haproxy-ingress | HAProxy Ingress | Load Balancing library
kandi X-RAY | haproxy-ingress Summary
kandi X-RAY | haproxy-ingress Summary
Ingress controller implementation for HAProxy loadbalancer. HAProxy Ingress is a Kubernetes ingress controller: it configures a HAProxy instance to route incoming requests from an external network to the in-cluster applications. The routing configurations are built reading specs from the Kubernetes cluster. Updates made to the cluster are applied on the fly to the HAProxy instance.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of haproxy-ingress
haproxy-ingress Key Features
haproxy-ingress Examples and Code Snippets
Community Discussions
Trending Discussions on haproxy-ingress
QUESTION
I have a haproxy-ingress (v0.13.5, default helm setup) in an aws hosted kubernetes cluster (v1.21.2-eks-06eac09) and a single service/deployment. The service is up and running and can be called via curl successfully and the haproxy stats page shows a green backend with the correct ip. Everything looks good to me, but if I call the url I get the default 404 backend unless I configure a default backend with the same service. This brings me to the conclusion that there must be some problem with the host or path mapping, right?. Is there an error in my configuration or is the problem somewhere else?
This is my ingress resource:
...ANSWER
Answered 2022-Jan-21 at 16:04I found the problem! The hosts section in my tls definition was missing. This way no /etc/haproxy/maps_front_https_host__begin.map was generated and no there was no mapping configuration in my generated frontend section (http-request set-var(req.hostbackend) var(req.base),lower,map_beg(/etc/haproxy/maps/_front_https_host__begin.map)).
my fully working ingress is now looking like this (I moved the annotations to a configmap):
QUESTION
I'm trying to add an NGINX Ingress controller on a GKE cluster, with existing HAProxy Ingress controller (which has some problem with rewriting rules)
First I tried to expose the controller's Service to LoadBalancer type. The traffic can reach ingress and backends, but it didn't work with Managed Certificates.
So I tried to use L7 Load Balancer (URL Map) to forward traffic to GKE cluster IP, and create an Ingress object for my ingress controller itself.
The problem is, this Ingress object seems not bound to external IP. And routing to the domain yields "default backend - 404" response.
...ANSWER
Answered 2022-Jan-07 at 10:41Managed Certificates only work with L7 (HTTP) LoadBalancer not with TCP ones.
My understanding is you want to use nginx as an Ingress controller on GKE but you want to expose it behind an L7 LoadBalancer so you can use Google Managed Certificates ?
QUESTION
I have a haproxy as a load balancer running in k8s with a route to a service with two running pods. I want the server naming inside haproxy to correspond to the pod names behind my service. If I'm not mistaken the following configmap / annotation value should do exactly this: https://haproxy-ingress.github.io/docs/configuration/keys/#backend-server-naming. But for me it doesn't and for the life of me I can't find out why. The relevant parts of my configuration look like this:
controller deployment:
...ANSWER
Answered 2021-Dec-06 at 17:07Here are a few hints to help you out solving your issue.
Be sure you know the exact version of your haproxy-ingress controller:Looking at the manifest files you shared, it's hard to tell which exact version of haproxy-ingress-controller container you are running in your cluster (btw, it's against best practices in production envs to leave it w/o tag, read more on it here).
For backend-server-naming configuration key to be working, minimum the v0.8.1 is required (it was backported).
Before you move on in troubleshooting, firstly please double check your ingress deployment for compatibility.
My observations of "backend-server-naming=pod" behavior Configuration dynamic updates:If I understand correctly the official documentation on this configuration key, setting a server naming of backends to pod names (backend-server-naming=pod) instead of sequences, does support a dynamic re-load of haproxy configuration, but does NOT support as of now dynamic updates to haproxy run-time configuration to server names at backend section (it was explained by haproxy-ingress author here, and here)
It means you need to restart your haproxy-ingress controller instance first, to be able to see changes in backend's server names reflected at haproxy configuration, e.g. situations when new Pod replicas appear or POD_IP changed due the Pod crash (expect addition/updates of server entries based on sequence naming).
Ingress Class:I have tested successfully (see test below) the backend-server-naming=pod setting on v0.13.4 with classified Ingress type, based on ingressClassName field , rather than deprecated annotation kubernetes.io/ingress.class, as in your case:
I'm not claiming your configuration won't work (it should too), but it's important to know, that dynamic updates to configuration (this includes changes to backend configs) won't happen on unclassified Ingress resource or wrongly classified one, unless you're really running v0.12 or newer version.
QUESTION
I have two separate IngressControllers, one internal and one external. I would like to define which controller to use for each Ingress.
I have defined --ingress.class=hapxroxy-ext arg for the external controller and --empty-ingress-class for the internal.
