disabled-server 127.0.0.1:1 disabled']
enabled_server ['03-ABCDEFGH0123 192.0.2.2:8080 inter 300 rise 3 fall 2 maxconn 100 check cookie 03-ABCDEFGH0123']
endhaproxy_syslog 'destination_1' do
address: '127.0.0.1'
length: nil
format: nil
facility: 'local0'
max_level: nil
min_level: nil
end |
|
I was basically thinking the same thing. enabled_server under haproxy_backend can have multiples. I think it may need a |
|
we should also make global_/default_ be the same naming style |
|
We can accumulate (because I keep finding a need for this pattern apparently...) the servers. haproxy_backend 'example' do
disabled_server ['disabled-server 127.0.0.1:1 disabled']
enabled_server ['1']
endhaproxy_backend 'example' do
enabled_server ['2']
endhaproxy_backend 'example' do
enabled_server ['3']
endwould give us: What do you mean by the same naming style for |
|
I am thinking haproxy_global_config => haproxy_global, hapoxy_config_defaults => haproxy_defaults, or at least config in all of them. Not sure, I am probably being pedantic. |
|
You might want to checkout #119 also. |
|
this should fix #58 also |
|
More resources to add as per #96 : |
|
load_balancer should support accumulator pattern for multiple listeners. As per #106 |
|
Which of the following do we prefer? considering we don't have many options in defaults right now I think the second could work. |
|
there are a couple of other timeouts also so up to you. |
|
hmm yeah timeout check X - X X |
|
OK. So going through all the possible options I need a few more good examples people are using. I'd like to make it simple/easy to make common configurations. Past that, pass in If anyone else has exemplar configs that would be great. |
* adding global attributes, removing them from attributes/default.rb, and updating package_name/version in haproxy.rb * adding debug_option in place of quiet, and adding enable_stats_socket * adding in default properties * moving source install to resource for consistency * Reorder/tidy up metadata Remove rubocop yaml file * Make sure we have Chef 13 compatibility * Remove old tests that are now invalid (bats, serverspec etc) * Move node attributes to properties * Move attributes to properties * Switch to delivery, ignore FC016 * Move the test cookbook to appease chefSpec * Add a few tests * Spell integration correctly, update test platforms, * Make make make it work * Fix prefix for debians lazy path * Add global config * Restart the correct services * Add default and global configs & installs correctly Add example configs Some integration specs for configs Add further stubbed out, frontend, backend, listener configs. Getting edit resource to bend to my will a bit further :) * Add frontend * only populate arrays/hashes if there are values to be added * Update gemfile, remove things we don't use anymore * Apply integration tests correctly. * Add listen section * Remove 12.04 (EOL on the 28th of April) * edit_resource to stop resource cloning * Original template should do nothing No tuning on by default * Chef 12.5 compatability. * haproxy --> haproxy_install custom resource * Move unit files and remove matchers.rb * Tidy up test files * Docker --> dokken * put service definition in root context and outside source/package block * Remove foodcritic warnings now @tas50 has fixed foodcritic * Tidy up dokken config, remove foodcritic file, use simple spec test * Tidy up travis.yml * replace tabs with spaces and fix broken tests * Fix ERB template * Remove rsyslog * define acls before use_backend in config * Custom resource with master (#188) * Allow server startup from app_lb recipe. * Placeholder changelog. * chef_version requires Chef >= 12.6.0. * Added capacity to understand multiple address and ports with array for 'bind' attribute of haproxy_lb resource * Add github templates * Test with Delivery local * Update Kitchen config and remove 12.04 testing * Fix contributing doc typo * Cookstyle fix * Update kitchen config * Chef 13 compatability (#176) * updating for release, and fixing sudo (#180) * updating for release, and fixing sudo * fixing source path * fixing changelog links (#181) * Fix bug introduced in #174 (#182) This fixes a bug that was introduced in #174 which doesn't honor the fact if the bind parameter is nil don't include any bind line. In our case, we put in the bind keyword in the parameters parameter so this added two bind statements and made haproxy unhappy. It looks like this was a copypasta originally as this was included in the prior code. * Closes #151, #111, * Closes #159 ACLs are a Hash/Array inside a backends & frontends * Closes #148 we no longer use Chef Search. * Closes #58 as we have a clean way of defining backends.
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
This is an issue for saving several haproxy configs
The text was updated successfully, but these errors were encountered: