haproxy配置实例

global

log 127.0.0.1 local3

chroot /etc/haproxy

pidfile /var/run/haproxy.pid

user haproxy

group haproxy

daemon

nbproc 1#单进程

tune.ssl.default-dh-param 2048

defaults

log global

mode http

maxconn 20480#最大连接数

balance roundrobin

retries 3

option httplog

option httpclose

option forwardfor

option dontlognull

option redispatch

timeout connect 5000

timeout client 50000

timeout server 50000

timeout check 1000 #心跳检测超时

listen web_status

bind 0.0.0.0:9088

mode http

option httplog

option dontlognull

option logasap

option forwardfor

option httpclose

stats admin if TRUE #手工启用/禁用,后端服务器(haproxy-1.4.9以后版本)

stats refresh 15s

stats uri /admin?stats

stats realm "请输入用户名密码"

stats auth admin:xxxxxx

stats hide-version

frontend public

bind 0.0.0.0:80

bind 0.0.0.0:443 ssl crt /home/hemin/installs/haproxy/xxxxx.com.pem

maxconn 20400

acl secure dst_port 443

capture request header Host len 50

capture request header Connection len 20

capture response header Connection len 20

#定义域名

acl wihtout_www_domain hdr_beg(host) xxxxx.com

acl www_domain hdr_beg(host) www.xxxxx.com

acl wiki_domain hdr_beg(host) wiki.xxxxx.com

acl jira_domain hdr_beg(host) jira.xxxxx.com

acl oms_domain hdr_beg(host) oms.xxxxx.com

acl static_domain hdr_beg(host) static.xxxxx.com

acl company_domain hdr_beg(host) company.xxxxx.com

acl archive_domain hdr_beg(host) -i archive.xxxxx.com

acl m_domain hdr_beg(host) -i m.xxxxx.com

acl s_domain hdr_beg(host) -i s.xxxxx.com

acl oms_domain hdr_beg(host) -i oms.xxxxx.com

acl wx_domain hdr_beg(host) -i wx.xxxxx.com wxdev.xxxxx.com

#限定OMS访问IP

acl oms_ip_valid src 103.242.xx.xx

acl oms_ip_valid src 101.81.xx.xx

# acl pay_callback_ip_valid src 115.238.xx.xx 115.236.xx.xx

#首页根路径（http://www.xxxxx.com/）

acl root path /

acl aboutUs path_beg -i /aboutUs

acl index path_beg -i /index

acl login_page path_beg /login.htm

acl register_page path_beg /register.htm

#标列列，标详情

acl product_no_secure path_beg /claims/info/show /claims/product/list /claims/product/detail

#用户中心，需要走https

acl user_resource path_beg /user

#用户中心，查询用户信息时，不需要走https，并且走https时，有奖推广不正常

acl userInfo path_beg /user/userInfo

#活动页

acl activity path_beg -i /prom/activity/recommend

#投标面

acl bid path_beg -i /claims/bid.htm

#计算收益

acl bid_getReceivable path_end -i /bid/getReceivable

#新手指引

acl newbieGuide path_beg -i /newbieGuide/newbieGuide

acl favicon path_beg -i /favicon.ico

#有奖推广

acl invite path_beg -i /activity/invite

#忘记密码页面

acl forgetPwd path_beg -i /forgetPwd.htm

#支付回调白名单控制

acl pay_return path_beg /pay/return_url

acl pay_notify path_beg /pay/notify_url

acl pay_withDraw path_beg /pay/withDraw_notify_url

# http-request deny if pay_return !pay_callback_ip_valid

# http-request deny if pay_notify !pay_callback_ip_valid

# http-request deny if pay_withDraw !pay_callback_ip_valid

redirect prefix http://www.xxxxx.com if root secure www_domain

redirect prefix http://www.xxxxx.com if invite secure www_domain

redirect prefix http://www.xxxxx.com if index secure www_domain

redirect prefix http://www.xxxxx.com if secure www_domain wihtout_www_domain

redirect prefix https://www.xxxxx.com if login_page    !secure www_domain

redirect prefix https://www.xxxxx.com if register_page !secure www_domain

redirect prefix https://www.xxxxx.com if user_resource !secure !userInfo www_domain

redirect prefix http://www.xxxxx.com if bid_getReceivable secure

redirect prefix https://www.xxxxx.com if bid !secure www_domain

redirect prefix https://static.xxxxx.com if favicon  www_domain

redirect prefix https://www.xxxxx.com if forgetPwd !secure www_domain

redirect prefix http://www.xxxxx.com if aboutUs secure www_domain

redirect prefix http://www.xxxxx.com if activity secure www_domain

redirect prefix http://www.xxxxx.com if newbieGuide secure www_domain

redirect prefix http://www.xxxxx.com if product_no_secure secure www_domain

redirect prefix https://company.xxxxx.com if company_domain !secure

redirect prefix https://static.xxxxx.com if s_domain

use_backend web_haproxy_group if www_domain

use_backend web_haproxy_group if wihtout_www_domain

#非www的acl

acl index url_beg -i (/|/index.htm)

acl login_page url_beg /login.htm

acl register_page url_beg /register.htm

acl static_resources path_beg -i /resources

use_backend file_server if archive_domain

use_backend static_server if static_resources static_domain

use_backend static_server if static_domain

use_backend company_server if company_domain

use_backend wap_server if m_domain

use_backend oms_server if oms_domain

use_backend wxdev_server if wx_domain

use_backend wiki_server if wiki_domain

use_backend jira_server if jira_domain

#    errorloc 503 http://static.xxxxx.com/resources/error/503.html

errorloc302 500 http://www.xxxxx.com/500.htm

errorloc302 403 http://www.xxxxx.com

backend web_haproxy_group

balance roundrobin

server 17_8080 192.168.19.43:8080 check inter 1000 rise 3 fall 3

backend file_server

server 18_80994 192.168.19.43:8094 check inter 1000 rise 3 fall 3

backend static_server

balance roundrobin

server 18_8084 192.168.19.43:8084 check inter 1000 rise 3 fall 3 maxconn 2000

backend company_server

balance roundrobin

server 18_8083 192.168.19.43:8083 check inter 1000 rise 3 fall 3

backend oms_server

server 18_8093 192.168.19.43:9093 check inter 1000 rise 3 fall 3

backend wap_server

server webdev 192.168.19.43:8081 check inter 1000 rise 3 fall 3

backend wxdev_server

server wxdev 192.168.19.43:8088 check inter 1000 rise 1 fall 1

backend wiki_server

server wiki 192.168.19.30:8090 check inter 1000 rise 3 fall 3

backend jira_server

server jira 192.168.19.12:80 check inter 1000 rise 3 fall 3