Ingress Services
...ANSWER
Answered 2021-Aug-25 at 03:26This issue is due to a bug in https://github.com/haproxytech/kubernetes-ingress when using IngressClassName in ingress.yaml. If you remove IngressClassName from your ingress.yaml and just use "kubernetes.io/ingress.class": annotation the issue goes away, it more of a workaround than a fix.
This issue has been raised and still open see link below for updates.
https://github.com/haproxytech/kubernetes-ingress/issues/354#issuecomment-904551220
QUESTION
I am using HAProxy as the ingress-controller in my GKE clusters. And exposing HAProxy service as LoadBalancer service(Internal).
Recently, I experienced an issue, where the HA-Proxy service changed its EXTERNAL-IP, and traffic stopped routing to HAProxy. This issue occurred multiple times on different days(now it has stopped). I had to manually add that new External-IP to the frontend of that Loadbalancer to allow traffic to HAProxy.
There were two pods running for HAProxy, and both had been running for days, and there was nothing in their logs. I assume it was something related to Service or GCP LB and not HAProxy itself.
I am afraid that I don't have any logs related to that.
I still don't know, what caused the service IP to change. As there were no recent changes, and the cluster and all services were running for many days properly, and suddenly this occurred.
Has anyone faced a similar issue earlier? Or what can I do to avoid such issue in future?
What could have caused the IP to change?
This is how my service is configured:
...ANSWER
Answered 2021-May-16 at 00:48Unfortunately without logs it's hard to say anything for sure. You should check the audit logs that GKE ships to Cloud Logging as that might give you some idea of what happened. One option is the GCP "oops"'d the GLB and GKE recreated it, thus giving it a new IP. I've never heard of that happening with LBs though (it happens pretty often with nodes, but not LBs). A more common case would be you ran some kubectl command that inadvertently removed the Service object and then it was recreated by some management layer you have set up (Argo, Flux, Helm Operator, whatever) but delete+recreate again means it's a new LB with a new IP. The latter case should be visible in the audit logs so check those out for sure.
QUESTION
I want to use the same hostname let's say example.com with multiple Ingress resources running in different namespaces i.e monitoring and myapp. I'm using Kubernetes nginx-ingress controller.
haproxy-ingress.yaml
...ANSWER
Answered 2021-Mar-26 at 15:21Yes it is possible.
There can be two issues in your case.
One is you don't need the regex path for grafana ingress. Simple /grafana path will be fine with path type Prefix as with path type Prefix any /grafana/... will be redirected associated service. So the manifest file will be:
QUESTION
I have HA proxy ingress installed on Kubernetes AKS. I installed it using:
...ANSWER
Answered 2021-Mar-08 at 12:32I finally figured out what I was missing. I added kubernetes.io/ingress.class: haproxy annotation and problem solved:
QUESTION
I am new to k8s and I found a problem that I can not resolve.
I am building a HA cluster of Master nodes. I am running some tests (removing one node and adding the node again). Through this process I noticed that the etcd cluster does not update the cluster list.
Sample of problem below:
...ANSWER
Answered 2020-Oct-12 at 17:10Thanks to Mariusz K. I found the answer to my problem. In case that someone else might have the same problem here is how I solved it.
First query the cluster (HA) for the etcd members (sample of code):
QUESTION
I'm using helmfile to install my Helm chart and other dependencies charts.
I want to use templated values in the value files.
From this resolved issue, it looks like templating in value files is supported. However, I tested with the following files:
helmfile.yaml:
ANSWER
Answered 2020-Oct-08 at 01:58I got the answer. From the document of helmfile,
You can use go's text/template expressions in helmfile.yaml and values.yaml.gotmpl (templated helm values files). values.yaml references will be used verbatim. In other words: for value files ending with .gotmpl, template expressions will be rendered for plain value files (ending in .yaml), content will be used as-is
Therefore, for this case, values.yaml should be renamed to values.yaml.gotmpl so that helmfile will interpret the file as go template.
QUESTION
I'm using HAProxy Ingress Controller (https://github.com/helm/charts/tree/master/incubator/haproxy-ingress) for TLS-termination for my app.
I have a simple Node.JS server listening on 8080 for HTTP, and 1935 as a simple echo server (not HTTP).
And I use HAProxy Ingress controller to wrap the ports in TLS. (8080 -> 443 (HTTPS), 1935 -> 1936 (TCP + TLS))
I installed HAProxy Ingress Controller with
ANSWER
Answered 2020-Sep-29 at 12:03HAProxy by default allows to reuse the same port number across the same or other frontend/listen sections and also across other haproxy process. This can be changed adding noreuseport in the global section.
The default HAProxy Ingress configuration uses port number 1936 to expose stats. If such port number is reused by eg a tcp proxy, the incoming requests will be distributed between both frontends - sometimes your service will be called, sometimes the stats page. Changing the tcp proxy or the stats page (doc here) to another port should solve the issue.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install haproxy-ingress
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
