++update

8 months ago · 5f56430222
6 changed files with 19 additions and 115 deletions
--- a/apps/haproxy/README.md
+++ b/apps/haproxy/README.md
@ -1,16 +0,0 @@
-## Objective
-
-Deploy a proxy to the kubernetes cluster that handles
-IPv4-to-IPv6 translations as follows:
-
-```
-Outside k8s:
-
-[ IPv4-Address ] ---- [ SIIT NAT64 mapping ]
-                               |
-                               |
-                               |
-Inside k8s:           [ haproxy container ]
-                               |
-                               |
-                      [ abc.namespacex.svc.clusterdomain ]
--- a/apps/haproxy/haproxy-v2.cfg
+++ b/apps/haproxy/haproxy-v2.cfg
@ -1,36 +0,0 @@
-global
-    log stdout format raw local0
-
-    # turn on stats unix socket
-    stats socket /var/lib/haproxy/stats
-
-resolvers mydns
-  parse-resolv-conf
-
-defaults
-    retries                 3
-    log global
-    timeout http-request    10s
-    timeout queue           1m
-    timeout connect         10s
-    timeout client          1m
-    timeout server          1m
-    timeout http-keep-alive 10s
-    timeout check           10s
-
-frontend f_https
-    bind ipv6@:6443
-    mode tcp
-
-    tcp-request inspect-delay 5s
-    tcp-request content accept if { req_ssl_hello_type 1 }
-    tcp-request content reject unless { req_ssl_sni -i k8s.ooo }
-    tcp-request content do-resolve(txn.myip,mydns,ipv6) req_ssl_sni,lower
-
-    default_backend b_https
-
-backend b_https
-    mode tcp
-
-    tcp-request content set-dst var(txn.myip)
-    server tcp_https ipv6@*
--- a/apps/haproxy/haproxy.cfg
+++ b/apps/haproxy/haproxy.cfg
@ -1,63 +0,0 @@
-global
-    log stdout format raw local0
-
-    # turn on stats unix socket
-    stats socket /var/lib/haproxy/stats
-
-resolvers mydns
-  parse-resolv-conf
-  timeout retry   1s
-  hold valid 30s
-  hold nx 3s
-  hold other 3s
-  hold obsolete 0s
-  accepted_payload_size 8192
-
-defaults
-    retries                 3
-    log global
-    timeout http-request    10s
-    timeout queue           1m
-    timeout connect         10s
-    timeout client          1m
-    timeout server          1m
-    timeout http-keep-alive 10s
-    timeout check           10s
-
-frontend f_http
-    bind ipv6@:80
-    mode http
-
-    http-request do-resolve(txn.myip,mydns,ipv6) hdr(Host),lower
-
-    # if DNS resolving did not work
-    # use_backend b_503 unless { var(txn.myip) -m found }
-
-    default_backend      b_http
-
-backend b_http
-    mode http
-    http-request deny unless { hdr(host) -i c2.k8s.ooo }
-    http-request set-dst var(txn.myip)
-    server http ipv6@*
-
-# # HTTPs
-frontend f_https
-    bind ipv6@:443
-    mode tcp
-
-    tcp-request inspect-delay 5s
-    tcp-request content accept if { req_ssl_hello_type 1 }
-    tcp-request deny unless { req_ssl_sni -i k8s.ooo }
-    tcp-request content do-resolve(txn.myip,mydns,ipv6) req_ssl_sni,lower
-
-    default_backend b_https
-
-backend b_https
-    mode tcp
-
-    tcp-request content set-dst var(txn.myip)
-    server tcp_https ipv6@*
-
-#    tcp-request connection deny unless { hdr(host) -i c2.k8s.ooo }
-#    use_backend b_503 unless { var(txn.myip) -m found }
--- a/apps/zammad/values.yaml
+++ b/apps/zammad/values.yaml
@ -7,5 +7,9 @@ letsencryptStaging: "yes"
 identifier: "{{ .Release.Name }}"
 fqdn: "{{ .Release.Name }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"

+storage:
+  data:
+    size: 1Gi
+
 datasizeingb: 1
 dbsizeingb: 0.5
--- a/generic/haproxy-sleep.yaml
+++ b/generic/haproxy-sleep.yaml
@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: haproxy2-sleep
+spec:
+  containers:
+  - name: haproxy
+    image: haproxy:2.4.7-alpine
+    args:
+    - sleep
+    - "1000000"
--- a/image-building.md
+++ b/image-building.md
@ -0,0 +1,4 @@
+## WIP
+
+* Maybe kaniko
+* also checking out buildkit daemon-less