# haproxy-mysql-redis.cfg global daemon user haproxy group haproxy log 127.0.0.1 local0 info maxconn 4096 tune.ssl.default-dh-param 2048 stats socket /var/run/haproxy/admin.sock mode 660 level admin stats timeout 30s defaults log global mode tcp option tcplog option dontlognull timeout connect 5000ms timeout client 50000ms timeout server 50000ms retries 3 balance leastconn # MySQL 代理配置 frontend mysql_frontend bind *:3306 mode tcp option tcplog # 访问控制(根据需要设置IP白名单) # acl allowed_ips src 192.168.1.0/24 10.0.0.0/8 # tcp-request connection reject if !allowed_ips # 连接速率限制 #stick-table type ip size 100k expire 1h store conn_rate(10s) #tcp-request connection track-sc0 src #tcp-request connection reject if { sc0_conn_rate gt 10 } # 连接限制 maxconn 1000 # 默认后端 default_backend mysql_servers backend mysql_servers mode tcp balance leastconn # 健康检查配置 option tcp-check tcp-check connect tcp-check send PING\r\n tcp-check expect string mysql_native_password # 服务器配置 server mysql01 192.168.1.200:3306 check inter 2000 rise 2 fall 3 # 连接池配置 timeout server 30s timeout connect 5s # Redis 代理配置 frontend redis_frontend bind *:6379 mode tcp option tcplog # 访问控制 # acl redis_allowed src 192.168.1.50 192.168.1.51 # tcp-request connection reject if !redis_allowed # 连接限制 maxconn 2000 default_backend redis_servers backend redis_servers mode tcp balance first # Redis 健康检查 option tcp-check tcp-check connect tcp-check send PING\r\n tcp-check expect string +PONG tcp-check send QUIT\r\n tcp-check expect string +OK # 服务器配置 server redis01 192.168.1.200:6379 check inter 1000 rise 1 fall 2 # Redis 特定配置 timeout server 10s timeout connect 2s # 监控统计页面 listen stats bind *:1936 mode http stats enable stats hide-version stats realm HAProxy\ Statistics stats uri /haproxy_stats stats auth admin:YourSecurePassword123! stats refresh 10s