Configuration reference
Global CRD
Selected version
Available since
version 1.7
The Global custom resource extends the Kubernetes API to let you manage process-level options for the ingress controller.
Install the Global custom resource Jump to heading
Before you can use the Global custom resource, you must install its definition into your Kubernetes cluster.
-
Download the v1-9 Global custom resource filev1-8 Global custom resource filev1-7 Global custom resource file.
-
Install the custom resource definition with
kubectl apply
:Community ingress controller
bashkubectl apply -f globals.core.haproxy.org.yamlbashkubectl apply -f globals.core.haproxy.org.yamlbashkubectl apply -f global.yamlbashkubectl apply -f global.yamlbashkubectl apply -f global.yamlbashkubectl apply -f global.yaml -
Verify that the installation worked by listing custom resources defined in your cluster:
bashkubectl get crdbashkubectl get crdoutputbashNAME CREATED ATglobals.core.haproxy.org 2022-06-01T16:56:57ZoutputbashNAME CREATED ATglobals.core.haproxy.org 2022-06-01T16:56:57Z
Use the Global custom resource Jump to heading
With the Global custom resource, you can tune process-level options for the ingress controller. To use it:
-
Create a YAML file that declares a
Global
resource and add properties to itsspec.config
section.In the example below, the
maxconn
property limits how many concurrent TCP connections the ingress controller will accept.example-global.yamlyamlapiVersion: "core.haproxy.org/v1alpha2"kind: Globalmetadata:name: example-globalnamespace: defaultspec:config:maxconn: 60000example-global.yamlyamlapiVersion: "core.haproxy.org/v1alpha2"kind: Globalmetadata:name: example-globalnamespace: defaultspec:config:maxconn: 60000example-global.yamlyamlapiVersion: "core.haproxy.org/v1alpha1"kind: Globalmetadata:name: example-globalnamespace: defaultspec:config:maxconn: 60000example-global.yamlyamlapiVersion: "core.haproxy.org/v1alpha1"kind: Globalmetadata:name: example-globalnamespace: defaultspec:config:maxconn: 60000example-global.yamlyamlapiVersion: "core.haproxy.org/v1alpha1"kind: Globalmetadata:name: example-globalnamespace: defaultspec:config:maxconn: 60000example-global.yamlyamlapiVersion: "core.haproxy.org/v1alpha1"kind: Globalmetadata:name: example-globalnamespace: defaultspec:config:maxconn: 60000 -
Deploy it to your cluster using
kubectl apply
.bashkubectl apply -f example-global.yamlbashkubectl apply -f example-global.yaml -
Create a new ConfigMap with the name
haproxy-kubernetes-ingress
to override the one that ships with the ingress controller. Add thecr-global
key to thedata
section to implement the global properties.example-configmap.yamlyamlapiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: haproxy-controllerdata:cr-global: default/example-globalexample-configmap.yamlyamlapiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: haproxy-controllerdata:cr-global: default/example-global -
Update the ConfigMap in your cluster by using
kubectl apply
.bashkubectl apply -f example-configmap.yamlbashkubectl apply -f example-configmap.yaml
Global custom resource reference Jump to heading
- CRD version:
- API version:
busy_polling
ca_base
chroot
- Must match pattern: ^[^\s]+$
cpu_maps
- process
- cpu_set
- cpu_set (*string*)
- process (*string*)
crt_base
daemon
- enabled
- disabled
external_check
gid
group
- Must match pattern: ^[^\s]+$
h1_case_adjust
- from
- to
- from (*string*)
- to (*string*)
h1_case_adjust_file
hard_stop_after
localpeer
- Must match pattern: ^[^\s]+$
log_send_hostname
- enabled string Values
- enabled
- disabled
- param string Constraints
- Must match pattern: ^[^\s]+$
lua_loads
- file
- file (*string*)
lua_prepend_path
- path
- path (*string*)
-
type (*string*)
Values
- path
- cpath
master-worker
max_spread_checks
maxcompcpuusage
maxcomprate
maxconn
maxconnrate
maxpipes
maxsessrate
maxsslconn
maxsslrate
maxzlibmem
nbproc
nbthread
noepoll
