From f461397b673a94a146e6a25d426253bdcfd72d19 Mon Sep 17 00:00:00 2001
From: Jimmy Forsyth <jf2512@att.com>
Date: Fri, 8 Jun 2018 14:30:27 -0400
Subject: Reconfigure haproxy to use dns resolution

Issue-ID: AAI-1217
Change-Id: If3bf828a69d9fbb46e776082541b21ab2bbb861d
Signed-off-by: Jimmy Forsyth <jf2512@att.com>
---
 kubernetes/aai/resources/config/haproxy/haproxy.cfg | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'kubernetes/aai/resources/config')

diff --git a/kubernetes/aai/resources/config/haproxy/haproxy.cfg b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
index b9721ae41a..e90f737bff 100644
--- a/kubernetes/aai/resources/config/haproxy/haproxy.cfg
+++ b/kubernetes/aai/resources/config/haproxy/haproxy.cfg
@@ -22,6 +22,9 @@ defaults
         log     global
         mode    http
         option  httplog
+        option  ssl-hello-chk
+        option  httpchk GET /aai/util/echo HTTP/1.1\r\nHost:\ aai\r\nX-TransactionId:\ haproxy-0111\r\nX-FromAppId:\ haproxy\r\nAccept:\ application/json\r\nAuthorization:\ Basic\ QUFJOkFBSQ==
+        default-server init-addr none
 #       option  dontlognull
 #       errorfile 400 /etc/haproxy/errors/400.http
 #       errorfile 403 /etc/haproxy/errors/403.http
@@ -95,7 +98,8 @@ backend IST_Default_8447
         balance roundrobin
         http-request set-header X-Forwarded-Port %[src_port]
         http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
-        server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}:8447  port 8447 ssl verify none
+        server aai-resources.{{.Release.Namespace}} aai-resources.{{.Release.Namespace}}.svc.cluster.local:8447 resolvers kubernetes check check-ssl port 8447 ssl verify none
+
 
 #######################
 # BACKEND 8446#########
@@ -105,7 +109,7 @@ backend IST_AAI_8446
         balance roundrobin
         http-request set-header X-Forwarded-Port %[src_port]
         http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
-        server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}:8446  port 8446 ssl verify none
+        server aai-traversal.{{.Release.Namespace}} aai-traversal.{{.Release.Namespace}}.svc.cluster.local:8446 resolvers kubernetes check check-ssl port 8446 ssl verify none
 
 listen IST_AAI_STATS
         mode http
-- 
cgit 1.2.3-korg