Hi.
The subject looks strange so let me the explain the setup a little bit.
I have a old rsyslog without ssl module.
I need to send syslog messages via tcp to a remote syslog server.
Between the local server and the remote server is a haproxy which I can
only use as https-sni-forwarder.
https://docs.openshift.com/container-platform/3.4/architecture/core_concepts/routes.html#secured-routes
-> Passthrough mode
I was able to run my docker image on the old rsyslog server.
####
docker run -it --rm --name rsylog-forwarder \
-e SERVICE_DEST=logcollect.${DOMAIN} -e TZ=Europe/Vienna \
-e SERVICE_NAME=rsylog-forwarder -e SERVICE_DEST_PORT=13443 \
-e SYSLOG_ADDRESS=127.0.0.1 -e SERVICE_TCP_PORT=13443 \
-e STATS_PORT=13444 -e
CONFIG_FILE=/mnt/config/haproxy-sslforwarder.conf \
-e DEBUG=true -v /etc/rsylog-forwarder/conf:/mnt/config \
-v /etc/rsylog-forwarder/ssl:/mnt/certs \
--expose 13443 --expose 13444 \
--health-cmd 'curl -sS http://127.0.0.1:${STATS_PORT}' \
--health-interval 5s --health-timeout 3s --entrypoint /bin/bash \
-p 13443:13443 me2digital/haproxy17
in the container: bash -x container-entrypoint.sh
####
When I now call
logger --tcp --server 127.0.0.1 --port 13443 --tag aushape test aleks
Then I can see that the logger connects to the local haproxy but the
haproxy does note connect to the 'logcollect.${DOMAIN}'
But when I call
curl -vk https://logcollect.${DOMAIN}/
I reach the haproxy inside via the openshift router.
So finally the setup works when I'am able to configure haproxy in that
way that he acts like curl ;-)
Do you think this is possible?
Haproxy version 1.7.3
=> https://gitlab.com/aleks001/haproxy17-centos
Config 'local ssl forwarder tcp -> https'
=> https://gitlab.com/snippets/1654829
Config 'remote forwarder https -> tcp'
=> https://gitlab.com/snippets/1654828
Thanks for any feedback.
Cheers
aleks
