HAProxy Kubernetes Ingress Controller Documentation 1.6

Changelog

Version 1.6.9 - 2022-01-13

Changes:

  • BUG/MINOR: Fix an incorrect lookup of the Endpoints corresponding to a Service Port

  • BUILD/MINOR: ci: Improve autodetection of latest branch

  • BUILD/MINOR: ci: Tag 1.7 branch as latest

Version 1.6.8 - 2021-12-01

Changes:

  • BUG/MINOR: Fix nil pointer dereference in IngressServiceBackend

  • BUG/MEDIUM: Update only status of assigned Ingress resources

  • MINOR: Run Global Cfg handler before haproxy startup

  • BUG/MINOR: process template placeholders in log line

  • TEST/MINOR: e2e: set maxconn value in configmaps

  • MAJOR: use client-go v0.21.3

Version 1.6.7 - 2021-09-07

Changes:

  • MINOR: reorg auxiliary config file management

  • MINOR: add recover in main.go to report silent error

  • BUILD/MEDIUM: go: use Go 1.17

  • BUG/MINOR: remove unused file from workflow

Version 1.6.6 - 2021-08-05

Changes:

  • TEST: Kind: update to v0.11.1

  • OPTIM/MEDIUM: Update Ingress status in a seperate goroutine

Version 1.6.5 - 2021-07-15

Changes:

  • MAJOR: add option to disable forwarding to ExternalName Services

  • BUILD: add action for goreleaser that releases on every tag

Version 1.6.4 - 2021-07-12

Changes:

  • BUG/MINOR: fix header value handling in request-set-header and response-set-header

  • BUG/MINOR: fix name inversion with annotation timeout-check

Version 1.6.3 - 2021-06-16

Changes:

  • MINOR: annotations: print annotation name in error logs

  • BUG/MINOR: tcp service should respect –disable-ipv4/ipv6 flags

  • BUG/MINOR: synchronize servers when Endpoints ports change

  • BUG/MAJOR: external mode: set all paths

  • BUG/MINOR: support protocol h1 with backend SSL

Version 1.6.2 - 2021-05-27

Changes:

  • BUG/MINOR: remove cookie keyword from backend section if the annotation was deleted

  • BUILD: docker: Remove linux/ppc64le target to have parity with HAProxy Alpine images

  • BUILD: docker: Remove GOOS and GOARCH and use dumb-init from distro

  • BUG/MINOR: bind TCP services on adresses passed via flags –ipv4-bind-address and –ipv6-bind-address

  • BUG/MINOR: pprof handler should be called in sync loop

  • BUG/MINOR: external mode: copy haproxy.cfg form usr/local/etc/haproxy

  • DOC: Generalizes the ‘backend-config-snippet’ example

  • BUILD: docker: Add Github actions for auto and manual multiarch builds for Docker Hub.

Version 1.6.1 - 2021-05-17

Changes:

  • BUILD: docker: use usr/local/etc/haproxy as base dir

  • BUILD/MINOR: add go releaser for outside of cluster ingress controller

  • DOC: proxy-protocol: document 0.0.0.0/0 CIDR

  • DOC: Add doc guide for the secondary haproxy config file

  • BUG/MINOR: whitelist misconfigured if CM namespace not also whitelisted

  • DOC: Add IngressClass description

  • BUG/MINOR: Update config on ConfigMap added event

  • BUG/MEDIUM: Fix nil pointer dereference in EventEndpoints

  • DOC: update frontend-config-snippet

  • DOC/MINOR: update documentation - curent released version is 1.6

  • BUG/MEDIUM: Fix nil pointer dereference in EventEndpoints

  • DOC: update frontend-config-snippet

Version 1.6.0-rc.1 - 2021-04-29

Changes:

  • DOC/MINOR: update documentation - curent released version is 1.6

  • BUG/MEDIUM: Fix nil pointer dereference in EventEndpoints

  • DOC: update frontend-config-snippet

Version 1.6.0 - 2021-05-03

Changes:

  • DOC/MINOR: update documentation - curent released version is 1.6

  • MEDIUM: Add auxiliary HAProxy config file

  • REORG/MINOR: add reload/restart attributes to Controller sruct

  • MEDIUM: Add ConfigMap for PatternFiles

  • REORG/MINOR: provide osArgs at controller creation

  • REORG/MEDIUM: Move config update done at startup to handlers module

  • CLEANUP/MINOR: Remove unused field serverlessPods

  • BUG/MINOR: Fix incorrect parsing of certificate file name

  • BUG/MINOR: enable ingress multi configurations for same path and distinct path types

  • REORG/MEDIUM: Move controller handlers to seperate module

  • REORG/MINOR: use sections names from controller confi struct

  • REORG/MAJOR: Move controller configuration to a seperate module.

