danehans · February 16, 2016 00:20
diff --git a/gistfile1.txt b/gistfile1.txt
 $ cat addons/kube-dashboard.yaml 
 apiVersion: v1
 kind: ReplicationController
 metadata:
  labels:
    app: kubernetes-dashboard
    version: canary
  name: kubernetes-dashboard
 #  namespace: kube-system
 spec:
  replicas: 1
  selector:
    app: kubernetes-dashboard
    version: canary
  template:
    metadata:
      labels:
        app: kubernetes-dashboard
        version: canary
    spec:
      containers:
      - name: kubernetes-dashboard
        image: gcr.io/google_containers/kubernetes-dashboard:canary
        imagePullPolicy: Always
        ports:
        - containerPort: 9090
          protocol: TCP
 ---
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app: kubernetes-dashboard
  name: kubernetes-dashboard
 #  namespace: kube-system
 spec:
  ports:
  - port: 80
    targetPort: 9090
    protocol: TCP
  selector:
    app: kubernetes-dashboard

 $ cat manifests/slb-rc.yaml
 apiVersion: v1
 kind: ReplicationController
 metadata:
  name: service-loadbalancer
  labels:
    app: service-loadbalancer
    version: v1
 spec:
  replicas: 1
  selector:
    app: service-loadbalancer
    version: v1
  template:
    metadata:
      labels:
        app: service-loadbalancer
        version: v1
    spec:
      nodeSelector:
        role: loadbalancer
      containers:
      - image: gcr.io/google_containers/servicelb:0.2
        imagePullPolicy: Always
        livenessProbe:
          httpGet:
            path: /healthz
            port: 8081
            scheme: HTTP
          initialDelaySeconds: 30
          timeoutSeconds: 5
        name: haproxy
        ports:
        # All http services
        - containerPort: 80
          hostPort: 80
          protocol: TCP
        # mysql
        - containerPort: 3306
          hostPort: 3306
          protocol: TCP
        # haproxy stats
        - containerPort: 1936
          hostPort: 1936
          protocol: TCP
        resources: {}
        args:
        - --tcp-services=mysql:3306

 core@localhost /etc/kubernetes $ sudo vim addons/kube-dashboard.yaml 
 core@localhost /etc/kubernetes $ sudo kubectl create -f addons/kube-dashboard.yaml 
 replicationcontroller "kubernetes-dashboard" created
 service "kubernetes-dashboard" created
 
 core@localhost /etc/kubernetes $ kubectl get svc
 NAME                   CLUSTER_IP       EXTERNAL_IP   PORT(S)   SELECTOR                   AGE
 kubernetes             10.254.0.1       <none>        443/TCP   <none>                     1h
 kubernetes-dashboard   10.254.101.137   <none>        80/TCP    app=kubernetes-dashboard   3s
 core@localhost /etc/kubernetes $ kubectl get pod
 NAME                         READY     STATUS    RESTARTS   AGE
 kubernetes-dashboard-dgdhn   1/1       Running   0          5s
 core@localhost /etc/kubernetes $ kubectl describe pod kubernetes-dashboard-dgdhn | grep IP
 IP:				1.1.67.3

 core@localhost /etc/kubernetes $ sudo kubectl create -f manifests/slb-rc.yaml
 replicationcontroller "service-loadbalancer" created

 core@localhost /etc/kubernetes $ kubectl get pod
 NAME                         READY     STATUS    RESTARTS   AGE
 kubernetes-dashboard-dgdhn   1/1       Running   0          2m
 service-loadbalancer-kd073   1/1       Running   0          19s

