AppsCode
  • KubeDB

    Run Production-Grade Databases on Kubernetes

    Stash

    Backup and Recovery Solution for Kubernetes

    KubeVault

    Run Production-Grade Vault on Kubernetes

    Voyager

    Secure Ingress Controller for Kubernetes

    ConfigSyncer

    Kubernetes Configuration Syncer

    Guard

    Kubernetes Authentication WebHook Server

    KubeDB

    KubeDB simplifies Provisioning, Upgrading, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud

    • check-boxLower administrative burden
    • check-boxNative Kubernetes Support
    • check-boxPerformance
    • check-boxAvailability and durability
    • check-boxManageability
    • check-boxCost-effectiveness
    • check-boxSecurity
    Stash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • check-boxDeclarative API
    • check-boxBackup Kubernetes Volumes
    • check-boxBackup Database
    • check-boxMultiple Storage Support
    • check-boxDeduplication
    • check-boxData Encryption
    • check-boxVolume Snapshot
    • check-boxPolicy Based Backup
    KubeVault

    KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.

    • check-boxVault Kubernetes Deployment
    • check-boxAuto Initialization & Unsealing
    • check-boxVault Backup & Restore
    • check-boxConsume KubeVault Secrets with CSI
    • check-boxManage DB Users Privileges
    • check-boxStorage Backend
    • check-boxAuthentication Method
    • check-boxDatabase Secret Engine
    Voyager

    Secure Ingress Controller for Kubernetes

    • check-boxHTTP & TCP
    • check-boxSSL
    • check-boxPlatform support
    • check-boxHAProxy
    • check-boxPrometheus
    • check-boxLet's Encrypt
    configsyncer

    Kubernetes Configuration Syncer

    • check-boxConfiguration Syncer
    Guard

    Kubernetes Authentication WebHook Server

    • check-boxIdentity Providers
    • check-boxCLI
    • check-boxRBAC
  • RESOURCES
  • Webinar New
CONTACT SALES
Voyager
github-icon twitterx-icon
TRY NOW FREE
  • Welcome
  • Concepts
  • Setup
  • Ingress
    Cert Manager
  • Voyager Operator
    Voyager CLI

New to Voyager? Please start here.

Keep Source IP

You can preserve client source IP by setting annotation ingress.appscode.com/keep-source-ip to true.

For LoadBalancer type ingresses, the actual configuration generated depends on the underlying cloud provider.

  • GCE, GKE, Azure, ACS: Sets ExternalTrafficPolicy to Local for services used to expose HAProxy. See here.
  • AWS: Enables accept-proxy that enforces the use of the PROXY protocol over any connection accepted by any of the sockets declared on the same line.

For NodePort type ingresses, it sets ExternalTrafficPolicy to Local regardless the cloud provider.

Ingress Example

apiVersion: voyager.appscode.com/v1
kind: Ingress
metadata:
  name: test-ingress
  namespace: default
  annotations:
    ingress.appscode.com/keep-source-ip: "true"
    ingress.appscode.com/health-check-nodeport: "32312"
spec:
  rules:
  - host: voyager.appscode.test
    http:
      paths:
      - path: /foo
        backend:
          service:
            name: test-server
            port:
              number: 80

Here health-check-nodeport annotation specifies HealthCheckNodePort field for services used to expose HAProxy. If not specified, it will be auto-assigned by kubernetes. Note that, it is only effective when keep-source-ip is true and ingress type is LoadBalancer.

NB: Please note that, Kubernetes support for AWS NLB is limited as of 1.11.x release. Check kubernetes/features#423 for NLB support status.

service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*" annotation is not supported for AWS NLB as of 1.11.x release. At this time proxy protocol attribute needs to be set on the NLB target group either manually from the aws console or from aws cli.

What's on this Page

Search
Improve This Page