hal5d

module
v0.0.0-...-80bedfa Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 3, 2019 License: Apache-2.0

README

hal5d Godoc Travis Codecov

An haproxy shim for linkerd Kubernetes ingress.

linkerd can be deployed as a Kubernetes ingress controller. Implementing Ingress via linkerd makes a lot of sense when linkerd also powers your in-cluster service mesh; your ingress traffic benefits from the same tracing, metrics, and traffic management patterns as in cluster traffic.

Unfortunately linkerd does not currently support TLS Server Name Indication (SNI). This means your ingress controller pods cannot serve HTTPS traffic for more than one ingress unless you use a wildcard certificate.

hal5d attempts to solve this by running a simple haproxy instance in front of each linkerd pod. There are three components to this pattern:

  • linkerd pods configured as ingress controllers.
  • haproxy run via haproxy-docker-wrapper
  • hal5d managing haproxy.

hal5d watches a Kubernetes API server for TLS enabled Kubernetes Ingress resources, saving their TLS key pairs to disk, and triggering a haproxy reload via haproxy-docker-wrapper.

Directories

Path Synopsis
cmd
hal5d
internal
cert
event
kubernetes
metrics
Package metrics contains utilities to assist with exposing Prometheus metrics.
 Package metrics contains utilities to assist with exposing Prometheus metrics.
webhook
webhook/subscriber
webhook/validator

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.