This repository has been archived on 2024-04-29. You can view files and clone it, but cannot push or open issues or pull requests.
vyos-config/containers/haproxy/config/haproxy.cfg

67 lines
3.3 KiB
INI
Raw Normal View History

2023-03-29 13:30:45 -05:00
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log /dev/log local0
log /dev/log local1 notice
daemon
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
2023-03-29 13:30:45 -05:00
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
2023-03-29 13:30:45 -05:00
timeout http-request 10s
timeout queue 20s
timeout connect 10s
timeout client 1h
timeout server 1h
2023-03-29 13:30:45 -05:00
timeout http-keep-alive 10s
timeout check 10s
#---------------------------------------------------------------------
# apiserver frontend which proxys to the control plane nodes
2023-03-29 13:30:45 -05:00
#---------------------------------------------------------------------
frontend k8s_apiserver
bind *:6443
mode tcp
option tcplog
default_backend k8s_controlplane
frontend talos_apiserver
bind *:50000
mode tcp
option tcplog
default_backend talos_controlplane
2023-03-29 13:30:45 -05:00
#---------------------------------------------------------------------
# round robin balancing for apiserver
2023-03-29 13:30:45 -05:00
#---------------------------------------------------------------------
backend k8s_controlplane
option httpchk GET /healthz
http-check expect status 200
mode tcp
option ssl-hello-chk
balance roundrobin
server worker1 10.1.1.31:6443 check
server worker2 10.1.1.32:6443 check
server worker3 10.1.1.33:6443 check
backend talos_controlplane
option httpchk GET /healthz
http-check expect status 200
mode tcp
option ssl-hello-chk
balance roundrobin
server worker1 10.1.1.31:50000 check
server worker2 10.1.1.32:50000 check
server worker3 10.1.1.33:50000 check