kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3151 from johanneswuerbach/ssl-healthchecks 

Automatic merge from submit-queue

Use SSL in ELB API server health check

This switch causes the ELB to perform a SSL handshake and makes the
`I0427 03:57:55.059255       1 logs.go:41] http: TLS handshake error from IP:PORT: EOF`
disappear from the apiserver logs.

Tested manually and everything looks  

Inspiration from https://github.com/kubernetes-incubator/kube-aws/pull/604
This commit is contained in:
Kubernetes Submit Queue 2017-08-10 17:30:26 -07:00 committed by GitHub
parent 386402e0a6 2accc73a72
commit 6483ba6ac7
8 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/model/awsmodel/api_loadbalancer.go
View File

@ -116,7 +116,7 @@ func (b *APILoadBalancerBuilder) Build(c *fi.ModelBuilderContext) error {
// Configure fast-recovery health-checks
HealthCheck: &awstasks.LoadBalancerHealthCheck{
Target: s("TCP:443"),
Target: s("SSL:443"),
Timeout: i64(5),
Interval: i64(10),
HealthyThreshold: i64(2),

2
tests/integration/privatecalico/kubernetes.tf
View File

@ -184,7 +184,7 @@ resource "aws_elb" "api-privatecalico-example-com" {
subnets = ["${aws_subnet.utility-us-test-1a-privatecalico-example-com.id}"]
health_check = {
target = "TCP:443"
target = "SSL:443"
healthy_threshold = 2
unhealthy_threshold = 2
interval = 10

2
tests/integration/privatecanal/kubernetes.tf
View File

@ -184,7 +184,7 @@ resource "aws_elb" "api-privatecanal-example-com" {
subnets = ["${aws_subnet.utility-us-test-1a-privatecanal-example-com.id}"]
health_check = {
target = "TCP:443"
target = "SSL:443"
healthy_threshold = 2
unhealthy_threshold = 2
interval = 10

2
tests/integration/privatedns1/kubernetes.tf
View File

@ -184,7 +184,7 @@ resource "aws_elb" "api-privatedns1-example-com" {
subnets = ["${aws_subnet.utility-us-test-1a-privatedns1-example-com.id}"]
health_check = {
target = "TCP:443"
target = "SSL:443"
healthy_threshold = 2
unhealthy_threshold = 2
interval = 10

2
tests/integration/privatedns2/kubernetes.tf
View File

@ -184,7 +184,7 @@ resource "aws_elb" "api-privatedns2-example-com" {
subnets = ["${aws_subnet.utility-us-test-1a-privatedns2-example-com.id}"]
health_check = {
target = "TCP:443"
target = "SSL:443"
healthy_threshold = 2
unhealthy_threshold = 2
interval = 10

2
tests/integration/privateflannel/kubernetes.tf
View File

@ -184,7 +184,7 @@ resource "aws_elb" "api-privateflannel-example-com" {
subnets = ["${aws_subnet.utility-us-test-1a-privateflannel-example-com.id}"]
health_check = {
target = "TCP:443"
target = "SSL:443"
healthy_threshold = 2
unhealthy_threshold = 2
interval = 10

2
tests/integration/privatekopeio/kubernetes.tf
View File

@ -180,7 +180,7 @@ resource "aws_elb" "api-privatekopeio-example-com" {
subnets = ["${aws_subnet.utility-us-test-1a-privatekopeio-example-com.id}"]
health_check = {
target = "TCP:443"
target = "SSL:443"
healthy_threshold = 2
unhealthy_threshold = 2
interval = 10

2
tests/integration/privateweave/kubernetes.tf
View File

@ -184,7 +184,7 @@ resource "aws_elb" "api-privateweave-example-com" {
subnets = ["${aws_subnet.utility-us-test-1a-privateweave-example-com.id}"]
health_check = {
target = "TCP:443"
target = "SSL:443"
healthy_threshold = 2
unhealthy_threshold = 2
interval = 10