From ef0af3463f91c0e6dfd23659f0f048f0d4b09e0a Mon Sep 17 00:00:00 2001
From: Andrew McDermott <amcdermo@redhat.com>
Date: Tue, 19 Nov 2024 14:27:44 +0000
Subject: [PATCH] Make idle-close-on-response configurable in HAProxy template

Replace the hard-coded idle-close-on-response setting with a conditional
based on the IngressController's spec.idleConnectionTerminationPolicy
field, which controls whether HAProxy maintains idle frontend
connections during reloads or closes them immediately.

The default behaviour returns to closing idle connections immediately,
reversing https://issues.redhat.com/browse/OCPBUGS-32044 which had made
'option idle-close-on-response' always present in the configuration.
---
 images/router/haproxy/conf/haproxy-config.template | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/images/router/haproxy/conf/haproxy-config.template b/images/router/haproxy/conf/haproxy-config.template
index 0f6063e67..825ce2457 100644
--- a/images/router/haproxy/conf/haproxy-config.template
+++ b/images/router/haproxy/conf/haproxy-config.template
@@ -221,11 +221,10 @@ frontend public
     {{- end }}
   mode http
 
-  # Workaround for a known issue encountered with certain HTTP clients,
-  # particularly the Apache HTTP client (prior to version 5),
-  # where closed idle connections are erroneously reused.
-  # Bug reference: https://issues.redhat.com/browse/OCPBUGS-32044.
+  {{- if isTrue (env "ROUTER_IDLE_CLOSE_ON_RESPONSE") }}
   option idle-close-on-response
+  {{- end }}
+
   tcp-request inspect-delay {{ firstMatch $timeSpecPattern (env "ROUTER_INSPECT_DELAY") "5s" }}
   tcp-request content accept if HTTP
 
@@ -346,7 +345,9 @@ frontend fe_sni
   {{- "" }} no-alpn
   mode http
 
+  {{- if isTrue (env "ROUTER_IDLE_CLOSE_ON_RESPONSE") }}
   option idle-close-on-response
+  {{- end }}
 
     {{- range $idx, $captureHeader := .CaptureHTTPRequestHeaders }}
   capture request header {{ $captureHeader.Name }} len {{ $captureHeader.MaxLength }}
@@ -459,7 +460,9 @@ frontend fe_no_sni
   {{- "" }} no-alpn
   mode http
 
+  {{- if isTrue (env "ROUTER_IDLE_CLOSE_ON_RESPONSE") }}
   option idle-close-on-response
+  {{- end }}
 
     {{- range $idx, $captureHeader := .CaptureHTTPRequestHeaders }}
   capture request header {{ $captureHeader.Name }} len {{ $captureHeader.MaxLength }}