ingress-configurator-operator/charmcraft.yaml at main · canonical/ingress-configurator-operator · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
type: charm
base: ubuntu@24.04
build-base: ubuntu@24.04

platforms:
  amd64:

parts:
  charm:
    source: .
    plugin: uv
    build-snaps:
    - astral-uv
name: ingress-configurator
title: Ingress configurator charm.
description: |
  A [Juju](https://juju.is/) [charm](https://juju.is/docs/olm/charmed-operators)
  that serves as a translation layer between the ingress interface and the haproxy-route interface.

summary: Translation layer between ingress and haproxy-route.
links:
  documentation: https://discourse.charmhub.io/t/ingress-configurator-charm-documentation-overview/18004
  issues: https://github.com/canonical/ingress-configurator-operator/issues
  source: https://github.com/canonical/ingress-configurator-operator
  contact:
    - https://launchpad.net/~canonical-is-devops

requires:
  haproxy-route:
    interface: haproxy-route
  haproxy-route-tcp:
    interface: haproxy-route-tcp

provides:
  ingress:
    interface: ingress
    limit: 1

config:
  options:
    backend-addresses:
      type: string
      description: (integrator mode) Comma-separated list of IP addresses of the backend services.
    backend-ports:
      type: string
      description: (integrator mode) Comma-separated list of ports of the backend services.
    backend-protocol:
      type: string
      description: The protocol that the backend service speaks. "http" (default) or "https".
    external-grpc-port:
      type: int
      description: |
        (integrator mode) Frontend port to expose gRPC services.
        If not set, gRPC will be routed through port 443 with HTTPS traffic.
        Do not set this if the backend is not gRPC.
    health-check-interval:
      type: int
      description: Interval between health checks in seconds.
    health-check-rise:
      type: int
      description: Number of successful health checks before server is considered up.
    health-check-fall:
      type: int
      description: Number of failed health checks before server is considered down.
    health-check-path:
      type: string
      description: The path to use for server health checks.
    health-check-port:
      type: int
      description: The port to use for http-check.
    paths:
      type: string
      description: Comma-separated list of URL paths to route to the service.
    retry-count:
      type: int
      description: Number of times to retry failed requests.
    retry-redispatch:
      type: boolean
      default: false
      description: Whether to redispatch failed requests to another server.
    timeout-server:
      type: int
      description: Timeout for requests from haproxy to backend servers in seconds.
    timeout-connect:
      type: int
      description: Timeout for client requests to haproxy in seconds.
    timeout-queue:
      type: int
      description: Timeout for requests waiting in queue in seconds.
    hostname:
      type: string
      description: The hostname to route to the backend service.
    additional-hostnames:
      type: string
      description: |
        Comma-separated list of additional_hostnames to route to the service.
        Will be ignored if hostname is not set.
    load-balancing-algorithm:
      type: string
      description: |
        Algorithm to use to load balance incoming requests.
        Can be leastconn, roundrobin, cookie or source
      default: leastconn
    load-balancing-cookie:
      type: string
      description: Only applies with algorithm is "cookie". Cookie name to use for load balancing.
    load-balancing-consistent-hashing:
      type: boolean
      description: |
        Only applies when the `algorithm` is "source" or "cookie".
        Use consistent hashing to avoid redirection when servers are added/removed.
      default: false
    http-server-close:
      type: boolean
      default: false
      description: |
        If set to true, the server will close the connection after each request.
        This can be useful for certain applications that do not support keep-alive.
    path-rewrite-expressions:
      type: string
      description: |
        New line ('\n') separated list of path rewrite expressions.
        Example: "%[path,regsub(^/,/new)]\n%[path,regsub(^/api,/v1)]"
    header-rewrite-expressions:
      type: string
      description: |
        New line ('\n') separated list of header rewrite expressions.
        Each header rewrite expression will consist of the header name and the header rewrite
        expression separated by colon (':').
        Example: "X-Forwarded-For:%[src]\nHost:maintenance.domain.com"
    # Add haproxy-route-tcp config options
    tcp-backend-addresses:
      type: string
      description: (integrator mode, TCP) Comma-separated list of IP addresses of the TCP backend.
    tcp-backend-port:
      type: int
      description: (integrator mode, TCP) Port of the TCP backend.
    tcp-frontend-port:
      type: int
      description: Port opened on the haproxy charm.
    tcp-tls-terminate:
      type: boolean
      default: true
      description: Whether to enable TLS termination on the TCP route.
    tcp-hostname:
      type: string
      description: Specify the SNI (Server Name Indication).
    tcp-retry-count:
      type: int
      description: Number of times to retry failed connections to the backend.
    tcp-retry-redispatch:
      type: boolean
      default: false
      description: Whether to redispatch failed connections to another server.
    tcp-load-balancing-algorithm:
      type: string
      description: |
        Algorithm to use to load balance incoming connections.
        Can be leastconn, roundrobin or source
      default: leastconn
    tcp-load-balancing-consistent-hashing:
      type: boolean
      description: |
        Only applies when the `algorithm` is "source".
        Use consistent hashing to avoid redirection when servers are added/removed.
      default: false
    tcp-enforce-tls:
      type: boolean
      default: true
      description: |
        Whether to enforce TLS for all TCP traffic.
        When true, all TCP connections must use TLS.
        Note: tcp-hostname (SNI) cannot be used when this option is disabled.
    tcp-health-check-interval:
      type: int
      description: Interval between health checks in seconds.
    tcp-health-check-rise:
      type: int
      description: Number of successful health checks before server is considered up.
    tcp-health-check-fall:
      type: int
      description: Number of failed health checks before server is considered down.
    tcp-health-check-type:
      type: string
      description: |
        Health check type. Can be "generic", "mysql", "postgres", "redis" or "smtp".
        Use "generic" for custom TCP checks with send/expect strings.
        Use "mysql" or "postgres" for database-specific checks (requires tcp-health-check-db-user).
    tcp-health-check-send:
      type: string
      description: |
        String to send in the health check request.
        Only used when tcp-health-check-type is "generic".
    tcp-health-check-expect:
      type: string
      description: |
        Expected response string from the health check.
        Only used when tcp-health-check-type is "generic".
    tcp-health-check-db-user:
      type: string
      description: |
        Database user for health checks.
        Only used when tcp-health-check-type is "mysql" or "postgres".
    tcp-timeout-server:
      type: int
      description: Timeout for requests from haproxy to backend servers in seconds.
    tcp-timeout-connect:
      type: int
      description: Timeout for client requests to haproxy in seconds.
    tcp-timeout-queue:
      type: int
      description: Timeout for requests waiting in queue in seconds.
    allow-http:
      type: boolean
      default: false
      description: |
        If set to true, allows HTTP traffic in addition to HTTPS. Defaults to False.
        Warning: enabling HTTP is a security risk, make sure you apply the necessary precautions.

charm-libs:
  - lib: haproxy.haproxy_route
    version: "2"
  - lib: haproxy.haproxy_route_tcp
    version: "1"
  - lib: traefik_k8s.ingress
    version: "2"

actions:
  get-proxied-endpoints:
    description: |
      Returns a list of proxied endpoints,
      from the integrations of configured charms.