Operations | Monitoring | ITSM | DevOps | Cloud

HAProxy

Benchmarking 5 Popular Ingress Controllers

Performance has never been more important than in a cloud-native world. Cloud-hosted resources cost money and a slow-loading application can cause a suboptimal ROI. Have you taken the time to tune your Kubernetes ingress controller and proxy? Many organizations don't until it's absolutely necessary, and most users will typically run a default, out-of-the-box configuration. In this demo, we benchmark five popular ingress controllers and put them head-to-head against each other with their default configurations.

Dynamic SSL Certificate Storage in HAProxy

Use the HAProxy Runtime API to update SSL certificates in HAProxy without a reload. When you route traffic through an HAProxy load balancer, you gain the ability to terminate SSL at the load balancer. HAProxy encrypts communication between the client and itself and then sends the decrypted messages to your backend servers, which means less CPU work on the servers because there’s no encryption work left to do.

Installing the HAProxy Kubernetes Ingress Controller using Helm

Helm, the Kubernetes package manager, revamps the way teams manage their Kubernetes resources and allows them to deploy applications in a consistent and reliable way. It is a valuable tool in a continuous delivery pipeline, with support for quick updates and rollbacks. At HAProxy Technologies, we offer Helm as the preferred method for installing the HAProxy Kubernetes Ingress Controller, and we’ll show you how to customize that installation to fit your use case.

Use HAProxy Response Policies to Stop Threats

HAProxy gives you an arsenal of sophisticated countermeasures including deny, tarpit, silent drop, reject, and shadowban to stop malicious users. There are two phases to stopping malicious users from abusing your website and online applications. Step one is detection, step two is deploying countermeasures. HAProxy is more powerful than nearly every other load balancer when it comes to both detection and countermeasures.

Enable TLS with Let's Encrypt and the HAProxy Kubernetes Ingress Controller

The HAProxy Kubernetes Ingress Controller integrates with cert-manager to provide Let’s Encrypt TLS certificates. When it comes to TLS in Kubernetes, the first thing to appreciate when you use the HAProxy Ingress Controller is that all traffic for all services travelling to your Kubernetes cluster passes through HAProxy. Requests are then routed towards the appropriate backend services depending on metadata in the request, such as the Host header.

Announcing HAProxy Data Plane API 2.1

Version 2.1 of the HAProxy Data Plane API expands support to all available request and response actions, adds Lua actions, and improves file handling. A year ago, we introduced version 1.0 of the HAProxy Data Plane API, enabling you to configure your HAProxy load balancers remotely through a modern RESTful HTTP API. That first version of the API focused on the essential behaviors for creating frontend proxies, backend server pools, ACLs and traffic switching rules.