forked from DevOps/deploy.stack
106 lines
2.3 KiB
INI
106 lines
2.3 KiB
INI
|
# haproxy-mysql-redis.cfg
|
|||
|
|
global
|
|||
|
|
daemon
|
|||
|
|
user haproxy
|
|||
|
|
group haproxy
|
|||
|
|
log 127.0.0.1 local0 info
|
|||
|
|
maxconn 4096
|
|||
|
|
tune.ssl.default-dh-param 2048
|
|||
|
|
stats socket /var/run/haproxy/admin.sock mode 660 level admin
|
|||
|
|
stats timeout 30s
|
|||
|
|
|
|||
|
|
defaults
|
|||
|
|
log global
|
|||
|
|
mode tcp
|
|||
|
|
option tcplog
|
|||
|
|
option dontlognull
|
|||
|
|
timeout connect 5000ms
|
|||
|
|
timeout client 50000ms
|
|||
|
|
timeout server 50000ms
|
|||
|
|
retries 3
|
|||
|
|
balance leastconn
|
|||
|
|
|
|||
|
|
# MySQL 代理配置
|
|||
|
|
frontend mysql_frontend
|
|||
|
|
bind *:3306
|
|||
|
|
mode tcp
|
|||
|
|
option tcplog
|
|||
|
|
|
|||
|
|
# 访问控制(根据需要设置IP白名单)
|
|||
|
|
# acl allowed_ips src 192.168.1.0/24 10.0.0.0/8
|
|||
|
|
# tcp-request connection reject if !allowed_ips
|
|||
|
|
|
|||
|
|
# 连接速率限制
|
|||
|
|
#stick-table type ip size 100k expire 1h store conn_rate(10s)
|
|||
|
|
#tcp-request connection track-sc0 src
|
|||
|
|
#tcp-request connection reject if { sc0_conn_rate gt 10 }
|
|||
|
|
|
|||
|
|
# 连接限制
|
|||
|
|
maxconn 1000
|
|||
|
|
|
|||
|
|
# 默认后端
|
|||
|
|
default_backend mysql_servers
|
|||
|
|
|
|||
|
|
backend mysql_servers
|
|||
|
|
mode tcp
|
|||
|
|
balance leastconn
|
|||
|
|
|
|||
|
|
# 健康检查配置
|
|||
|
|
option tcp-check
|
|||
|
|
tcp-check connect
|
|||
|
|
tcp-check send PING\r\n
|
|||
|
|
tcp-check expect string mysql_native_password
|
|||
|
|
|
|||
|
|
# 服务器配置
|
|||
|
|
server mysql01 192.168.1.200:3306 check inter 2000 rise 2 fall 3
|
|||
|
|
|
|||
|
|
# 连接池配置
|
|||
|
|
timeout server 30s
|
|||
|
|
timeout connect 5s
|
|||
|
|
|
|||
|
|
# Redis 代理配置
|
|||
|
|
frontend redis_frontend
|
|||
|
|
bind *:6379
|
|||
|
|
mode tcp
|
|||
|
|
option tcplog
|
|||
|
|
|
|||
|
|
# 访问控制
|
|||
|
|
# acl redis_allowed src 192.168.1.50 192.168.1.51
|
|||
|
|
# tcp-request connection reject if !redis_allowed
|
|||
|
|
|
|||
|
|
# 连接限制
|
|||
|
|
maxconn 2000
|
|||
|
|
|
|||
|
|
default_backend redis_servers
|
|||
|
|
|
|||
|
|
backend redis_servers
|
|||
|
|
mode tcp
|
|||
|
|
balance first
|
|||
|
|
|
|||
|
|
# Redis 健康检查
|
|||
|
|
option tcp-check
|
|||
|
|
tcp-check connect
|
|||
|
|
tcp-check send PING\r\n
|
|||
|
|
tcp-check expect string +PONG
|
|||
|
|
tcp-check send QUIT\r\n
|
|||
|
|
tcp-check expect string +OK
|
|||
|
|
|
|||
|
|
# 服务器配置
|
|||
|
|
server redis01 192.168.1.200:6379 check inter 1000 rise 1 fall 2
|
|||
|
|
|
|||
|
|
# Redis 特定配置
|
|||
|
|
timeout server 10s
|
|||
|
|
timeout connect 2s
|
|||
|
|
|
|||
|
|
# 监控统计页面
|
|||
|
|
listen stats
|
|||
|
|
bind *:1936
|
|||
|
|
mode http
|
|||
|
|
stats enable
|
|||
|
|
stats hide-version
|
|||
|
|
stats realm HAProxy\ Statistics
|
|||
|
|
stats uri /haproxy_stats
|
|||
|
|
stats auth admin:YourSecurePassword123!
|
|||
|
|
stats refresh 10s
|
|||
|
|
|