digitalocean
diff --git a/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎Gopkg.lock‎
Lines changed: 3 additions & 3 deletions b/‎Gopkg.lock‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎Gopkg.toml‎
Lines changed: 1 addition & 1 deletion b/‎Gopkg.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎cloud-controller-manager/do/loadbalancers.go‎
Lines changed: 25 additions & 0 deletions b/‎cloud-controller-manager/do/loadbalancers.go‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎cloud-controller-manager/do/loadbalancers_test.go‎
Lines changed: 76 additions & 0 deletions b/‎cloud-controller-manager/do/loadbalancers_test.go‎
Lines changed: 76 additions & 0 deletions
diff --git a/‎docs/controllers/services/annotations.md‎
Lines changed: 6 additions & 2 deletions b/‎docs/controllers/services/annotations.md‎
Lines changed: 6 additions & 2 deletions
diff --git a/‎docs/controllers/services/examples/http-nginx-with-proxy-protocol.yml‎
Lines changed: 34 additions & 0 deletions b/‎docs/controllers/services/examples/http-nginx-with-proxy-protocol.yml‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎vendor/github.com/digitalocean/godo/godo.go‎
Lines changed: 1 addition & 1 deletion b/‎vendor/github.com/digitalocean/godo/godo.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎vendor/github.com/digitalocean/godo/load_balancers.go‎
Lines changed: 3 additions & 0 deletions b/‎vendor/github.com/digitalocean/godo/load_balancers.go‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎vendor/github.com/digitalocean/godo/storage.go‎
Lines changed: 9 additions & 7 deletions b/‎vendor/github.com/digitalocean/godo/storage.go‎
Lines changed: 9 additions & 7 deletions
@@ -2,6 +2,7 @@
 
 ## unreleased
 
+* loadbalancers: add support for PROXY protocol (@timoreimann)
 * loadbalancers: support numeric health check parameters (@timoreimann)
 
 ## v0.1.10 (beta) - Feb 26th 2019
 
@@ -43,8 +43,8 @@
   revision = "f2b4162afba35581b6d4a50d3b8f34e33c144682"
 
 [[constraint]]
-  version = "v1.7.5"
   name = "github.com/digitalocean/godo"
+  version = "1.9.0"
 
 [[constraint]]
   branch = "master"
 
@@ -108,6 +108,10 @@ const (
 	// should be redirected to Https. Defaults to false
 	annDORedirectHTTPToHTTPS = "service.beta.kubernetes.io/do-loadbalancer-redirect-http-to-https"
 
+	// annDOEnableProxyProtocol is the annotation specifying whether PROXY protocol should
+	// be enabled. Defaults to false.
+	annDOEnableProxyProtocol = "service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol"
+
 	// defaultActiveTimeout is the number of seconds to wait for a load balancer to
 	// reach the active state.
 	defaultActiveTimeout = 90
@@ -355,6 +359,10 @@ func (l *loadBalancers) buildLoadBalancerRequest(service *v1.Service, nodes []*v
 	algorithm := getAlgorithm(service)
 
 	redirectHTTPToHTTPS := getRedirectHTTPToHTTPS(service)
+	enableProxyProtocol, err := getEnableProxyProtocol(service)
+	if err != nil {
+		return nil, err
+	}
 
 	var tags []string
 	if l.clusterID != "" {
@@ -371,6 +379,7 @@ func (l *loadBalancers) buildLoadBalancerRequest(service *v1.Service, nodes []*v
 		Tags:                tags,
 		Algorithm:           algorithm,
 		RedirectHttpToHttps: redirectHTTPToHTTPS,
+		EnableProxyProtocol: enableProxyProtocol,
 	}, nil
 }
 
@@ -750,3 +759,19 @@ func getRedirectHTTPToHTTPS(service *v1.Service) bool {
 
 	return redirectHTTPToHTTPSBool
 }
+
+// getEnableProxyProtocol returns whether PROXY protocol should be enabled.
+// False is returned if not specified.
+func getEnableProxyProtocol(service *v1.Service) (bool, error) {
+	enableProxyProtocolStr, ok := service.Annotations[annDOEnableProxyProtocol]
+	if !ok {
+		return false, nil
+	}
+
+	enableProxyProtocol, err := strconv.ParseBool(enableProxyProtocolStr)
+	if err != nil {
+		return false, fmt.Errorf("failed to parse proxy protocol flag %q from annotation %q: %s", enableProxyProtocolStr, annDOEnableProxyProtocol, err)
+	}
+
+	return enableProxyProtocol, nil
+}
@@ -1370,6 +1370,82 @@ func Test_getRedirectHTTPToHTTPS(t *testing.T) {
 
 }
 
+func Test_getEnableProxyProtocol(t *testing.T) {
+	testcases := []struct {
+		name                    string
+		service                 *v1.Service
+		wantErr                 bool
+		wantEnableProxyProtocol bool
+	}{
+		{
+			name: "enabled",
+			service: &v1.Service{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "test",
+					UID:  "abc123",
+					Annotations: map[string]string{
+						annDOEnableProxyProtocol: "true",
+					},
+				},
+			},
+			wantErr:                 false,
+			wantEnableProxyProtocol: true,
+		},
+		{
+			name: "disabled",
+			service: &v1.Service{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "test",
+					UID:  "abc123",
+					Annotations: map[string]string{
+						annDOEnableProxyProtocol: "false",
+					},
+				},
+			},
+			wantErr:                 false,
+			wantEnableProxyProtocol: false,
+		},
+		{
+			name: "annotation missing",
+			service: &v1.Service{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "test",
+					UID:  "abc123",
+				},
+			},
+			wantErr:                 false,
+			wantEnableProxyProtocol: false,
+		},
+		{
+			name: "illegal value",
+			service: &v1.Service{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "test",
+					UID:  "abc123",
+					Annotations: map[string]string{
+						annDOEnableProxyProtocol: "42",
+					},
+				},
+			},
+			wantErr:                 true,
+			wantEnableProxyProtocol: false,
+		},
+	}
+
+	for _, test := range testcases {
+		t.Run(test.name, func(t *testing.T) {
+			gotEnabledProxyProtocol, err := getEnableProxyProtocol(test.service)
+			if test.wantErr != (err != nil) {
+				t.Errorf("got error %q, want error: %t", err, test.wantErr)
+			}
+
+			if gotEnabledProxyProtocol != test.wantEnableProxyProtocol {
+				t.Fatalf("got enabled proxy protocol %t, want %t", gotEnabledProxyProtocol, test.wantEnableProxyProtocol)
+			}
+		})
+	}
+}
+
 func Test_buildLoadBalancerRequest(t *testing.T) {
 	testcases := []struct {
 		name          string
 
@@ -1,6 +1,8 @@
 # Service Annotations
 
-DigitalOcean cloud controller manager watches for Services of type `LoadBalancer` and will create corresponding DigitalOcean Load Balancers matching the Kubernetes service. The Load Balancer can be configured by applying annotations to the Service resource. The following annotations can be used:
+DigitalOcean cloud controller manager watches for Services of type `LoadBalancer` and will create corresponding DigitalOcean Load Balancers matching the Kubernetes service. The Load Balancer can be configured by applying annotations to the Service resource. The annotations listed below can be used.
+
+See example Kubernetes Services using LoadBalancers [here](examples/).
 
 ## service.beta.kubernetes.io/do-loadbalancer-protocol
 
@@ -62,4 +64,6 @@ Specifies the TTL of cookies used for loadbalancer sticky sessions. This annotat
 
 Indicates whether or not http traffic should be redirected to https. Options are `true` or `false`. Defaults to `false`.
 
-See example Kubernetes Services using LoadBalancers [here](examples/).
+## service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol
+
+Indicates whether PROXY protocol should be enabled. Options are `true` or `false`. Defaults to `false`.
@@ -0,0 +1,34 @@
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: http-lb
+  annotations:
+    service.beta.kubernetes.io/do-loadbalancer-enable-proxy-protocol: "true"
+spec:
+  type: LoadBalancer
+  selector:
+    app: nginx-example
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: nginx-example
+spec:
+  replicas: 2
+  template:
+    metadata:
+      labels:
+        app: nginx-example
+    spec:
+      containers:
+      - name: nginx
+        image: nginx
+        ports:
+        - containerPort: 80
+          protocol: TCP