 core@localhost /etc/kubernetes $ kubectl logs service-loadbalancer-kd073
 I0216 00:12:48.997257       1 service_loadbalancer.go:550] Creating new loadbalancer: {Name:haproxy ReloadCmd:./haproxy_reload Config:/etc/haproxy/haproxy.cfg Template:template.cfg Algorithm: startSyslog:false lbDefAlgorithm:roundrobin}
 E0216 00:12:48.997337       1 service_loadbalancer.go:241] Get : unsupported protocol scheme ""
 I0216 00:12:49.020555       1 service_loadbalancer.go:468] Sync triggered by service default/kubernetes
 I0216 00:12:49.120781       1 service_loadbalancer.go:470] Requeuing default/kubernetes because of error: deferring sync till endpoints controller has synced
 I0216 00:12:49.120825       1 service_loadbalancer.go:468] Sync triggered by service default/kubernetes-dashboard
 I0216 00:12:49.120857       1 service_loadbalancer.go:430] Found service: {Name:kubernetes:443 Ep:[10.30.118.164:443] FrontendPort:80 Host: Algorithm:roundrobin SessionAffinity:true CookieStickySession:false}
 I0216 00:12:49.120881       1 service_loadbalancer.go:430] Found service: {Name:kubernetes-dashboard Ep:[1.1.67.3:9090] FrontendPort:80 Host: Algorithm:roundrobin SessionAffinity:true CookieStickySession:false}
 I0216 00:12:49.129735       1 service_loadbalancer.go:294] haproxy -- cat: can't open '/var/run/haproxy.pid': No such file or directory
 I0216 00:12:49.129764       1 service_loadbalancer.go:468] Sync triggered by service default/kubernetes
 I0216 00:12:49.129797       1 service_loadbalancer.go:430] Found service: {Name:kubernetes-dashboard Ep:[1.1.67.3:9090] FrontendPort:80 Host: Algorithm:roundrobin SessionAffinity:true CookieStickySession:false}
 I0216 00:12:49.129822       1 service_loadbalancer.go:430] Found service: {Name:kubernetes:443 Ep:[10.30.118.164:443] FrontendPort:80 Host: Algorithm:roundrobin SessionAffinity:true CookieStickySession:false}
 I0216 00:12:49.138585       1 service_loadbalancer.go:294] haproxy -- 
 
 core@localhost /etc/kubernetes $ kubectl logs kubernetes-dashboard-dgdhn
 2016/02/16 00:10:14 Starting HTTP server on port 9090
 2016/02/16 00:10:14 Creating API client for 
 2016/02/16 00:10:14 Creating in-cluster Heapster client

 core@localhost /etc/kubernetes $ kubectl exec service-loadbalancer-kd073 -i -t -- bash -il
 service-loadbalancer-kd073:/# cat /etc/haproxy/haproxy.cfg 
 # This file uses golang text templates (http://golang.org/pkg/text/template/) to
 # dynamically configure the haproxy loadbalancer.
 global
    daemon
    stats socket /tmp/haproxy
    server-state-file global
    server-state-base /var/state/haproxy/



 defaults
    log global

    load-server-state-from-file global
    
    # Enable session redistribution in case of connection failure.
    option redispatch
    
    # Disable logging of null connections (haproxy connections like checks). 
    # This avoids excessive logs from haproxy internals.
    option dontlognull
    
    # Enable HTTP connection closing on the server side.
    option http-server-close

    # Enable insertion of the X-Forwarded-For header to requests sent to 
    # servers and keep client IP address.
    option forwardfor
    
    # Enable HTTP keep-alive from client to server.
    option http-keep-alive

    # Clients should send their full http request in 5s.
    timeout http-request    5s
    
    # Maximum time to wait for a connection attempt to a server to succeed.
    timeout connect         5s

    # Maximum inactivity time on the client side.
    # Applies when the client is expected to acknowledge or send data.
    timeout client          50s

    # Inactivity timeout on the client side for half-closed connections.
    # Applies when the client is expected to acknowledge or send data 
    # while one direction is already shut down.
    timeout client-fin      50s
    
