traefik
haproxy-ingress
traefik | haproxy-ingress | |
---|---|---|
4 | 6 | |
36,761 | 1,005 | |
- | - | |
9.4 | 8.4 | |
about 2 years ago | 10 days ago | |
Go | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
traefik
-
Traefik : Add Custom Header Only for specific files
UPDATE: ATM this is not possible via traefik. I have openend an issue : https://github.com/containous/traefik/issues/4228
-
uwsgi master graceful shutdown
;https://uwsgi-docs.readthedocs.io/en/latest/HTTP.htmlhttp = :8080wsgi-file = main.pycallable = wsgi_applicationprocesses = 2enable-threads = truemaster = truereload-mercy = 30worker-reload-mercy = 30log-5xx = truelog-4xx = truedisable-logging = truestats = 127.0.0.1:1717stats-http = truesingle-interpreter= true;https://github.com/containous/traefik/issues/615http-keepalive=trueadd-header = Connection: Keep-Alive
-
Back to basics: accessing Kubernetes pods
It's implementation-dependent and implementations offer different features, e.g., Nginx, Traefik, HAProxy, etc.
-
Install letsecrypt certificates on all your docker containers
version: "3" services: influx: image: influxdb:1.7 # or any other recent version labels: # SSL endpoint - "traefik.http.routers.influx-ssl.entryPoints=port8086" - "traefik.http.routers.influx-ssl.rule=host(`influx.mydomain.com`)" - "traefik.http.routers.influx-ssl.tls=true" - "traefik.http.routers.influx-ssl.tls.certResolver=le-ssl" - "traefik.http.routers.influx-ssl.service=influx-ssl" - "traefik.http.services.influx-ssl.loadBalancer.server.port=8086" restart: always container_name: influxdb volumes: - influx-data:/var/lib/influxdb environment: # - INFLUXDB_DB= - INFLUXDB_HTTP_ENABLED=true - INFLUXDB_HTTP_AUTH_ENABLED=true # - INFLUXDB_ADMIN_USER= # - INFLUXDB_ADMIN_PASSWORD= grafana: labels: # SSL redirect requires a separate router (https://github.com/containous/traefik/issues/4688#issuecomment-477800500) - "traefik.http.routers.grafana.entryPoints=port80" - "traefik.http.routers.grafana.rule=host(`grafana.mydomain.com`)" - "traefik.http.middlewares.grafana-redirect.redirectScheme.scheme=https" - "traefik.http.middlewares.grafana-redirect.redirectScheme.permanent=true" - "traefik.http.routers.grafana.middlewares=grafana-redirect" # SSL endpoint - "traefik.http.routers.grafana-ssl.entryPoints=port443" - "traefik.http.routers.grafana-ssl.rule=host(`grafana.mydomain.com`)" - "traefik.http.routers.grafana-ssl.tls=true" - "traefik.http.routers.grafana-ssl.tls.certResolver=le-ssl" - "traefik.http.routers.grafana-ssl.service=grafana-ssl" - "traefik.http.services.grafana-ssl.loadBalancer.server.port=3000" image: grafana/grafana container_name: grafana restart: always volumes: - grafana-data:/var/lib/grafana environment: - GF_SERVER_ROOT_URL=https://grafana.mydomain.com - GF_SERVER_DOMAIN=grafana.mydomain.com - GF_USERS_ALLOW_SIGN_UP=false volumes: traefik-data: influx-data: grafana-data:
haproxy-ingress
-
So you want to deploy mTLS
This was all running on Kubernetes, coupled with Google Cloud SQL for PostgreSQL and an HAProxy deployment managed by an ingress controller (jcmoraisjr/haproxy-ingress with a modified config file template). Branch or test deployments were a little different: the database was deployed on Kubernetes directly, to make it simple to deploy additional environments without spinning up resources outside of Kubernetes.
- no service with name ingress-controller/ingress-default-backend found
-
Back to basics: accessing Kubernetes pods
It's implementation-dependent and implementations offer different features, e.g., Nginx, Traefik, HAProxy, etc.
-
Kubernetes Ingress: Nginx Ingress Edition
HAProxy Ingress is an ingress controller for HAProxy.
- which ingress controller do you prefer
-
In a HA setup, why do I need a load balancer for the kube-apiserver if can just ssh the next kube-apiserver if one was down?
Which k8s-HAProxy do you use, this https://github.com/haproxytech/kubernetes-ingress or this https://github.com/jcmoraisjr/haproxy-ingress or voyager?
What are some alternatives?
metallb - A network load-balancer implementation for Kubernetes using standard routing protocols
ingress-nginx - Ingress-NGINX Controller for Kubernetes
simple-go-boilerplate - Simple microservices-oriented go project layout boilerplate to provide some ideas and tips.
kubernetes-ingress - HAProxy Kubernetes Ingress Controller
kubernetes-ingress - NGINX and NGINX Plus Ingress Controllers for Kubernetes
kubernetes-ingress-controller - :gorilla: Kong for Kubernetes: The official Ingress Controller for Kubernetes.
aws-ecr-image-pull-secret-controller - Custom controller for Kubernetes which automatically renews image pull secrets for AWS ECR
skipper - An HTTP router and reverse proxy for service composition, including use cases like Kubernetes Ingress
xdcc-cli - A command line tool for searching and downloading files from the IRC network.
tyk-operator - Tyk Operator for Kubernetes
kubebrain - A High Performance Metadata System for Kubernetes