Using both annotations "haproxy.org/cr-backend" and "haproxy.org/<parameter>"

[larspk]

Hello. I encountered a problem when I want to setup haproxy.org/pod-maxconn: '30' (service annotation) and at the same time I need to use annotation haproxy.org/cr-backend, because I need another parameter slowstart (it could be also other parameters) that is only available in CRD Backend. It seems that the annotation haproxy.org/cr-backend has priority on the annotation haproxy.org/pod-maxconn. Whenever I apply both annotations, pod-maxconn is not appearing in haproxy.cfg but when I remove cr-backend, it does. I also tested haproxy.org/load-balance: "leastconn", it has the same behaviour, so I assume it is generally like that. Is it expected behaviour? HAProxy Ingress Controller v1.10.9 An example:

kind: Service
...
  annotations:
    haproxy.org/pod-maxconn: '30'
    haproxy.org/cr-backend: haproxy/backend-configuration # Comment out this line and pod-maxconn parameter will work

---

apiVersion: "core.haproxy.org/v1alpha2"
kind: Backend
metadata:
  name: backend-configuration
spec:
  config:
...
    default_server:
      inter: 2000 
      slowstart: 300000

[fabianonunes]

Yes, that's the default behavior:

Custom resources are meant to replace annotations when possible. So they will have precedance when used. Example: if the backend resource is used no backend annotation will be processed which means a backend cannot be configured by mixing both the backend resource and backend annotations. (https://github.com/haproxytech/kubernetes-ingress/blob/master/documentation/custom-resources.md)

Alternatively, you can use config.default_server.maxconn to set the maximum number of concurrent connections allowed for a server:

apiVersion: ingress.v1.haproxy.org/v1
kind: Backend
metadata:
  name: backend-configuration
spec:
  config:
    default_server:
      inter: 2000 
      slowstart: 300000
      maxconn: 100

[larspk]

fabianonunes I see, thank you for the response. But maxconn != pod-maxconn and using pod-maxconn could be important while having dynamic haproxy replica count.

From documentation: https://www.haproxy.com/documentation/kubernetes-ingress/community/configuration-reference/ingress/#pod-maxconn

NB, If multiple HAProxy instances are running, the maxconn will be pod-maxconn number devided by the number of haproxy instances.

So, maybe slowstart could also be added as a property to service/ingress annotations, because I don't see how to use them together.

[ivanmatmati]

@larspk , @fabianonunes is correct, the maxconn field in the default_server section is related to pod-maxconn. Actually the pod-maxconn annotation only sets the maxconn of the default_server directive. Just be aware that the mecanism of adjustement of the maxconn value you spotted doesn't work with custom resources. They are raw definitions without ingress controller interference.