    # Maximum inactivity time on the server side.
    timeout server          50s
    
    # timeout to use with WebSocket and CONNECT
    timeout tunnel          1h
    
    # Maximum allowed time to wait for a new HTTP request to appear.
    timeout http-keep-alive 60s

    # default traffic mode is http
    # mode is overwritten in case of tcp services
    mode http

    # default default_backend. This allows custom default_backend in frontends
    default_backend default-backend

 backend default-backend
  server localhost 127.0.0.1:8081

 # haproxy stats, required hostport and firewall rules for :1936
 listen stats
    bind *:1936
    stats enable
    stats hide-version
    stats realm Haproxy\ Statistics
    stats uri /

 frontend httpfrontend
    # Frontend bound on all network interfaces on port 80
    bind *:80

    # inherit default mode, needs changing for tcp
    # forward everything meant for /foo to the foo backend
    # default_backend foo
    # in case of host header routing it will add a new acl and use an or
    # condition to determine the backend to be used
    # the style of if/else blocks is meant to preserves the format of the output config file

    acl url_acl_kubernetes-dashboard path_beg /kubernetes-dashboard
    use_backend kubernetes-dashboard if url_acl_kubernetes-dashboard


    acl url_acl_kubernetes:443 path_beg /kubernetes:443
    use_backend kubernetes:443 if url_acl_kubernetes:443





 backend kubernetes-dashboard
    option  httplog
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http

    balance roundrobin
    # TODO: Make the path used to access a service customizable.
    reqrep ^([^\ :]*)\ /kubernetes-dashboard[/]?(.*) \1\ /\2

    # create a stickiness table using client IP address as key
    # http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#stick-table
    stick-table type ip size 100k expire 30m
    stick on src
    server 1.1.67.3:9090 1.1.67.3:9090
    




 backend kubernetes:443
    option  httplog
    errorfile 400 /etc/haproxy/errors/400.http
    errorfile 403 /etc/haproxy/errors/403.http
    errorfile 408 /etc/haproxy/errors/408.http
    errorfile 500 /etc/haproxy/errors/500.http
    errorfile 502 /etc/haproxy/errors/502.http
    errorfile 503 /etc/haproxy/errors/503.http
    errorfile 504 /etc/haproxy/errors/504.http

    balance roundrobin
    # TODO: Make the path used to access a service customizable.
    reqrep ^([^\ :]*)\ /kubernetes:443[/]?(.*) \1\ /\2

    # create a stickiness table using client IP address as key
    # http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#stick-table
    stick-table type ip size 100k expire 30m
    stick on src
    server 10.30.118.164:443 10.30.118.164:443
    

 # From a node in the cluster I Can curl the svc/pod ip's
 $ curl 10.254.101.137
 <!doctype html> <html ng-app="kubernetesDashboard">  <head> <meta charset="utf-8"> <title>Kubernetes Dashboard</title> <link rel="icon" type="image/png" href="assets/images/kubernetes-logo.png"> <meta name="viewport" content="width=device-width"> <link rel="stylesheet" href="static/vendor-43edff5f29.css"> <link rel="stylesheet" href="static/app-6cfc4c1a60.css"> </head> <body> <!--[if lt IE 10]><p class="browsehappy">You are using an <strong>outdated</strong> browser.
      Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your
      experience.</p><![endif]--> <chrome> <div ui-view>  </div> </chrome> <script src="static/vendor-066b1a2b94.js"></script> <script src="static/app-eb79f88e2b.js"></script> </body> </html>core@localhost ~ $ 

