Configuration example for haproxy.cfg for HAProxy load balancer with Satellite6
Environment
Satellite 6.4 and above
Issue
No example configuration file is given for /etc/haproxy/haproxy.cfg to configure the ports on the HAProxy load balancer for Satellite.
Resolution
The following example can be used but should be modified for your own requirements:
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
log global
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#https
frontend https
bind *:443
mode tcp
option tcplog
default_backend f-proxy-https
backend f-proxy-https
option tcp-check
balance source
server f-proxy-https-capsule-1.example.com 192.168.140.222:443 check
server f-proxy-https-capsule-2.example.com 192.168.140.30:443 check
server f-proxy-https-capsule-3.example.com 192.168.140.47:443 check
#http
frontend http
bind *:80
mode tcp
option tcplog
default_backend f-proxy-http
backend f-proxy-http
option tcp-check
balance roundrobin
server f-proxy-http-capsule-1.example.com 192.168.140.222:80 check
server f-proxy-http-capsule-2.example.com 192.168.140.30:80 check
server f-proxy-http-capsule-3.example.com 192.168.140.47:80 check
#amqp
frontend amqp
bind *:5647
mode tcp
option tcplog
default_backend f-proxy-amqp
backend f-proxy-amqp
option tcp-check
balance roundrobin
server f-proxy-amqp-capsule-1.example.com 192.168.140.222:5647 check
server f-proxy-amqp-capsule-2.example.com 192.168.140.30:5647 check
server f-proxy-amqp-capsule-3.example.com 192.168.140.47:5647 check
#anaconda
frontend anaconda
bind *:8000
mode tcp
option tcplog
default_backend f-proxy-anaconda
backend f-proxy-anaconda
option tcp-check
balance roundrobin
server f-proxy-anaconda-capsule-1.example.com 192.168.140.222:8000 check
server f-proxy-anaconda-capsule-2.example.com 192.168.140.30:8000 check
server f-proxy-anaconda-capsule-3.example.com 192.168.140.47:8000 check
#puppet
frontend puppet
bind *:8140
mode tcp
option tcplog
default_backend f-proxy-puppet
backend f-proxy-puppet
option tcp-check
balance roundrobin
server f-proxy-puppet-capsule-1.example.com 192.168.140.222:8140 check
server f-proxy-puppet-capsule-2.example.com 192.168.140.30:8140 check
server f-proxy-puppet-capsule-3.example.com 192.168.140.47:8140 check
#puppet-ca
frontend puppet-ca
bind *:8141
mode tcp
option tcplog
default_backend f-proxy-puppet-ca
backend f-proxy-puppet-ca
option tcp-check
balance roundrobin
server f-proxy-puppet-ca-capsule-1.example.com 192.168.140.222:8140 check
#rhsm
frontend rhsm
bind *:8443
mode tcp
option tcplog
default_backend f-proxy-rhsm
backend f-proxy-rhsm
option tcp-check
balance roundrobin
server f-proxy-rhsm-capsule-1.example.com 192.168.140.222:8443 check
server f-proxy-rhsm-capsule-2.example.com 192.168.140.30:8443 check
server f-proxy-rhsm-capsule-3.example.com 192.168.140.47:8443 check
#registration and SCAP
frontend regscap
bind *:9090
mode tcp
option tcplog
default_backend f-proxy-regscap
backend f-proxy-regscap
option tcp-check
balance roundrobin
server f-proxy-regscap-capsule-1.example.com 192.168.140.222:9090 check
server f-proxy-regscap-capsule-2.example.com 192.168.140.30:9090 check
server f-proxy-regscap-capsule-3.example.com 192.168.140.47:9090 check
#docker
frontend docker
bind *:5000
mode tcp
option tcplog
default_backend f-proxy-docker
backend f-proxy-docker
option tcp-check
balance roundrobin
server f-proxy-docker-capsule-1.example.com 192.168.140.222:5000 check
server f-proxy-docker-capsule-2.example.com 192.168.140.30:5000 check
server f-proxy-docker-capsule-3.example.com 192.168.140.47:5000 check
Note: this is provided as an example and might require modifications for your environment please consult the HAProxy documentation for more information on how to configure HAProxy per your requirements
Root Cause
Red Hat does not want to include any examples of the HAProxy configuration in the documentation directly because this information is very user-specific.
Diagnostic Steps
Validation check for correct syntax of the config file:
# haproxy -c -V -f /etc/haproxy/haproxy.cfg
Configuration file is valid
SBR
Product(s)
Components
Category
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.