High Performance Ingress Routing for Kubernetes

Kubernetes manages containers across a fleet of servers, overseeing the fair usage of resources and hiding the low-level details of the servers themselves. It accelerates continuous delivery, makes it easy to build fault-tolerant applications, and supports on-demand scalability.

Above all, Kubernetes is extensible. Knowing that the platform would never support all functionality natively, its maintainers provide APIs, allowing third parties to build powerful add-ons that integrate seamlessly.

The HAProxy Enterprise Kubernetes Ingress Controller is built to supercharge your Kubernetes environment by adding advanced TCP and HTTP routing that connects clients outside your Kubernetes cluster with containers inside. Built upon HAProxy Enterprise, this adds an important layer of security via the integrated Web Application Firewall. It is backed by our authoritative expert technical support.

Get HAProxy’s legendary performance, with battle-hardened code capable of routing many types of traffic, optimized to handle the most demanding workloads.

Secure your cluster with built-in TLS termination, rate limiting, IP whitelisting and WAF.

Balance traffic across pods using any of HAProxy’s load-balancing algorithms including round-robin, least connections, URL hash and random.

Avoid problems early with superior Layer 7 observability out of the box. Verbose logging and statistics give insight into the health of your pods, current request rates, response times, and errors.

Experience better throughput with HAProxy’s traffic overload protection. Backend servers won’t receive more requests than they’re able to handle.

Purpose Built for Kubernetes

Why use an ingress controller? Kubernetes presents a limited number of ways to connect your external clients to your containerized applications. For example, you can bind to an external load balancer, but this requires you to provision a new load balancer for each and every service. An ingress controller solves this problem, acting as a proxy inside the cluster and mapping incoming requests to multiple services, saving money and reducing complexity.

The controller monitors your cluster at all times. When it sees a new pod, it checks the routing rules you’ve defined via Ingress objects and dynamically adds the pod’s address to the HAProxy configuration. An Ingress rule maps a group of pods to a specific hostname, URL path, or combination of the two and dynamically reconfigures HAProxy behind the scenes, supporting short-lived containers and rapid deployments. Requests for various services flow through a single instance of the HAProxy Enterprise Kubernetes Ingress Controller, dispelling the need for many external load balancers.

 

Features at a glance

  • Layer 4 (TCP) and Layer 7 (HTTP) routing
  • HTTP and HTTPS
  • Hitless reloads with no lost traffic
  • Sticky sessions
  • Whitelist client IP addresses
  • Rate limiting
  • X-Forwarded-For and Proxy Protocol support
  • Prometheus metrics
  • Web Application Firewall with ModSecurity and Zero-Trust Whitelist-only modes
  • Expert technical support

HAProxy in Kubernetes

This brand new eBook serves as a comprehensive overview for the HAProxy Kubernetes Ingress Controller, helping you get off on the right foot towards high-performance traffic routing.

With more than 70 pages, our newest eBook is packed with hands-on tips and tricks on how to get the most out of the HAProxy Kubernetes Ingress Controller.

Contact the authoritative experts on HAProxy who will assist you in finding the solution that best fits your needs for deployment, scale, and security.