Skip to content

haproxy job from cf/211

The HAProxy server can be used to terminate SSL in front of the Routers. Each HAProxy instance should point to multiple Routers.

Github source: 48c88357 or master branch

Properties

app_ssh

port

External port for SSH access for applications

Default
2222

cc

allow_app_ssh_access

Allow users to change the value of the app-level allow_ssh attribute

Default
true

ha_proxy

disable_http

Disable port 80 traffic

Default
false

ssl_ciphers

List of SSL Ciphers that are passed to HAProxy

Default
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-CBC-SHA256:ECDHE-RSA-AES256-CBC-SHA384:ECDHE-RSA-AES128-CBC-SHA:ECDHE-RSA-AES256-CBC-SHA:AES128-SHA256:AES128-SHA:RC4-SHA

ssl_pem

SSL certificate (PEM file)

networks

apps

HAProxy network information.

request_timeout_in_seconds

Server and client timeouts in seconds

Default
900

router

port

Listening port for Router

Default
80

servers

z1

Array of the router IPs acting as the first group of HTTP/TCP backends

Default
[]
z2

Array of the router IPs acting as the second group of HTTP/TCP backends

Default
[]

Templates

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/haproxy/ directory (learn more).

  • bin/consul_template_ctl (from consul_template_ctl)
  • bin/haproxy_ctl (from haproxy_ctl)
  • config/cert.pem (from cert.pem.erb)
  • config/haproxy.conf (from haproxy.conf.erb)
  • config/haproxy.ctmpl (from haproxy.ctmpl.erb)

Packages

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.