templates/default/proxy.erb
#Contents generated by chef! Local changes will be overwritten next converge!
global
maxconn 4096
log 127.0.0.1 local0
spread-checks 5
daemon
user nobody
group nobody
stats socket /var/lib/haproxy/stats user root group root mode 700 level admin
defaults
log global
mode http
balance leastconn
maxconn 3072
option httplog
option dontlognull
option abortonclose
option httpclose
retries 3
option redispatch
timeout client 1m
timeout connect 10s
timeout server 1m
timeout check 10s
<% if node['kubernetes']['secure']['enabled'] == 'true' -%>
frontend api_frontend
bind 127.0.0.1:<%= @kubernetes_secure_api_port %>
option tcplog
mode tcp
default_backend api_backend
frontend etcd_frontend
bind 127.0.0.1:<%= @etcd_client_port %>
option tcplog
mode tcp
default_backend etcd_backend
backend api_backend
balance roundrobin
option ssl-hello-chk
mode tcp
<% @api_servers.each do |name| %>
server <%= name %> <%= name %>:<%= @kubernetes_secure_api_port %> check
<% end %>
backend etcd_backend
balance roundrobin
option ssl-hello-chk
mode tcp
<% @api_servers.each do |name| %>
server <%= name %> <%= name %>:<%= @etcd_client_port %> check
<% end %>
<% end -%>
<% if node['kubernetes']['secure']['enabled'] == 'false' -%>
frontend api_frontend
bind 127.0.0.1:<%= @kubernetes_api_port %>
option forwardfor
default_backend api_backend
frontend etcd_frontend
bind 127.0.0.1:<%= @etcd_client_port %>
option forwardfor
default_backend etcd_backend
backend api_backend
balance roundrobin
<% @api_servers.each do |name| %>
server <%= name %> <%= name %>:<%= @kubernetes_api_port %>
<% end %>
backend etcd_backend
balance roundrobin
<% @api_servers.each do |name| %>
server <%= name %> <%= name %>:<%= @etcd_client_port %>
<% end %>
<% end -%>