HAProxy Kubernetes Ingress Controller Documentation 1.7


The changelog shows you an in-depth list of changes included in this version of HAProxy Kubernetes Ingress Controller.

Version 1.7.12 - 2022-05-31


Version 1.7.11 - 2022-05-31


  • BUG: this commit fixes the two following related issues:

Version 1.7.10 - 2022-04-22


  • TEST: add CORS configmap e2e tests

  • TEST: add CORS e2e tests

  • BUG: fix removed ACL condition in CORS configuration

  • BUG: reenable cors-allow-credentials annotation

  • BUG: fix reloading haproxy when deletion of rules

  • MINOR: add setting for channels size

  • BUG: fix the name of cors-allow-methods annotation

Version 1.7.9 - 2022-04-12


  • BUG: fix missing cors-enable annotation treatment

Version 1.7.8 - 2022-03-25


  • BUG: fix ingress status at creation

  • DOC: Add initial custom resource documentation

  • BUG/MINOR: remove backend cfgSnippet state when backend is deleted

Version 1.7.7 - 2022-03-15


  • MEDIUM: Don’t skip any Ingress event

  • BUG/MINOR: Fix skipped reloads when processing tcp services.

  • BUG/MINOR: Don’t initialize Backend.DefaultServer when not used

  • MINOR: make scale-server-slots annotation available at all scopes

  • BUG/MINOR: Don’t override default-server params in ExternalName services.

  • BUG/MINOR: fix frontends management with rules

  • MINOR: expect any podname format in GetPodPrefix

  • MINOR: wait for started process with Run call

Version 1.7.6 - 2022-03-02


  • BUG/MINOR: fixes ingressclass comparison in modification case

  • TEST/MINOR: Prevent nil pointer dereference.

  • MINOR: add client-strict-sni annotation

  • BUG/MINOR: fixes podprefix test in maxconn calculation after names changed with Helm naming adoption.

  • MINOR: Accept patternfiles in whitelist/blacklists

  • BUG/MINOR: test: haproxy-ingress is in haproxy-controller namespace

  • BUG/MINOR: sync default backend name with config argument

  • BUG/MINOR: sync cm name with config argument

Version 1.7.5 - 2022-01-31


  • BUG/MEDIUM: ssl-passthrough: Fix default delay value

  • DOC/MINOR: update cookie-persistence to describe current implementation

Version 1.7.4 - 2022-01-13


  • BUG/MINOR: Fix an incorrect lookup of the Endpoints corresponding to a Service Port

  • BUG/MINOR: EndpointSlices: ignore non ready endpoints

  • TEST: Add e2e test for non ready endpoints

  • MINOR: skip default service check if absent

  • BUG/MEDIUM: do not pull echo image from dockerhub, build it locally

  • BUILD/MINOR: ci: Improve autodetection of latest branch

  • BUILD/MINOR: ci: Tag 1.7 branch as latest

  • BUG/MINOR: ingress rule default frontend

  • MINOR: switch default namespace to haproxy-controller in yaml files

  • MINOR: sync k8s resources names with Helm project

Version 1.7.3 - 2021-12-01


  • BUG/MINOR: Fix nil pointer dereference in IngressServiceBackend

  • TEST/MEDIUM: e2e: Retry upon connection failures

  • TEST: add e2e test for proxy-proctol on haproxy side

  • TEST: Add e2e test for errorfiles and patternfiles

  • TEST: e2e: merge DeployYamlTemplate and DeployYalm methods into Apply

  • TEST: e2e: fix https offload to check the right certificate

  • REORG/MINOR: split ErrorFiles handler in smaller functions

  • BUG/MINOR: when ConfigMap is removed, corresponding annotations should be deleted

  • BUG/MEDIUM: Fix inconsistent processing of haproxy files

  • BUG/MEDIUM: Fix relative path of haproxy files.

  • MINOR: fix zombie haproxy process in direct control mode

  • REORG/MINOR: Group informers per resource types

  • BUG/MINOR: Check for EndpointSlicesMirroring before ignoring Endpoints.

  • BUILD/MINOR: ci: build nightly images only on original repo

Version 1.7.2 - 2021-11-12


  • BUILD/MINOR: Enable linters in deploy/test dir

  • REORG/MINOR: reduce complexity in function called ‘supported’

  • DOC: Add Ingress Controller version to main doc page

  • BUG/MINOR: Fix ingress accepted with ingressClassName set to unexisting ingressclass.

