Open
Description
Hi,
its possible run Haproxy in transparent mode on TCP service?
I Try following steps:
TCP CRD in Transparent mode:
apiVersion: ingress.v1.haproxy.org/v1
kind: TCP
metadata:
annotations:
ingress.class: haproxy
spec:
- frontend:
binds:
- name: psql-keycloak
port: 5435
transparent: true
log_format: '%{+Q}o %t %s'
name: psql-keycloak-rw
tcplog: true
name: psql-keycloak-rw
service:
name: psql-keycloak-pooler-rw
port: 5432
Backend CRD:
apiVersion: ingress.v1.haproxy.org/v1
kind: Backend
spec:
config:
abortonclose: enabled
balance:
algorithm: roundrobin
default_server:
check: enabled
name: keycloak-rw
source:
address: 0.0.0.0
usesrc: clientip
On Service i have annotation:
apiVersion: v1
kind: Service
metadata:
name: psql-keycloak-pooler-rw
namespace: keycloak-postgres
labels:
cnpg.io/cluster: psql-keycloak
cnpg.io/podRole: pooler
cnpg.io/poolerName: psql-keycloak-pooler-rw
annotations:
cnpg.io/poolerSpecHash: 897b7db6
haproxy.org/cr-backend: keycloak-postgres/keycloak-rw-backend
VM has enable TPROX capabilities:
$ lsmod | grep tprox
nft_tproxy 16384 0
nf_tproxy_ipv6 20480 1 nft_tproxy
nf_tproxy_ipv4 20480 1 nft_tproxy
nf_defrag_ipv6 24576 2 nf_conntrack,nft_tproxy
nf_defrag_ipv4 16384 2 nf_conntrack,nft_tproxy
nf_tables 311296 2379 nft_compat,nft_tproxy,nft_chain_nat
Logs are empty if i try connect to frontend a only get message:
server closed the connection unexpectedly
Haproxy in DEBUG mode are EMPTY
Metadata
Metadata
Assignees
Labels
No labels