forked from HariSekhon/HAProxy-configs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path10-global.cfg
93 lines (79 loc) · 3.31 KB
/
10-global.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# vim:ts=4:sts=4:sw=4:et
#
# Author: Hari Sekhon
# Date: 2017-12-16 09:14:31 +0000 (Sat, 16 Dec 2017)
#
# https://github.com/harisekhon/haproxy-configs
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/harisekhon
#
# ============================================================================ #
# H A P r o x y G l o b a l S e t t i n g s
# ============================================================================ #
global
#log syslog:514 local0 info
log 127.0.0.1:514 local0 info
#log /dev/log local0 info
#log /dev/stdout local0 info
tune.bufsize 16384 # default, response size limit, beware for Hue, SQL services
tune.chksize 16384 # default, healthcheck response parsing limit
#tune.chksize 32768
#chroot /var/lib/haproxy
#pidfile /var/run/haproxy.pid
maxconn 4000
#user haproxy
#group haproxy
#daemon
#stats socket /var/lib/haproxy/stats
#stats socket 0.0.0.0:1234
#stats maxconn 20 # default: 10
ssl-server-verify required # default, else 'none'
max-spread-checks 2s
unix-bind mode 0400
# ============================================================================ #
# H A P r o x y D e f a u l t S e t t i n g s
# ============================================================================ #
defaults
log global
option logasap
option log-separate-errors
#option log-health-checks
mode http
option httplog
option http-keep-alive
option tcpka
#option clitcpka
#option srvtcpka
# HAProxy 1.7 onwards - ignore unresolvable DNS addresses
default-server init-addr last,libc,none
# will break cookie persistence if server fails and needs to switch to other server
option redispatch
#option prefer-last-server
# socket level retries not full
retries 3
#minconn 50 # for slowstart ramp up
maxconn 3000
#fullconn 10000
timeout connect 10s
timeout http-request 10s
timeout http-keep-alive 10s
timeout queue 10s
timeout client 10s
timeout client-fin 10s
timeout server 10s
timeout server-fin 10s
timeout check 10s
timeout tunnel 1h
# breaks Hue
#option checkcache
#option abortonclose
#option dontlognull
#option http-ignore-probes
#option forwardfor #except 127.0.0.0/8
#http-check disable-on-404 # gracefully finish connections if httpchk gets 404
# continuous traffic stats for smoother graphs of longer running connections (eg. images)
#option contstats