README
¶
Website • Slack • Forum • Twitter
voyager
Voyager is a HAProxy backed secure L7 and L4 ingress controller for Kubernetes developed by AppsCode. This can be used with any Kubernetes cloud providers including aws, gce, gke, azure, acs. This can also be used with bare metal Kubernetes clusters.
Ingress
Voyager provides L7 and L4 loadbalancing using a custom Kubernetes Ingress resource. This is built on top of the HAProxy to support high availability, sticky sessions, name and path-based virtual hosting. This also support configurable application ports with all the options available in a standard Kubernetes Ingress. Here is a complex ingress example that shows how various features can be used. You can find the generated HAProxy Configuration here.
Feautures
- HTTP and TCP loadbalancing,
- TLS Termination,
- Multi-cloud supports,
- Name and Path based virtual hosting,
- Cross namespace routing support,
- URL and Request Header Re-writing,
- Wildcard Name based virtual hosting,
- Persistent sessions, Loadbalancer stats.
- Route Traffic to StatefulSet Pods Based on Host Name
- Weighted Loadbalancing for Canary Deployment
- Customize generated HAProxy config via BackendRule (can be used for http rewriting, add health checks, etc.)
- Add Custom Annotation to LoadBalancer Service and Pods
- Supports Loadbalancer Source Range
- Supports redirects/DNS resolution for
ExternalNametype service - Expose HAProxy stats for Prometheus
- Supports AWS certificate manager
- Scale load balancer using HorizontalPodAutoscaling
Comparison with Kubernetes
| Feauture | Kube Ingress | AppsCode Ingress |
|---|---|---|
| HTTP Loadbalancing | ✅ | ✅ |
| TCP Loadbalancing | ❌ | ✅ |
| TLS Termination | ✅ | ✅ |
| Name and Path based virtual hosting | ❌ | ✅ |
| Cross Namespace service support | ❌ | ✅ |
| URL and Header rewriting | ❌ | ✅ |
| Wildcard name virtual hosting | ❌ | ✅ |
| Loadbalancer statistics | ❌ | ✅ |
| Route Traffic to StatefulSet Pods Based on Host Name | ❌ | ✅ |
| Weighted Loadbalancing for Canary Deployment | ❌ | ✅ |
| Supports Loadbalancer Source Range | ❌ | ✅ |
Supports redirects/DNS resolve for ExternalName type service |
❌ | ✅ |
| Expose HAProxy stats for Prometheus | ❌ | ✅ |
| Supports AWS certificate manager | ❌ | ✅ |
Certificate
Voyager can automaticallty provision and refresh SSL certificates issued from Let's Encrypt using a custom Kubernetes Certificate resource.
Feautures
- Provision free TLS certificates from Let's Encrypt,
- Manage issued certificates using a Kubernetes Third Party Resource,
- Domain validation using ACME dns-01 challenges,
- Support for multiple DNS providers,
- Auto Renew Certificates,
- Use issued Certificates with Ingress to Secure Communications.
Supported Domain Providers
Read more about supported DNS Providers here
Supported Versions
Kubernetes 1.3+
User Guide
To deploy voyager in Kubernetes follow this guide. In short this contains those two steps
- Create
ingress.voyager.appscode.comandcertificate.voyager.appscode.comThird Party Resource - Deploy voyager to kubernetes.
Running voyager alongside with other ingress controller
Voyager can be configured to handle default kubernetes ingress or only ingress.appscode.com. voyager can also be run along side with other controllers.
--ingress-class
// this flag can be set to 'voyager' to handle only ingress
// with annotation kubernetes.io/ingress.class=voyager.
// If unset, voyager will also handle ingress without ingress-class annotation.
Developer Guide
Want to learn whats happening under the hood, read the developer guide.
Contribution
If you're interested in being a contributor, read the contribution guide.
Building voyager
Read Build Instructions to build voyager.
Versioning Policy
There are 2 parts to versioning policy:
- Operator version: Voyager does not follow semver, rather the major version of operator points to the
Kubernetes client-go version. You can verify this
from the
glide.yamlfile. This means there might be breaking changes between point releases of the operator. This generally manifests as changed annotation keys or their meaning. Please always check the release notes for upgrade instructions. - TPR version: appscode.com/v1beta1 is considered in beta. This means any changes to the YAML format will be backward compatible among different versions of the operator.
The voyager operator collects anonymous usage statistics to help us learn how the software is being used and how we can improve it.
To disable stats collection, run the operator with the flag --analytics=false.
Acknowledgement
- docker-library/haproxy https://github.com/docker-library/haproxy
- kubernetes/contrib https://github.com/kubernetes/contrib/tree/master/service-loadbalancer
- xenolf/lego https://github.com/appscode/lego
- kelseyhightower/kube-cert-manager https://github.com/kelseyhightower/kube-cert-manager
- PalmStoneGames/kube-cert-manager https://github.com/PalmStoneGames/kube-cert-manager
- Kubernetes cloudprovider implementation
Support
If you have any questions, you can reach out to us.
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
client
|
|
|
hack
|
|
|
pkg
|
|
|
test
|
|
|
third_party
|
|
|
forked/cloudprovider
Package cloudprovider supplies interfaces and implementations for cloud service providers.
|
Package cloudprovider supplies interfaces and implementations for cloud service providers. |
|
forked/cloudprovider/providers/fake
Package fake is a test-double implementation of cloudprovider Interface, LoadBalancer and Instances.
|
Package fake is a test-double implementation of cloudprovider Interface, LoadBalancer and Instances. |
|
forked/cloudprovider/providers/gce
Package gce is an implementation of Interface, LoadBalancer and Instances for Google Compute Engine.
|
Package gce is an implementation of Interface, LoadBalancer and Instances for Google Compute Engine. |