 core@localhost ~ $ curl 1.1.67.3:9090
 <!doctype html> <html ng-app="kubernetesDashboard">  <head> <meta charset="utf-8"> <title>Kubernetes Dashboard</title> <link rel="icon" type="image/png" href="assets/images/kubernetes-logo.png"> <meta name="viewport" content="width=device-width"> <link rel="stylesheet" href="static/vendor-43edff5f29.css"> <link rel="stylesheet" href="static/app-6cfc4c1a60.css"> </head> <body> <!--[if lt IE 10]><p class="browsehappy">You are using an <strong>outdated</strong> browser.
      Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your
      experience.</p><![endif]--> <chrome> <div ui-view>  </div> </chrome> <script src="static/vendor-066b1a2b94.js"></script> <script src="static/app-eb79f88e2b.js"></script> </body> </html>
	$ cat addons/kube-dashboard.yaml
	apiVersion: v1
	kind: ReplicationController
	metadata:
	labels:
	app: kubernetes-dashboard
	version: canary
	name: kubernetes-dashboard
	# namespace: kube-system
	spec:
	replicas: 1
	selector:
	app: kubernetes-dashboard
	version: canary
	template:
	metadata:
	labels:
	app: kubernetes-dashboard
	version: canary
	spec:
	containers:
	- name: kubernetes-dashboard
	image: gcr.io/google_containers/kubernetes-dashboard:canary
	imagePullPolicy: Always
	ports:
	- containerPort: 9090
	protocol: TCP
	---
	apiVersion: v1
	kind: Service
	metadata:
	labels:
	app: kubernetes-dashboard
	name: kubernetes-dashboard
	# namespace: kube-system
	spec:
	ports:
	- port: 80
	targetPort: 9090
	protocol: TCP
	selector:
	app: kubernetes-dashboard

	$ cat manifests/slb-rc.yaml
	apiVersion: v1
	kind: ReplicationController
	metadata:
	name: service-loadbalancer
	labels:
	app: service-loadbalancer
	version: v1
	spec:
	replicas: 1
	selector:
	app: service-loadbalancer
	version: v1
	template:
	metadata:
	labels:
	app: service-loadbalancer
	version: v1
	spec:
	nodeSelector:
	role: loadbalancer
	containers:
	- image: gcr.io/google_containers/servicelb:0.2
	imagePullPolicy: Always
	livenessProbe:
	httpGet:
	path: /healthz
	port: 8081
	scheme: HTTP
	initialDelaySeconds: 30
	timeoutSeconds: 5
	name: haproxy
	ports:
	# All http services
	- containerPort: 80
	hostPort: 80
	protocol: TCP
	# mysql
	- containerPort: 3306
	hostPort: 3306
	protocol: TCP
	# haproxy stats
	- containerPort: 1936
	hostPort: 1936
	protocol: TCP
	resources: {}
	args:
	- --tcp-services=mysql:3306

	core@localhost /etc/kubernetes $ sudo vim addons/kube-dashboard.yaml
	core@localhost /etc/kubernetes $ sudo kubectl create -f addons/kube-dashboard.yaml
	replicationcontroller "kubernetes-dashboard" created
	service "kubernetes-dashboard" created

	core@localhost /etc/kubernetes $ kubectl get svc
	NAME CLUSTER_IP EXTERNAL_IP PORT(S) SELECTOR AGE
	kubernetes 10.254.0.1 <none> 443/TCP <none> 1h
	kubernetes-dashboard 10.254.101.137 <none> 80/TCP app=kubernetes-dashboard 3s
	core@localhost /etc/kubernetes $ kubectl get pod
	NAME READY STATUS RESTARTS AGE
	kubernetes-dashboard-dgdhn 1/1 Running 0 5s
	core@localhost /etc/kubernetes $ kubectl describe pod kubernetes-dashboard-dgdhn \| grep IP
	IP: 1.1.67.3

	core@localhost /etc/kubernetes $ sudo kubectl create -f manifests/slb-rc.yaml
	replicationcontroller "service-loadbalancer" created

	core@localhost /etc/kubernetes $ kubectl get pod
	NAME READY STATUS RESTARTS AGE
	kubernetes-dashboard-dgdhn 1/1 Running 0 2m
	service-loadbalancer-kd073 1/1 Running 0 19s

