From 66f932a59e4ff5f18eb885cbf0d8b9eb263c140b Mon Sep 17 00:00:00 2001
From: Andrew McDermott <amcdermo@redhat.com>
Date: Tue, 19 Nov 2024 14:27:44 +0000
Subject: [PATCH] Make idle-close-on-response configurable in HAProxy template

Replace the hard-coded idle-close-on-response setting with a conditional
based on the IngressController's spec.idleConnectionTerminationPolicy
field, which controls whether HAProxy maintains idle frontend
connections during reloads or closes them immediately.

The default behaviour returns to closing idle connections immediately,
reversing https://issues.redhat.com/browse/OCPBUGS-32044 which had made
'option idle-close-on-response' always present in the configuration.
---
 images/router/haproxy/conf/haproxy-config.template | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/images/router/haproxy/conf/haproxy-config.template b/images/router/haproxy/conf/haproxy-config.template
index e0061f872..38a0dd642 100644
--- a/images/router/haproxy/conf/haproxy-config.template
+++ b/images/router/haproxy/conf/haproxy-config.template
@@ -221,11 +221,10 @@ frontend public
     {{- end }}
   mode http
 
-  # Workaround for a known issue encountered with certain HTTP clients,
-  # particularly the Apache HTTP client (prior to version 5),
-  # where closed idle connections are erroneously reused.
-  # Bug reference: https://issues.redhat.com/browse/OCPBUGS-32044.
+  {{- if isTrue (env "ROUTER_IDLE_CLOSE_ON_RESPONSE") }}
   option idle-close-on-response
+  {{- end }}
+
   tcp-request inspect-delay {{ firstMatch $timeSpecPattern (env "ROUTER_INSPECT_DELAY") "5s" }}
   tcp-request content accept if HTTP
 
@@ -346,7 +345,9 @@ frontend fe_sni
   {{- "" }} no-alpn
   mode http
 
+  {{- if isTrue (env "ROUTER_IDLE_CLOSE_ON_RESPONSE") }}
   option idle-close-on-response
+  {{- end }}
 
     {{- range $idx, $captureHeader := .CaptureHTTPRequestHeaders }}
   capture request header {{ $captureHeader.Name }} len {{ $captureHeader.MaxLength }}
@@ -459,7 +460,9 @@ frontend fe_no_sni
   {{- "" }} no-alpn
   mode http
 
+  {{- if isTrue (env "ROUTER_IDLE_CLOSE_ON_RESPONSE") }}
   option idle-close-on-response
+  {{- end }}
 
     {{- range $idx, $captureHeader := .CaptureHTTPRequestHeaders }}
   capture request header {{ $captureHeader.Name }} len {{ $captureHeader.MaxLength }}