# This file managed by Puppet global daemon group haproxy log /dev/log local0 maxconn 20480 pidfile /var/run/haproxy.pid ssl-default-bind-ciphers !SSLv2:kEECDH:kRSA:kEDH:kPSK:+3DES:!aNULL:!eNULL:!MD5:!EXP:!RC4:!SEED:!IDEA:!DES ssl-default-bind-options no-sslv3 no-tlsv10 stats socket /var/lib/haproxy/stats mode 600 level user stats timeout 2m user haproxy defaults log global maxconn 4096 mode tcp retries 3 timeout http-request 10s timeout queue 2m timeout connect 10s timeout client 2m timeout server 2m timeout check 10s listen aodh bind 192.168.24.1:8042 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog server standalone.ctlplane.localdomain 192.168.24.1:8042 check fall 5 inter 2000 rise 2 listen ceph_grafana bind 192.168.24.1:3100 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk HEAD / server standalone.ctlplane.localdomain 192.168.24.1:3100 check fall 5 inter 2000 rise 2 listen cinder bind 192.168.24.1:8776 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog server standalone.ctlplane.localdomain 192.168.24.1:8776 check fall 5 inter 2000 rise 2 listen glance_api bind 192.168.24.1:9292 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk GET /healthcheck server standalone.ctlplane.localdomain 192.168.24.1:9292 check fall 5 inter 2000 rise 2 listen gnocchi bind 192.168.24.1:8041 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog server standalone.ctlplane.localdomain 192.168.24.1:8041 check fall 5 inter 2000 rise 2 listen haproxy.stats bind 192.168.24.1:1993 transparent mode http stats enable stats uri / stats auth admin:FgDNmZhVf2dm6cXgj0FTHnni0 listen heat_api bind 192.168.24.1:8004 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog timeout client 10m timeout server 10m server standalone.ctlplane.localdomain 192.168.24.1:8004 check fall 5 inter 2000 rise 2 listen heat_cfn bind 192.168.24.1:8000 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog timeout client 10m timeout server 10m server standalone.ctlplane.localdomain 192.168.24.1:8000 check fall 5 inter 2000 rise 2 listen keystone_admin bind 192.168.24.1:35357 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk GET /v3 server standalone.ctlplane.localdomain 192.168.24.1:5000 check fall 5 inter 2000 rise 2 listen keystone_public bind 192.168.24.1:5000 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk GET /v3 server standalone.ctlplane.localdomain 192.168.24.1:5000 check fall 5 inter 2000 rise 2 listen mysql bind 192.168.24.1:3306 transparent option tcpka option httpchk option tcplog stick on dst stick-table type ip size 1000 timeout client 90m timeout server 90m server standalone.ctlplane.localdomain 192.168.24.1:3306 backup check inter 1s on-marked-down shutdown-sessions port 9200 listen neutron bind 192.168.24.1:9696 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog server standalone.ctlplane.localdomain 192.168.24.1:9696 check fall 5 inter 2000 rise 2 listen nova_metadata bind 192.168.24.1:8775 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog server standalone.ctlplane.localdomain 192.168.24.1:8775 check fall 5 inter 2000 rise 2 listen nova_novncproxy bind 192.168.24.1:6080 transparent balance source http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option tcpka option tcplog timeout tunnel 1h server standalone.ctlplane.localdomain 192.168.24.1:6080 check fall 5 inter 2000 rise 2 listen nova_osapi bind 192.168.24.1:8774 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog server standalone.ctlplane.localdomain 192.168.24.1:8774 check fall 5 inter 2000 rise 2 listen ovn_nbdb bind 192.168.24.1:6641 transparent mode tcp option tcpka option tcplog stick on dst stick-table type ip size 1000 timeout client 90m timeout server 90m server standalone.ctlplane.localdomain 192.168.24.1:6641 check fall 5 inter 2000 rise 2 listen ovn_sbdb bind 192.168.24.1:6642 transparent mode tcp option tcpka option tcplog stick on dst stick-table type ip size 1000 timeout client 90m timeout server 90m server standalone.ctlplane.localdomain 192.168.24.1:6642 check fall 5 inter 2000 rise 2 listen panko bind 192.168.24.1:8977 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog server standalone.ctlplane.localdomain 192.168.24.1:8977 check fall 5 inter 2000 rise 2 listen placement bind 192.168.24.1:8778 transparent mode http http-request set-header X-Forwarded-Proto https if { ssl_fc } http-request set-header X-Forwarded-Proto http if !{ ssl_fc } http-request set-header X-Forwarded-Port %[dst_port] option httpchk option httplog server standalone.ctlplane.localdomain 192.168.24.1:8778 check fall 5 inter 2000 rise 2 listen redis bind 192.168.24.1:6379 transparent balance first option tcp-check option tcplog tcp-check connect port 6379 tcp-check send AUTH\ V88N58rV9Ewkc4KMSVnUcHwQD\r\n tcp-check send PING\r\n tcp-check expect string +PONG tcp-check send info\ replication\r\n tcp-check expect string role:master tcp-check send QUIT\r\n tcp-check expect string +OK server standalone.ctlplane.localdomain 192.168.24.1:6379 check fall 5 inter 2000 on-marked-down shutdown-sessions rise 2