	core@localhost /etc/kubernetes $ kubectl logs service-loadbalancer-kd073
	I0216 00:12:48.997257 1 service_loadbalancer.go:550] Creating new loadbalancer: {Name:haproxy ReloadCmd:./haproxy_reload Config:/etc/haproxy/haproxy.cfg Template:template.cfg Algorithm: startSyslog:false lbDefAlgorithm:roundrobin}
	E0216 00:12:48.997337 1 service_loadbalancer.go:241] Get : unsupported protocol scheme ""
	I0216 00:12:49.020555 1 service_loadbalancer.go:468] Sync triggered by service default/kubernetes
	I0216 00:12:49.120781 1 service_loadbalancer.go:470] Requeuing default/kubernetes because of error: deferring sync till endpoints controller has synced
	I0216 00:12:49.120825 1 service_loadbalancer.go:468] Sync triggered by service default/kubernetes-dashboard
	I0216 00:12:49.120857 1 service_loadbalancer.go:430] Found service: {Name:kubernetes:443 Ep:[10.30.118.164:443] FrontendPort:80 Host: Algorithm:roundrobin SessionAffinity:true CookieStickySession:false}
	I0216 00:12:49.120881 1 service_loadbalancer.go:430] Found service: {Name:kubernetes-dashboard Ep:[1.1.67.3:9090] FrontendPort:80 Host: Algorithm:roundrobin SessionAffinity:true CookieStickySession:false}
	I0216 00:12:49.129735 1 service_loadbalancer.go:294] haproxy -- cat: can't open '/var/run/haproxy.pid': No such file or directory
	I0216 00:12:49.129764 1 service_loadbalancer.go:468] Sync triggered by service default/kubernetes
	I0216 00:12:49.129797 1 service_loadbalancer.go:430] Found service: {Name:kubernetes-dashboard Ep:[1.1.67.3:9090] FrontendPort:80 Host: Algorithm:roundrobin SessionAffinity:true CookieStickySession:false}
	I0216 00:12:49.129822 1 service_loadbalancer.go:430] Found service: {Name:kubernetes:443 Ep:[10.30.118.164:443] FrontendPort:80 Host: Algorithm:roundrobin SessionAffinity:true CookieStickySession:false}
	I0216 00:12:49.138585 1 service_loadbalancer.go:294] haproxy --

	core@localhost /etc/kubernetes $ kubectl logs kubernetes-dashboard-dgdhn
	2016/02/16 00:10:14 Starting HTTP server on port 9090
	2016/02/16 00:10:14 Creating API client for
	2016/02/16 00:10:14 Creating in-cluster Heapster client

	core@localhost /etc/kubernetes $ kubectl exec service-loadbalancer-kd073 -i -t -- bash -il
	service-loadbalancer-kd073:/# cat /etc/haproxy/haproxy.cfg
	# This file uses golang text templates (http://golang.org/pkg/text/template/) to
	# dynamically configure the haproxy loadbalancer.
	global
	daemon
	stats socket /tmp/haproxy
	server-state-file global
	server-state-base /var/state/haproxy/



	defaults
	log global

	load-server-state-from-file global

	# Enable session redistribution in case of connection failure.
	option redispatch

	# Disable logging of null connections (haproxy connections like checks).
	# This avoids excessive logs from haproxy internals.
	option dontlognull

	# Enable HTTP connection closing on the server side.
	option http-server-close

	# Enable insertion of the X-Forwarded-For header to requests sent to
	# servers and keep client IP address.
	option forwardfor

	# Enable HTTP keep-alive from client to server.
	option http-keep-alive

	# Clients should send their full http request in 5s.
	timeout http-request 5s

	# Maximum time to wait for a connection attempt to a server to succeed.
	timeout connect 5s

	# Maximum inactivity time on the client side.
	# Applies when the client is expected to acknowledge or send data.
	timeout client 50s

	# Inactivity timeout on the client side for half-closed connections.
	# Applies when the client is expected to acknowledge or send data
	# while one direction is already shut down.
	timeout client-fin 50s

