summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/resources/config/haproxy
diff options
context:
space:
mode:
authorJimmy Forsyth <jf2512@att.com>2018-06-08 14:30:27 -0400
committerJimmy Forsyth <jf2512@att.com>2018-06-08 14:30:31 -0400
commitf461397b673a94a146e6a25d426253bdcfd72d19 (patch)
tree3ecf1f29e6dc2054e1ce22e8c16522e6c3a31818 /kubernetes/aai/resources/config/haproxy
parent2cdfe1d040ded11539676d64934aaf2966400b1c (diff)
Reconfigure haproxy to use dns resolution
Issue-ID: AAI-1217 Change-Id: If3bf828a69d9fbb46e776082541b21ab2bbb861d Signed-off-by: Jimmy Forsyth <jf2512@att.com>
Diffstat (limited to 'kubernetes/aai/resources/config/haproxy')
-rw-r--r--kubernetes/aai/resources/config/haproxy/haproxy.cfg8
1 files changed, 6 insertions, 2 deletions
diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
index b9721ae41a..e90f737bff 100644
--- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg
+++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
@@ -22,6 +22,9 @@ defaults
log global
mode http
option httplog
+ option ssl-hello-chk
+ option httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ==
+ default-server init-addr none
# option dontlognull
# errorfile 400 /etc/haproxy/errors/400.http
# errorfile 403 /etc/haproxy/errors/403.http
@@ -95,7 +98,8 @@ backend IST_Default_8447
balance roundrobin
http-request set-header X-Forwarded-Port %[src_port]
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
- server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}:8447 port 8447 ssl verify none
+ server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
+
#######################
# BACKEND 8446#########
@@ -105,7 +109,7 @@ backend IST_AAI_8446
balance roundrobin
http-request set-header X-Forwarded-Port %[src_port]
http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
- server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}:8446 port 8446 ssl verify none
+ server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
listen IST_AAI_STATS
mode http