  • REORG/MINOR: define haproxy map names in haproxy/maps.go

  • BUILD/MINOR: check-commit: pin version of image

  • BUILD/MINOR: check-commit: trigger only on pull requests

  • BUILD/MEDIUM: Go: update version to Go 1.16

  • BUG/MINOR: Fix address parsing in proxy-protocol annotation

  • BUG/MEDIUM: reset ActiveBackends when cleaning controller config

  • BUG/MEDIUM: certs refresh: fix nil pointer dereference

  • MINOR: Add clean-certs annotation to toggle certificates clean up

  • DOC: Provide commands for secret creation

  • BUG/MINOR: Fix regression when loading multiple cert formats

  • BUG/MINOR: Controller should populate refreshed maps.

  • DOC: Add route-acl description and instructions to use canary deployment

  • TEST: e2e: Add canary deployment test

  • MEDIUM: Add service annotation “route-acl”

  • REORG/MINOR: Rename HAProxy vars used for backendSwitching

  • DOC: Add clarification about annotations scope

  • TEST: e2e: update test application and README

  • TEST: e2e: move global-config to sequential pipeline

  • MINOR: disable naked return linter (nakedret)

  • BUILD: github-ci: adjust fetch-depth

  • BUG/MINOR: fix blacklist and proxy protocol duplication

  • BUG/MINOR Increase hash from 32 to 128 bits

  • BUG/MINOR: fix whitelist duplication

  • DOC/MINOR: spell check docs and remove excess spacing

  • TEST/MINOR: e2e test: increase tickDuration for rate-limiting

  • MINOR: add empty-ingress-class ingress controller option

  • MINOR: fix secret type in default certificate management

  • OPTIM/MINOR: remove TODO in code and enable godox linter

  • REORG/MINOR: move code handling global config to a seperate file global.go

  • REORG/MAJOR: handle ingress routes and services seperately

  • REORG/MINOR: Move all controller types, vars, consts to types.go

  • REORG/MINOR: strip HAProxy prefix from controllers vars

  • REORG/MAJOR: move configmaps from map struct to dedicated fields

  • TEST/MEDIUM: e2e: add gobal-config test suite

  • TEST/MINOR: e2e rate-limiting: adjust thresholds

  • BUG/MINOR: rate-limiting: preserve counters after reload

  • DOC/MINOR: Fix bug in doc generation

  • MINOR: Add stats-config-snippet support

  • TEST: e2e: Add config-snippet tests

  • DOC: Add frontend-config-snippet description

  • MEDIUM: Add frontend-config-snippet support

  • TEST/MINOR: tlsAuth e2e test: expect tls alert(116)

  • MINOR: don’t blacklist kube-system namespace

  • REORG/MINOR: move code handling readiness endpoint to a seperate function

  • REORG/MEDIUM: move updateHAProxySrvs function to api module

  • CLEANUP/MINOR: remove unused github actions directory

  • BUILD/MINOR: update check-commit to v2.0.0

  • MINOR: Add debug logs to trace reload related actions

  • OPTIM/MINOR: decrease log severity of verbose logs from debug to trace

  • BUG/MINOR: don’t reload when the order of map entries change in HAProxy map files.

  • TEST/MINOR: gitlab: checking diff for generated code

  • BUILD/MEDIUM: makefile: add makefile to project to grup common tasks

  • CLEANUP/MINOR: clean with go mod tidy

  • MINOR: ci: update check-commit msg action

  • DOC: Improve TLS offloading documentation

  • DOC/MINOR: changes ‘configmap-errorfile’ to ‘configmap-errorfiles’ docs

  • TEST/MINOR: github: checking for generated files diff

  • TEST: Add client TLS authentication

  • DOC: add client TLS Authentication

  • MEDIUM: add mtls client side

  • TEST/MINOR: Deploy default-backend in IC Namespace

  • BUG/MINOR: tcp-services: add additional input validation to avoid nil pointer dereference

  • REORG: contract “Service” to “Svc” in IngressPath fields

  • REORG: endpoints: getEndpoints() now returns errors instead of logging them

  • BUG/MINOR: Fix failure in port lookup when servicePort different from containerPort.

