Dockerized version of HAProxy that you configure with environment variables.
This is principally for HTTP and HTTPS. If you're using HAProxy for another kind of server, let me know.
Written in 2015 by Evan Prodromou evan@prodromou.name
To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see http://creativecommons.org/publicdomain/zero/1.0/.
To make it work for HTTP in the front and HTTP in the back, just set the BACKEND_SERVERS variable to a comma-separated array of "address:port" strings, like this:
127.0.1.1:80,127.0.1.2:80,127.0.1.3:80
If you're not listening on the default 80 port, set PORT, too.
If you're using HTTPS for your front-end and HTTP for the back-end, you need to set the KEY and CERT variables to the key and certificate for the server.
NOTE: These are the actually key and cert, not the filenames. Stick 'em right in your docker-compose.yml, yo.
If you've got a KEY and CERT, the default port will be 443.
You still need to set the BACKEND_SERVERS variable, of course.
If you're using HTTPS with SSL pass-through, set the SSL_PASSTHROUGH variable to something truthy (1, 'true'). Your back-end will need to have its own SSL set up.
If you've got SSL_PASSTHROUGH, the default port will be 443.
You still need to set the BACKEND_SERVERS variable.
If you want to have a set of servers that only get hit if the BACKEND_SERVERS are unavailable, use the BACKUP_SERVERS variable. (Yes, "backend" and "backup" are a lot the same. Sorry.)
This makes it possible to configure HAProxy with environment variables, which is pretty nice if you're using docker-compose.
Comma-separated list of servers, in "address:port" format.
Port to listen on; defaults to 80 if no key or 443 if there's a key.
If you're doing SSL termination, data (not file name!) for the SSL key. Defaults to none, meaning don't use SSL.
Data (not file name!) for the SSL cert. Defaults to none, meaning don't use SSL.
Global maximum connections; defaults to 256.
Maximum connections per server; defaults to 32.
Set this to something truthy (0, 1, 'false', 'true') to use SSL passthrough mode.
This is the HTTP verb to use when checking with the back-end servers. By default it's "OPTIONS", but you can change it to HEAD or GET or whatever.
This is the URL to use when checking with the back-end servers. Default is "/" but if that's a heavyweight system or it doesn't exist, then change it to something better.
How long to wait on a server connection before moving on to the next one. Use suffixes "us", "ms", "s", "m", "h", "d" for microseconds, milliseconds, seconds, minutes, hours and days respectively. If you don't use a suffix, defaults to milliseconds. Default is "5s" (five seconds).
How long to wait on a request to complete before giving up. Time span as with TIMEOUT_CONNECT. Default is "50s" (fifty seconds).
How long to wait on a response to complete before giving up. Time span as with TIMEOUT_CONNECT. Default is "50s" (fifty seconds).