38 lines
1.3 KiB
Cheetah
38 lines
1.3 KiB
Cheetah
#---------------------------------------------------------------------
|
|
# Configure HAProxy for Kubernetes API Server
|
|
#---------------------------------------------------------------------
|
|
listen stats
|
|
bind *:9000
|
|
mode http
|
|
stats enable
|
|
stats hide-version
|
|
stats uri /
|
|
stats refresh 30s
|
|
option httplog
|
|
|
|
# change haproxy.cfg file with the following
|
|
global
|
|
lua-load /etc/haproxy/unpause.lua
|
|
|
|
############## Configure HAProxy Secure Frontend #############
|
|
frontend k8s-api-https-proxy
|
|
bind *:6443
|
|
mode tcp
|
|
tcp-request inspect-delay 5s
|
|
tcp-request content accept if { req.ssl_hello_type 1 }
|
|
default_backend k8s-api-https
|
|
############## Configure HAProxy SecureBackend #############
|
|
backend k8s-api-https
|
|
balance roundrobin
|
|
mode tcp
|
|
#tcp-request inspect-delay 10s
|
|
#tcp-request content lua.foo_action
|
|
tcp-request inspect-delay 10s
|
|
tcp-request content lua.unpause {{.NetworkInfo.ControlPlaneNodeIP}} 8080
|
|
tcp-request content reject if { var(req.blocked) -m bool }
|
|
option tcplog
|
|
option tcp-check
|
|
default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100
|
|
server k8s-api-1 {{.NetworkInfo.ControlPlaneNodeIP}}:{{.NetworkInfo.ControlPlaneNodePort}} check
|
|
|