HAProxy (edge) — BRAC POC tools

Quick facts

Form: VM on br30
Failover model: backup keyword per backend (DC primary, DR backup)
Wired backends: vault-rke2, auth (Keycloak), terrakube-{ui,api,reg}, awx
Pending backends: SigNoz, Nexus, Jenkins, RedisInsight, Kafka

What it is

All *.apps.sub.comptech-lab.com hostnames resolve to the HAProxy VM, which fans out to the DC and DR cluster ingress controllers. DC/DR cutover is performed here — there is no DNS movement during failover; clients see at most a single TCP retry.

Architecture

Add diagrams or topology notes here — how this component sits relative to DC/DR, what replicates, and what speaks to it. Mermaid blocks render as plain text today; embed images under /assets/ when needed.

Configuration

Add chart values overrides, important env vars, OIDC client config, secret references. Link to the source files in infra/gitops-rke2 rather than copying YAML wholesale — the repo is the source of truth.

Operations

Add runbook notes: backup, restore, common troubleshooting, dashboards, on-call cheatsheet entries.

Failover

Add DC/DR cutover/cutback notes: edge HAProxy backend name, healthcheck path, measured cutover/cutback times, smoke-test commands.

References

Add upstream chart / project links, ADR refs, MR links, and cross-references to other tools in this catalogue.