Installation

Install on Amazon EKS

On this page

This guide shows you how to install HAProxy Kubernetes Ingress Controller in Amazon Elastic Kubernetes Service. We will use the Helm package manager.

Pre-installation checklist Jump to heading

  • A running EKS Kubernetes cluster with a configured node group as described on the Kubernetes web site.
  • Install the AWS CLI from Amazon so you can manage AWS services from your laptop.
  • Install the helm command-line tool from the helm web site.
  • Install the kubectl command-line tool from the Kubernetes web site.

Connect to your EKS cluster Jump to heading

  1. If you created your EKS cluster using the AWS Console, you were logged into the AWS Console as a certain user. Unless you’ve already configured additional RBAC users inside of your Kubernetes cluster, you must connect to the cluster using this same user. Follow these steps to connect to the cluster as that user:

    • In the AWS Console, expand your account menu, located in the upper right, and select My Security Credentials.
    • On the Your Security Credentials page, expand the Access keys section and create a new access key if you do not already have one stored. This will give you an Access Key ID and Secret Access key. Store these somewhere so that you have them later.

  2. On your local workstation, configure a named profile for the AWS CLI to use when connecting to AWS. You can accomplish this by calling the aws configure command, which will prompt you for the necessary values, including your user’s Access Key ID and Secret Access key:

    nix
    aws configure
    nix
    aws configure

  3. Connect to your Kubernetes cluster using the AWS CLI. This will create a ~/.kube/config file:

    nix
    aws eks --region [Your region] update-kubeconfig --name [Your cluster name]
    nix
    aws eks --region [Your region] update-kubeconfig --name [Your cluster name]

  4. Check that you can access the cluster by calling kubectl get pods

    nix
    kubectl get pods
    nix
    kubectl get pods

    If your cluster is new it may not have any resources:

    output
    text
    No resources found in default namespace.
    output
    text
    No resources found in default namespace.

Install Jump to heading

Choose one of the following installation methods:

Install with Helm Jump to heading

Helm values file

The following example uses --set invocations to configure the ingress controller. When installing with Helm, you can instead use a Helm values file to provide your configuration values. Using a Helm values file can provide for better traceability of configuration changes and reduce the complexity of Helm installation commands.

You can install with Helm using either the HTTPS or OCI repository:

  1. Add the HAProxy Technologies Helm repository:

    nix
    helm repo add haproxytech https://haproxytech.github.io/helm-charts
    nix
    helm repo add haproxytech https://haproxytech.github.io/helm-charts

  2. Update your list of Helm charts:

    nix
    helm repo update
    nix
    helm repo update

  3. Install the latest version of the ingress controller with type set to LoadBalancer:

    nix
    helm install haproxy-kubernetes-ingress haproxytech/kubernetes-ingress \
      --create-namespace \
      --namespace haproxy-controller \
      --set controller.service.type=LoadBalancer
    nix
    helm install haproxy-kubernetes-ingress haproxytech/kubernetes-ingress \
      --create-namespace \
      --namespace haproxy-controller \
      --set controller.service.type=LoadBalancer

  1. Install the latest version of the ingress controller with type set to LoadBalancer:

    nix
    helm install haproxy-kubernetes-ingress oci://ghcr.io/haproxytech/helm-charts/kubernetes-ingress \
      --create-namespace \
      --namespace haproxy-controller \
      --set controller.service.type=LoadBalancer
    nix
    helm install haproxy-kubernetes-ingress oci://ghcr.io/haproxytech/helm-charts/kubernetes-ingress \
      --create-namespace \
      --namespace haproxy-controller \
      --set controller.service.type=LoadBalancer

This will create an EC2 Classic Load Balancer that routes traffic to the ingress controller service. You can map the load balancer’s IP address to your public DNS domain name.

Default ingress class

By default, the Helm chart adds --ingress.class=haproxy to the ingress controller. That means that it will use Ingress resources only if they specify ingressClassName: haproxy. You can disable this by setting --set controller.ingressClass=null when calling helm install.

This change was introduced in version 1.6.

Install with kubectl Jump to heading

  1. Download the latest source code from the HAProxy Kubernetes Ingress Controller GitHub page.

  2. Edit the file deploy/haproxy-ingress.yaml.

  3. Change the Service resource in haproxy-ingress.yaml, setting its type field to LoadBalancer, which is the preferred mode when running in the cloud:

    haproxy-ingress.yaml
    yaml
    apiVersion: v1
    kind: Service
    metadata:
      labels:
        run: haproxy-ingress
      name: haproxy-ingress
      namespace: haproxy-controller
    spec:
      selector:
        run: haproxy-ingress
      type: LoadBalancer
      ports:
      - name: http
        port: 80
        protocol: TCP
        targetPort: 80
      - name: https
        port: 443
        protocol: TCP
        targetPort: 443
      - name: stat
        port: 1024
        protocol: TCP
        targetPort: 1024
    haproxy-ingress.yaml
    yaml
    apiVersion: v1
    kind: Service
    metadata:
      labels:
        run: haproxy-ingress
      name: haproxy-ingress
      namespace: haproxy-controller
    spec:
      selector:
        run: haproxy-ingress
      type: LoadBalancer
      ports:
      - name: http
        port: 80
        protocol: TCP
        targetPort: 80
      - name: https
        port: 443
        protocol: TCP
        targetPort: 443
      - name: stat
        port: 1024
        protocol: TCP
        targetPort: 1024

  4. Use the kubectl apply command to deploy the controller:

    nix
    kubectl apply -f haproxy-ingress.yaml
    nix
    kubectl apply -f haproxy-ingress.yaml

    This will create an EC2 Classic Load Balancer that routes traffic to the ingress controller service. You can map the load balancer’s IP address to your public DNS domain name, for example by using Route53.

Check your installation Jump to heading

Verify that the controller is installed into your Kubernetes cluster by using the command kubectl get pods:

nix
kubectl get pods --namespace haproxy-controller
nix
kubectl get pods --namespace haproxy-controller
output
text
NAME                                        READY   STATUS    RESTARTS   AGE
haproxy-kubernetes-ingress-7dd4cc4b-x5fkv   1/1     Running   0          1m
output
text
NAME                                        READY   STATUS    RESTARTS   AGE
haproxy-kubernetes-ingress-7dd4cc4b-x5fkv   1/1     Running   0          1m

Get the External IP, which you can use to access your cluster:

nix
kubectl get services --namespace haproxy-controller
nix
kubectl get services --namespace haproxy-controller
output
text
NAME                         TYPE           CLUSTER-IP       EXTERNAL-IP                                   PORT(S)                                     AGE
haproxy-kubernetes-ingress   LoadBalancer   10.104.173.167   a1234-5678-9012.us-east-2.elb.amazonaws.com   80:30264/TCP,443:31575/TCP,1024:31785/TCP   157m
output
text
NAME                         TYPE           CLUSTER-IP       EXTERNAL-IP                                   PORT(S)                                     AGE
haproxy-kubernetes-ingress   LoadBalancer   10.104.173.167   a1234-5678-9012.us-east-2.elb.amazonaws.com   80:30264/TCP,443:31575/TCP,1024:31785/TCP   157m

Do you have any suggestions on how we can improve the content of this page?

Previous page Installation Next page Install on Azure AKS
© 2025 HAProxy Technologies, LLC. All Rights Reserved
Manage Cookie Preferences