	# Maximum inactivity time on the server side.
	timeout server 50s

	# timeout to use with WebSocket and CONNECT
	timeout tunnel 1h

	# Maximum allowed time to wait for a new HTTP request to appear.
	timeout http-keep-alive 60s

	# default traffic mode is http
	# mode is overwritten in case of tcp services
	mode http

	# default default_backend. This allows custom default_backend in frontends
	default_backend default-backend

	backend default-backend
	server localhost 127.0.0.1:8081

	# haproxy stats, required hostport and firewall rules for :1936
	listen stats
	bind *:1936
	stats enable
	stats hide-version
	stats realm Haproxy\ Statistics
	stats uri /

	frontend httpfrontend
	# Frontend bound on all network interfaces on port 80
	bind *:80

	# inherit default mode, needs changing for tcp
	# forward everything meant for /foo to the foo backend
	# default_backend foo
	# in case of host header routing it will add a new acl and use an or
	# condition to determine the backend to be used
	# the style of if/else blocks is meant to preserves the format of the output config file

	acl url_acl_kubernetes-dashboard path_beg /kubernetes-dashboard
	use_backend kubernetes-dashboard if url_acl_kubernetes-dashboard


	acl url_acl_kubernetes:443 path_beg /kubernetes:443
	use_backend kubernetes:443 if url_acl_kubernetes:443





	backend kubernetes-dashboard
	option httplog
	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http

	balance roundrobin
	# TODO: Make the path used to access a service customizable.
	reqrep ^([^\ :])\ /kubernetes-dashboard[/]?(.) \1\ /\2

	# create a stickiness table using client IP address as key
	# http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#stick-table
	stick-table type ip size 100k expire 30m
	stick on src
	server 1.1.67.3:9090 1.1.67.3:9090





	backend kubernetes:443
	option httplog
	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http

	balance roundrobin
	# TODO: Make the path used to access a service customizable.
	reqrep ^([^\ :])\ /kubernetes:443[/]?(.) \1\ /\2

	# create a stickiness table using client IP address as key
	# http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#stick-table
	stick-table type ip size 100k expire 30m
	stick on src
	server 10.30.118.164:443 10.30.118.164:443


	# From a node in the cluster I Can curl the svc/pod ip's
	$ curl 10.254.101.137
	<!doctype html> <html ng-app="kubernetesDashboard"> <head> <meta charset="utf-8"> <title>Kubernetes Dashboard</title> <link rel="icon" type="image/png" href="assets/images/kubernetes-logo.png"> <meta name="viewport" content="width=device-width"> <link rel="stylesheet" href="static/vendor-43edff5f29.css"> <link rel="stylesheet" href="static/app-6cfc4c1a60.css"> </head> <body> <!--[if lt IE 10]><p class="browsehappy">You are using an <strong>outdated</strong> browser.
	Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your
	experience.</p><![endif]--> <chrome> <div ui-view> </div> </chrome> <script src="static/vendor-066b1a2b94.js"></script> <script src="static/app-eb79f88e2b.js"></script> </body> </html>core@localhost ~ $

	core@localhost ~ $ curl 1.1.67.3:9090
	<!doctype html> <html ng-app="kubernetesDashboard"> <head> <meta charset="utf-8"> <title>Kubernetes Dashboard</title> <link rel="icon" type="image/png" href="assets/images/kubernetes-logo.png"> <meta name="viewport" content="width=device-width"> <link rel="stylesheet" href="static/vendor-43edff5f29.css"> <link rel="stylesheet" href="static/app-6cfc4c1a60.css"> </head> <body> <!--[if lt IE 10]><p class="browsehappy">You are using an <strong>outdated</strong> browser.
	Please <a href="http://browsehappy.com/">upgrade your browser</a> to improve your
	experience.</p><![endif]--> <chrome> <div ui-view> </div> </chrome> <script src="static/vendor-066b1a2b94.js"></script> <script src="static/app-eb79f88e2b.js"></script> </body> </html>