HAProxy Ingress Controller configuration
The Ingress controller is exposed using NodePort and the --configmap-tcp-services functionality.
Service configuration
The HAProxy Ingress controller service is configured using this code:
apiVersion: v1
kind: Service
metadata:
annotations:
meta.helm.sh/release-name: haproxy
meta.helm.sh/release-namespace: ingress
labels:
app.kubernetes.io/instance: haproxy
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: kubernetes-ingress
app.kubernetes.io/version: 1.8.3
helm.sh/chart: kubernetes-ingress-1.22.4
name: haproxy-kubernetes-ingress
namespace: ingress
spec:
clusterIP: 10.100.226.75
clusterIPs:
- 10.100.226.75
externalTrafficPolicy: Cluster
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: http
nodePort: 31080
port: 80
protocol: TCP
targetPort: http
- name: https
nodePort: 31443
port: 443
protocol: TCP
targetPort: https
- name: stat
nodePort: 31024
port: 1024
protocol: TCP
targetPort: stat
- name: ml-odbc-tcp
nodePort: 31032
port: 5432
protocol: TCP
targetPort: 5432
- name: healthz-tcp
nodePort: 31042
port: 1042
protocol: TCP
targetPort: 1042
selector:
app.kubernetes.io/instance: haproxy
app.kubernetes.io/name: kubernetes-ingress
sessionAffinity: None
type: NodePort
Code explanation
In the Service configuration, the ODBC code is:
- name: ml-odbc-tcp
nodePort: 31032
port: 5432
protocol: TCP
targetPort: 5432
The port is exposed using nodePort: 31032.
configmap-tcp-services
To create a dedicated configmap:
Use --configmap-tcp-services with this code:
apiVersion: v1
data:
"5432": ml-lb/ml-enode-ml-lb:5432
kind: ConfigMap
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","data":{"5432":"ml-lb/ml-enode-ml-lb:5432"},"kind":"ConfigMap","metadata":{"annotations":{},"labels":{"app.kubernetes.io/instance":"haproxy","app.kubernetes.io/name":"kubernetes-ingress"},"name":"ml-odbc-config","namespace":"ingress"}}
labels:
app.kubernetes.io/instance: haproxy
app.kubernetes.io/name: kubernetes-ingress
name: ml-odbc-config
namespace: ingress
Code explanation
The configuration is typically done with this code:
data: "5432": ml-lb/ml-enode-ml-lb:5432 <ingress-tcp-sevice-port> : <tcp-service-to-be-exposed-namespace>/<tcp-service-name-to-be-exposed>
Port 5432 is exposed at the Ingress controller service level and the ML LB ODBC port is bound.
Ingress controller Helm Chart level
At the Ingress controller Helm Chart level, this was specified in the values.yaml file:
## Additional command line arguments to pass to Controller
## ref: https://github.com/haproxytech/kubernetes-ingress/blob/master/documentation/controller.md
extraArgs:
# - --namespace-whitelist=default
# - --namespace-whitelist=namespace1
# - --namespace-blacklist=namespace2
- --configmap-tcp-services=ingress/ml-odbc-config
## Additional tcp ports to expose
## This is especially useful for TCP services:
## https://github.com/haproxytech/kubernetes-ingress/blob/master/documentation/controller.md
tcpPorts:
- name: ml-odbc
port: 5432
targetPort: 5432
nodePort: 31032
## Controller Service configuration
## ref: https://kubernetes.io/docs/concepts/services-networking/service/
service:
enabled: true # set to false when controller.kind is 'DaemonSet' and controller.daemonset.useHostPorts is true
type: NodePort # can be 'ClusterIP', 'NodePort' or 'LoadBalancer'
Code explanation
In the Ingress controller Helm Chart level:
extraArgsspecifies which configmap is used. The tcp service syntax is:- --configmap-tcp-services=<configmap-namespace>/<configmap-name>
tcpPortsspecifies the additional tcp ports exposed by the Ingress controller service.The Ingress controller service is specified as NodePort.