  • BUG/MINOR: Fix nil pointer dereference in Ingress PathType

Version 1.7.1 - 2021-11-05


  • BUG/MINOR: Fix configuration of backend model

  • DOC: Add an IngressClass section

  • BUG/MINOR: Fix IngressClass filtering

  • BUG/MEDIUM: Update only status of assigned Ingress resources

  • REORG: move Ingress handler in a seperate pacakge

  • REORG: Reorganize service handler in controller/service

  • BUG/MINOR: restart haproxy when aux config file added

  • BUILD/MEDIUM: Go: update version to Go 1.17

  • BUILD/MINOR: gitlab: update go version in e2e tests

  • BUILD/MINOR: update client-go library to v0.22.2

  • BUILD/MINOR: update client-native nad config-parser libraries

  • REORG/MINOR: move haproxy certs under haproxy/certs

  • REORG/MINOR: move haproxy rules under haproxy/rules

  • REORG/MINOR: move haproxy maps to haproxy/maps

  • MINOR: CR: Remove ‘nullable: false’ from CRDs

  • BUG/MINOR: Fix backend runtime sync

  • BUILD/MINOR: rbac: Set resources to endpointslices in discovery.k8s.io

Version 1.7.0 - 2021-10-08


  • BUILD/MINOR: ci: rework github actions

  • MINOR: Reload if dynamic update of endpoints fail

  • TEST/MINOR: Set max-endpoints-per-slice to 5 for easier testing of slices

  • MEDIUM: Add support for endpoint slices

  • DOC/MAJOR: update active version to 1.7

  • DOC/MINOR: fix tls-alpn version availability

  • MINOR: use dynamic cookies

  • MINOR: CR: enable config-snippets even with CR usage

  • MAJOR: CR: Add core.haproxy.org/v1alpha1.Backend for backend config

  • MEDIUM: backend: move server options to default-server

  • BUILD/MINOR: CI: add support for CI and CR commit subjects in check-commit

  • MINOR: Run Global Cfg handler before haproxy startup

  • MINOR: remove defaults section from stock config

  • MINOR: CR: assign global and defaults CR via global annotations

  • MEDIUM: CR: Add LogTargets to Global CR

  • BUG/MINOR: CR: fix redundant RuntimeAPI field in Global CR

  • MINOR: CR: Log available CRs instead of missing ones

  • MINOR: CR: Pin code-generator version to k8s.io/api one

  • MINOR: configSnippets: use go-test/deep instead of reflect for deep equal

  • MEDIUM: handle annotations parsing in annotations package

  • REORG/MINOR: Remove “GetAnnotations” Prefix in annotations methods

  • MINOR: add TARGETPLATFORM to docker build in Makefile

  • MINOR: add rbac for haproxy crds

  • BUG/MINOR: Prevent crash when POD_NAME is not correctly formatted

  • MINOR: add distribution of connections setting

  • BUG/MINOR: process template placeholders in log line

  • DOC: Added quotes to ‘scale-server-slots’ value.

  • DOC/MINOR: docs: update configmap docs

  • MEDIUM: https: Implement tls-alpn configuration

  • BUG/MINOR: Remove goproxy from Dockerfile

  • BUG/MINOR: fix incorrect dependency in go.mod

  • MINOR: Reload instead of restarting when frontend cfg snippet is updated

  • MINOR: Set default values for defaults HAProxy config section

  • MAJOR: Custom Resource: Add core.haproxy.org/v1alpha1.Defaults

  • MINOR: Set default values for global HAProxy config

  • MAJOR: Custom Resource: Add core.haproxy.org/v1alpha1.Global

  • MINOR: api: return global model by pointer and add logging

  • MEDIUM: Custom Resource: Document CR creation workflow and add code generators

  • MEDIUM: Custom Resource: add CR manager

  • TEST/MINOR: e2e: set maxconn value in configmaps

  • MINOR: reorg auxiliary config file management

  • MINOR: add recover in main.go to report silent error

  • BUILD/MEDIUM: go: use Go 1.17

  • BUILD/MINOR: gitlab: perform go mod tidy check

  • BUILD/MINOR: github: perform go mod tidy check

  • BUG/MINOR: annotations: Fix cfgSnippets update

  • TEST/MINOR: check for unnecessary reload

  • REORG/MEDIUM: annotations: move Ingress annoations to annotation package

  • MINOR: basic auth: handle userList creation/deletion in the haproxy package

  • REORG/MEDIUM: HAProxy rules: handle ingress rule IDs at the controller level

  • BUG/MEDIUM: server annotations triggering update all the time

  • BUG/MINOR: annotations: log targets updates are not loaded

  • BUG/MINOR: annotations: cfgSnippet updates are not loaded

  • REORG/MEDIUM: annotations: move annotations related methods from store package to annotation package

