| global |
| chroot /var/lib/haproxy |
| stats socket /var/run/haproxy/admin.sock mode 660 level admin |
| stats timeout 30s |
| user haproxy |
| group haproxy |
| daemon |
| maxconn 128 |
| |
| # Default SSL material locations |
| ca-base /etc/ssl/certs |
| crt-base /etc/ssl/private |
| |
| # Default ciphers to use on SSL-enabled listening sockets. |
| # For more information, see ciphers(1SSL). |
| ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL |
| |
| defaults |
| timeout connect 5s |
| timeout client 10s |
| timeout server 10s |
| mode http |
| log syslog-sidecar local0 debug |
| option log-health-checks |
| option http-server-close |
| |
| frontend gerrit_http |
| bind *:80 |
| option httplog |
| acl http_writes method PUT POST DELETE PATCH |
| use_backend gerrit_http_nodes if http_writes |
| default_backend gerrit_http_nodes_balanced |
| |
| frontend gerrit_ssh |
| bind *:29418 |
| option tcplog |
| mode tcp |
| default_backend gerrit_ssh_nodes |
| |
| backend gerrit_ssh_nodes |
| mode tcp |
| option httpchk GET /config/server/version HTTP/1.0 |
| http-check expect status 200 |
| balance source |
| timeout connect 10s |
| timeout server 5m |
| server gerrit_ssh_01 gerrit-01:29418 check port 8080 inter 10s fall 3 rise 2 |
| server gerrit-ssh_02 gerrit-02:29418 check port 8080 inter 10s fall 3 rise 2 backup |
| |
| backend gerrit_http_nodes |
| mode http |
| balance source |
| option forwardfor |
| default-server inter 10s fall 3 rise 2 |
| option httpchk GET /config/server/version HTTP/1.0 |
| http-check expect status 200 |
| server gerrit_01 gerrit-01:8080 check |
| server gerrit_02 gerrit-02:8080 check backup |
| |
| backend gerrit_http_nodes_balanced |
| mode http |
| balance source |
| option forwardfor |
| default-server inter 10s fall 3 rise 2 |
| option httpchk GET /config/server/version HTTP/1.0 |
| http-check expect status 200 |
| server gerrit_01 gerrit-01:8080 check |
| server gerrit_02 gerrit-02:8080 check |