Open jcmoraisjr opened 7 years ago
Any comment here?
@munnerz @simonswine Any idea whether this will be reviewed anytime soon?
This will help quite a lot of people who want to use haproxy instead of nginx.
Thanks
This looks good to me, although I've not had a chance to properly test it myself. We do have e2e tests for the nginx implementation, although given how much of the codepath is shared I'm not sure we need it right now for HAProxy too.
If you could update the documentation and add some YAML examples, I'm happy to accept this 😄
PR updated with some docs.
All looks good to me - I need to stand up a test cluster and verify all is working, and if so I'm happy to merge!
@jcmoraisjr is it possible for the pull request be submitted against cert-manager too :).
Since @munnerz mentioned that this project will be deprecated at some point of time
@jcmoraisjr I've raised a separate ticket here instead
@thekalinga cert-manager does not depend directly on any particular ingress controller implementation, so should already work with HAProxy. Again though, I've not tested, so I'd be very interested to hear your results!
Would it be possible to make it work without the DEFAULT_INGRESS_CLASS setting? I have a bunch of ingresses still on nginx, so I tried having the default still be that, but use SUPPORTED_INGRESS_CLASS (and PROVIDER) to include haproxy ("haproxy,nginx").
However the kube ingress gets setup with
kubernetes.io/ingress.class: nginx
kubernetes.io/ingress.provider: haproxy
which of course don't get picked up by haproxy then. If I change the default class to haproxy it works here, but not for nginx.
I'm using a build of kube-lego with this patch, IPv6 support and the "Cache-Control: no-cache" changes I put in another pull request. The image is available at quay.io/abh/kube-lego:20171026-haproxy
@munnerz what about this PR? I'm aware about cert-manager but we are still using the patched kube-lego on some clusters.
@munnerz re: https://github.com/jetstack/kube-lego/pull/228#issuecomment-326634712 I've just migrated from nginx ingress and kube-lego to cert-manager/haproxy-ingress and it works as expected right off the bat.
Thanks for your pull request. Before we can look at it, you'll need to add a 'DCO signoff' to your commits.
:memo: Please follow instructions in the contributing guide to update your commits with the DCO
Full details of the Developer Certificate of Origin can be found at developercertificate.org.
The list of commits missing DCO signoff:
[APPROVALNOTIFIER] This PR is NOT APPROVED
This pull-request has been approved by: To fully approve this pull request, please assign additional approvers. We suggest the following additional approvers:
If they are not already assigned, you can assign the PR to them by writing /assign
in a comment when ready.
The full list of commands accepted by this bot can be found here.
The pull request process is described here
This is a starting version of an attempt to support HAProxy Ingress.
Some known missing pieces:
generic
There is an image at
quay.io/jcmoraisjr/kube-lego:1.6-dev
with this PR. Need to declareLEGO_DEFAULT_INGRESS_CLASS=haproxy
env var in order to use with HAProxy.