Starting implementation of OAuth2 support. An oauth2 proxy should be configured as a deployment+service to make the OAuth handshake and sign a token. The current implementation uses Bitly’s `oauth2_proxy`.
Add `ingress.kubernetes.io/proxy-protocol` annotation for backends. Supported protocols are `v1`, `v2`, `v2-ssl`, `v2-ssl-cn`, falling back to not using the protocol if not specified.
A single HAProxy frontend can handle several domains using a single `bind` keyword and a single `crt` configuration. This change create a directory that receives (hard link) all certificates used on the shared frontend.
This will change again on v0.8 after create an array of frontends, each one with their array of servers/crt/key.
Template trust only in the SSLRedirect attribute to configure the redirect itself and the URL rewrite.
So turn SSLRedirect off despite of its original configuration if the server doesn’t have a certificate.
The upstream image is used to start HAProxy itself as pid1. Its stop signal was changed to SIGUSR1 which does a soft reload. Our pid1 is the controller which only listen SIGTERM (docker stop) and SIGINT (^C).
Changing the stop signal in the container image as a way to document what the controller process is expecting.
Joao Morais