MINOR: add --disable-writing-only-if-reload Ingress Controller start argument

This new argument allows to disable the default behavior to write the maps/certificates only if haproxy reloads.
If this option is set, files are written to disk even if there is no haproxy reload

Author: hdurand0710

documentation/controller.md

@@ -46,6 +46,7 @@ Image can be run with arguments:
 | [`--disable-quic`](#--disable-quic) | `false` |
 | [`--quic-announce-port`](#--quic-announce-port) |  |
 | [`--quic-bind-port`](#--quic-bind-port) |  |
+| [`--disable-writing-only-if-reload`](#--disable-writing-only-if-reload) :construction:(dev) | `false` |
 
 
 ### `--configmap`
@@ -817,3 +818,24 @@ args:
 
 ***
 
+### `--disable-writing-only-if-reload`
+
+
+  > :construction: this is only available from next version, currently available in dev build
+
+  Disable the delayed writing of files to disk ONLY in case of haproxy reload (= write files to disk even if no reload)
+
+Possible values:
+
+- Boolean value, just need to declare the flag to disable
+
+Example:
+
+```yaml
+--disable-writing-only-if-reload
+```
+
+<p align='right'><a href='#haproxy-kubernetes-ingress-controller'>:arrow_up_small: back to top</a></p>
+
+***
+

documentation/doc.yaml

@@ -397,6 +397,13 @@ image_arguments:
     example: |-
       args:
         - --quic-bind-port=4443
+  - argument: --disable-writing-only-if-reload
+    description: Disable the delayed writing of files to disk ONLY in case of haproxy reload (= write files to disk even if no reload)
+    values:
+      - Boolean value, just need to declare the flag to disable
+    default: false
+    version_min: "3.1"
+    example: --disable-writing-only-if-reload
 groups:
   config-snippet:
     header: |-

main.go

@@ -228,6 +228,9 @@ func logInfo(logger utils.Logger, osArgs utils.OSArgs) bool {
 	if osArgs.DisableConfigSnippets != "" {
 		logger.Printf("Disabling config snippets for [%s]", osArgs.DisableConfigSnippets)
 	}
+	if osArgs.DisableDelayedWritingOnlyIfReload {
+		logger.Printf("Disabling the delayed writing of files to disk only in case of haproxy reload (write to disk even if no reload)")
+	}
 	logger.Debugf("Kubernetes Informers resync period: %s", osArgs.CacheResyncPeriod.String())
 	logger.Printf("Controller sync period: %s\n", osArgs.SyncPeriod.String())
 

pkg/controller/controller.go

@@ -207,6 +207,9 @@ func (c *HAProxyController) updateHAProxy() {
 			logger.Info("HAProxy reloaded")
 		}
 		c.prometheusMetricsManager.UpdateReloadMetrics(err)
+	} else if c.osArgs.DisableDelayedWritingOnlyIfReload {
+		// If the osArgs flag is set, then write the files to disk even if there is no reload of haproxy
+		fs.RunDelayedFuncs()
 	}
 
 	c.clean(false)

