Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace: решение_haproxy
решение_haproxy

This is an old revision of the document!

Решение HAProxy

gate# apt install haproxy

gate# cat wild.crt wild.key > /etc/ssl/private/wild.crtkey

gate# cat /etc/haproxy/haproxy.cfg
...
frontend kubernetes-ingress
    mode                 http
    bind                 *:80
    bind                 *:443 ssl crt /etc/ssl/private/gate.crtkey
    option               tcplog
    default_backend      kubernetes-ingress

backend kubernetes-ingress

    http-request set-header X-Forwarded-Proto https if { ssl_fc } # For Proto
    http-request set-header X-Forwarded-Host %[req.hdr(Host)]
    http-request set-header X-Forwarded-Port %[dst_port]

#    http-request add-header X-Real-Ip %[src] # Custom header with src IP
#    option forwardfor # X-forwarded-for
#    http-request set-uri https://%[req.hdr(Host)]%[path]?%[query] if { ssl_fc }

    mode        http
    balance     roundrobin

    server  kube1 kube1:80 check
    server  kube2 kube2:80 check
    server  kube3 kube3:80 check
# haproxy -f /etc/haproxy/haproxy.cfg -c
Configuration file is valid

# service haproxy restart

# journalctl -f | grep proxy

# curl http://localhost:80/ -H "Host: webd.corpX.un"
решение_haproxy.1704194320.txt.gz · Last modified: 2024/01/02 14:18 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki