summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJimmy Forsyth <jf2512@att.com>2018-06-08 14:30:27 -0400
committerJames Forsyth <jf2512@att.com>2018-06-11 18:07:19 +0000
commitb66a3ee8fccde879b5f3fc26fa9aa1fa63c1705d (patch)
tree7d41baf87b34b5feaf81fd033d88ef066aa6b4be
parent99352e5d65e2bab3f41e1e357221cc68df602e98 (diff)
Reconfigure haproxy to use dns resolution
Issue-ID: AAI-1217 Change-Id: If3bf828a69d9fbb46e776082541b21ab2bbb861d Signed-off-by: Jimmy Forsyth <jf2512@att.com>
-rw-r--r--kubernetes/aai/resources/config/haproxy/haproxy.cfg8
-rw-r--r--kubernetes/aai/values.yaml2
2 files changed, 7 insertions, 3 deletions
diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
index b9721ae41a..e90f737bff 100644
--- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg
+++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
@@ -22,6 +22,9 @@ defaults
log global
mode http
option httplog
+ option ssl-hello-chk
+ option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ==
+ default-server init-addr none
# option dontlognull
# errorfile 400 /etc/haproxy/errors/400.http
# errorfile 403 /etc/haproxy/errors/403.http
@@ -95,7 +98,8 @@ backend IST_Default_8447
balance roundrobin
http-request set-header X-Forwarded-Port %[src_port]
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
- server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}:8447 port 8447 ssl verify none
+ server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
+
#######################
# BACKEND 8446#########
@@ -105,7 +109,7 @@ backend IST_AAI_8446
balance roundrobin
http-request set-header X-Forwarded-Port %[src_port]
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
- server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}:8446 port 8446 ssl verify none
+ server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
listen IST_AAI_STATS
mode http
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 017d0c282d..b07048e134 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -56,7 +56,7 @@ global: # global defaults
# application image
dockerhubRepository: registry.hub.docker.com
-image: aaionap/haproxy:1.2.3
+image: aaionap/haproxy:1.2.4
pullPolicy: Always
# flag to enable debugging - application support required