Create static configuration for the load balancer in OpenShift 3.11.
All operations are performed on the management node.
Define load balancer configuration in hosts file.
# LB
openshift_loadbalancer_additional_frontends:
- name: "apps-http"
mode: "tcp"
options:
- "tcplog"
binds:
- "*:80"
default_backend: "apps-http"
- name: "apps-https"
mode: "tcp"
options:
- "tcplog"
binds:
- "*:443"
default_backend: "apps-https"
openshift_loadbalancer_additional_backends:
- name: "apps-http"
balance: "source"
mode: "tcp"
servers:
- name: "infra0"
address: "192.0.2.11:80"
opts: "check"
- name: "apps-https"
balance: "source"
mode: "tcp"
servers:
- name: "infra0"
address: "192.0.2.11:443"
opts: "check"
Define load balancer in hosts file.
lb:
hosts:
openshift-example-lb-1.example.org:
masters:
hosts:
openshift-example-master-1.example.org:
etcd:
hosts:
openshift-example-master-1.example.org:
nodes:
hosts:
openshift-example-master-1.example.org:
openshift_node_group_name: node-config-master
openshift-example-infra-1.example.org:
openshift_node_group_name: node-config-infra
openshift-example-node-[1:2].example.org:
openshift_node_group_name: node-config-compute
Run playbook to update balancer configuration.
$ ansible-playbook -i hosts playbooks/openshift-loadbalancer/config.yml
[...] PLAY RECAP ************************************************************************************************************************************************************************************************************************************************************************* localhost : ok=12 changed=0 unreachable=0 failed=0 skipped=4 rescued=0 ignored=0 openshift-example-infra-1.example.org : ok=0 changed=0 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 openshift-example-lb-1.example.org : ok=29 changed=4 unreachable=0 failed=0 skipped=30 rescued=0 ignored=0 openshift-example-master-1.example.org : ok=40 changed=0 unreachable=0 failed=0 skipped=36 rescued=0 ignored=0 openshift-example-node-1.example.org : ok=0 changed=0 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 openshift-example-node-2.example.org : ok=0 changed=0 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 INSTALLER STATUS ******************************************************************************************************************************************************************************************************************************************************************* Initialization : Complete (0:00:11) Load Balancer Install : Complete (0:00:09) Wednesday 15 April 2020 20:45:37 +0200 (0:00:00.035) 0:00:20.437 ******* =============================================================================== Gathering Facts ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.76s tuned : Ensure files are populated from templates --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.62s tuned : Restart tuned service ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.31s openshift_loadbalancer : Configure haproxy ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.87s openshift_loadbalancer : Install haproxy ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ 0.75s openshift_loadbalancer : Enable and start haproxy --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.75s get openshift_current_version ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.63s openshift_loadbalancer : Add iptables allow rules --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.60s Gather Cluster facts -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.60s tuned : Ensure directory structure exists ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.60s openshift_loadbalancer : Configure systemd service directory for haproxy ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.42s tuned : Check for tuned package --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.42s openshift_control_plane : slurp --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.41s Detecting Operating System from ostree_booted ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.40s openshift_loadbalancer : Configure the nofile limits for haproxy ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ 0.39s Initialize openshift.node.sdn_mtu ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.38s openshift_loadbalancer : restart haproxy ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ 0.34s tuned : Make tuned use the recommended tuned profile on restart ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.33s Fetch ca.crt from cluster if exists ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.19s openshift_control_plane : stat ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 0.18s
Configuration generated on the load balancer.
# Global settings
#---------------------------------------------------------------------
global
maxconn 20000
log /dev/log local0 info
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
# option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 300s
timeout server 300s
timeout http-keep-alive 10s
timeout check 10s
maxconn 20000
listen stats
bind :9000
mode http
stats enable
stats uri /
frontend atomic-openshift-api
bind *:8443
default_backend atomic-openshift-api
mode tcp
option tcplog
frontend apps-http
bind *:80
default_backend apps-http
mode tcp
option tcplog
frontend apps-https
bind *:443
default_backend apps-https
mode tcp
option tcplog
backend atomic-openshift-api
balance source
mode tcp
server master0 192.0.2.10:8443 check
backend apps-http
balance source
mode tcp
server infra0 192.0.2.11:80 check
backend apps-https
balance source
mode tcp
server infra0 192.0.2.11:443 check