Added https lb for lb
Signed-off-by: Tuan-Dat Tran <tuan-dat.tran@tudattr.dev>rewrite
parent
95afa201e3
commit
a09448985c
|
@ -2,6 +2,7 @@ include /etc/nginx/modules-enabled/*.conf;
|
||||||
|
|
||||||
events {}
|
events {}
|
||||||
|
|
||||||
|
# TCP Load Balancing for the K3s API
|
||||||
stream {
|
stream {
|
||||||
upstream k3s_servers {
|
upstream k3s_servers {
|
||||||
{% for ip in k3s_server_ips %}
|
{% for ip in k3s_server_ips %}
|
||||||
|
@ -19,14 +20,36 @@ http {
|
||||||
upstream k3s_servers_http {
|
upstream k3s_servers_http {
|
||||||
least_conn;
|
least_conn;
|
||||||
{% for ip in k3s_server_ips %}
|
{% for ip in k3s_server_ips %}
|
||||||
server {{ ip }};
|
server {{ ip }}:80;
|
||||||
|
{% endfor %}
|
||||||
|
}
|
||||||
|
|
||||||
|
upstream k3s_servers_https {
|
||||||
|
least_conn;
|
||||||
|
{% for ip in k3s_server_ips %}
|
||||||
|
server {{ ip }}:443;
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
|
listen 80;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://k3s_servers_http;
|
proxy_pass http://k3s_servers_http;
|
||||||
proxy_set_header Host $http_host;
|
proxy_set_header Host $http_host;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto http;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass https://k3s_servers_https;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto https;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue