Configuration reference
ConfigMap options
These options can be stored in a ConfigMap to change the ingress controller’s global behavior, affecting all Ingress routes.
How to use the ConfigMap Jump to heading
A ConfigMap is created during the installation and you can find it with the kubectl get configmaps
command:
nix
kubectl get configmaps --namespace haproxy-controller
nix
kubectl get configmaps --namespace haproxy-controller
outputtext
NAME DATA AGEhaproxy-kubernetes-ingress 0 13s
outputtext
NAME DATA AGEhaproxy-kubernetes-ingress 0 13s
You can edit the ConfigMap:
nix
kubectl edit configmap haproxy-kubernetes-ingress --namespace haproxy-controller
nix
kubectl edit configmap haproxy-kubernetes-ingress --namespace haproxy-controller
ConfigMap keys reference Jump to heading
The following ConfigMap keys are available:
allow-list Jump to heading
Available since
version 1.11
- The value is treated as a pattern file (see
--configmap-patternfiles
) if it starts withpatterns/
. It should consist of a list of IPs or CIDRs, one per line.
Values
- Comma-separated list of IP addresses and/or CIDR ranges
- Path to a pattern file, e.g.
pattern/ips
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:allow-list: "192.168.1.0/24, 192.168.2.100"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:allow-list: "192.168.1.0/24, 192.168.2.100"
auth-realm Jump to heading
Available since
version 1.5
Values
- Realm name
Default
- Protected Content
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:auth-realm: Admin Area
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:auth-realm: Admin Area
auth-secret Jump to heading
Available since
version 1.5
- Encrypted passwords are evaluated using the crypt(3) function, so depending on the system’s capabilities, different algorithms are supported.
- Unencrypted passwords (used with HAProxy insecure-password ) are not accepted.
Values
- The annotation format is a secret path namespace/secretName. If the namespace is omitted (path is only secretName) then the ingress namespace will be used.
For Basic Authentication, the Secret data should contain user credentials in the form of
username: encrypted and base-64 encoded password
. For example:
bob: JDEkYWJjJEJYQnFwYjlCWmNaaFhMZ2JlZS4wcy8=
bob: JDEkYWJjJEJYQnFwYjlCWmNaaFhMZ2JlZS4wcy8=
Create the Kubernetes Secret resource in the following way:
bash
kubectl create secret generic haproxy-credentials \--from-literal=bob=$(openssl passwd -1 bobPassword) \--from-literal=alice=$(openssl passwd -1 alicePassword)# secret/haproxy-credentials created
bash
kubectl create secret generic haproxy-credentials \--from-literal=bob=$(openssl passwd -1 bobPassword) \--from-literal=alice=$(openssl passwd -1 alicePassword)# secret/haproxy-credentials created
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:auth-type: basic-authauth-secret: default/haproxy-credentials
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:auth-type: basic-authauth-secret: default/haproxy-credentials
auth-type Jump to heading
Available since
version 1.5
Values
- basic-auth
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:auth-type: basic-authauth-secret: default/haproxy-credentials
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:auth-type: basic-authauth-secret: default/haproxy-credentials
backend-config-snippet Jump to heading
Available since
version 1.5
Values
- One or more valid HAProxy directives
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:backend-config-snippet: |http-send-name-header x-dst-serverstick-table type string len 32 size 100k expire 30mstick on req.cook(sessionid)
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:backend-config-snippet: |http-send-name-header x-dst-serverstick-table type string len 32 size 100k expire 30mstick on req.cook(sessionid)
blacklist Jump to heading
Available since
version 1.4
- The value is treated as a pattern file (see
--configmap-patternfiles
) if it starts withpatterns/
. It should consist of a list of IPs or CIDRs, one per line.
Values
- Comma-separated list of IP addresses and/or CIDR ranges
- Path to a pattern file, e.g.
pattern/ips
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:blacklist: "192.168.1.0/24, 192.168.2.100"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:blacklist: "192.168.1.0/24, 192.168.2.100"
check Jump to heading
Available since
version 1.4
Values
- true
- false
Default
- true
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:check: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:check: "true"
check-http Jump to heading
Available since
version 1.4
Values
- URI to make HTTP requests to, e.g.
/health
- URI with method, e.g.
HEAD /health
- URI, method and HTTP version, e.g.
HEAD /health HTTP/1.1
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:check: "true"check-http: "/health"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:check: "true"check-http: "/health"
check-interval Jump to heading
Available since
version 1.4
Values
- Integer with time unit suffix (1m = 1 minute, 10s = 10 seconds)
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:check: "true"check-interval: "1m"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:check: "true"check-interval: "1m"
clean-certs Jump to heading
Available since
version 1.6
Values
- true
- false
Default
- true
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:clean-certs: "false"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:clean-certs: "false"
client-ca Jump to heading
Available since
version 1.6
- NB, ssl-offloading should be enabled for TLS authentication to work.
Values
- secret path in “namespace/name” format.
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:client-ca: exp/client-ca.crt
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:client-ca: exp/client-ca.crt
client-crt-optional Jump to heading
Available since
version 1.6
- NB, client-ca should be enabled for certificate verification to work.
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:client-crt-optional: true
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:client-crt-optional: true
client-strict-sni Jump to heading
Available since
version 1.8
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:client-strict-sni: true
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:client-strict-sni: true
cookie-persistence Jump to heading
Available since
version 1.4
- This will insert the following cookie configuration in the corresponding backend
cookie <cookie-name> insert indirect nocache dynamic
with<cookie-name>
the value of this annotation.
Values
- A name for the cookie
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cookie-persistence: "mycookie"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cookie-persistence: "mycookie"
cookie-persistence-no-dynamic Jump to heading
Available since
version 3.1
- This will insert the following cookie configuration in the corresponding backend
cookie <cokkie-name> indirect nocache insert
with<cookie-name>
the value of this annotation. The server line will haveserver <server-name> <server-address> enabled cookie <server-name>
Values
- A name for the cookie
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cookie-persistence-no-dynamic: "mycookie"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cookie-persistence-no-dynamic: "mycookie"
cors-allow-credentials Jump to heading
Available since
version 1.5
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-allow-credentials: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-allow-credentials: "true"
cors-allow-headers Jump to heading
Available since
version 1.5
Values
- Wildcard
*
, allow access for all HTTP headers. - A comma-separated list of HTTP headers
Default
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-allow-headers: "*"cors-allow-headers: "X-Custom-Header"cors-allow-headers: "X-Custom-Header, Upgrade-Insecure-Requests"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-allow-headers: "*"cors-allow-headers: "X-Custom-Header"cors-allow-headers: "X-Custom-Header, Upgrade-Insecure-Requests"
cors-allow-methods Jump to heading
Available since
version 1.5
Values
- Wildcard
*
, allow access for all HTTP methods. - A comma-separated list of HTTP methods
Default
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-allow-methods: "*"cors-allow-methods: "GET"cors-allow-methods: "GET, POST"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-allow-methods: "*"cors-allow-methods: "GET"cors-allow-methods: "GET, POST"
cors-allow-origin Jump to heading
Available since
version 1.5
- With “regex” value, it is possible to allow a list of origins. If one of them matches the request Origin header it will be returned to the client.
Values
- Wildcard
*
, allow access form any origin. - Regex, regex should match an origin (request Origin header) in the format
<scheme> "://" <hostname> [ ":" <port> ]
if the origin is matched then it will be the value ofAccess-Control-Allow-Origin
.
Default
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-allow-origin: "*"cors-allow-origin: "https://example.com"cors-allow-origin: "^https://(.+\.)?(example-1\.com|example-2\.com)(:\d{1,5})?$"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-allow-origin: "*"cors-allow-origin: "https://example.com"cors-allow-origin: "^https://(.+\.)?(example-1\.com|example-2\.com)(:\d{1,5})?$"
cors-enable Jump to heading
Available since
version 1.5
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-enable: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-enable: "true"
cors-max-age Jump to heading
Available since
version 1.5
Values
- A time duration
Default
- 5s
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-max-age: "1m"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:cors-max-age: "1m"
deny-list Jump to heading
Available since
version 1.11
- The value is treated as a pattern file (see
--configmap-patternfiles
) if it starts withpatterns/
. It should consist of a list of IPs or CIDRs, one per line.
Values
- Comma-separated list of IP addresses and/or CIDR ranges
- Path to a pattern file, e.g.
pattern/ips
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:deny-list: "192.168.1.0/24, 192.168.2.100"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:deny-list: "192.168.1.0/24, 192.168.2.100"
dontlognull Jump to heading
Available since
version 1.4
Values
- true
- false
Default
- true
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:dontlognull: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:dontlognull: "true"
forwarded-for Jump to heading
Available since
version 1.4
Values
- true
- false
Default
- true
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:forwarded-for: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:forwarded-for: "true"
frontend-config-snippet Jump to heading
Available since
version 1.6
- Because frontend-config-snippet is inserted in the main http/https frontends it will apply to all traffic. To apply configuration by Ingress, annotations should be privileged.
- Ingress Controller logic is inserted in the main frontends before any config-snippet configuration so controller configuration will be evaluated first.
- It is safer to privilege backend-config-snippet when possible to avoid conflicts with controller configuration.
Values
- One or more valid HAProxy directives
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: frontend-config-snippet: |unique-id-format %{+X}o\ %ci:%cp_%fi:%fp_%Ts_%rt:%pidunique-id-header X-Unique-ID
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: frontend-config-snippet: |unique-id-format %{+X}o\ %ci:%cp_%fi:%fp_%Ts_%rt:%pidunique-id-header X-Unique-ID
global-config-snippet Jump to heading
Available since
version 1.5
Values
- One or more valid HAProxy directives
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: global-config-snippet: |ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11ssl-default-bind-ciphers TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20tune.ssl.default-dh-param 2048tune.bufsize 32768
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: global-config-snippet: |ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11ssl-default-bind-ciphers TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:EECDH+AESGCM:EECDH+CHACHA20tune.ssl.default-dh-param 2048tune.bufsize 32768
hard-stop-after Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour)
Default
- 30m
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:hard-stop-after: 30s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:hard-stop-after: 30s
http-connection-mode Jump to heading
Available since
version 1.8
Values
- http-keep-alive
default
- Enables HTTP Keep-Alive both from the client to HAProxy and from HAProxy to the backend. - http-server-close - Disables HTTP Keep-Alive between HAProxy and the backend, while allowing it to stay enabled from the client to HAProxy.
- httpclose - HAProxy will close connections with the server and the client as soon as the request and the response are received
Default
- http-keep-alive
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:http-connection-mode: "http-server-close"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:http-connection-mode: "http-server-close"
http-keep-alive Jump to heading
Available since
version 1.4
Values
- true
- false
Default
- true
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:http-keep-alive: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:http-keep-alive: "true"
http-server-close Jump to heading
Available since
version 1.4
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:http-server-close: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:http-server-close: "true"
load-balance Jump to heading
Available since
version 1.4
Values
- roundrobin
- static-rr
- leastconn
- first
- source
- uri [path-only] [whole] [len num] [depth num]
- url_param name [check_post num]
- hdr[(name)] [use_domain_only]
- random[(draws)]
- rdp-cookie[(name)]
Default
- roundrobin
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:load-balance: "leastconn"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:load-balance: "leastconn"
log-format Jump to heading
Available since
version 1.4
- Default log-format is:
%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs \"%HM %[var(txn.base)] %HV\"
Which will look like this:10.244.0.1:5793 [10/Apr/2020:10:32:50.132] https~ test-echo1-8080/SRV_TFW8V 0/0/1/2/3 200 653 - - ---- 1/1/0/0/0 0/0 "GET test.k8s.local/ HTTP/2.0
Values
- Log format string. More information in HAProxy documentation
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:log-format: "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs \"%HM %[var(txn.base)] %HV\""
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:log-format: "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs \"%HM %[var(txn.base)] %HV\""
log-format-tcp Jump to heading
Available since
version 1.7
- Default is option tcplog
- Applies only to TCP configmap defined by command line option --configmap-tcp-services
Values
- Log format string. More information in HAProxy documentation
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:log-format-tcp: "%{+Q}o %t %s"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:log-format-tcp: "%{+Q}o %t %s"
logasap Jump to heading
Available since
version 1.4
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:logasap: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:logasap: "true"
maxconn Jump to heading
Available since
version 1.4
Values
- An integer setting the allowed number of concurrent connections
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:maxconn: "2000"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:maxconn: "2000"
nbthread Jump to heading
Available since
version 1.4
Values
- An integer setting the number of worker threads
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:nbthread: "8"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:nbthread: "8"
path-rewrite Jump to heading
Available since
version 1.4
Values
- A single path, such as “/”, to turn any path into “/”
- Two parameters. A regular expression to match and a path to replace it with.
- Multiline annotation is split into more rewrite rules.
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: path-rewrite: "/" # replace all paths with /path-rewrite: (.*) /foo\1 # add the prefix /foo... "/bar?q=1" into "/foo/bar?q=1"path-rewrite: ([^?]*)(\?(.*))? \1/foo\2 # add the suffix /foo ... "/bar?q=1" into "/bar/foo?q=1"path-rewrite: /foo/(.*) /\1 # strip /foo ... "/foo/bar?q=1" into "/bar?q=1"# strip /foo ... "/foo/bar?q=1" into "/bar?q=1" and replace "/bar/*" with "/baz/*"# with multiline (using `|`) annotationpath-rewrite: |/foo/(.*) /\1/bar/(.*) /baz/\1
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: path-rewrite: "/" # replace all paths with /path-rewrite: (.*) /foo\1 # add the prefix /foo... "/bar?q=1" into "/foo/bar?q=1"path-rewrite: ([^?]*)(\?(.*))? \1/foo\2 # add the suffix /foo ... "/bar?q=1" into "/bar/foo?q=1"path-rewrite: /foo/(.*) /\1 # strip /foo ... "/foo/bar?q=1" into "/bar?q=1"# strip /foo ... "/foo/bar?q=1" into "/bar?q=1" and replace "/bar/*" with "/baz/*"# with multiline (using `|`) annotationpath-rewrite: |/foo/(.*) /\1/bar/(.*) /baz/\1
pod-maxconn Jump to heading
Available since
version 1.4
- NB, If multiple HAProxy instances are running, the maxconn will be pod-maxconn number devided by the number of haproxy instances.
Values
- An integer setting the maximum number of concurrent backend connections
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:pod-maxconn: 30
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:pod-maxconn: 30
proxy-protocol Jump to heading
Available since
version 1.4
- Connection will fail with 400 Bad Request if source IP is in annotation list but no Proxy Protocol data is sent.
Values
- A list of IP addresses and/or CIDR ranges
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:proxy-protocol: "192.168.1.0/24, 192.168.2.100"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:proxy-protocol: "192.168.1.0/24, 192.168.2.100"
quic-alt-svc-max-age Jump to heading
Available since
version 1.11
- Too high a number can lead to issues. The clients could fail to connect because the services is no more available.
Values
- number of seconds for cache retention.
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:quic-alt-svc-max-age: "900"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:quic-alt-svc-max-age: "900"
rate-limit-period Jump to heading
Available since
version 1.4
Values
- Integer with unit of time (1s = 1 second, 1m = 1 minute); Defaults to 1 second
Default
- 1s
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:rate-limit-period: "1m"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:rate-limit-period: "1m"
rate-limit-requests Jump to heading
Available since
version 1.4
- If this number is exceeded, HAProxy will deny requests with 403 status code.
- To track the http requests rate, a stick-table named “Ratelimit-
” will be created. For example, if the rate-limit-period
is set to 2s, the name of the table will be Ratelimit-2000.
Values
- An integer representing the maximum number of requests to accept
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:rate-limit-requests: 15
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:rate-limit-requests: 15
rate-limit-size Jump to heading
Available since
version 1.4
- If this number is exceeded, older entries will be dropped as new ones come
Values
- An integer defining how many IP addresses to track for rate limiting; Defaults to 100,000
Default
- 100k
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:rate-limit-size: 1000000
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:rate-limit-size: 1000000
rate-limit-status-code Jump to heading
Available since
version 1.5
Values
- HTTP status codes; Defaults to 403.
Default
- 403
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:rate-limit-status-code: "429"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:rate-limit-status-code: "429"
request-capture Jump to heading
Available since
version 1.4
- Captures samples of the request using sample expression and log them in HAProxy traffic logs.
Values
- A header value, e.g.
hdr(header-name)
- A cookie value, e.g.
cookie(cookie-name)
- Multiple expressions by using a multiline YAML string
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: # capture a single valuerequest-capture: cookie(my-cookie)# capture multiple valuesrequest-capture: |cookie(my-cookie)hdr(Host)hdr(User-Agent)
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: # capture a single valuerequest-capture: cookie(my-cookie)# capture multiple valuesrequest-capture: |cookie(my-cookie)hdr(Host)hdr(User-Agent)
request-capture-len Jump to heading
Available since
version 1.4
Values
- An integer representing the number of characters for captured fields; Defaults to 128
Default
- 128
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:request-capture: cookie(my-cookie)request-capture-len: 350
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:request-capture: cookie(my-cookie)request-capture-len: 350
request-redirect Jump to heading
Available since
version 1.5
- HTTP redirection code is settable with
request-redirect-code
annotation. - Port alone is not allowed.
Values
- host
- host:port
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:request-redirect: example.comrequest-redirect: example.com:8888
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:request-redirect: example.comrequest-redirect: example.com:8888
request-redirect-code Jump to heading
Available since
version 1.5
Values
- Integer value.
Default
- 302
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:request-redirect-code: "303"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:request-redirect-code: "303"
request-set-header Jump to heading
Available since
version 1.4
- This sets header before HAProxy does any service/backend dispatch. So in the case you want to change the Host header this will impact HAProxy decision on which service/backend to use (based on matching Host against ingress rules). In order to set the Host header after service selection, use set-host annotation.
Values
- The name of the field, following by its value, e.g. Ingress-ID abcd123
- Multiple headers can be set using a multiline YAML string
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: # single headerrequest-set-header: Ingress-ID abcd123# multiple headersrequest-set-header: |Ingress-ID abcd123Another-Header 12345
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: # single headerrequest-set-header: Ingress-ID abcd123# multiple headersrequest-set-header: |Ingress-ID abcd123Another-Header 12345
response-set-header Jump to heading
Available since
version 1.4
Values
- The name of the field, following by its value, e.g. Cache-Control “no-store,no-cache,private”
- Multiple headers can be set using a multiline YAML string
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: # single headerresponse-set-header: Cache-Control "no-store,no-cache,private"# multiple headersresponse-set-header: |Cache-Control "no-store,no-cache,private"Strict-Transport-Security "max-age=31536000"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: # single headerresponse-set-header: Cache-Control "no-store,no-cache,private"# multiple headersresponse-set-header: |Cache-Control "no-store,no-cache,private"Strict-Transport-Security "max-age=31536000"
scale-server-slots Jump to heading
Available since
version 1.4
- Equivalent old annotations are
servers-increment
andserver-slots
Values
- Integer value indicating the number of backend servers to provision. Defaults to 42.
Default
- 42
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:scale-server-slots: "75"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:scale-server-slots: "75"
send-proxy-protocol Jump to heading
Available since
version 1.5
Values
- proxy - Uses PROXY v1
- proxy-v1 - Uses PROXY v1
- proxy-v2 - Uses PROXY v2
- proxy-v2-ssl Uses PROXY v2 with SSL information extension
- proxy-v2-ssl-cn Uses PROXY v2 with SSL and Common Name information extension
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:send-proxy-protocol: proxy-v2
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:send-proxy-protocol: proxy-v2
server-ca Jump to heading
Available since
version 1.5
- When used with server-crt resulting configuration provides mutual TLS authentication (mTLS).
- The secret must use ‘tls.crt’ key.
Values
- Secret path following namespace/secretname format.
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:server-ca: "ns1/ca"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:server-ca: "ns1/ca"
server-crt Jump to heading
Available since
version 1.5
- The secret must use ‘tls.key’ and ‘tls.crt’ keys.
- When used with server-ca resulting configuration provides mutual TLS authentication (mTLS).
Values
- Secret path following namespace/secretname format.
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:server-crt: "ns1/client"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:server-crt: "ns1/client"
server-proto Jump to heading
Available since
version 1.5
Values
- h2
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:server-proto: "h2"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:server-proto: "h2"
server-ssl Jump to heading
Available since
version 1.4
- Enable HTTP/2 support for backend severs.
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:server-ssl: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:server-ssl: "true"
set-host Jump to heading
Available since
version 1.4
Values
- The value of the Host header
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:set-host: "example.local"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:set-host: "example.local"
src-ip-header Jump to heading
Available since
version 1.5
Values
- any header name
Default
- null
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:src-ip-header: "True-Client-IP"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:src-ip-header: "True-Client-IP"
ssl-certificate Jump to heading
Available since
version 1.4
- this replaces default certificate
- this is used as the certificate for quic binding
Values
- Name of Kubernetes secret
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-certificate: "default/tls-secret"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-certificate: "default/tls-secret"
ssl-passthrough Jump to heading
Available since
version 1.4
- Traffic is proxied in TCP mode which makes unavailable a number of the controller annotations (requiring HTTP mode).
- HTTPS frontend is conserved and still listening at port 8444 when previous HTTPS port is moved to SSL Frontend.
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-passthrough: "true"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-passthrough: "true"
ssl-redirect Jump to heading
Available since
version 1.4
- SSL redirection is enabled by default for any ingress resource defined with a TLS section
spec.tls[].secretName
. - Automatic redirects for ingress resources with TLS enabled, can be disabled by setting annotation to “false” in configmap
Values
- true
- false
Default
- false
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-redirect: "false"ssl-certificate: "default/tls-secret"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-redirect: "false"ssl-certificate: "default/tls-secret"
ssl-redirect-code Jump to heading
Available since
version 1.4
Values
- 301
- 302
- 303
Default
- 302
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-redirect: "true"ssl-certificate: "default/tls-secret"ssl-redirect-code: "301"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-redirect: "true"ssl-certificate: "default/tls-secret"ssl-redirect-code: "301"
ssl-redirect-port Jump to heading
Available since
version 1.5
- When setting the HTTPS port value, keep in mind that this is the HTTPS port as seen by the client, not as set on the Ingress Controller. The reason for this distinction lies in the fact that there will probably be some middleware with its own ports mapping between the client and the Ingress Controller. As a consequence, it must be set with a distinct consideration of how the HTTPS port is set on Ingress Controller with the
https-bind-port
command line option.
Values
- Integer HTTPS port number
Default
- 8443
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-redirect: "true"ssl-redirect-port: "8443"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:ssl-redirect: "true"ssl-redirect-port: "8443"
stats-config-snippet Jump to heading
Available since
version 1.6
Values
- One or more valid HAProxy directives
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: stats-config-snippet: |stats auth foo:test
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: stats-config-snippet: |stats auth foo:test
syslog-server Jump to heading
Available since
version 1.4
- More information can be found in the HAProxy documentation
Values
- address - Required - IP address where the syslog server is listening.
- facility - Required - One of the 24 syslog facilities (kern, user, mail, daemon, auth, syslog, lpr, news, uucp, cron, auth2, ftp, ntp, audit, alert, con2, local0, local1, local2, local3, local4, local5, local6, local7); In general, you will want to use one of the localX values, since the others are registered for specific types of applications.
- format - Syslog format, one of the following - rfc3164, rfc5424, short, raw. to rfc3164. HAProxy default is rfc3164
- length - Maximum syslog line length. HAProxy default is 1024.
- level - Maximum verbosity level to filter outgoing messages; Only messages with a severity at least as important as this level will be sent; Use one of the following (emerg, alert, crit, err, warning, notice, info, debug); Traffic logs are emitted at “info” or higher severity. Haproxy default is to send all messages.
- minlevel - Minimum verbosity level. Logs emitted with a more severe level than this one will be capped to this level. HAProxy default does not set a minlevel.
- port - Port number where the syslog server is listening. HAProxy default is 514.
Default
- address:127.0.0.1, facility: local0, level: notice
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: # a single entrysyslog-server: "address:192.158.1.1, port:514, facility:local0"# log to stdoutsyslog-server: "address:stdout, format: raw, facility:daemon"# multiple entriessyslog-server: |address:127.0.0.1, port:514, facility:local0address:192.168.1.1, port:514, facility:local1
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata: # a single entrysyslog-server: "address:192.158.1.1, port:514, facility:local0"# log to stdoutsyslog-server: "address:stdout, format: raw, facility:daemon"# multiple entriessyslog-server: |address:127.0.0.1, port:514, facility:local0address:192.168.1.1, port:514, facility:local1
timeout-check Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour)
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-check: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-check: 5s
timeout-client Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour); Defaults to 50s
Default
- 50s
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-client: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-client: 5s
timeout-client-fin Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour)
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-client-fin: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-client-fin: 5s
timeout-connect Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour); Defaults to 5s
Default
- 5s
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-connect: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-connect: 5s
timeout-http-keep-alive Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour); Defaults to 1m
Default
- 1m
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-http-keep-alive: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-http-keep-alive: 5s
timeout-http-request Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour); Defaults to 5s
Default
- 5s
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-http-request: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-http-request: 5s
timeout-queue Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour); Defaults to 5s
Default
- 5s
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-queue: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-queue: 5s
timeout-server Jump to heading
Available since
version 1.11
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour); Defaults to 50s
Default
- 50s
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-server: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-server: 5s
timeout-server-fin Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour)
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-server-fin: 5s
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-server-fin: 5s
timeout-tunnel Jump to heading
Available since
version 1.4
Values
- An integer with a unit of time (1 second = 1s, 1 minute = 1m, 1h = 1 hour); Defaults to 1h
Default
- 1h
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-tunnel: 30m
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:timeout-tunnel: 30m
tls-alpn Jump to heading
Available since
version 1.7
- To disable HTTP/2 over https, simply use a value like “http/1.1” for this annotation
Values
- Comma-separated list of protocol names to advertise as supported on top of ALPN
Default
- h2,http/1.1
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:tls-alpn: http/1.1
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:tls-alpn: http/1.1
whitelist Jump to heading
Available since
version 1.4
- The value is treated as a pattern file (see
--configmap-patternfiles
) if it starts withpatterns/
. It should consist of a list of IPs or CIDRs, one per line.
Values
- Comma-separated list of IP addresses and/or CIDR ranges
- Path to a pattern file, e.g.
pattern/ips
Default
- No default value
Example
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:whitelist: "192.168.1.0/24, 192.168.2.100"
yaml
apiVersion: v1kind: ConfigMapmetadata:name: haproxy-kubernetes-ingressnamespace: defaultdata:whitelist: "192.168.1.0/24, 192.168.2.100"
Do you have any suggestions on how we can improve the content of this page?