diff options
Diffstat (limited to 'kubernetes/vvp/charts/vvp-ext-haproxy/resources')
-rw-r--r-- | kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file b/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file new file mode 100644 index 0000000000..ca7b40a7bc --- /dev/null +++ b/kubernetes/vvp/charts/vvp-ext-haproxy/resources/config/ext-haproxy-cfg/file @@ -0,0 +1,79 @@ +# Copyright © 2018 Amdocs, AT&T, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +resolvers dns + nameserver pod_dns "10.3.0.10:53" + resolve_retries 3 + timeout retry 1s + hold valid 30s + +defaults + mode http + timeout connect 5000ms + timeout client 50000ms + timeout server 50000ms + option httpclose + option redispatch + option abortonclose + option httplog + option dontlognull + default-server init-addr last,libc,none + +backend gitlab_ssh + mode tcp + option tcplog + timeout server 2h + server gitlabssh vvp-gitlab:22 resolvers dns + +frontend gitlab_ssh_frontend + mode tcp + option tcplog + timeout client 2h + bind 0.0.0.0:22 + acl is_ssh dst_port 22 + use_backend gitlab_ssh if is_ssh + +backend portal_backend + mode http + server ice_portal vvp:8181 resolvers dns + +backend api + mode http + server engagement_manager vvp-em-uwsgi:80 resolvers dns + +backend s3 + mode http + balance roundrobin + option httpchk HEAD / + server ceph-01 10.252.0.21:8080 check inter 10000ms + +frontend portal + mode http + acl is_api_call path_beg -i /vvp + acl is_s3 hdr_beg(host) s3. staging-s3. dev-s3. + use_backend api if is_api_call + use_backend s3 if is_s3 + bind 0.0.0.0:80 + bind 0.0.0.0:443 ssl crt /etc/haproxy/site.pem force-tlsv12 + default_backend portal_backend + +listen stats + bind 0.0.0.0:9001 + mode http + stats enable # Enable stats page + stats realm Haproxy\ Statistics + stats uri /haproxy_stats + stats auth "${HAPROXY_USER}:${HAPROXY_PASS}" + acl network_allowed src 10.252.0.0/16 127.0.0.1/32 10.2.0.0/16 + http-request deny if !network_allowed |