Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Configuring HAProxy as load balancer in Bitbucket Edited

Hi Team.

I am very new to this configuration, Please consider me as a rookie.

We recently upgraded our bitbucket server to datacenter and decided to move the systems in a cluster using HAProxy as a load balancer. I tried following the minimal documentation available in Atlassian site and followed different documentation and got Haproxy running with version  “1.6.3 2015/12/25”.

Then tried configuring the haproxy.cfg file and I am able to configure with port 80 however port 443 doesn’t work. I have the company provided certificate with extension .pem.

Everytime, I try to configure 443 I am not able to start the haproxy service and getting an error,

 root@balqhaproxy01:/etc/ssl/certs# service haproxy start

Job for haproxy.service failed because the control process exited with error code. See "systemctl status haproxy.service" and "journalctl -xe" for details.

And here is the configuration that I use in the haproxy.cfg. ( Our bitbucket is currently working with 7990 port)

global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon

# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private

# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This list is from:
# https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ 
ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
maxconn 1000

defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http


frontend bitbucket_http_frontend
bind *:80
# bind *:443 ssl crt /etc/ssl/certs/apps_pem_bundled_all.pem ciphers RC4-SHA:AES128-SHA:AES256-SHA
bind *:443 ssl crt /etc/haproxy/apps_pem_bundled_all.pem ciphers HIGH:!aNULL:!MD5
# bind *:443 ssl crt /etc/apps_pem_bundled_all.pem ciphers RC4-SHA:AES128-SHA:AES256-SHA
# bind *:443 ssl crt /etc/haproxy/security/cacerts
default_backend bitbucket_http_backend


backend bitbucket_http_backend
mode http
option httplog
option httpchk GET /status
option forwardfor
option http-server-close
# appsession BITBUCKETSESSIONID len 52 timeout 1h
balance roundrobin
cookie BITBUCKETSESSIONID prefix
stick-table type string len 52 size 5M expire 30m
stick store-response set-cookie(BITBUCKETSESSIONID)
server server1 10.X.XX.XX:7990 check inter 10000 rise 2 fall 5
server server2 10.X.XX.XX:7990 check inter 10000 rise 2 fall 5
# The following "backup" servers are just here to show the startup page when all nodes are starting up
#server server1 10.x.xx.xx:7990 backup


#frontend bitbucket_ssh_frontend
# bind *:7999
# default_backend bitbucket_ssh_backend
#timeout client 15m
#maxconn 50

#backend bitbucket_ssh_backend
# mode tcp
# balance roundrobin
# server server1 10.x.xx.xx:7999 check port 7999
#server server2 10.x.x.xx:7999 check port 7999
#timeout server 15m

listen admin
mode http
bind *:8090
stats enable
stats uri /

0 answers

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

Powering DevOps with Bitbucket Server & Data Center

Hi everyone, The Cloud team recently announced 12 new DevOps features that help developers ship better code, faster   ! While we’re all excited about the new improvements to Bitbucket ...

1,826 views 0 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you