iamthefij/orchestration-tests
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix syslog proxy

Browse Source 
Apparently traefik only supports http proxy over connect.

https://github.com/traefik/traefik/issues/7803
This commit is contained in:
IamTheFij 2022-09-04 20:21:02 -07:00
parent d62c96fe34
commit 67df912755
3 changed files with 47 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.secrets-baseline
View File

@ -171,7 +171,7 @@
"filename": "nomad/syslogng.nomad", "filename": "nomad/syslogng.nomad",
"hashed_secret": "298b5925fe7c7458cb8a12a74621fdedafea5ad6", "hashed_secret": "298b5925fe7c7458cb8a12a74621fdedafea5ad6",
"is_verified": false, "is_verified": false,
"line_number": 171, "line_number": 159,
"is_secret": false "is_secret": false
}, },
{ {
@ -179,7 +179,7 @@
"filename": "nomad/syslogng.nomad", "filename": "nomad/syslogng.nomad",
"hashed_secret": "3a1cec2d3c3de7e4da4d99c6731ca696c24b72b4", "hashed_secret": "3a1cec2d3c3de7e4da4d99c6731ca696c24b72b4",
"is_verified": false, "is_verified": false,
"line_number": 171, "line_number": 159,
"is_secret": false "is_secret": false
} }
], ],
@ -210,5 +210,5 @@
} }
] ]
}, },
"generated_at": "2022-09-04T21:06:55Z" "generated_at": "2022-09-05T03:20:56Z"
} }

16
nomad/syslogng.nomad
View File

@ -92,13 +92,6 @@ EOF
group "syslogng" { group "syslogng" {
count = 1 count = 1
constraint {
attribute = "${node.unique.name}"
# Needs to be on a predictable node for routing
# Maybe a loadbalancer could be used for routing from any node
value = "n2"
}
network { network {
mode = "bridge" mode = "bridge"
port "main" { port "main" {
@ -113,6 +106,8 @@ EOF
connect { connect {
sidecar_service { sidecar_service {
proxy { proxy {
local_service_port = 514
upstreams { upstreams {
destination_name = "syslogng-promtail" destination_name = "syslogng-promtail"
local_bind_port = 1000 local_bind_port = 1000
@ -128,13 +123,6 @@ EOF
} }
} }
} }
tags = [
"traefik.enable=true",
"traefik.tcp.routers.syslogngtcp.entrypoints=syslogtcp",
"traefik.tcp.routers.syslogngtcp.rule=HostSNI(`*`)",
"traefik.udp.routers.syslogngudp.entrypoints=syslogudp",
]
} }
task "syslogng" { task "syslogng" {

42
nomad/traefik/traefik.nomad
View File

@ -32,9 +32,14 @@ job "traefik" {
port "web" { port "web" {
static = 80 static = 80
} }
port "websecure" { port "websecure" {
static = 443 static = 443
} }
port "syslog" {
static = 514
}
} }
ephemeral_disk { ephemeral_disk {
@ -224,6 +229,43 @@ CF_ZONE_API_TOKEN={{ .Data.data.api_token_zone_read }}
change_mode = "noop" change_mode = "noop"
} }
template {
data = <<EOH
{{ with service "syslogng" -}}
[tcp.routers]
[tcp.routers.syslogtcp]
entryPoints = ["syslogtcp"]
service = "syslogngtcp"
rule = "HostSNI(`*`)"
[tcp.services]
[tcp.services.syslogngtcp]
[tcp.services.syslogngtcp.loadBalancer]
{{ range . -}}
[[tcp.services.syslogngtcp.loadBalancer.servers]]
address = "{{ .Address }}:{{ .Port }}"
{{ end -}}
{{ end }}
{{ with service "syslogng" -}}
[udp.routers]
[udp.routers.syslogudp]
entryPoints = ["syslogudp"]
service = "syslogngudp"
[udp.services]
[udp.services.syslogngudp]
[udp.services.syslogngudp.loadBalancer]
{{ range . -}}
[[udp.services.syslogngudp.loadBalancer.servers]]
address = "{{ .Address }}:{{ .Port }}"
{{ end -}}
{{ end }}
EOH
destination = "local/config/conf/route-syslog-ng.toml"
change_mode = "noop"
}
template { template {
data = <<EOH data = <<EOH
[http.middlewares] [http.middlewares]