Public-System-Design/haproxy-kubernetes
2
Fork 0
Code Issues Pull requests Projects Releases 24 Packages Wiki Activity Actions
haproxy-kubernetes/README_GO.md
holzi1005 91fbebd25e
All checks were successful
Build Go Binary / build (push) Successful in 32s
Details
Update README_GO.md
2025-08-08 19:03:08 +02:00

3.2 KiB
Raw Blame History

Start Go Script to create new Config

export KUBERNETES_HOST="https://10.0.20.7:6443"
export KUBERNETES_TOKEN="eyJhbGciOi..."
export KUBERNETES_VERIFYSSL="false"
export HAPROXY_TEMPLATE="./haproxy.tmpl"

./haproxy-generator > /etc/haproxy/haproxy.cfg && sudo systemctl restart haproxy

HaProxy Template

{{- range .backends }}

backend {{ .Name }}
  mode {{ .Mode }}
  balance {{ .Balance }}
  {{- if .CookieName }}
  cookie {{ .CookieName }} {{ .CookieFlags }}
  {{- end }}

  {{- if .HealthCheck }}
  option httpchk GET {{ .HealthCheck }}
  http-check expect status 200
  {{- end }}

  {{- $backend := . }}
  {{- range .Servers }}
  server {{ .Name }} {{ .Address }}:{{ .Port }}{{ if $backend.HealthCheck }} check{{ end }}{{ if $backend.CookieName }} cookie {{ .Cookie }}{{ end }}{{ if $backend.ServerOptions }} {{ $backend.ServerOptions }}{{ end }}
  {{- end }}

{{- end }}

Systemd Service and Timer

[Unit]
Description=HAProxy Config Generator
After=network.target

[Service]
Type=oneshot
Environment=KUBERNETES_HOST=https://10.0.20.7:6443
Environment=KUBERNETES_TOKEN=eyJhbGciOi...
Environment=KUBERNETES_VERIFYSSL=false
Environment=HAPROXY_TEMPLATE=/etc/haproxy/haproxy.tmpl
ExecStart=/bin/bash /etc/haproxy/haproxy-generator.sh

Timer for Systemd

[Unit]
Description=Run HAProxy Config Generator every minute

[Timer]
OnBootSec=1min
OnUnitActiveSec=1min
Unit=haproxy-generator.service
Persistent=true

[Install]
WantedBy=timers.target

Reload Script for post start

Copy the script to /etc/haproxy/haproxy-generator.sh

#!/bin/bash

/usr/local/bin/haproxy-generator > /etc/haproxy/haproxy.cfg.new
DIFF=$(diff /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.new)
/sbin/haproxy -f /etc/haproxy/haproxy.cfg.new -c
VALID=$?

if [ "$DIFF" != "" ] && [ $VALID -eq 0 ]
then
    mv /etc/haproxy/haproxy.cfg.new /etc/haproxy/haproxy.cfg
    /usr/sbin/service haproxy restart
fi

Service Annotations

Annotation-Key Beschreibung Typ Beispielwert
haproxy/enabled Aktiviert die Aufnahme des Services in die HAProxy-Konfiguration bool "true"
haproxy/mode Betriebsmodus des Backends (tcp oder http) string "tcp" / "http"
haproxy/cookie-name Name des Cookies zur Session-Persistenz string "SRVCOOKIE"
haproxy/cookie-flags Zusätzliche Cookie-Optionen für HAProxy string "insert indirect nocache"
haproxy/health-check Deaktiviert Health-Checks, wenn "false" gesetzt wird bool "false"
haproxy/server-options Zusätzliche Optionen für die einzelnen server-Zeilen in HAProxy string "ssl verify none"
haproxy/port Nutze nur diesen Port des Services, wenn mehrere Ports definiert sind int "8080"