adding additional haproxy for k3s

config-parts/container.sh

@@ -13,6 +13,16 @@ set container name haproxy-k8s-api volume config source '/config/containers/hapr
 set container name haproxy-k8s-api volume config destination '/usr/local/etc/haproxy/haproxy.cfg'
 set container name haproxy-k8s-api volume config mode 'ro'
 
+# haproxy-k3s-api
+set container name haproxy-k3s-api image 'docker.io/library/haproxy:2.9.0'
+set container name haproxy-k3s-api memory '0'
+set container name haproxy-k3s-api network containers address '10.5.0.3'
+set container name haproxy-k3s-api restart 'on-failure'
+set container name haproxy-k3s-api shared-memory '0'
+set container name haproxy-k3s-api volume config source '/config/containers/haproxy-k3s/config/haproxy.cfg'
+set container name haproxy-k3s-api volume config destination '/usr/local/etc/haproxy/haproxy.cfg'
+set container name haproxy-k3s-api volume config mode 'ro'
+
 # node-exporter
 set container name node-exporter environment procfs value '/host/proc'
 set container name node-exporter environment rootfs value '/host/rootfs'

containers/.gitignore

@@ -7,5 +7,6 @@
 !/bind/
 !/dnsdist/
 !/haproxy/
+!/haproxy-k3s/
 !/unifi/
 !/vector-agent/

containers/haproxy-k3s/.gitignore

@@ -0,0 +1,9 @@
+# Ignore everything
+/*
+
+# Track certain files and directories
+!.gitignore
+
+!/config/
+/config/*
+!/config/haproxy.cfg

containers/haproxy-k3s/config/haproxy.cfg

@@ -0,0 +1,48 @@
+#---------------------------------------------------------------------
+# Global settings
+#---------------------------------------------------------------------
+global
+    log /dev/log local0
+    log /dev/log local1 notice
+    daemon
+
+#---------------------------------------------------------------------
+# common defaults that all the 'listen' and 'backend' sections will
+# use if not designated in their block
+#---------------------------------------------------------------------
+defaults
+    mode                    http
+    log                     global
+    option                  httplog
+    option                  dontlognull
+    option                  http-server-close
+    option forwardfor       except 127.0.0.0/8
+    option                  redispatch
+    retries                 3
+    timeout http-request    10s
+    timeout queue           20s
+    timeout connect         10s
+    timeout client          1h
+    timeout server          1h
+    timeout http-keep-alive 10s
+    timeout check           10s
+
+#---------------------------------------------------------------------
+# apiserver frontend which proxys to the control plane nodes          
+#---------------------------------------------------------------------
+frontend k8s_apiserver                                                
+    bind *:6443                                                       
+    mode tcp                                                          
+    option tcplog                                                     
+    default_backend k8s_controlplane                            
+                                                                      
+#---------------------------------------------------------------------
+# round robin balancing for apiserver                                 
+#---------------------------------------------------------------------
+backend k8s_controlplane                                  
+    option httpchk GET /healthz                                       
+    http-check expect status 200                          
+    mode tcp                                              
+    option ssl-hello-chk                                  
+    balance     roundrobin                                
+        server worker2 10.1.1.55:6443 check