This is an old revision of the document!
# apt install haproxy # cat /etc/haproxy/haproxy.cfg
... frontend kubernetes-apiserver mode http bind *:83 # bind *:443 ssl crt /etc/ssl/private/gate.crtkey option tcplog default_backend kubernetes-apiserver backend kubernetes-apiserver # http-request add-header X-Real-Ip %[src] # Custom header with src IP # http-request set-header X-Forwarded-Proto https if { ssl_fc } # For Proto # http-request set-header X-Forwarded-Host %[req.hdr(Host)] # http-request set-header X-Forwarded-Port %[dst_port] # option forwardfor # X-forwarded-for # http-request set-uri https://%[req.hdr(Host)]%[path]?%[query] if { ssl_fc } mode http balance roundrobin server node1 node1:30758 check server node2 node2:30758 check server node3 node3:30758 check
# haproxy -f /etc/haproxy/haproxy.cfg -c Configuration file is valid # service haproxy restart # journalctl -f | grep proxy # curl http://localhost:83/