kubernetes-ingress
kubernetes-ingress copied to clipboard
haproxytech
HAProxy Kubernetes Ingress Controller
Hi, It seems that for versions 1.7.0 to latest (1.8.3 at time of writing), a `ssl-redirect` annotation on an Ingress cannot override the value from the controller's ConfigMap. In my...
I have upgraded HAProxy controller from an earlier to the latest version (1.8.3). Unfortunately, an ingress resource for SSL-based backend (actually, the Kubernetes dashboard) stopped working. ``` apiVersion: networking.k8s.io/v1 kind:...
When using Google Kubernetes Engine auto upgrade feature GKE will monitor your cluster for use of deprecated APIs and warn you if you are. It will also prevent the upgrade...
I have such DaemonSet for the controller (a slightly customized default): ``` apiVersion: apps/v1 kind: DaemonSet metadata: labels: run: haproxy-ingress name: haproxy-ingress namespace: haproxy-controller spec: selector: matchLabels: run: haproxy-ingress template:...
Are you planing to add the Gateway API https://gateway-api.sigs.k8s.io/
Hi, we have an external HAProxy load-balancer upstream of the K8s cluster. We have enabled the proxy-protocol to be able to whitelist the ip allowed to connect to the different...
Hi, Really appreciate the kubernetes-ingress! ❤️ I spoke with @Mo3m3n about this request on the slack channel. When the controller is running outside the cluster `--external` and you have something...
As far as I understand client certificates are always required (for the whole ingress / all routes) when "client-ca" is set in the ingress configmap: https://www.haproxy.com/documentation/kubernetes/latest/configuration/configmap/#client-ca https://github.com/haproxytech/kubernetes-ingress/blob/0b71f11cbcc9e72b885357c84d4cbd5f520b787f/controller/handler/https.go#L116 This also means...
Allow supporting the `option persist` of HAProxy when persistence is enabled. This should "force" traffic to carry on being routed to pods that are in NotReady state when a client...
I checked my trivy scans this morning and the CVE-2022-0778 popped up in the haproxytech/kubernetes-ingress:1.7.7 image. I am wondering if this vulnerability will be fixed in the near future? `haproxytech/kubernetes-ingress:1.7.7...
