KubeDB
Run Production-Grade Databases on Kubernetes
KubeStash New
Backup and Recovery Solution for Kubernetes
Stash
Backup and Recovery Solution for Kubernetes
KubeVault
Run Production-Grade Vault on Kubernetes
Voyager
Secure Ingress Controller for Kubernetes
ConfigSyncer
Kubernetes Configuration Syncer
Guard
Kubernetes Authentication WebHook Server
KubeDB simplifies Provisioning, Upgrading, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud
- Lower administrative burden
- Native Kubernetes Support
- Performance
- Availability and durability
- Manageability
- Cost-effectiveness
- Security
A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.
- Declarative API
- Backup Kubernetes Volumes
- Backup Database
- Multiple Storage Support
- Deduplication
- Data Encryption
- Volume Snapshot
- Policy Based Backup
A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.
- Declarative API
- Backup Kubernetes Volumes
- Backup Database
- Multiple Storage Support
- Deduplication
- Data Encryption
- Volume Snapshot
- Policy Based Backup
KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.
- Vault Kubernetes Deployment
- Auto Initialization & Unsealing
- Vault Backup & Restore
- Consume KubeVault Secrets with CSI
- Manage DB Users Privileges
- Storage Backend
- Authentication Method
- Database Secret Engine
Secure Ingress Controller for Kubernetes
- HTTP & TCP
- SSL
- Platform support
- HAProxy
- Prometheus
- Let's Encrypt
Kubernetes Configuration Syncer
- Configuration Syncer
Kubernetes Authentication WebHook Server
- Identity Providers
- CLI
- RBAC
RESOURCES
Blog
Docs
Webinars
Learn
Demos
Webinar New

You are looking at the documentation of a prior release. To read the documentation of the latest release, please visit here.

New to Voyager? Please start here.

Accept Proxy

If set to true, enforces the use of the PROXY protocol over any connection accepted by HAProxy. It will add the accept-proxy keyword on the bind line of the generated haproxy.cfg.

Ingress Example

First create a test-server and expose it via service:

$ kubectl run test-server --image=gcr.io/google_containers/echoserver:1.8
deployment "test-server" created

$ kubectl expose deployment test-server --type=LoadBalancer --port=80 --target-port=8080
service "test-server" exposed

Then create the ingress:

$ kubectl apply -f test-ingress.yaml

apiVersion: voyager.appscode.com/v1
kind: Ingress
metadata:
  name: test-ingress
  namespace: default
  annotations:
    ingress.appscode.com/accept-proxy: "true"
spec:
  rules:
  - host: voyager.appscode.test
    http:
      paths:
      - path: /foo
        backend:
          service:
          	name: test-server
            port:
              number: 80

$ kubectl get pods,svc
NAME                                       READY     STATUS    RESTARTS   AGE
po/test-server-68ddc845cd-x7dtv            1/1       Running   0          23h
po/voyager-test-ingress-5b758664f6-mb4hs   1/1       Running   0          2m

NAME                       TYPE           CLUSTER-IP      EXTERNAL-IP   PORT(S)        AGE
svc/kubernetes             ClusterIP      10.96.0.1       <none>        443/TCP        2d
svc/test-server            LoadBalancer   10.105.13.31    <pending>     80:30390/TCP   1d
svc/voyager-test-ingress   LoadBalancer   10.106.53.141   <pending>     80:30966/TCP   2m

Generated haproxy.cfg:

# HAProxy configuration generated by https://github.com/appscode/voyager
# DO NOT EDIT!
global
	daemon
	stats socket /tmp/haproxy
	server-state-file global
	server-state-base /var/state/haproxy/
	# log using a syslog socket
	log /dev/log local0 info
	log /dev/log local0 notice
	tune.ssl.default-dh-param 2048
	ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
	hard-stop-after 30s
defaults
	log global
	# https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.2-option%20abortonclose
	# https://github.com/voyagermesh/voyager/pull/403
	option dontlognull
	option http-server-close
	# Timeout values
	timeout client 50s
	timeout client-fin 50s
	timeout connect 5s
	timeout server 50s
	timeout tunnel 50s
	# Configure error files
	# default traffic mode is http
	# mode is overwritten in case of tcp services
	mode http
frontend http-0_0_0_0-80
	bind *:80 accept-proxy
	mode http
	option httplog
	option forwardfor
	acl is_proxy_https hdr(X-Forwarded-Proto) https
	acl acl_voyager.appscode.test hdr(host) -i voyager.appscode.test
	acl acl_voyager.appscode.test hdr(host) -i voyager.appscode.test:80
	acl acl_voyager.appscode.test:foo path_beg /foo
	use_backend test-server.default:80 if acl_voyager.appscode.test acl_voyager.appscode.test:foo
backend test-server.default:80
	server pod-test-server-68ddc845cd-x7dtv 172.17.0.4:8080

Improve This Page

KubeDB

KubeStash New

Stash

KubeVault

Voyager

ConfigSyncer

Guard

RESOURCES

Ingress

Cert Manager

Voyager Operator

Voyager CLI

Accept Proxy

Ingress Example

What's on this Page

Search