diff options
author | Jimmy Forsyth <jf2512@att.com> | 2018-06-08 14:30:27 -0400 |
---|---|---|
committer | Jimmy Forsyth <jf2512@att.com> | 2018-06-08 14:30:31 -0400 |
commit | f461397b673a94a146e6a25d426253bdcfd72d19 (patch) | |
tree | 3ecf1f29e6dc2054e1ce22e8c16522e6c3a31818 | |
parent | 2cdfe1d040ded11539676d64934aaf2966400b1c (diff) |
Reconfigure haproxy to use dns resolution
Issue-ID: AAI-1217
Change-Id: If3bf828a69d9fbb46e776082541b21ab2bbb861d
Signed-off-by: Jimmy Forsyth <jf2512@att.com>
-rw-r--r-- | kubernetes/aai/resources/config/haproxy/haproxy.cfg | 8 | ||||
-rw-r--r-- | kubernetes/aai/values.yaml | 2 |
2 files changed, 7 insertions, 3 deletions
diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg index b9721ae41a..e90f737bff 100644 --- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg +++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg @@ -22,6 +22,9 @@ defaults log global mode http option httplog + option ssl-hello-chk + option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ== + default-server init-addr none # option dontlognull # errorfile 400 /etc/haproxy/errors/400.http # errorfile 403 /etc/haproxy/errors/403.http @@ -95,7 +98,8 @@ backend IST_Default_8447 balance roundrobin http-request set-header X-Forwarded-Port %[src_port] http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}:8447 port 8447 ssl verify none + server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none + ####################### # BACKEND 8446######### @@ -105,7 +109,7 @@ backend IST_AAI_8446 balance roundrobin http-request set-header X-Forwarded-Port %[src_port] http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload; - server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}:8446 port 8446 ssl verify none + server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none listen IST_AAI_STATS mode http diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 017d0c282d..b07048e134 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -56,7 +56,7 @@ global: # global defaults # application image dockerhubRepository: registry.hub.docker.com -image: aaionap/haproxy:1.2.3 +image: aaionap/haproxy:1.2.4 pullPolicy: Always # flag to enable debugging - application support required |