  • REORG/MEDIUM: annotations: group annotations in separate packages

  • MEDIUM: annotations: merge Parse and Update methods

  • CLEANUP/MINOR: ci: HAProxy binary is no longer needed for e2e tests

  • CLEANUP/MINOR: ci: HAProxy is no longer needed for unit tests

  • MINOR: doc: add info that some arguments are only available in external mode

  • CLEANUP/MINOR: remove debug line from doc generation

  • DOC: fix documentation from commit a2e574be

  • Add proxy-v2-ssl and proxy-v2-ssl-cn

  • BUG/MINOR: fix balance management

  • DOC: add TARGETPLATFORM as now needed due to support of multiplatform image

  • MAJOR: use client-go v0.21.3

  • BUG/MINOR: remove unused file from workflow

  • TEST: ci: unify github and gitlab test env

  • MEDIUM: S6 unprivileged mode fixes

  • REORG: test: add TARGETPLATFORM required for s6 int system

  • MINOR: Remove -x argument from HAProxy s6 service run

  • MEDIUM: s6 related Docker image modifications

  • OPTIM/MEDIUM: Update Ingress status in a seperate goroutine

  • MINOR: use Deep Equal method from “github.com/go-test/deep”

  • BUG/MEDIUM: CN models should be passed by reference when compared via DeepEqual

  • REORG/MINOR: ci: add flag to ci build to stop process if fail happen

  • MINOR: add implementation specific path type in ingress rules

  • BUILD: ci: remove two k8s environments

  • BUILD: makefile: add example-rebuild

  • MINOR: configuration: always create default cfg file on start

  • BUG/MINOR: logFormat: put value between quotes to escape spaces

  • OPTIM/MAJOR: Convert annotations type to simple string

  • OPTIM/MINOR: Ignore “Status” in TLS authentication annotations

  • OPTIM/MINOR: Ignore “Status” in TCP Services annotations

  • OPTIM/MEDIUM: Rewrite ErrorFiles and PatternFiles handlers

  • OPTIM/MINOR: Ignore “Status” in routeACL annotation

  • OPTIM/MEDIUM: Ignore “Status” in ingress annotations

  • OPTIM/MEDIUM: Ignore “Status” from server, backend and global annotations

  • MINOR: No need to return secret status in HandleTLSSecret

  • MINOR: Remove default server weight value: 128

  • CLEANUP/MINOR: remove Selector from Service

  • BUG/MINOR: path type according api version

  • MEDIUM: add support for s6 init system

  • REORG/MINOR: haproxy: move logic to control HAProxy into a separate package

  • MINOR: upgrade config parser to v4

  • MAJOR: add option to disable forwarding to ExternalName Services

  • BUILD: ci: use local k8s images to avoid rate limit

  • BUILD: add action for goreleaser that releases on every tag

  • TEST: kind: update to v0.11.1

  • BUG/MINOR: fix header value handling in request-set-header and response-set-header

  • BUG/MINOR: fix name inversion with annotation timeout-check

  • MINOR: Add ‘client-crt-optional’ global annotation to make client certificate verification optional

  • BUG/MINOR: tcp service should respect –disable-ipv4/ipv6 flags

  • BUG/MINOR: synchronize servers when Endpoints ports change

  • BUG/MAJOR: external mode: set all paths

  • BUILD: docker: Make sure to do a deep clone for nightly builds.

  • BUILD: docker: Add building nightly from master/main branch.

  • BUG/MINOR: support protocol h1 with backend SSL

  • BUILD/MAJOR: haproxy: upgrade release to 2.4

  • MINOR: annotations: print annotation name in error logs

  • MAJOR: Client-Native: Use validation

  • MINOR: Remove Unit tests for global annotations

  • MAJOR: api: use client-native instead of config-parser for global config/annotations

  • BUILD/MAJOR: Upgrade Client-Native to v2.4.0

  • BUG/MINOR: remove cookie keyword from backend section if the annotation was deleted

  • BUILD: docker: Remove linux/ppc64le target to have parity with HAProxy Alpine images

  • BUILD: docker: Remove GOOS and GOARCH and use dumb-init from distro

  • BUG/MINOR: bind TCP services on adresses passed via flags –ipv4-bind-address and –ipv6-bind-address

  • BUG/MINOR: pprof handler should be called in sync loop

  • BUG/MINOR: external mode: copy haproxy.cfg form usr/local/etc/haproxy

  • CLEANUP/MINOR: move slice items to sepparate lines

  • BUILD: CI: Add Docker Hub Readme autogen Github Action

  • DOC: Generalizes the ‘backend-config-snippet’ example

  • BUILD: docker: Add Github actions for auto and manual multiarch builds for Docker Hub.

  • BUILD: docker: use usr/local/etc/haproxy as base dir

  • BUILD/MINOR: add go releaser for outside of cluster ingress controller

  • DOC: proxy-protocol: document CIDR

  • DOC: Add doc guide for the secondary haproxy config file

  • BUG/MINOR: whitelist misconfigured if CM namespace not also whitelisted

  • DOC: Add IngressClass description

  • BUG/MINOR: Update config on ConfigMap added event

  • BUG/MEDIUM: Fix nil pointer dereference in EventEndpoints

  • DOC: update frontend-config-snippet

Next up

Installation guide