Reconfigure haproxy to use dns resolution

author Jimmy Forsyth <jf2512@att.com>

Fri, 8 Jun 2018 18:30:27 +0000 (14:30 -0400)

committer James Forsyth <jf2512@att.com>

Mon, 11 Jun 2018 18:07:19 +0000 (18:07 +0000)
author Jimmy Forsyth <jf2512@att.com>
Fri, 8 Jun 2018 18:30:27 +0000 (14:30 -0400)
committer James Forsyth <jf2512@att.com>
Mon, 11 Jun 2018 18:07:19 +0000 (18:07 +0000)
diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg

index b9721ae..e90f737 100644 (file)
--- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg
+++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
@@ -22,6 +22,9 @@ defaults
          log     global
          mode    http
          option  httplog
+        option  ssl-hello-chk
+        option  httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ==
+        default-server init-addr none
  #       option  dontlognull
  #       errorfile 400 /etc/haproxy/errors/400.http
  #       errorfile 403 /etc/haproxy/errors/403.http
@@ -95,7 +98,8 @@ backend IST_Default_8447
          balance roundrobin
          http-request set-header X-Forwarded-Port %[src_port]
          http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
-        server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}:8447  port 8447 ssl verify none
+        server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
+
  
  #######################
  # BACKEND 8446#########
@@ -105,7 +109,7 @@ backend IST_AAI_8446
          balance roundrobin
          http-request set-header X-Forwarded-Port %[src_port]
          http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
-        server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}:8446  port 8446 ssl verify none
+        server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
  
  listen IST_AAI_STATS
          mode http
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml

index 017d0c2..b07048e 100644 (file)
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -56,7 +56,7 @@ global: # global defaults
  
  # application image
  dockerhubRepository: registry.hub.docker.com
-image: aaionap/haproxy:1.2.3
+image: aaionap/haproxy:1.2.4
  pullPolicy: Always
  
  # flag to enable debugging - application support required
author	Jimmy Forsyth <jf2512@att.com>
	Fri, 8 Jun 2018 18:30:27 +0000 (14:30 -0400)
committer	James Forsyth <jf2512@att.com>
	Mon, 11 Jun 2018 18:07:19 +0000 (18:07 +0000)
kubernetes/aai/resources/config/haproxy/haproxy.cfg		patch \| blob \| history
kubernetes/aai/values.yaml		patch \| blob \| history