Skip to content

Instantly share code, notes, and snippets.

@robcole

robcole/redis-proxy-haproxy.cfg

Forked from tastyone/redis-proxy-haproxy.cfg
Created October 27, 2020 01:59
Show Gist options
  • Save robcole/07e11973b9cac45adf7c0038184b8fc7 to your computer and use it in GitHub Desktop.
Save robcole/07e11973b9cac45adf7c0038184b8fc7 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @tastyone tastyone created this gist Aug 21, 2015.
    82 changes: 82 additions & 0 deletions redis-proxy-haproxy.cfg
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,82 @@
    global
    log /dev/log local0
    log /dev/log local1 notice
    chroot /var/lib/haproxy
    stats socket /run/haproxy/admin.sock mode 660 level admin
    stats timeout 30s
    user haproxy
    group haproxy
    daemon

    # Default SSL material locations
    ca-base /etc/ssl/certs
    crt-base /etc/ssl/private

    # Default ciphers to use on SSL-enabled listening sockets.
    # For more information, see ciphers(1SSL). This list is from:
    # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
    ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
    ssl-default-bind-options no-sslv3

    #defaults
    # log global
    # mode http
    # option httplog
    # option dontlognull
    # timeout connect 5000
    # timeout client 50000
    # timeout server 50000
    # errorfile 400 /etc/haproxy/errors/400.http
    # errorfile 403 /etc/haproxy/errors/403.http
    # errorfile 408 /etc/haproxy/errors/408.http
    # errorfile 500 /etc/haproxy/errors/500.http
    # errorfile 502 /etc/haproxy/errors/502.http
    # errorfile 503 /etc/haproxy/errors/503.http
    # errorfile 504 /etc/haproxy/errors/504.http

    defaults REDIS
    mode tcp
    timeout connect 4s
    timeout server 15s
    timeout client 15s
    # timeout tunnel 365d

    frontend ft_redis_master
    bind *:5000 name redis
    default_backend bk_redis_master

    backend bk_redis_master
    option tcp-check
    #tcp-check send AUTH\ mypassword\r\n
    #tcp-check expect string +OK
    tcp-check send PING\r\n
    tcp-check expect string +PONG
    tcp-check send info\ replication\r\n
    tcp-check expect string role:master
    tcp-check send QUIT\r\n
    tcp-check expect string +OK
    server R1 174.0.0.1:6379 check inter 1s
    server R2 174.0.0.2:6379 check inter 1s
    server R3 174.0.0.3:6379 check inter 1s
    server R4 174.0.0.4:6379 check inter 1s


    listen stats 0.0.0.0:80 #Listen on all IP's on port 9000
    mode http
    balance
    timeout client 5000
    timeout connect 4000
    timeout server 30000

    #This is the virtual URL to access the stats page
    stats uri /haproxy_stats

    #Authentication realm. This can be set to anything. Escape space characters with a backslash.
    stats realm HAProxy\ Statistics

    #The user/pass you want to use. Change this password!
    stats auth und3r:password

    #This allows you to take down and bring up back end servers.
    #This will produce an error on older versions of HAProxy.
    stats admin if TRUE