K
Q

haproxy as loadbalancer for kube-apiserver

4/20/2016

I've set up a kubernetes cluster with three masters. The kube-apiserver should be stateless. To properly access them from the worker nodes, I've configured an haproxy which is configured to provide the ports (8080) of the apiserver.

frontend http_front_8080
    bind *:8080
    stats uri /haproxy?stats
    default_backend http_back_8080

backend http_back_8080
    balance roundrobin
    server m01 192.168.33.21:8080 check
    server m02 192.168.33.22:8080 check
    server m03 192.168.33.23:8080 check

But when I run the nodes with the loadbalancers ip as the address of the apiserver I'll receive this errors:

Apr 20 12:35:07 n01 kubelet[3383]: E0420 12:35:07.308337    3383 reflector.go:271] pkg/kubelet/kubelet.go:240: Failed to watch *api.Service: too old resource version: 4001 (4041)
Apr 20 12:36:48 n01 kubelet[3383]: E0420 12:36:48.321021    3383 reflector.go:271] pkg/kubelet/kubelet.go:240: Failed to watch *api.Service: too old resource version: 4011 (4041)
Apr 20 12:37:31 n01 kube-proxy[3408]: E0420 12:37:31.381042    3408 reflector.go:271] pkg/proxy/config/api.go:47: Failed to watch *api.Service: too old resource version: 4011 (4041)
Apr 20 12:41:42 n01 kube-proxy[3408]: E0420 12:41:42.409604    3408 reflector.go:271] pkg/proxy/config/api.go:47: Failed to watch *api.Service: too old resource version: 4011 (4041)

If I change the loadbalancers IP to one of the masters nodes it works as expected (without these error messages above).

Am I something missing in my haproxy configuration which is vital for running this config?

-- meme
haproxy
kubernetes

Similar Questions

GCE managed groups api for horizontally scaling kubernetes nodes
Kubernetes - how to send request to all the minions?
how to use kubectl command with flag --selector?
Kubernetes daemonset is not able to run

1 Answer

9/14/2016

I had the same issue as you. I assume the watch requires some sort of state on the api server side. The solution is to change the configuration so all the requests from a client go to the same server using balance source. I assume you only have multiple api servers so kubernetes is highly available (instead of load balancing).

frontend http_front_8080
  bind *:8080
  stats uri /haproxy?stats
  default_backend http_back_8080

backend http_back_8080
  balance source
  server m01 192.168.33.21:8080 check
  server m02 192.168.33.22:8080 check
  server m03 192.168.33.23:8080 check
-- Xabier Eizmendi
Source: StackOverflow