K
Q

Is haproxy ingress controller support tls client authentication for tcp mode backend?

5/15/2020

In Haproxy ingress controller, I want to terminate ssl connection and do client authentication using revocation file for tcp mode.

Previously above case we are doing using Haproxy server not ingress controller and this configuration is working well in simple haproxy server. But I want to use haproxy ingress contrller due to multiple services and single load balancer.

Haproxy config is looks like below and I have used tcp mode,

listen mqtt
  bind *:8884 ssl crt /etc/ssl/certs/server.pem verify required ca-file /etc/ssl/certs/chain-ca.crt crl-file /etc/ssl/certs/chain-crl.pem
  mode tcp
  option tcplog
  balance leastconn
  server server localhost:1884 check send-proxy-v2-ssl-cn

I want to convert this configuration into haproxy ingress controller.

Is it possible to do above configuration in ingress contrller for tcp mode (non http connection)? Can you guide me how can I do that in ingress controller?

-- NIrav Modi
haproxy
haproxy-ingress
kubernetes

Similar Questions

Kubernetes client -CertificateException insufficient data
Kubernetes "RETAIN" PVs are not getting auto mounted on restart
Getting ETCD Metrics from etcdctl
Pull Docker image in GCR from GKE with custom service account

1 Answer

5/19/2020

As mentioned in comments by @JoaoMorais: "This is currently not supported"

Please find more information in https://haproxy-ingress.github.io/ and in Github.

-- KoopaKiller
Source: StackOverflow