df335525ab
Previously we were only checking that Apache can open TCP connections to determine if Gitea is up or down on a backend. This is insufficient because Gitea itself may be down while Apache is up. In this situation TCP connection to Apache will function, but if we make an HTTP request we should get back an error. To check if both Apache and Gitea are working properly we switch to using http checks instead. Then if Gitea is down Apache can return a 500 and the Gitea backend will be removed from the pool. Similarly if Apache is non functional the check will fail to connect via TCP. Note we don't verify ssl certs for simplicity as checking these in testing is not straightforward. We didn't have verification with the old tcp checks so this isn't a regression, but does represent something we could try and improve in the future. Change-Id: Id47a1f9028c7575e8fbbd10fabfc9730095cb541
37 lines
833 B
Django/Jinja
37 lines
833 B
Django/Jinja
global
|
|
uid 1000
|
|
gid 1000
|
|
log /dev/log local0
|
|
maxconn 4000
|
|
pidfile /var/haproxy/run/haproxy.pid
|
|
stats socket /var/haproxy/run/stats uid 1000 gid 1000 mode 0600 level admin
|
|
|
|
defaults
|
|
log-format "%ci:%cp [%t] %ft [%bi]:%bp %b/%s %Tw/%Tc/%Tt %B %ts %ac/%fc/%bc/%sc/%rc %sq/%bq"
|
|
log global
|
|
maxconn 8000
|
|
option redispatch
|
|
retries 3
|
|
stats enable
|
|
timeout http-request 10s
|
|
timeout queue 1m
|
|
timeout connect 10s
|
|
timeout client 2m
|
|
timeout server 2m
|
|
timeout check 10s
|
|
|
|
{% for listener in gitea_lb_listeners %}
|
|
listen {{ listener.name }}
|
|
{% for bind in listener.bind %}
|
|
bind {{ bind }}
|
|
{% endfor %}
|
|
mode tcp
|
|
balance source
|
|
option httpchk
|
|
|
|
{% for server in listener.servers %}
|
|
server {{ server.name }} {{ server.address }} {{ server.check_method }}
|
|
{% endfor %}
|
|
|
|
{% endfor %}
|