pkg/utils/flags.go

@@ -66,55 +66,56 @@ func (n *LogLevelValue) UnmarshalFlag(value string) error {
 
 // OSArgs contains arguments that can be sent to controller
 type OSArgs struct {
-	ConfigMapPatternFiles      NamespaceValue `long:"configmap-patternfiles" description:"configmap used to provide a list of pattern files to use in haproxy configuration " default:""`
-	ConfigMapTCPServices       NamespaceValue `long:"configmap-tcp-services" description:"configmap used to define tcp services" default:""`
-	DefaultBackendService      NamespaceValue `long:"default-backend-service" default:"" description:"default service to serve 404 page. If not specified HAProxy serves http 400"`
-	ConfigMapErrorFiles        NamespaceValue `long:"configmap-errorfiles" description:"configmap used to define custom error pages associated to HTTP error codes" default:""`
-	DefaultCertificate         NamespaceValue `long:"default-ssl-certificate" default:"" description:"secret name of the certificate"`
-	ConfigMap                  NamespaceValue `long:"configmap" description:"configmap designated for HAProxy" default:""`
-	IPV6BindAddr               string         `long:"ipv6-bind-address" default:"::" description:"IPv6 address the Ingress Controller listens on (if enabled)"`
-	GatewayControllerName      string         `long:"gateway-controller-name" description:"sets the controller name of gatewayclass managed by the controller"`
-	IPV4BindAddr               string         `long:"ipv4-bind-address" default:"0.0.0.0" description:"IPv4 address the Ingress Controller listens on (if enabled)"`
-	RuntimeDir                 string         `long:"runtime-dir" description:"path to HAProxy runtime directory. NOTE: works only in External mode"`
-	IngressClass               string         `long:"ingress.class" default:"" description:"ingress.class to monitor in multiple controllers environment"`
-	PublishService             string         `long:"publish-service" default:"" description:"Takes the form namespace/name. The controller mirrors the address of this service's endpoints to the load-balancer status of all Ingress objects it satisfies"`
-	CfgDir                     string         `long:"config-dir" description:"path to HAProxy configuration directory. NOTE: works only in External mode"`
-	Program                    string         `long:"program" description:"path to HAProxy program. NOTE: works only with External mode"`
-	KubeConfig                 string         `long:"kubeconfig" default:"" description:"combined with -e. location of kube config file"`
-	HTTPBindThread             string         `long:"http-bind-thread" description:"default http service bind thread params eg: 1-1" default:""`
-	HTTPSBindThread            string         `long:"https-bind-thread" description:"default https service bind thread params eg: 1-1" default:""`
-	HealthzBindThread          string         `long:"healthz-bind-thread" description:"default healthz service bind thread params eg: 1-1" default:""`
-	DisableConfigSnippets      string         `long:"disable-config-snippets" description:"Allow to disable config snippets. List of comma separated values (possible values: all/global/backend/frontend)"`
-	Version                    []bool         `short:"v" long:"version" description:"version"`
-	NamespaceWhitelist         []string       `long:"namespace-whitelist" description:"whitelisted namespaces"`
-	NamespaceBlacklist         []string       `long:"namespace-blacklist" description:"blacklisted namespaces"`
-	Help                       []bool         `short:"h" long:"help" description:"show this help message"`
-	LocalPeerPort              int64          `long:"localpeer-port" default:"10000" description:"port to listen on for local peer"`
-	StatsBindPort              int64          `long:"stats-bind-port" default:"1024" description:"port to listen on for stats page"`
-	StatsBindThread            string         `long:"stats-bind-thread" description:"default stats service bind thread params eg: 1-1" default:""`
-	DefaultBackendPort         int            `long:"default-backend-port" description:"port to use for default service" default:"6061"`
-	ChannelSize                int64          `long:"channel-size" description:"sets the size of controller buffers used to receive and send k8s events.NOTE: increase the value to accommodate large number of resources "`
-	ControllerPort             int            `long:"controller-port" description:"port to listen on for controller data: prometheus, pprof" default:"6060"`
-	HTTPBindPort               int64          `long:"http-bind-port" default:"8080" description:"port to listen on for HTTP traffic"`
-	HTTPSBindPort              int64          `long:"https-bind-port" default:"8443" description:"port to listen on for HTTPS traffic"`
-	SyncPeriod                 time.Duration  `long:"sync-period" default:"5s" description:"Sets the period at which the controller syncs HAProxy configuration file"`
-	CacheResyncPeriod          time.Duration  `long:"cache-resync-period" default:"10m" description:"Sets the underlying Shared Informer resync period: resyncing controller with informers cache"`
-	HealthzBindPort            int64          `long:"healthz-bind-port" default:"1042" description:"port to listen on for probes"`
-	QuicAnnouncePort           int64          `long:"quic-announce-port" description:"sets the port in the alt-svc header"`
-	QuicBindPort               int64          `long:"quic-bind-port" description:"sets the binding port for quic in HTTPS frontend"`
-	LogLevel                   LogLevelValue  `long:"log" default:"info" description:"level of log messages you can see"`
-	DisableIPV4                bool           `long:"disable-ipv4" description:"toggle to disable the IPv4 protocol from all frontends"`
-	External                   bool           `short:"e" long:"external" description:"use as external Ingress Controller (out of k8s cluster)"`
-	Test                       bool           `short:"t" description:"simulate running HAProxy"`
-	EmptyIngressClass          bool           `long:"empty-ingress-class" description:"empty-ingress-class manages the behavior in case an ingress has no explicit ingress class annotation. true: to process, false: to skip"`
-	DisableServiceExternalName bool           `long:"disable-service-external-name" description:"disable forwarding to ExternalName Services due to CVE-2021-25740"`
-	UseWiths6Overlay           bool           `long:"with-s6-overlay" description:"use s6 overlay to start/stpop/reload HAProxy"`
-	DisableHTTPS               bool           `long:"disable-https" description:"toggle to disable the HTTPs frontend"`
-	PprofEnabled               bool           `long:"pprof" short:"p" description:"enable pprof"`
-	PrometheusEnabled          bool           `long:"prometheus" description:"enable prometheus of IC data"`
-	DisableHTTP                bool           `long:"disable-http" description:"toggle to disable the HTTP frontend"`
-	DisableIPV6                bool           `long:"disable-ipv6" description:"toggle to disable the IPv6 protocol from all frontends"`
-	UseWithPebble              bool           `long:"with-pebble" description:"use pebble to start/stop/reload HAProxy"`
-	JobCheckCRD                bool           `long:"job-check-crd" description:"does not execute IC, but adds/updates CRDs"`
-	DisableQuic                bool           `long:"disable-quic" description:"disable quic protocol in http frontend bindings"`
+	ConfigMapPatternFiles             NamespaceValue `long:"configmap-patternfiles" description:"configmap used to provide a list of pattern files to use in haproxy configuration " default:""`
+	ConfigMapTCPServices              NamespaceValue `long:"configmap-tcp-services" description:"configmap used to define tcp services" default:""`
+	DefaultBackendService             NamespaceValue `long:"default-backend-service" default:"" description:"default service to serve 404 page. If not specified HAProxy serves http 400"`
+	ConfigMapErrorFiles               NamespaceValue `long:"configmap-errorfiles" description:"configmap used to define custom error pages associated to HTTP error codes" default:""`
+	DefaultCertificate                NamespaceValue `long:"default-ssl-certificate" default:"" description:"secret name of the certificate"`
+	ConfigMap                         NamespaceValue `long:"configmap" description:"configmap designated for HAProxy" default:""`
+	IPV6BindAddr                      string         `long:"ipv6-bind-address" default:"::" description:"IPv6 address the Ingress Controller listens on (if enabled)"`
+	GatewayControllerName             string         `long:"gateway-controller-name" description:"sets the controller name of gatewayclass managed by the controller"`
+	IPV4BindAddr                      string         `long:"ipv4-bind-address" default:"0.0.0.0" description:"IPv4 address the Ingress Controller listens on (if enabled)"`
+	RuntimeDir                        string         `long:"runtime-dir" description:"path to HAProxy runtime directory. NOTE: works only in External mode"`
+	IngressClass                      string         `long:"ingress.class" default:"" description:"ingress.class to monitor in multiple controllers environment"`
+	PublishService                    string         `long:"publish-service" default:"" description:"Takes the form namespace/name. The controller mirrors the address of this service's endpoints to the load-balancer status of all Ingress objects it satisfies"`
+	CfgDir                            string         `long:"config-dir" description:"path to HAProxy configuration directory. NOTE: works only in External mode"`
+	Program                           string         `long:"program" description:"path to HAProxy program. NOTE: works only with External mode"`
+	KubeConfig                        string         `long:"kubeconfig" default:"" description:"combined with -e. location of kube config file"`
+	HTTPBindThread                    string         `long:"http-bind-thread" description:"default http service bind thread params eg: 1-1" default:""`
+	HTTPSBindThread                   string         `long:"https-bind-thread" description:"default https service bind thread params eg: 1-1" default:""`