noevports
nogetaddrinfo
nokqueue
nopoll
noreuseport
nosplice
pidfile
profiling_tasks
- auto
- on
- off
runtime_apis
- address
- address (*string*)
- mode (*string*)
-
level (*string*)
Values
- user
- operator
- admin
- process (*string*)
- exposeFdListeners (*boolean*)
server_state_base
- Must match pattern: ^[^\s]+$
server_state_file
- Must match pattern: ^[^\s]+$
spread_checks
ssl_default_bind_ciphers
ssl_default_bind_ciphersuites
ssl_default_bind_options
ssl_default_server_ciphers
ssl_default_server_ciphersuites
ssl_default_server_options
ssl_mode_async
- enabled
- disabled
stats_timeout
tune_options
- buffers_limit integer
- buffers_reserve integer
- bufsize integer
- comp_maxlevel integer
- fail_alloc boolean
- h2_header_table_size integer
- h2_initial_window_size integer
- h2_max_concurrent_streams integer
- h2_max_frame_size integer
- http_cookielen integer
- http_logurilen integer
- http_maxhdr integer
- idle_pool_shared string Values
- enabled
- disabled
- idletimer integer
- listener_multi_queue string Values
- enabled
- disabled
- lua_forced_yield integer
- lua_maxmem boolean
- lua_service_timeout integer
- lua_session_timeout integer
- lua_task_timeout integer
- maxaccept integer
- maxpollevents integer
- maxrewrite integer
- pattern_cache_size integer
- pipesize integer
- pool_high_fd_ratio integer
- pool_low_fd_ratio integer
- rcvbuf_client integer
- rcvbuf_server integer
- recv_enough integer
- runqueue_depth integer
- sched_low_latency string Values
- enabled
- disabled
- sndbuf_client integer
- sndbuf_server integer
- ssl_cachesize integer
- ssl_capture_buffer_size integer
- ssl_ctx_cache_size integer
- ssl_default_dh_param integer
- ssl_force_private_cache boolean
- ssl_keylog string Values
- enabled
- disabled
- ssl_lifetime integer
- ssl_maxrecord integer
- vars_global_max_size integer
- vars_proc_max_size integer
- vars_reqres_max_size integer
- vars_sess_max_size integer
- vars_txn_max_size integer
- zlib_memlevel integer
- zlib_windowsize integer
tune_ssl_default_dh_param
uid
user
- Must match pattern: ^[^\s]+$
chroot
- Must match pattern: ^[^\s]+$
group
- Must match pattern: ^[^\s]+$
hard_stop_after
user
- Must match pattern: ^[^\s]+$
daemon
- enabled
- disabled
nbproc
nbthread
master-worker
external_check
pidfile
maxconn
server_state_base
- Must match pattern: ^[^\s]+$
tune_ssl_default_dh_param
ssl_default_bind_options
ssl_default_bind_ciphers
ssl_default_bind_ciphersuites
ssl_default_server_options
ssl_default_server_ciphers
ssl_default_server_ciphersuites
ssl_mode_async
- enabled
- disabled
cpu_maps
- process
- cpu_set
- process (*string*)
- cpu_set (*string*)
runtime_apis
- address
- address (*string*)
- mode (*string*)
-
level (*string*)
Values
- user
- operator
- admin
- process (*string*)
- exposeFdListeners (*boolean*)
stats_timeout
lua_loads
- file
- file (*string*)
log_send_hostname
- enabled string Values
- enabled
- disabled
- param string Constraints
- Must match pattern: ^[^\s]+$
chroot
- Must match pattern: ^[^\s]+$
group
- Must match pattern: ^[^\s]+$
hard_stop_after
user
- Must match pattern: ^[^\s]+$
daemon
- enabled
- disabled
nbproc
nbthread
master-worker
external_check
pidfile
maxconn
server_state_base
- Must match pattern: ^[^\s]+$
tune_ssl_default_dh_param
ssl_default_bind_options
ssl_default_bind_ciphers
ssl_default_bind_ciphersuites
ssl_default_server_options
ssl_default_server_ciphers
ssl_default_server_ciphersuites
ssl_mode_async
- enabled
- disabled
cpu_maps
- process
- cpu_set
- process (*string*)
- cpu_set (*string*)
runtime_apis
- address
- address (*string*)
- mode (*string*)
-
level (*string*)
Values
- user
- operator
- admin
- process (*string*)
- exposeFdListeners (*boolean*)
stats_timeout
lua_loads
- file
- file (*string*)
log_send_hostname
- enabled string Values
- enabled
- disabled
- param string Constraints
- Must match pattern: ^[^\s]+$
If this page was useful, please, Leave the feedback.