High Performance Ingress Routing for Kubernetes
Kubernetes manages containers across a fleet of servers, overseeing the fair usage of resources and hiding the low-level details of the servers themselves. It accelerates continuous delivery, makes it easy to build fault-tolerant applications, and supports on-demand scalability.
Above all, Kubernetes is extensible. Knowing that the platform would never support all functionality natively, its maintainers provide APIs, allowing third parties to build powerful add-ons that integrate seamlessly.
The HAProxy Enterprise Kubernetes Ingress Controller is built to supercharge your Kubernetes environment by adding advanced TCP and HTTP routing that connects clients outside your Kubernetes cluster with containers inside. Built upon HAProxy Enterprise, this adds an important layer of security via the integrated Web Application Firewall. It is backed by our authoritative expert technical support.
Secure your cluster with built-in TLS termination, rate limiting, IP whitelisting and WAF.
Balance traffic across pods using any of HAProxy’s load-balancing algorithms including round-robin, least connections, URL hash and random.
Avoid problems early with superior Layer 7 observability out of the box. Verbose logging and statistics give insight into the health of your pods, current request rates, response times, and errors.
Experience better throughput with HAProxy’s traffic overload protection. Backend servers won’t receive more requests than they’re able to handle.
Purpose Built for Kubernetes
Why use an ingress controller? Kubernetes presents a limited number of ways to connect your external clients to your containerized applications. For example, you can bind to an external load balancer, but this requires you to provision a new load balancer for each and every service. An ingress controller solves this problem, acting as a proxy inside the cluster and mapping incoming requests to multiple services, saving money and reducing complexity.
The controller monitors your cluster at all times. When it sees a new pod, it checks the routing rules you’ve defined via Ingress objects and dynamically adds the pod’s address to the HAProxy configuration. An Ingress rule maps a group of pods to a specific hostname, URL path, or combination of the two and dynamically reconfigures HAProxy behind the scenes, supporting short-lived containers and rapid deployments. Requests for various services flow through a single instance of the HAProxy Enterprise Kubernetes Ingress Controller, dispelling the need for many external load balancers.
Features at a glance
- Layer 4 (TCP) and Layer 7 (HTTP) routing
- HTTP and HTTPS
- Hitless reloads with no lost traffic
- Sticky sessions
- Whitelist client IP addresses
- Rate limiting
- X-Forwarded-For and Proxy Protocol support
- Prometheus metrics
- Web Application Firewall with ModSecurity and Zero-Trust Whitelist-only modes
- Expert technical support
With more than 70 pages, our newest eBook is packed with hands-on tips and tricks on how to get the most out of the HAProxy Kubernetes Ingress Controller.