Skip to content

Instantly share code, notes, and snippets.

@dincosman

dincosman/haproxy.cfg

Last active April 28, 2024 21:36
Show Gist options
  • Save dincosman/47479dc4426aa6aa55dedf44eb9ef3f2 to your computer and use it in GitHub Desktop.
Save dincosman/47479dc4426aa6aa55dedf44eb9ef3f2 to your computer and use it in GitHub Desktop.
Download ZIP
Sample HAProxy Configuration communicating with Patroni REST APIs over SSL
Raw
haproxy.cfg
[root@etcd02 ~]# cat /etc/ssl/etcd/server.crt /etc/ssl/etcd/server.key >> /etc/ssl/etcd/haproxy_combined.crt
[root@etcd02 ~]# vi /etc/haproxy/haproxy.cfg
global
maxconn 4096
defaults
log global
mode tcp
timeout client 30m
timeout connect 4s
timeout server 30m
timeout check 5s
listen stats
mode http
bind *:7000
stats enable
stats uri /
listen primary
bind 192.168.60.120:3500
option httpchk OPTIONS/master
http-check expect status 200
default-server inter 3s fall 3 rise 2 on-marked-down shutdown-sessions
server postgresql_192.168.60.101_3531 posvt01.localdomain:3531 verify none maxconn 100 check check-ssl port 8008 crt /etc/ssl/etcd/haproxy_combined.crt ca-file /etc/ssl/etcd/root.crt
server postgresql_192.168.60.102_3531 posvt02.localdomain:3531 verify none maxconn 100 check check-ssl port 8008 crt /etc/ssl/etcd/haproxy_combined.crt ca-file /etc/ssl/etcd/root.crt
listen standby
bind 192.168.60.120:3501
option httpchk OPTIONS/replica
http-check expect status 200
default-server inter 3s fall 3 rise 2 on-marked-down shutdown-sessions
server postgresql_192.168.60.101_3531 posvt01.localdomain:3531 verify none maxconn 100 check check-ssl port 8008 crt /etc/ssl/etcd/haproxy_combined.crt ca-file /etc/ssl/etcd/root.crt
server postgresql_192.168.60.102_3531 posvt02.localdomain:3531 verify none maxconn 100 check check-ssl port 8008 crt /etc/ssl/etcd/haproxy_combined.crt ca-file /etc/ssl/etcd/root.crt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment