Configuration reference
Global CRD
On this page
Selected version
Global CRD Configuration reference
Global
-
CRD version:
1.0 -
API version:
gate.v3.haproxy.org/v3
chroot
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
chroot: String # Allowed pattern: ^[^\s]+$
close_spread_time
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
close_spread_time: Integer Minimum: 0
cluster_secret
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
cluster_secret: String
cpu_maps
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
cpu_maps:
- cpu_set: String
process: String
cpu_policy
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
cpu_policy: String # Allowed values are none, efficiency, first-usable-node, group-by-2-ccx, group-by-2-clusters, group-by-3-ccx, group-by-3-clusters, group-by-4-ccx, group-by-4-cluster, group-by-ccx, group-by-cluster, performance, resource
cpu_set
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
cpu_set:
- directive: String # Allowed values are reset, drop-cpu, only-cpu, drop-node, only-node, drop-cluster, only-cluster, drop-core, only-core, drop-thread, only-thread
set: String
debug_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
debug_options:
anonkey: Integer Minimum: 0 Maximum: 4294967295
quiet: Boolean
stress_level: Integer Minimum: 0 Maximum: 9
zero_warning: Boolean
description
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
description: String
device_atlas_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
device_atlas_options:
json_file: String
log_level: String
properties_cookie: String
separator: String
dns_accept_family
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
dns_accept_family: String # Allowed pattern: ^[^\s]+$
environment_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
environment_options:
presetenv:
- name: String
value: String
resetenv: String
setenv:
- name: String
value: String
unsetenv: String
expose_deprecated_directives
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
expose_deprecated_directives: Boolean
expose_experimental_directives
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
expose_experimental_directives: Boolean
external_check
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
external_check: Boolean
fifty_one_degrees_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
fifty_one_degrees_options:
cache_size: Integer
data_file: String
property_name_list: String
property_separator: String
force_cfg_parser_pause
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
force_cfg_parser_pause: Integer Minimum: 0
gid
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
gid: Integer
grace
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
grace: Integer Minimum: 0
group
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
group: String # Allowed pattern: ^[^\s]+$
h1_accept_payload_with_any_method
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
h1_accept_payload_with_any_method: Boolean
h1_case_adjust
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
h1_case_adjust:
- from: String
to: String
h1_case_adjust_file
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
h1_case_adjust_file: String
h1_do_not_close_on_insecure_transfer_encoding
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
h1_do_not_close_on_insecure_transfer_encoding: Boolean
h2_workaround_bogus_websocket_clients
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
h2_workaround_bogus_websocket_clients: Boolean
hard_stop_after
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
hard_stop_after: Integer Minimum: 0
harden
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
harden:
reject_privileged_ports:
quic: String # Allowed values are enabled, disabled
tcp: String # Allowed values are enabled, disabled
http_client_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
http_client_options:
resolvers_disabled: String # Allowed values are enabled, disabled
resolvers_id: String
resolvers_prefer: String # Allowed values are ipv4, ipv6
retries: Integer
ssl_ca_file: String
ssl_verify: String # Allowed values are , none, required
timeout_connect: Integer Minimum: 0
http_err_codes
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
http_err_codes:
- value: String # Allowed pattern: ^[a-zA-Z0-9 +\-,]+$
http_fail_codes
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
http_fail_codes:
- value: String # Allowed pattern: ^[a-zA-Z0-9 +\-,]+$
insecure_fork_wanted
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
insecure_fork_wanted: Boolean
insecure_setuid_wanted
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
insecure_setuid_wanted: Boolean
limited_quic
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
limited_quic: Boolean
log_send_hostname
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
log_send_hostname:
enabled: String # Allowed values are enabled, disabled
param: String # Allowed pattern: ^[^\s]+$
log_target_list
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
log_target_list:
- address: String # Allowed pattern: ^[^\s]+$
facility: String # Allowed values are kern, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, auth2, ftp, ntp, audit, alert, cron2, local0, local1, local2, local3, local4, local5, local6, local7
format: String # Allowed values are local, rfc3164, rfc5424, priority, short, timed, iso, raw
global: Boolean
length: Integer
level: String # Allowed values are emerg, alert, crit, err, warning, notice, info, debug
minlevel: String # Allowed values are emerg, alert, crit, err, warning, notice, info, debug
nolog: Boolean
profile: String
sample_range: String
sample_size: Integer
lua_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
lua_options:
loads:
- file: String # Allowed pattern: ^[^\s]+$
prepend_path:
- path: String # Allowed pattern: ^[^\s]+$
type: String # Allowed values are path, cpath
merge_strategy
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
merge_strategy: String # Allowed values are override, append
mworker_max_reloads
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
mworker_max_reloads: Integer Minimum: 0
nbthread
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
nbthread: Integer
no_quic
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
no_quic: Boolean
node
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
node: String
numa_cpu_mapping
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
numa_cpu_mapping: String # Allowed values are enabled, disabled
ocsp_update_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
ocsp_update_options:
disable: Boolean
httpproxy:
address: String # Allowed pattern: ^[^\s]+$
port: Integer Minimum: 1 Maximum: 65535
maxdelay: Integer
mindelay: Integer
mode: String # Allowed values are enabled, disabled
performance_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
performance_options:
busy_polling: Boolean
max_spread_checks: Integer Minimum: 0
maxcompcpuusage: Integer
maxcomprate: Integer
maxconn: Integer
maxconnrate: Integer
maxpipes: Integer
maxsessrate: Integer
maxzlibmem: Integer
noepoll: Boolean
noevports: Boolean
nogetaddrinfo: Boolean
nokqueue: Boolean
nopoll: Boolean
noreuseport: Boolean
nosplice: Boolean
profiling_memory: String # Allowed values are enabled, disabled
profiling_tasks: String # Allowed values are auto, enabled, disabled
server_state_base: String # Allowed pattern: ^[^\s]+$
server_state_file: String # Allowed pattern: ^[^\s]+$
spread_checks: Integer
thread_hard_limit: Integer
pp2_never_send_local
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
pp2_never_send_local: Boolean
prealloc_fd
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
prealloc_fd: Boolean
runtime_apis
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
runtime_apis:
- accept_netscaler_cip: Integer
accept_proxy: Boolean
address: String # Allowed pattern: ^[^\s]+$
allow_0rtt: Boolean
alpn: String # Allowed pattern: ^[^\s]+$
backlog: String
ca_ignore_err: String
ca_sign_file: String
ca_sign_pass: String
ca_verify_file: String
ciphers: String
ciphersuites: String
client_sigalgs: String
crl_file: String
crt_ignore_err: String
crt_list: String
curves: String
default_crt_list: Array of String
defer_accept: Boolean
ecdhe: String
expose_fd_listeners: Boolean
force_sslv3: Boolean
force_strict_sni: String # Allowed values are enabled, disabled
force_tlsv10: Boolean
force_tlsv11: Boolean
force_tlsv12: Boolean
force_tlsv13: Boolean
generate_certificates: Boolean
gid: Integer
group: String
guid_prefix: String # Allowed pattern: ^[A-Za-z0-9-_.:]+$
id: String
idle_ping: Integer Minimum: 0
interface: String
level: String # Allowed values are user, operator, admin
maxconn: Integer
mode: String
mss: String
name: String # Allowed pattern: ^[^\s]+$
namespace: String
nbconn: Integer
nice: Integer
no_alpn: Boolean
no_ca_names: Boolean
no_sslv3: Boolean
no_strict_sni: Boolean
no_tls_tickets: Boolean
no_tlsv10: Boolean
no_tlsv11: Boolean
no_tlsv12: Boolean
no_tlsv13: Boolean
npn: String
prefer_client_ciphers: Boolean
proto: String
quic-cc-algo: String # Allowed values are cubic, newreno, bbr, nocc
quic-force-retry: Boolean
quic-socket: String # Allowed values are connection, listener
quic_cc_algo_burst_size: Integer Minimum: 0 Maximum: 1024
quic_cc_algo_max_window: Integer Minimum: 10 Maximum: 4194304
severity_output: String # Allowed values are none, number, string
sigalgs: String
ssl: Boolean
ssl_cafile: String # Allowed pattern: ^[^\s]+$
ssl_certificate: String # Allowed pattern: ^[^\s]+$
ssl_max_ver: String # Allowed values are SSLv3, TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3
ssl_min_ver: String # Allowed values are SSLv3, TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3
sslv3: String # Allowed values are enabled, disabled
strict_sni: Boolean
tcp_user_timeout: Integer
tfo: Boolean
thread: String
tls_ticket_keys: String
tls_tickets: String # Allowed values are enabled, disabled
tlsv10: String # Allowed values are enabled, disabled
tlsv11: String # Allowed values are enabled, disabled
tlsv12: String # Allowed values are enabled, disabled
tlsv13: String # Allowed values are enabled, disabled
transparent: Boolean
uid: String
user: String
v4v6: Boolean
v6only: Boolean
verify: String # Allowed values are none, optional, required
set_dumpable
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
set_dumpable: Boolean
set_var
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
set_var:
- expr: String
name: String
set_var_fmt
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
set_var_fmt:
- format: String
name: String
setcap
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
setcap: String # Allowed pattern: ^[^\s]+$
ssl_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
ssl_options:
acme_scheduler: String # Allowed values are auto, off
ca_base: String
crt_base: String
default_bind_ciphers: String
default_bind_ciphersuites: String
default_bind_client_sigalgs: String
default_bind_curves: String
default_bind_options: String
default_bind_sigalgs: String
default_server_ciphers: String
default_server_ciphersuites: String
default_server_client_sigalgs: String
default_server_curves: String
default_server_options: String
default_server_sigalgs: String
dh_param_file: String
engines:
- algorithms: String
name: String
issuers_chain_path: String
load_extra_files: String
maxsslconn: Integer
maxsslrate: Integer
mode_async: String # Allowed values are enabled, disabled
propquery: String
provider: String
provider_path: String
security_level: Integer Minimum: 0 Maximum: 5
server_verify: String # Allowed values are none, required
skip_self_issued_ca: Boolean
stats_file
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
stats_file: String
stats_maxconn
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
stats_maxconn: Integer
strict_limits
[boolean]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
strict_limits: Boolean
thread_group_lines
[array]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
thread_group_lines:
- group: String
num_or_range: String
thread_groups
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
thread_groups: Integer
tune_buffer_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
tune_buffer_options:
buffers_limit: Integer
buffers_reserve: Integer Minimum: 2
bufsize: Integer
bufsize_small: Integer Minimum: 1
pipesize: Integer
rcvbuf_backend: Integer
rcvbuf_client: Integer
rcvbuf_frontend: Integer
rcvbuf_server: Integer
recv_enough: Integer
sndbuf_backend: Integer
sndbuf_client: Integer
sndbuf_frontend: Integer
sndbuf_server: Integer
tune_lua_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
tune_lua_options:
burst_timeout: Integer Minimum: 0
forced_yield: Integer
log_loggers: String # Allowed values are enabled, disabled
log_stderr: String # Allowed values are auto, enabled, disabled
maxmem: Integer
service_timeout: Integer Minimum: 0
session_timeout: Integer Minimum: 0
task_timeout: Integer Minimum: 0
tune_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
tune_options:
applet_zero_copy_forwarding: String # Allowed values are enabled, disabled
comp_maxlevel: Integer
disable_fast_forward: Boolean
disable_zero_copy_forwarding: Boolean
epoll_mask_events: Array of String
events_max_events_at_once: Integer Minimum: 1 Maximum: 10000
fail_alloc: Boolean
fd_edge_triggered: String # Allowed values are enabled, disabled
glitches_kill_cpu_usage: Integer Minimum: 0 Maximum: 100
h1_zero_copy_fwd_recv: String # Allowed values are enabled, disabled
h1_zero_copy_fwd_send: String # Allowed values are enabled, disabled
h2_be_glitches_threshold: Integer
h2_be_initial_window_size: Integer
h2_be_max_concurrent_streams: Integer
h2_be_rxbuf: Integer
h2_fe_glitches_threshold: Integer
h2_fe_initial_window_size: Integer
h2_fe_max_concurrent_streams: Integer
h2_fe_max_total_streams: Integer
h2_fe_rxbuf: Integer
h2_header_table_size: Integer Maximum: 65535
h2_initial_window_size: Integer
h2_max_concurrent_streams: Integer
h2_max_frame_size: Integer
h2_zero_copy_fwd_send: String # Allowed values are enabled, disabled
http_cookielen: Integer
http_logurilen: Integer
http_maxhdr: Integer Minimum: 1 Maximum: 32767
idle_pool_shared: String # Allowed values are enabled, disabled
idletimer: Integer Minimum: 0 Maximum: 65535
listener_default_shards: String # Allowed values are by-process, by-thread, by-group
listener_multi_queue: String # Allowed values are enabled, disabled
max_checks_per_thread: Integer
max_rules_at_once: Integer Minimum: 0
maxaccept: Integer
maxpollevents: Integer
maxrewrite: Integer
memory_hot_size: Integer
notsent_lowat_client: Integer
notsent_lowat_server: Integer
pattern_cache_size: Integer
peers_max_updates_at_once: Integer
pool_high_fd_ratio: Integer
pool_low_fd_ratio: Integer
pt_zero_copy_forwarding: String # Allowed values are enabled, disabled
renice_runtime: Integer Minimum: -20 Maximum: 19
renice_startup: Integer Minimum: -20 Maximum: 19
ring_queues: Integer
runqueue_depth: Integer
sched_low_latency: String # Allowed values are enabled, disabled
stick_counters: Integer
takeover_other_tg_connections: String # Allowed values are none, restricted, full
tune_quic_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
tune_quic_options:
frontend_conn_tx_buffers_limit: Integer
frontend_max_idle_timeout: Integer Minimum: 0
frontend_max_streams_bidi: Integer
frontend_max_tx_memory: Integer
max_frame_loss: Integer
reorder_ratio: Integer Minimum: 0 Maximum: 100
retry_threshold: Integer
socket_owner: String # Allowed values are listener, connection
zero_copy_fwd_send: String # Allowed values are enabled, disabled
tune_ssl_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
tune_ssl_options:
cachesize: Integer
capture_buffer_size: Integer
ctx_cache_size: Integer
default_dh_param: Integer
force_private_cache: Boolean
keylog: String # Allowed values are enabled, disabled
lifetime: Integer Minimum: 0
maxrecord: Integer
ocsp_update_max_delay: Integer
ocsp_update_min_delay: Integer
tune_vars_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
tune_vars_options:
global_max_size: Integer
proc_max_size: Integer
reqres_max_size: Integer
sess_max_size: Integer
txn_max_size: Integer
tune_zlib_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
tune_zlib_options:
memlevel: Integer Minimum: 1 Maximum: 9
windowsize: Integer Minimum: 8 Maximum: 15
uid
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
uid: Integer
ulimit_n
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
ulimit_n: Integer
user
[string]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
user: String # Allowed pattern: ^[^\s]+$
warn_blocked_traffic_after
[integer]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
warn_blocked_traffic_after: Integer Minimum: 1
wurfl_options
[object]
apiVersion: "gate.v3.haproxy.org/v3"
kind: Global
metadata:
name: example-global
namespace: default
spec:
wurfl_options:
cache_size: Integer
data_file: String
information_list: String
information_list_separator: String
patch_file: String