Professional Documents
Culture Documents
Fara GRPC
Fara GRPC
Fara GRPC
maxconn 100
log 127.0.0.1:514 local2
defaults
log global
option httplog
mode tcp
retries 2
timeout client 30m
timeout connect 4s
timeout server 30m
timeout check 5s
listen stats
mode http
bind *:7000
stats enable
stats uri /
frontend httpqnms
bind *:80
mode http
redirect scheme https code 301 if !{ ssl_fc }
frontend qnms
bind *:443 ssl crt /etc/ssl/certs/haproxy.pem verify optional ca-file
/etc/ssl/certs/ca.pem
#crt-ignore-err all
mode http
http-request set-header X-SSL-Client-Verify %[ssl_c_verify]
http-request set-header X-SSL-Client-DN %{+Q}[ssl_c_s_dn]
http-request set-header X-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)]
option logasap
default_backend web-backend
backend webnms-backend
mode http
balance roundrobin
http-send-name-header Host
#http-request set-header Host webkube1:30443 if { hdr(host) -i qnms }
#http-request replace-header Host .* webkube1
http-request set-header X-Client-IP %[src]
server webkube1:30443 webkube1:30443 ssl verify none check
server webkube2:30443 webkube2:30443 ssl verify none check
server webkube3:30443 webkube3:30443 ssl verify none check
backend api-version-backend
mode http
balance roundrobin
http-send-name-header Host
server kube1:30443 kube1:30443 ssl verify none check
server kube2:30443 kube2:30443 ssl verify none check
server kube3:30443 kube3:30443 ssl verify none check
backend v1-backend
mode http
balance roundrobin
#http-request set-header Host kube1:30443 if { hdr(host) -i qnms }
http-send-name-header Host
server kube1:30443 kube1:30443 ssl verify none check
server kube2:30443 kube2:30443 ssl verify none check
server kube3:30443 kube3:30443 ssl verify none check
backend arc-backend
mode http
balance roundrobin
#http-request set-header Host kube1:30443 if { hdr(host) -i qnms }
http-request set-path "%[path,regsub(^/arc/|/satoss/,/)]"
http-send-name-header Host
server kube1:30443 kube1:30443 ssl verify none check
server kube2:30443 kube2:30443 ssl verify none check
server kube3:30443 kube3:30443 ssl verify none check
backend sri-backend
mode http
balance roundrobin
http-request set-path "%[path,regsub(^/sri/|/oss/,/)]"
http-send-name-header Host
server srikube1:30443 srikube1:30443 ssl verify none check
server srikube2:30443 srikube2:30443 ssl verify none check
server srikube3:30443 srikube3:30443 ssl verify none check
backend web-backend
mode http
balance roundrobin
http-send-name-header Host
server webkube1:30443 webkube1:30443 ssl verify none check
server webkube2:30443 webkube2:30443 ssl verify none check
server webkube3:30443 webkube3:30443 ssl verify none check
backend iphosync-backend
mode http
balance roundrobin
http-send-name-header Host
server iphosynckube1:30443 iphosynckube1:30443 ssl verify none check
server iphosynckube2:30443 iphosynckube2:30443 ssl verify none check
server iphosynckube3:30443 iphosynckube3:30443 ssl verify none check