feat: custom docker container for haproxy with k8s ha configuration

2022-01-01 21:30:32 +01:00 · 2022-01-01 21:30:32 +01:00 · c6aba07046
commit c6aba07046
parent 0fd74b291c
4 changed files with 71 additions and 0 deletions
--- a/3
+++ b/3
@ -0,0 +1,3 @@
+FROM haproxy:2.5.0-alpine3.15
+
+COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
--- a/25
+++ b/25
@ -0,0 +1,25 @@
+.PHONY: imageHaproxy
+
+REGISTRY_IP=docker.registry
+# linux/arm/v7
+# linux/arm/v6
+# linux/arm64
+# linux/amd64
+PLATFORM=linux/arm64
+#OCI_CLI=nerdctl
+OCI_CLI=docker
+#OCI_CLI_BUILD=$(OCI_CLI)
+OCI_CLI_BUILD=$(OCI_CLI) buildx
+
+## build
+
+shell_build_image = $(OCI_CLI_BUILD) build --platform $(PLATFORM) -t $(REGISTRY_IP):5000/$(1) .; \
+	$(OCI_CLI) push $(REGISTRY_IP):5000/$(1);
+
+imageHaproxy:
+	$(call shell_build_image,haproxy-k8s)
+
+## management
+
+status:
+	@curl -s $(REGISTRY_IP):5000/v2/_catalog | jq
--- a/README.md
+++ b/README.md
@ -0,0 +1,6 @@
+# docker haproxy for High availability k8s control plan 
+
+docker container for haproxy deployment as container
+
+based on official haproxy image https://hub.docker.com/_/haproxy?tab=description&page=1&ordering=last_updated&name=2.5
+inspired from https://github.com/kubernetes/kubeadm/blob/main/docs/ha-considerations.md#keepalived-and-haproxy
--- a/haproxy.cfg
+++ b/haproxy.cfg
@ -0,0 +1,37 @@
+global
+  log /dev/log local0
+  log /dev/log local1 notice
+  daemon
+  
+defaults
+  mode                    http
+  user                    haproxy
+  group                   haproxy
+  log                     global
+  option                  httplog
+  option                  dontlognull
+  option http-server-close
+  option forwardfor       except 127.0.0.0/8
+  option                  redispatch
+  retries                 1
+  timeout http-request    10s
+  timeout queue           20s
+  timeout connect         5s
+  timeout client          20s
+  timeout server          20s
+  timeout http-keep-alive 10s
+  timeout check           10s
+  
+frontend apiserver
+  bind *:6443
+  mode tcp
+  option tcplog
+  default_backend apiserver
+  
+backend apiserver
+  option httpchk GET /healthz
+  http-check expect status 200
+  mode tcp
+  option ssl-hello-chk
+  balance roundrobin
+    server worker-4 100.105.163.73:6443 check