Merge branch 'topic/kubernetes-ng'

1 files changed, 36 insertions, 0 deletions

diff --git a/roles/kubernetes/kubeadm/base/templates/haproxy.cfg.j2 b/roles/kubernetes/kubeadm/base/templates/haproxy.cfg.j2
new file mode 100644
index 00000000..3de6ac00
--- /dev/null
+++ b/roles/kubernetes/kubeadm/base/templates/haproxy.cfg.j2
@@ -0,0 +1,36 @@
+global
+    log /dev/log local0
+    log /dev/log local1 notice
+    chroot /var/lib/haproxy
+    stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
+    stats timeout 30s
+    user haproxy
+    group haproxy
+    daemon
+
+frontend kube_api
+{% if '_kubernetes_masters_' in group_names %}
+    bind *:6443
+{% else %}
+    bind 127.0.0.1:6443
+{% endif %}
+    mode tcp
+    timeout client 3h
+    default_backend kube_api
+
+backend kube_api
+    mode tcp
+{% if '_kubernetes_masters_' in group_names %}
+    balance first
+{% else %}
+    balance roundrobin
+{% endif %}
+    option log-health-checks
+    option httpchk GET /healthz
+    http-check expect string ok
+    default-server inter 5s fall 3 rise 2
+    timeout connect 5s
+    timeout server 3h
+{% for master in groups['_kubernetes_masters_'] %}
+    server {{ hostvars[master].inventory_hostname }} {{ hostvars[master].kubernetes_overlay_node_ip | default(hostvars[master].ansible_default_ipv4.address) }}:6442 {% if master == inventory_hostname %}id 1{% endif %} check check-ssl verify none
+{% endfor %}