HAProxy Kubernetes Ingress Controller Documentation 1.10

Backend CRD

The Backend custom resource extends the Kubernetes API to let you manage how traffic is load balanced across pods.

Install the Backend custom resource

Before you can use the Backend custom resource, you must install its definition into your Kubernetes cluster.

  1. Install the custom resource definition with kubectl apply:

    Community ingress controller

    $ kubectl apply -f https://cdn.haproxy.com/documentation/kubernetes/1.10/community/crd/backend.yaml

  2. Verify that the installation worked by listing custom resources defined in your cluster:

    $ kubectl get crd

    output

    NAME                        CREATED AT
backends.core.haproxy.org   2022-01-21T20:00:31Z

Use the Backend custom resource

With the Backend custom resource, you can manage how traffic is load balanced across pods. To use it:

  1. Create a YAML file that declares a Backend resource and add properties to its spec.config section.

    In the example below, the balance.algorithm property changes the load balancing algorithm to least connections.

    example-backend.yaml

    apiVersion: "core.haproxy.org/v1alpha1"
kind: Backend
metadata:
  name: example-backend
  namespace: default
spec:
  config:
    balance:
      algorithm: "leastconn"

  2. Deploy it to your cluster using kubectl apply.

    $ kubectl apply -f example-backend.yaml

  3. Decide which Kubernetes services the resource should apply to. Do one of the following:

    • To have the properties apply to all services, create a new ConfigMap with the name haproxy-kubernetes-ingress to override the one that ships with the ingress controller. Add the cr-backend key to the data section to implement the backend properties.

      example-configmap.yaml

      apiVersion: v1
kind: ConfigMap
metadata:
  name: haproxy-kubernetes-ingress
  namespace: haproxy-controller
data:
  cr-backend: default/example-backend

      Update the ConfigMap in your cluster by using kubectl apply:

      $ kubectl apply -f  example-configmap.yaml

    • To have the properties apply to all services that the Ingress routes traffic to, add the cr-backend annotation to your Ingress definition . The Ingress below applies to the services example-service1 and example-service2:

      example-ingress.yaml

      apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
    name: example-ingress
    annotations:
       haproxy.org/cr-backend: default/example-backend
spec:
    rules:
    - http:
        paths:
        - path: /example1
          pathType: Prefix
          backend:
            service:
              name: example-service1
              port:
                number: 80
        - path: /example2
          pathType: Prefix
          backend:
            service:
              name: example-service2
              port:
                number: 80

      Update the Ingress in your cluster by using kubectl apply:

      $ kubectl apply -f  example-ingress.yaml

    • To have the properties apply to only a specific Kubernetes service, add the cr-backend annotation to your Service definition. The Service below applies the properties only to the service named example-service1.

      example-service.yaml

      apiVersion: v1
kind: Service
metadata:
  labels:
    run: app
  name: example-service1
  annotations:
    haproxy.org/cr-backend: default/example-backend
spec:
  selector:
    run: app
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: 8080

      Update the Service in your cluster by using kubectl apply:

      $ kubectl apply -f  example-service.yaml

Backend custom resource reference

Version: core.haproxy.org/v1alpha2

abortonclose

Type Values
string enabled, disabled

accept_invalid_http_response

Type Values
string enabled, disabled

adv_check

Type Values
string ssl-hello-chk, smtpchk, ldap-check, mysql-check, pgsql-check, tcp-check, redis-check, httpchk

allbackups

Type Values
string enabled, disabled

balance

Type Values
object

Child properties

Property Type Values
algorithm string roundrobin, static-rr, leastconn, first, source, uri, url_param, hdr, random, rdp-cookie
hdr_name string
hdr_use_domain_only boolean
random_draws integer
rdp_cookie_name string
uri_depth integer
uri_len integer
uri_path_only boolean
uri_whole boolean
url_param string
url_param_check_post integer
url_param_max_wait integer

bind_process

Type Values
string

check_timeout

Type Values
integer

compression

Type Values
object

Child properties

Property Type Values
algorithms array
offload boolean
types array

connect_timeout

Type Values
integer
Type Values
object

Child properties

Property Type Values
domain array
dynamic boolean
httponly boolean
indirect boolean
maxidle integer
maxlife integer
name string
nocache boolean
postonly boolean
preserve boolean
secure boolean
type string rewrite, insert, prefix

