ansible-inventories/arocom#52 Optimize HaProxy settings

33042515 · jurgenhaas · d5c581e5 · 33042515
Commit 33042515 authored 9 years ago by jurgenhaas
--- a/templates/haproxy_cfg
+++ b/templates/haproxy_cfg
@@ -9,7 +9,6 @@ global
  ca-base /etc/haproxy/certs
  crt-base /etc/haproxy/private
  ssl-default-bind-ciphers kEECDH+aRSA+AES:kRSA+AES:+AES256:RC4-SHA:!kEDH:!LOW:!EXP:!MD5:!aNULL:!eNULL
-  maxconn 256
  pidfile /run/haproxy.pid
 defaults
@@ -17,9 +16,13 @@ defaults
  log-format %ci:%cp\ [%T]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ %{+Q}r
  mode http
  option dontlognull
-  timeout connect 5000
+  timeout connect 5s
-  timeout client 120000
+  timeout client 20s
-  timeout server 120000
+  timeout server 15s
+  timeout check 1s
+  timeout http-keep-alive 1s
+  timeout http-request 10s  # slowloris protection
+  default-server inter 3s fall 2 rise 2 slowstart 60s
  errorfile 400 /etc/haproxy/errors/400.http
  errorfile 403 /etc/haproxy/errors/403.http
  errorfile 408 /etc/haproxy/errors/408.http
@@ -30,7 +33,6 @@ defaults
  option forwardfor
  option http-server-close
  retries 3
-  maxconn 1000
  default_backend {{proxy_default_backend}}
 listen stats
@@ -111,16 +113,20 @@ backend backend_{{host}}
 {% if host == inventory_hostname %}
  http-response deny
 {% else %}
-  server server_{{host}} {{hostvars[host]['static_ipv4']|default(hostvars[host]['ansible_default_ipv4']['address'])}}:80 maxconn 32
+  server server_{{host}} {{hostvars[host]['static_ipv4']|default(hostvars[host]['ansible_default_ipv4']['address'])}}:80 maxconn 100
 {% endif %}
 {% endfor %}
 {% if varnish_host|default(false) %}
 backend backend_varnish
+  option httpchk HEAD /varnishcheck
+  http-check expect status 200
+  option forwardfor
+  hash-type consistent
 {% if varnish_host == inventory_hostname %}
-  server varnish 127.0.0.1:6081 maxconn 32
+  server varnish 127.0.0.1:6081 maxconn 1000
 {% else %}
-  server varnish {{ hostvars[varnish_host]['static_ipv4']|default(hostvars[varnish_host]['ansible_default_ipv4']['address']) }}:6081 maxconn 32
+  server varnish {{ hostvars[varnish_host]['static_ipv4']|default(hostvars[varnish_host]['ansible_default_ipv4']['address']) }}:6081 maxconn 1000
 {% endif %}
 {% endif %}