github-actions[bot]
commented
1 year ago This issue got stale and will be closed in 7 days.
Open kayrus opened 1 year ago
github-actions[bot]
commented
1 year ago This issue got stale and will be closed in 7 days.
What are you trying to do
k8s nodes routes loadbalancer traffic locally. if the listener is configured with PROXY protocol, the local traffic becomes unusable since haproxy requires the PROXY header.
See the k8s issue: https://github.com/kubernetes/kubernetes/issues/66607
What HAProxy Ingress should do or how it should behave differently
instead of the
bind'saccept-proxyoption, it's possible to configuretcp-request connection expect-proxy layer4 if { src 192.168.1.0/24 }. see documentation for reference: https://docs.haproxy.org/2.4/configuration.html#4.2-tcp-request%20connectionhaproxytech ingress controller already supports the
expect-proxywith a list of CIDRs: https://www.haproxy.com/documentation/kubernetes/latest/community/configuration-reference/configmap/#proxy-protocolhttps://github.com/haproxytech/kubernetes-ingress/commit/8c898cb3959d1d170e902dcb932057e4e686d85e