Discovered HAProxy about a month ago and I LOVE it. I built my own streaming CDN on Ubuntu and things are working well. In an effort to optimize my configuration, I was hoping to pick the brains of all of you on the best way to handle streaming connections with HAProxy.
I’m running v1.6.5 on Ubuntu 14.04 64 bit and all is well, just want to make sure I’m using best practices.
Here is my config:
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private
# Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:EC$ ssl-default-bind-options no-sslv3
defaults
log global
mode http
option forwardfor
option http-server-close
option httplog
option dontlognull
maxconn 50000
timeout connect 10000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
frontend LHR_Load_Balancer
bind *:8000
stats uri /haproxy?stats
stats realm Haproxy\ Statistics
stats auth UID:PASSWORD
reqadd X-Forwarded-Proto:\ http
default_backend ICY_Cluster
backend ICY_Cluster
balance leastconn
server s1 FQDN:8000 weight 40 check
server s2 FQDN:8000 weight 40 check
server s3 FQDN:8000 weight 20 check
Thank you in advance for your feedback.