  • TEST/MINOR: port_discovery: adjust http port to make test more accurate

  • OPTIM/MAJOR: k8s events: remove intermediate channels

  • REORG/MINOR: k8s events: Move handling Ingress informers to seperate function

  • MEDIUM: k8s events: don’t wait for Main ConfigMap Processing

  • REORG/MINOR: monitor.go: Move handling configMapArgs and WhitelistedNamespaces in seperate functions

  • DOC/MINOR: Document building External Ingress Controller

  • DOC/MINO: Improve tcp-services doc

  • BUG/MINOR: Fix regression regarding k8s servicePort lookup

  • TEST: Add e2e test for servicePort discovery

  • BUG/MEDIUM: sslPassthrough: “accept tcp rule” stops rules processing.

  • BUG/MEDIUM: incorrect http rules configuration with SSLPassthrough

  • TEST: https: Add more SSLPassthrough tests

  • TEST/MEDIUM: Seperate sequential and parallel e2e tests

  • TEST: Cleanup unused code

  • TEST: Reorg set header test

  • TEST: Reorg send proxy test

  • TEST: Reorg rate limiting test

  • TEST: Reorg ingress match test

  • TEST: Reorg https tests

  • TEST: Reorg source ip test

  • TEST: Reorg basic auth test

  • TEST: Reorg IngressClass test

  • TEST: Reorg endpoints-update

  • TEST/MAJOR: Boilerplate code to reorg e2e tests and use testify/suite

  • TEST/MEDIUM: Change tests path from deploy/kind/tests to deploy/tests/e2e

  • BUG/MINOR: healthz: listen on IPv6 too

  • BUG/MEDIUM: stats frontend: listen IPv6 if possible

  • BUILD/MINOR: gitlab-ci: update test lint stages

  • BUG/MEDIUM: drop dynamic map update

  • BUG/MEDIUM: haproxy rules should be mapped to ingress.Namespace+ingress.Name

  • MINOR: Make src-ip-header annotation available by Ingress

  • BUG/MEDIUM: services: don’t create frontend if corresponding default_backend is not ready

  • BUG/MEDIUM: servicePort should be resolved before constructing backendName

  • BUG/MEDIUM: http rules: ineffectual delete operation when refreshing rules

  • MEDIUM: map file: flush content to disk

  • MINOR: Add tracing logs

  • BUG/MINOR: Don’t mix controller logger and k8s client logger

  • OPTIM/MEDIUM: Don’t watch multiple Ingress APIs at the same time

  • BUG/MINOR: maps: use Warningf instead of Warning

  • MINOR: external mode: if stock haproxy.cfg not found check in config-dir

  • DOC: Document External Controller mode

  • REORG/MINOR: rename OutOfCluster controller arg to External

  • MINOR: log panic errors in kubernetes.go

  • BUILD: gitlab-ci: use CI registry via CI_REGISTRY_GO env variable

  • BUG/MINOR: Delete certificates as soon as tls secrets are deleted

  • OPTIM/MINOR: Don’t process Ingress with DELETED status

  • BUG/MEDIUM: need to reload when failing dynamic map update

  • BUILD/MINOR: Update Client-Native module

  • MINOR: controller: handle graceful shutdown

  • OPTIM/MINOR: Enable readiness endpoint after first config sync

  • REORG/MINOR: use client-native to configure bind lines

  • BUG/MINOR: Add haproxy txn.base var to stats frontend

  • BUILD/MINOR: linter: Fix ‘nakedret’ check

  • BUILD/MINOR: linter Fix ‘maligned’ check

  • BUILD/MINOR: linter Fix ‘prealloc’ check

  • BUILD/MINOR: linter: Fix ‘gosec’ check

  • BUILD/MINOR: linter Fix ‘nolintlint’ check

  • BUILD/MINOR: linter Fix ‘errorlint’ check

  • BUILD/MINOR: linter: Fix ‘testpackage’ check

  • BUILD/MINOR: linter: Fix ‘misspell’ check

  • BUILD/MINOR: linter: Fix ‘whitespace’ check

  • BUILD/MINOR: linter: Fix ‘commentFormatting’ check

  • BUILD/MEDIUM: Upgrade linter to 1.33

  • BUILD/MINOR: docker: upgrade dumb-init to latest version

  • CLEANUP/MINOR: build: remove unused openrc when building image

  • BUG/MINOR: fix source map file of acl in proxy protocol

  • BUILD/MINOR: deploy files: fix typo in ingressclasses name

  • DOC: Set active_version to 1.5

Next up

Install the HAProxy Kubernetes Ingress Controller