HAProxy usage with kubernetes

haproxykubernetes

I am trying to setup a kubernetes cluster using HAProxy. Right now there are only two nodes. The loadbalancer is on the master node. But i see from the logs that the connection is tried on a virtual ip that is not present. Here are the endpoints for kubernetes cluster.

NAME                       ENDPOINTS                                                     AGE
activemq-svc               10.0.86.2:1883,10.0.86.2:8161,10.0.86.2:8161 + 1 more...      2h
admin-svc                  10.0.86.7:8080,10.0.86.7:9840,10.0.86.7:9841                  2h
kube-dns                   10.0.54.2:53,10.0.54.2:4001,10.0.54.2:53                      2h
kubernetes                 172.31.16.18:6443                                             4h
mysql-admin-svc            10.0.86.6:3306                                                2h
mysql-edu-svc              10.0.86.4:10050,10.0.86.4:3306                                2h
mysql-stat-svc             10.0.54.4:3306                                                2h
platform-riak-cs-service   10.0.54.3:8087,10.0.54.3:8080,10.0.54.3:8098                  2h
redis-svc                  10.0.86.3:6379                                                2h
server-svc                 10.0.86.10:8080,10.0.86.10:9840,10.0.86.10:9841 + 1 more...   2h
statistics-svc             10.0.86.8:8080,10.0.86.8:9840,10.0.86.8:9841                  2h

But in logs I see that my ip address tries to connect on an address that is not present in endpoint list. There is no rule in HAProxy.cfg also for ..86.5. Can someone please tell me whats happening?

servicelb [INFO] Connect from 118.102.239.85:39812 to **10.0.86.5:443** (httpsfrontend/HTTP)
servicelb [INFO] Connect from 118.102.239.85:40418 to 10.0.86.5:443 (httpsfrontend/HTTP)
servicelb [INFO] Connect from 118.102.239.85:41057 to 10.0.86.5:443 (httpsfrontend/HTTP)
servicelb [INFO] Connect from 118.102.239.85:41100 to 10.0.86.5:443 (httpsfrontend/HTTP)
servicelb [INFO] Connect from 118.102.239.85:41143 to 10.0.86.5:443 (httpsfrontend/HTTP)
servicelb [INFO] Connect from 10.0.86.1:49589 to 10.0.86.5:80 (httpfrontend/HTTP)
servicelb [INFO] Connect from 10.0.86.1:49611 to 10.0.86.5:80 (httpfrontend/HTTP)
servicelb [INFO] Connect from 10.0.86.10:53882 to 10.0.86.5:80 (httpfrontend/HTTP)
servicelb [INFO] 10.0.86.10:55668 [21/Dec/2015:11:45:15.526] httpsfrontend/1: SSL handshake failure

Best Answer

The kube-proxy endpoint does TCP end-to-end proxying by default so IP addresses are lost.

If you activate the IP tables based proxy instead:

https://github.com/kubernetes/contrib/tree/master/scale-demo#activate-iptables-proxying

Related Topic