default_server

Type Values
object

Child properties

Property Type Values
address string
agent-addr string
agent-check string enabled, disabled
agent-inter integer
agent-port integer
agent-send string
allow_0rtt boolean
alpn string
backup string enabled, disabled
ca_file string
check string enabled, disabled
check-send-proxy string enabled, disabled
check-sni string
check-ssl string enabled, disabled
check_alpn string
check_proto string
check_via_socks4 string enabled, disabled
ciphers string
ciphersuites string
cookie string
crl_file string
disabled string enabled, disabled
downinter integer
enabled string enabled, disabled
error_limit integer
fall integer
fastinter integer
force_sslv3 string enabled, disabled
force_tlsv10 string enabled, disabled
force_tlsv11 string enabled, disabled
force_tlsv12 string enabled, disabled
force_tlsv13 string enabled, disabled
health_check_port integer
init-addr string
inter integer
log_proto string legacy, octet-count
max_reuse integer
maxconn integer
maxqueue integer
minconn integer
name string
namespace string
no_sslv3 string enabled, disabled
no_tlsv10 string enabled, disabled
no_tlsv11 string enabled, disabled
no_tlsv12 string enabled, disabled
no_tlsv13 string enabled, disabled
no_verifyhost string enabled, disabled
npn string
observe string layer4, layer7
on-error string fastinter, fail-check, sudden-death, mark-down
on-marked-down string shutdown-sessions
on-marked-up string shutdown-backup-sessions
pool_low_conn integer
pool_max_conn integer
pool_purge_delay integer
port integer
proto string
proxy-v2-options array
redir string
resolve-net string
resolve-prefer string ipv4, ipv6
resolve_opts string
resolvers string
rise integer
send-proxy string enabled, disabled
send-proxy-v2 string enabled, disabled
send_proxy_v2_ssl string enabled, disabled
send_proxy_v2_ssl_cn string enabled, disabled
slowstart integer
sni string
socks4 string
source string
ssl string enabled, disabled
ssl_certificate string
ssl_max_ver string SSLv3, TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3
ssl_min_ver string SSLv3, TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3
ssl_reuse string enabled, disabled
stick string enabled, disabled
tcp_ut integer
tfo string enabled, disabled
tls_tickets string enabled, disabled
track string
verify string none, required
verifyhost string
weight integer
Type Values
string

external_check

Type Values
string enabled, disabled

external_check_command

Type Values
string

external_check_path

Type Values
string

forwardfor

Type Values
object

Child properties

Property Type Values
enabled string enabled
except string
header string
ifnone boolean

h1_case_adjust_bogus_server

Type Values
string enabled, disabled

hash_type

Type Values
object

Child properties

Property Type Values
function string sdbm, djb2, wt6, crc32
method string map-based, consistent
modifier string avalanche

http-buffer-request

Type Values
string enabled, disabled

http-check

Type Values
object

Child properties

Property Type Values
addr string
alpn string
body string
body_log_format string
check_comment string
default boolean
error_status string L7OKC, L7RSP, L7STS, L6RSP, L4CON
exclamation_mark boolean
headers array
index integer
linger boolean
match string status, rstatus, hdr, fhdr, string, rstring
method string
min_recv integer
ok_status string L7OK, L7OKC, L6OK, L4OK
on_error string
on_success string
pattern string
port integer
port_string string
proto string
send_proxy boolean
sni string
ssl boolean
status-code string
tout_status string L7TOUT, L6TOUT, L4TOUT
type string comment, connect, disable-on-404, expect, send, send-state, set-var, set-var-fmt, unset-var
uri string
uri_log_format string
var_expr string
var_format string
var_name string
var_scope string
version string
via_socks4 boolean

http-keep-alive

Type Values
string enabled, disabled

http-no-delay

Type Values
string enabled, disabled

http-server-close

Type Values
string enabled, disabled

http-use-htx

Type Values
string enabled, disabled

http_connection_mode

Type Values
string httpclose, http-server-close, http-keep-alive

http_keep_alive_timeout

Type Values
integer

http_pretend_keepalive

Type Values
string enabled, disabled

http_proxy

Type Values
string enabled, disabled

http_request_timeout

Type Values
integer

http_reuse

Type Values
string aggressive, always, never, safe

httpchk_params

Type Values
object

Child properties

Property Type Values
method string HEAD, PUT, POST, GET, TRACE, PATCH
uri string
version string

httpclose

Type Values
string enabled, disabled

log_health_checks

Type Values
string enabled, disabled

log_tag

Type Values
string

mode

Type Values
string http, tcp

mysql_check_params

Type Values
object

Child properties

Property Type Values
client_version string pre-41, post-41
username string

name

Type Values
string

pgsql_check_params

Type Values
object

Child properties

Property Type Values
username string

queue_timeout

Type Values
integer

redispatch

Type Values
object

Child properties

Property Type Values
enabled string enabled, disabled
interval integer

retries

Type Values
integer

server_timeout

Type Values
integer

smtpchk_params

Type Values
object

Child properties

Property Type Values
domain string
hello string

srvtcpka

Type Values
string enabled, disabled

stats_options

Type Values
object

Child properties

Property Type Values
stats_admin boolean
stats_admin_cond string if, unless
stats_admin_cond_test string
stats_enable boolean
stats_hide_version boolean
stats_maxconn integer
stats_refresh_delay integer
stats_show_desc string
stats_show_legends boolean
stats_show_node_name string
stats_uri_prefix string

stick_table

Type Values
object

Child properties

Property Type Values
expire integer
keylen integer
nopurge boolean
peers string
size integer
store string
type string ip, ipv6, integer, string, binary

tcpka

Type Values
string enabled, disabled

tunnel_timeout

Type Values
integer

Next up

Defaults CRD