Long FQDN is breaking haproxy configuration

[tlopo]

We are using bind unix@/var/run/haproxy-host-<FQDN> ssl crt <CERT_PATH> but that socket
path is limited to 107 chars:

<path>        is a UNIX socket path beginning with a slash ('/'). This is
              alternative to the TCP listening port. Haproxy will then
              receive UNIX connections on the socket located at this place.
              The path must begin with a slash and by default is absolute.
              It can be relative to the prefix defined by "unix-bind" in
              the global section. Note that the total length of the prefix
              followed by the socket path cannot exceed some system limits
              for UNIX sockets, which commonly are set to 107 characters.

We could use use md5 hash of FQDN to avoid this, or perhaps service name.

That should be a simple change here and here

[jcmoraisjr]

Hi, since b2beccc all sockets with about 100+ chars will use a md5 hash instead it's name. The svc name would be nice too but there isn't a 1<->1 relation between sockets and svcs. Thanks for sharing this issue!

[tlopo]

@jcmoraisjr Thanks for the quick fix!

[tlopo]

@jcmoraisjr could you please tag this commit so an image is created? Thanks in advance

[jcmoraisjr]

I've just pushed a100bb1 to quay.io/jcmoraisjr/haproxy-ingress:v0.6-a100bb1. I have a few new feature to finish before starting snapshot tags. Note that there are some new simple features and HAProxy was updated to 1.8. Let me know if you have any problem.

[jcmoraisjr]

Cherry picked to v0.5, please have a look if canary tag is working for you.

[tlopo]

v0.5-beta.3 is working fine for me. thank you!

[jcmoraisjr]

Tks! Closing.