Falls back to HTTP-over-443 if the ConfigMap specified through --configmap is missing (even with --disable-http option)

[VelorumS]

Using a non-existent ConfigMap haproxy-controller/haproxy-kubernetes-ingress-wrong:

      containers:
        - name: kubernetes-ingress-controller
          image: "haproxytech/kubernetes-ingress:1.10.10"
          imagePullPolicy: IfNotPresent
          args:
            - --configmap=haproxy-controller/haproxy-kubernetes-ingress-wrong
            - --disable-http

And the curl http://<my-domain>:443/myapp gets the response in clear from my server that's behind haproxy.

I expected it to fail to start without a ConfigMap or at least to not serve HTTP in any form (and especially over 443) when the --disable-http is set.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[VelorumS]

Keep issue open until having time to investigate or a switch to the Gateway API.

[oktalz]

@VelorumS --disable-http only disables http, please also add --disable-https to disable also https

I expected it to fail to start without a ConfigMap

this is by desing, and its dynamic, you can add (and modify) it later

[VelorumS]

@oktalz why would I want to disable https?

Why does it respond with http when it's explicitly disabled?

Yes, I can modify a ConfigMap. But why when the ConfigMap is slightly misconfigured then the whole thing falls back to http? It's like having ssh falling back to telnet if you forget to generate a key.

[oktalz]

sry, I missed what you are trying to do

disable-http is for port 80 (or 8080 very recently) :443 is not impacted with this flag to me it looked as misconfiguration of some sort, 443 is not really for http traffic (or https is not correctly set/configured)

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.