K
Q

HAProxy to Istio Ingress

4/25/2020

Currently, I am trying to configure a load balancer from where the traffic will be sent to a Kubernetes cluster. At the edge of the cluster, Istio ingress is serving the cluster's external request. HAProxy version 1.8

I can access the service using the below command from outside the cluster.

curl -k -HHost:httpbin.example.com --resolve httpbin.example.com:32009:192.168.50.10 https://httpbin.example.com:32009/status/418:

Below is my HAProxy configuration:

Frontend:

frontend https
    bind *:443 ssl crt /etc/ssl/certs/site.pem
    mode tcp

    tcp-request inspect-delay 5s
    tcp-request content accept if { req_ssl_hello_type 1 }

    default_backend httpbin

Backend:

  backend httpbin
    balance roundrobin
    mode tcp

    acl httpbin_app req_ssl_sni -i httpbin.example.com
    use-server master if httpbin_app

    server master 192.168.50.10:32009 check ssl verify none

     http-request set-header Host httpbin.example.com
     http-request set-header X-Forwarded-For %[src]
     http-request set-header X-Forwarded-Port %[dst_port]
     http-request add-header X-Forwarded-Proto https if { ssl_fc }

Using HAProxy I am getting 503 always. Also during startup, HAProxy is saying the below line:

haproxy[14260]: backend httpbin has no server available!

Can you please help to find out the right configuration for backend?

-- Emamul Andalib
haproxy
istio
kubernetes-ingress

Similar Questions

Unable to deploy AI model to Kubernetes
Kubernetes expose does not work from file
Executing a kubernetes pod with the use of pod name
minikube deployment of mysql failed... image pull failed .. ubuntu environment

1 Answer

4/26/2020

Finally with the help of HAProxy community I have found the right configuration for Istio Ingress. This is very basic. Please update the settings as per your needs. Below is the link for the configuration.

https://gist.github.com/emamulandalib/2a613f5308c29518fcbcdc6b3bad3900

-- Emamul Andalib
Source: StackOverflow