haproxy job from cf/279
The HAProxy server can be used to terminate SSL in front of the Routers. Each HAProxy instance should point to multiple Routers.
Github source:
174af709
or
master branch
Properties¶
app_ssh
¶
port
¶External port for SSH access to application instances
- Default
2222
cc
¶
allow_app_ssh_access
¶Allow users to change the value of the app-level allow_ssh attribute
- Default
true
ha_proxy
¶
buffer_size_bytes
¶Buffer size to use for requests, any requests larger than this (large cookies or query strings) will result in a gateway error
- Default
16384
disable_http
¶Disable port 80 traffic
- Default
false
disable_tls_10
¶Disable TLS 1.0 in HA Proxy
- Default
true
disable_tls_11
¶Disable TLS 1.1 in HA Proxy
- Default
true
dontlognull
¶Whether to disable logging of requests with no traffic (usually load-balancer TCP checks)
- Default
false
enable_stats_socket
¶Whether to enable a socket that can be used to query errors and status
- Default
false
log_to_file
¶Whether to send logs to a file instead of the default syslog
- Default
false
ssl_ciphers
¶List of SSL Ciphers that are passed to HAProxy
- Default
DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384
ssl_pem
¶SSL certificate (PEM file)
request_timeout_in_seconds
¶
Server and client timeouts in seconds
- Default
900
router
¶
port
¶Listening port for Router
- Default
80
servers
¶Array of router IPs
Templates¶
Templates are rendered and placed onto corresponding
instances during the deployment process. This job's templates
will be placed into /var/vcap/jobs/haproxy/
directory
(learn more).
bin/consul_template_ctl
(fromconsul_template_ctl
)bin/haproxy_ctl
(fromhaproxy_ctl
)config/cert.pem
(fromcert.pem.erb
)config/haproxy.conf
(fromhaproxy.conf.erb
)config/haproxy.ctmpl
(fromhaproxy.ctmpl.erb
)config/haproxy_syslog.conf
(fromhaproxy_syslog.conf.erb
)
Packages¶
Packages are compiled and placed onto corresponding
instances during the deployment process. Packages will be
placed into /var/vcap/packages/
directory.