+	HealthzBindThread                 string         `long:"healthz-bind-thread" description:"default healthz service bind thread params eg: 1-1" default:""`
+	DisableConfigSnippets             string         `long:"disable-config-snippets" description:"Allow to disable config snippets. List of comma separated values (possible values: all/global/backend/frontend)"`
+	Version                           []bool         `short:"v" long:"version" description:"version"`
+	NamespaceWhitelist                []string       `long:"namespace-whitelist" description:"whitelisted namespaces"`
+	NamespaceBlacklist                []string       `long:"namespace-blacklist" description:"blacklisted namespaces"`
+	Help                              []bool         `short:"h" long:"help" description:"show this help message"`
+	LocalPeerPort                     int64          `long:"localpeer-port" default:"10000" description:"port to listen on for local peer"`
+	StatsBindPort                     int64          `long:"stats-bind-port" default:"1024" description:"port to listen on for stats page"`
+	StatsBindThread                   string         `long:"stats-bind-thread" description:"default stats service bind thread params eg: 1-1" default:""`
+	DefaultBackendPort                int            `long:"default-backend-port" description:"port to use for default service" default:"6061"`
+	ChannelSize                       int64          `long:"channel-size" description:"sets the size of controller buffers used to receive and send k8s events.NOTE: increase the value to accommodate large number of resources "`
+	ControllerPort                    int            `long:"controller-port" description:"port to listen on for controller data: prometheus, pprof" default:"6060"`
+	HTTPBindPort                      int64          `long:"http-bind-port" default:"8080" description:"port to listen on for HTTP traffic"`
+	HTTPSBindPort                     int64          `long:"https-bind-port" default:"8443" description:"port to listen on for HTTPS traffic"`
+	SyncPeriod                        time.Duration  `long:"sync-period" default:"5s" description:"Sets the period at which the controller syncs HAProxy configuration file"`
+	CacheResyncPeriod                 time.Duration  `long:"cache-resync-period" default:"10m" description:"Sets the underlying Shared Informer resync period: resyncing controller with informers cache"`
+	HealthzBindPort                   int64          `long:"healthz-bind-port" default:"1042" description:"port to listen on for probes"`
+	QuicAnnouncePort                  int64          `long:"quic-announce-port" description:"sets the port in the alt-svc header"`
+	QuicBindPort                      int64          `long:"quic-bind-port" description:"sets the binding port for quic in HTTPS frontend"`
+	LogLevel                          LogLevelValue  `long:"log" default:"info" description:"level of log messages you can see"`
+	DisableIPV4                       bool           `long:"disable-ipv4" description:"toggle to disable the IPv4 protocol from all frontends"`
+	External                          bool           `short:"e" long:"external" description:"use as external Ingress Controller (out of k8s cluster)"`
+	Test                              bool           `short:"t" description:"simulate running HAProxy"`
+	EmptyIngressClass                 bool           `long:"empty-ingress-class" description:"empty-ingress-class manages the behavior in case an ingress has no explicit ingress class annotation. true: to process, false: to skip"`
+	DisableServiceExternalName        bool           `long:"disable-service-external-name" description:"disable forwarding to ExternalName Services due to CVE-2021-25740"`
+	UseWiths6Overlay                  bool           `long:"with-s6-overlay" description:"use s6 overlay to start/stpop/reload HAProxy"`
+	DisableHTTPS                      bool           `long:"disable-https" description:"toggle to disable the HTTPs frontend"`
+	PprofEnabled                      bool           `long:"pprof" short:"p" description:"enable pprof"`
+	PrometheusEnabled                 bool           `long:"prometheus" description:"enable prometheus of IC data"`
+	DisableHTTP                       bool           `long:"disable-http" description:"toggle to disable the HTTP frontend"`
+	DisableIPV6                       bool           `long:"disable-ipv6" description:"toggle to disable the IPv6 protocol from all frontends"`
+	UseWithPebble                     bool           `long:"with-pebble" description:"use pebble to start/stop/reload HAProxy"`
+	JobCheckCRD                       bool           `long:"job-check-crd" description:"does not execute IC, but adds/updates CRDs"`
+	DisableQuic                       bool           `long:"disable-quic" description:"disable quic protocol in http frontend bindings"`
+	DisableDelayedWritingOnlyIfReload bool           `long:"disable-writing-only-if-reload" description:"disable the delayed writing of files to disk only in case of haproxy reload (=write files to disk even if no reload)"`
 }