Added talos to haproxy.
This commit is contained in:
parent
2570711ed4
commit
e1f3e6ec8d
SSH key fingerprint:
SHA256:vy6dKBECV522aPAwklFM3ReKAVB086rT3oWwiuiFG7o
1 changed files with 60 additions and 0 deletions
|
|
@ -113,6 +113,66 @@
|
|||
};
|
||||
};
|
||||
|
||||
# haproxy for load balancing talos and kubernetes api.
|
||||
services.haproxy = {
|
||||
enable = true;
|
||||
config = ''
|
||||
global
|
||||
log /dev/log local0
|
||||
log /dev/log local1 notice
|
||||
daemon
|
||||
|
||||
defaults
|
||||
mode http
|
||||
log global
|
||||
option httplog
|
||||
option dontlognull
|
||||
option http-server-close
|
||||
option forwardfor except 127.0.0.0/8
|
||||
option redispatch
|
||||
retries 3
|
||||
timeout http-request 10s
|
||||
timeout queue 20s
|
||||
timeout connect 10s
|
||||
timeout client 1h
|
||||
timeout server 1h
|
||||
timeout http-keep-alive 10s
|
||||
timeout check 10s
|
||||
|
||||
frontend k8s_apiserver
|
||||
bind *:6443
|
||||
mode tcp
|
||||
option tcplog
|
||||
default_backend k8s_controlplane
|
||||
|
||||
frontend talos_apiserver
|
||||
bind *:50000
|
||||
mode tcp
|
||||
option tcplog
|
||||
default_backend talos_controlplane
|
||||
|
||||
backend k8s_controlplane
|
||||
option httpchk GET /healthz
|
||||
http-check expect status 200
|
||||
mode tcp
|
||||
option ssl-hello-chk
|
||||
balance roundrobin
|
||||
server worker1 10.1.1.61:6443 check
|
||||
server worker2 10.1.1.62:6443 check
|
||||
server worker3 10.1.1.63:6443 check
|
||||
|
||||
backend talos_controlplane
|
||||
option httpchk GET /healthz
|
||||
http-check expect status 200
|
||||
mode tcp
|
||||
option ssl-hello-chk
|
||||
balance roundrobin
|
||||
server worker1 10.1.1.61:50000 check
|
||||
server worker2 10.1.1.62:50000 check
|
||||
server worker3 10.1.1.63:50000 check
|
||||
'';
|
||||
};
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
programs.mtr.enable = true;
|
||||
|
|
|
|||
Reference in a new issue