From cc382f2412a32b9e07c04ab689a66b18b5e9f215 Mon Sep 17 00:00:00 2001 From: Kay Yan Date: Wed, 22 Mar 2023 20:58:36 +0800 Subject: [PATCH] haproxy-proxy-ipv6 (#9674) --- .../kubernetes/node/templates/loadbalancer/haproxy.cfg.j2 | 8 +++++++- .../kubernetes/node/templates/loadbalancer/nginx.conf.j2 | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2 b/roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2 index 1d5d7d945..c62932506 100644 --- a/roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2 +++ b/roles/kubernetes/node/templates/loadbalancer/haproxy.cfg.j2 @@ -21,13 +21,19 @@ defaults {% if loadbalancer_apiserver_healthcheck_port is defined -%} frontend healthz - bind *:{{ loadbalancer_apiserver_healthcheck_port }} + bind 0.0.0.0:{{ loadbalancer_apiserver_healthcheck_port }} + {% if enable_dual_stack_networks -%} + bind :::{{ loadbalancer_apiserver_healthcheck_port }} + {% endif -%} mode http monitor-uri /healthz {% endif %} frontend kube_api_frontend bind 127.0.0.1:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }} + {% if enable_dual_stack_networks -%} + bind [::1]:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}; + {% endif -%} mode tcp option tcplog default_backend kube_api_backend diff --git a/roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2 b/roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2 index fd3e5746c..07b937042 100644 --- a/roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2 +++ b/roles/kubernetes/node/templates/loadbalancer/nginx.conf.j2 @@ -21,7 +21,7 @@ stream { server { listen 127.0.0.1:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}; {% if enable_dual_stack_networks -%} - listen [::]:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}; + listen [::1]:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}; {% endif -%} proxy_pass kube_apiserver; proxy_timeout 10m;