[Docker Container] 10-x. ㅇㅇ

root@tps-haproxy:~# cat /etc/haproxy/haproxy.cfg global log 127.0.0.1:514 local0 ### 내용 추가 log /dev/log local0 log /dev/log local1 notice chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners stats timeout 30s user haproxy group haproxy daemon # Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256 ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http frontend okestro-tps mode http bind *:80 bind *:443 ssl crt /etc/haproxy/ssl/dev-tps-server.pem #acl is_test_app hdr(host) -i app.tps.okestro.cld/test/app acl is_root path / #http-request redirect scheme https unless { ssl_fc } #http-request redirect code 301 location https://app.tps.okestro.cld/test/app if is_test_app is_root option forwardfor option httplog option dontlognull use_backend %[req.hdr(host),lower,map_dom(/etc/haproxy/maps/tps-hosts.map,be_default)] default_backend k8s-backend # Kuberenetes backend k8s-backend option httpclose option forwardfor balance roundrobin server tps-worker1 172.10.40.157:80 check server tps-worker2 172.10.40.215:80 check server tps-worker3 172.10.40.58:80 check server tps-worker4 172.10.40.53:80 check server tps-worker5 172.10.40.203:80 check # VM-Instance backend harbor-backend option httpclose option forwardfor balance roundrobin server tps-harbor 172.10.40.173:80 check backend nexus-backend option httpclose option forwardfor balance roundrobin server tps-nexus 172.10.40.20:8081 check backend sonarqube-backend option httpclose option forwardfor balance roundrobin server tps-sonarqube 172.10.40.12:9000 check backend minio-backend option httpclose option forwardfor balance roundrobin server tps-storage 172.10.40.13:40643 check backend jenkins-backend option httpclose option forwardfor balance roundrobin #IF JENKINS MASTER-1 IS NOT AVAILABLE CHANGE TO MASTER-2 option httpchk GET /login HTTP/1.1\r\nHost:\ jenkins.dev.tps.okestro.cld server tps-jenkins-master-1 172.10.40.221:8080 check # Master-Slave 2세트 분리로 인한 주석 #server tps-jenkins-master-2 172.10.40.25:8080 check backup backend gitlab-backend option httpclose option forwardfor balance roundrobin server tps-gitlab 172.10.40.227:80 check backend pdns-backend option httpclose option forwardfor server tps-pdns 172.10.40.187:9999 check ###### PowerDNS API SERVER ###### listen powerdns-api bind *:8888 mode tcp server pdnsapi 127.0.0.1:8081