summaryrefslogtreecommitdiffstats
path: root/resources/config
diff options
context:
space:
mode:
authorJimmy Forsyth <jf2512@att.com>2018-06-08 14:30:27 -0400
committerJimmy Forsyth <jf2512@att.com>2018-06-08 14:30:31 -0400
commit3b113d2467137587adbd431a70bb5c7391951b21 (patch)
tree826852c4024f5b19bef38d721309b05433c8f82b /resources/config
parentef10698d3e1099985a73f73d0485164c58dc0917 (diff)
Reconfigure haproxy to use dns resolution
Issue-ID: AAI-1217 Change-Id: If3bf828a69d9fbb46e776082541b21ab2bbb861d Signed-off-by: Jimmy Forsyth <jf2512@att.com>
Diffstat (limited to 'resources/config')
-rw-r--r--resources/config/haproxy/haproxy.cfg8
1 files changed, 6 insertions, 2 deletions
diff --git a/resources/config/haproxy/haproxy.cfg b/resources/config/haproxy/haproxy.cfg
index b9721ae..e90f737 100644
--- a/resources/config/haproxy/haproxy.cfg
+++ b/resources/config/haproxy/haproxy.cfg
@@ -22,6 +22,9 @@ defaults
log global
mode http
option httplog
+ option ssl-hello-chk
+ option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ==
+ default-server init-addr none
# option dontlognull
# errorfile 400 /etc/haproxy/errors/400.http
# errorfile 403 /etc/haproxy/errors/403.http
@@ -95,7 +98,8 @@ backend IST_Default_8447
balance roundrobin
http-request set-header X-Forwarded-Port %[src_port]
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
- server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}:8447 port 8447 ssl verify none
+ server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
+
#######################
# BACKEND 8446#########
@@ -105,7 +109,7 @@ backend IST_AAI_8446
balance roundrobin
http-request set-header X-Forwarded-Port %[src_port]
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
- server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}:8446 port 8446 ssl verify none
+ server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
listen IST_AAI_STATS
mode http