Created
January 23, 2020 21:56
-
-
Save haproxytechblog/125e16e6a8a012e61b0d3f8f86bcd404 to your computer and use it in GitHub Desktop.
HAProxyConf 2019 - HAProxy as Egress Controller
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend proxy | |
| acl client:myback:prod src 172.21.132.0/25 | |
| acl client:myback:dev src 172.21.131.0/25 | |
| acl client:myback:acc src 172.21.130.0/25 | |
| acl client:legback:dev src 172.21.132.2 172.21.132.4 | |
| acl client:3rdapp:prod src 172.21.132.0/25 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend proxy | |
| acl client:myback:prod src 172.21.132.0/25 | |
| acl partner:myback:prod:example:prod:www:high path_beg /myback/prod/example/prod/www/high | |
| use_backend example:prod:www:high if partner:myback:prod:example:prod:www:high client:myback:prod |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| backend example:prod:www:high | |
| timeout connect 1000 | |
| timeout client 5000 | |
| timeout server 11000 | |
| timeout http-request 5000 | |
| timeout queue 0s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| backend example:prod:www:high | |
| balance first | |
| http-request set-header Host www.example.com | |
| reqrep ^([^\ ]*\ )/[a-zA-Z0-9-]+/[a-z]+/example/prod/www/high[/]?(.*) \1/\2 | |
| fullconn 20 | |
| server www www.example.com:443 maxconn 20 sni str(www.example.com) ssl ca-file /etc/ssl/certs/ca-bundle.crt resolvers mydns resolve-prefer ipv4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| reqrep ^([^\ ]*\ )/[a-zA-Z0-9-]+/[a-z]+/example/prod/www/high[/]?(.*) \1/\2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| backend example:prod:www:high | |
| resolvers mydns resolve-prefer ipv4 | |
| resolvers mydns | |
| nameserver dns1 172.21.16.6:53 | |
| nameserver dns2 172.21.16.34:53 | |
| timeout resolve 1s | |
| timeout retry 1s | |
| resolve_retries 5 | |
| hold other 10s | |
| hold refused 10s | |
| hold nx 10s | |
| hold timeout 10s | |
| hold valid 300s | |
| hold obsolete 10s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| backend example:prod:www:high | |
| http-request set-header Host www.example.com | |
| server www 93.184.216.34:443 sni str(www.example.com) ssl ca-file /etc/ssl/certs/ca-bundle.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend proxy | |
| http-request set-path /myback/prod/example/prod/www2/high if { path /myback/prod/example/prod/www/high } { rand(100) lt 10 } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| frontend proxy | |
| http-request set-path /myback/prod/example/prod/www2/high if { path /myback/prod/example/prod/www/high } { date() ge 1571558400 } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sum(rate(http_requests_duration_ms_count{ | |
| partner="exemple",partner_env="prod",partner_service="www", | |
| client="myback",client_env="prod" | |
| }[5m])) by(code) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment