[ANNOUNCE] haproxy-ingress v0.14.3
9 views
Skip to first unread message
Joao Morais
Jun 5, 2023, 8:05:44 AM6/5/23
to haproxy...@googlegroups.com
HAProxy Ingress v0.14.3 is here!
This release fixes some issues found in the v0.14 branch:
- External HAProxy was failing with the message "cannot open the file
'/var/lib/haproxy/crt/default-fake-certificate.pem'.". This happened
due to missing permission to read certificate and private key files
when HAProxy container starts as non root, which is the default since
HAProxy 2.4.
- ConfigMap based TCP services was randomly missing when the
controller started, being reincluded only after the first
reconciliation.
- Gateway API v1alpha2 was missing delete events, which means that the
controller wasn't updating the configuration when a Gateway API
resource was removed.
Other notable changes include:
- Karan Chaudhary added EndpointSlices support. v0.14 branch has this
option disabled by default, enable it by adding
`--enable-endpointslices-api` command-line option.
- HTTP redirect now has an option to skip some paths, the default
configuration adds an exception to `/.well-known/acme-challenge`.
- An update to the External HAProxy example page adds options to fix
permission failures to bind ports `:80` and `:443`, see the example
page: https://haproxy-ingress.github.io/v0.14/docs/examples/external-haproxy/#a-word-about-security
Dependencies:
- Update client-go from v0.23.16 to v0.24.14
- Update golang from 1.18.10 to 1.19.9
Links and refs of this release:
* Changelog: https://github.com/jcmoraisjr/haproxy-ingress/blob/master/CHANGELOG/CHANGELOG-v0.14.md#v0143
* GitHub release:
https://github.com/jcmoraisjr/haproxy-ingress/releases/tag/v0.14.3
* Release date: 2023-06-05
* Helm chart: --version 0.14.3
* Image (Quay): quay.io/jcmoraisjr/haproxy-ingress:v0.14.3
* Image (Docker Hub): jcmoraisjr/haproxy-ingress:v0.14.3
* Embedded HAProxy version: 2.4.22
List of merged fixes and improvements since v0.14.2:
* Skip acme-challenge path on to/from redirects [#995]
* Fixes configmap based tcp sync [#1001]
* Adds support for EndpointSlices API in master [#959]
* Fix gw-v1alpha2 delete notifications [#1002]
* Ensure predictable tcp by sorting endpoints [#1003]
* Change owner of crt/key files to haproxy pid [#1004]
* update client-go from v0.23.16 to v0.24.14 [3246e19]
* add security considerations on external haproxy [61e1df7]
* update golang from 1.18.10 to 1.19.9 [52ede0f]
This release fixes some issues found in the v0.14 branch:
- External HAProxy was failing with the message "cannot open the file
'/var/lib/haproxy/crt/default-fake-certificate.pem'.". This happened
due to missing permission to read certificate and private key files
when HAProxy container starts as non root, which is the default since
HAProxy 2.4.
- ConfigMap based TCP services was randomly missing when the
controller started, being reincluded only after the first
reconciliation.
- Gateway API v1alpha2 was missing delete events, which means that the
controller wasn't updating the configuration when a Gateway API
resource was removed.
Other notable changes include:
- Karan Chaudhary added EndpointSlices support. v0.14 branch has this
option disabled by default, enable it by adding
`--enable-endpointslices-api` command-line option.
- HTTP redirect now has an option to skip some paths, the default
configuration adds an exception to `/.well-known/acme-challenge`.
- An update to the External HAProxy example page adds options to fix
permission failures to bind ports `:80` and `:443`, see the example
page: https://haproxy-ingress.github.io/v0.14/docs/examples/external-haproxy/#a-word-about-security
Dependencies:
- Update client-go from v0.23.16 to v0.24.14
- Update golang from 1.18.10 to 1.19.9
Links and refs of this release:
* Changelog: https://github.com/jcmoraisjr/haproxy-ingress/blob/master/CHANGELOG/CHANGELOG-v0.14.md#v0143
* GitHub release:
https://github.com/jcmoraisjr/haproxy-ingress/releases/tag/v0.14.3
* Release date: 2023-06-05
* Helm chart: --version 0.14.3
* Image (Quay): quay.io/jcmoraisjr/haproxy-ingress:v0.14.3
* Image (Docker Hub): jcmoraisjr/haproxy-ingress:v0.14.3
* Embedded HAProxy version: 2.4.22
List of merged fixes and improvements since v0.14.2:
* Skip acme-challenge path on to/from redirects [#995]
* Fixes configmap based tcp sync [#1001]
* Adds support for EndpointSlices API in master [#959]
* Fix gw-v1alpha2 delete notifications [#1002]
* Ensure predictable tcp by sorting endpoints [#1003]
* Change owner of crt/key files to haproxy pid [#1004]
* update client-go from v0.23.16 to v0.24.14 [3246e19]
* add security considerations on external haproxy [61e1df7]
* update golang from 1.18.10 to 1.19.9 [52ede0f]
Reply all
Reply to author
Forward
0 new messages