diff --git a/docs/examples/customization/custom-upstream-check/README.md b/docs/examples/customization/custom-upstream-check/README.md index 434c47c57..0b19338d7 100644 --- a/docs/examples/customization/custom-upstream-check/README.md +++ b/docs/examples/customization/custom-upstream-check/README.md @@ -42,6 +42,3 @@ $ kubectl exec nginx-ingress-controller-v1ppm cat /etc/nginx/nginx.conf } .... ``` - - -![nginx-module-vts](custom-upstream.png "screenshot with custom configuration") diff --git a/docs/examples/customization/custom-upstream-check/custom-upstream.png b/docs/examples/customization/custom-upstream-check/custom-upstream.png deleted file mode 100644 index 30417894b..000000000 Binary files a/docs/examples/customization/custom-upstream-check/custom-upstream.png and /dev/null differ diff --git a/docs/examples/customization/custom-vts-metrics-prometheus/README.md b/docs/examples/customization/custom-vts-metrics-prometheus/README.md deleted file mode 100644 index c85213905..000000000 --- a/docs/examples/customization/custom-vts-metrics-prometheus/README.md +++ /dev/null @@ -1,103 +0,0 @@ -# Custom VTS metrics with Prometheus - -This example aims to demonstrate the deployment of an nginx ingress controller and use a ConfigMap to enable [nginx vts module](https://github.com/vozlt/nginx-module-vts -) to export metrics in prometheus format. - -## vts-metrics - -Vts-metrics export NGINX metrics. To deploy all the files simply run `kubectl apply -f nginx`. A deployment and service will be -created which already has a `prometheus.io/scrape: 'true'` annotation and if you added -the recommended Prometheus service-endpoint scraping [configuration](https://raw.githubusercontent.com/prometheus/prometheus/master/documentation/examples/prometheus-kubernetes.yml), -Prometheus will scrape it automatically and you start using the generated metrics right away. - -## Custom configuration - -```console -apiVersion: v1 -data: - enable-vts-status: "true" -kind: ConfigMap -metadata: - name: nginx-configuration - namespace: ingress-nginx - labels: - app: ingress-nginx -``` - -```console -$ kubectl apply -f nginx-vts-metrics-conf.yaml -``` - -## Result - -Check whether the ingress controller successfully generated the NGINX vts status: - -```console -$ kubectl exec nginx-ingress-controller-873061567-4n3k2 -n ingress-nginx cat /etc/nginx/nginx.conf|grep vhost_traffic_status_display - vhost_traffic_status_display; - vhost_traffic_status_display_format html; -``` - -### NGINX vts dashboard - -The vts dashboard provides real time metrics. - -![vts dashboard](imgs/vts-dashboard.png) - -Because the vts port it's not yet exposed, you should forward the controller port to see it. - -```console -$ kubectl port-forward $(kubectl get pods --selector=k8s-app=nginx-ingress-controller -n ingress-nginx --output=jsonpath={.items..metadata.name}) -n ingress-nginx 18080 -``` - -Now open the url [http://localhost:18080/nginx_status](http://localhost:18080/nginx_status) in your browser. - -### Prometheus metrics output - -NGINX Ingress controller already has a parser to convert vts metrics to Prometheus format. It exports prometheus metrics to the address `:10254/metrics`. - -```console -$ kubectl exec -ti -n ingress-nginx $(kubectl get pods --selector=k8s-app=nginx-ingress-controller -n kube-system --output=jsonpath={.items..metadata.name}) curl localhost:10254/metrics -ingress_controller_ssl_expire_time_seconds{host="foo.bar.com"} -6.21355968e+10 -# HELP ingress_controller_success Cumulative number of Ingress controller reload operations -# TYPE ingress_controller_success counter -ingress_controller_success{count="reloads"} 3 -# HELP nginx_bytes_total Nginx bytes count -# TYPE nginx_bytes_total counter -nginx_bytes_total{direction="in",ingress_class="nginx",namespace="",server_zone="*"} 3708 -nginx_bytes_total{direction="in",ingress_class="nginx",namespace="",server_zone="_"} 3708 -nginx_bytes_total{direction="out",ingress_class="nginx",namespace="",server_zone="*"} 5256 -nginx_bytes_total{direction="out",ingress_class="nginx",namespace="",server_zone="_"} 5256 -``` - -### Customize metrics - -The default [vts vhost key](https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_filter_by_set_key) is `$geoip_country_code country::*` that expose metrics grouped by server and country code. The example below show how to have metrics grouped by server and server path. - -![vts dashboard](imgs/vts-dashboard-filter-key-path.png) - -## NGINX custom configuration ( http level ) - -``` - apiVersion: v1 - kind: ConfigMap - data: - enable-vts-status: "true" - vts-default-filter-key: "$server_name" -... -``` - -## Customize ingress - -``` - apiVersion: extensions/v1beta1 - kind: Ingress - metadata: - annotations: - nginx.ingress.kubernetes.io/vts-filter-key: $uri $server_name - name: ingress -``` - -## Result - -![prometheus filter key path](imgs/prometheus-filter-key-path.png) diff --git a/docs/examples/customization/custom-vts-metrics-prometheus/imgs/prometheus-filter-key-path.png b/docs/examples/customization/custom-vts-metrics-prometheus/imgs/prometheus-filter-key-path.png deleted file mode 100644 index a266d4048..000000000 Binary files a/docs/examples/customization/custom-vts-metrics-prometheus/imgs/prometheus-filter-key-path.png and /dev/null differ diff --git a/docs/examples/customization/custom-vts-metrics-prometheus/imgs/vts-dashboard-filter-key-path.png b/docs/examples/customization/custom-vts-metrics-prometheus/imgs/vts-dashboard-filter-key-path.png deleted file mode 100644 index b9b3238f6..000000000 Binary files a/docs/examples/customization/custom-vts-metrics-prometheus/imgs/vts-dashboard-filter-key-path.png and /dev/null differ diff --git a/docs/examples/customization/custom-vts-metrics-prometheus/imgs/vts-dashboard.png b/docs/examples/customization/custom-vts-metrics-prometheus/imgs/vts-dashboard.png deleted file mode 100644 index 0370f5ce9..000000000 Binary files a/docs/examples/customization/custom-vts-metrics-prometheus/imgs/vts-dashboard.png and /dev/null differ diff --git a/docs/examples/customization/custom-vts-metrics-prometheus/nginx-vts-metrics-conf.yaml b/docs/examples/customization/custom-vts-metrics-prometheus/nginx-vts-metrics-conf.yaml deleted file mode 100644 index 6a6e795cd..000000000 --- a/docs/examples/customization/custom-vts-metrics-prometheus/nginx-vts-metrics-conf.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -data: - enable-vts-status: "true" -kind: ConfigMap -metadata: - name: nginx-configuration - namespace: ingress-nginx - labels: - app: ingress-nginx diff --git a/docs/examples/index.md b/docs/examples/index.md index dfe3bcdcd..df1d01d5e 100644 --- a/docs/examples/index.md +++ b/docs/examples/index.md @@ -16,7 +16,6 @@ Customization | [Custom DH parameters for perfect forward secrecy](customization Customization | [Custom errors](customization/custom-errors/README.md) | serve custom error pages from the default backend | Intermediate Customization | [Custom headers](customization/custom-headers/README.md) | set custom headers before sending traffic to backends | Advanced Customization | [Custom upstream check](customization/custom-upstream-check/README.md) | TODO | TODO -Customization | [Custom VTS metrics with Prometheus](customization/custom-vts-metrics-prometheus/README.md) | TODO | TODO Customization | [External authentication with response header propagation](customization/external-auth-headers/README.md) | TODO | TODO Customization | [Sysctl tuning](customization/sysctl/README.md) | TODO | TODO Features | [Rewrite](rewrite/README.md) | TODO | TODO diff --git a/docs/user-guide/nginx-configuration/configmap.md b/docs/user-guide/nginx-configuration/configmap.md index e532305e9..77539ed8c 100644 --- a/docs/user-guide/nginx-configuration/configmap.md +++ b/docs/user-guide/nginx-configuration/configmap.md @@ -44,10 +44,6 @@ The following table shows a configuration option's name, type, and the default v |[disable-ipv6-dns](#disable-ipv6-dns)|bool|false| |[enable-underscores-in-headers](#enable-underscores-in-headers)|bool|false| |[ignore-invalid-headers](#ignore-invalid-headers)|bool|true| -|[enable-vts-status](#enable-vts-status)|bool|false| -|[vts-status-zone-size](#vts-status-zone-size)|string|"10m"| -|[vts-sum-key](#vts-sum-key)|string|"*"| -|[vts-default-filter-key](#vts-default-filter-key)|string|"$geoip_country_code country::*"| |[retry-non-idempotent](#retry-non-idempotent)|bool|"false"| |[error-log-level](#error-log-level)|string|"notice"| |[http2-max-field-size](#http2-max-field-size)|string|"4k"| @@ -240,32 +236,6 @@ Enables underscores in header names. _**default:**_ is disabled Set if header fields with invalid names should be ignored. _**default:**_ is enabled -## enable-vts-status - -Allows the replacement of the default status page with a third party module named [nginx-module-vts](https://github.com/vozlt/nginx-module-vts). -_**default:**_ is disabled - -## vts-status-zone-size - -Vts config on http level sets parameters for a shared memory zone that will keep states for various keys. The cache is shared between all worker processes. _**default:**_ 10m - -_References:_ -[https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_zone](https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_zone) - -## vts-default-filter-key - -Vts config on http level enables the keys by user defined variable. The key is a key string to calculate traffic. The name is a group string to calculate traffic. The key and name can contain variables such as $host, $server_name. The name's group belongs to filterZones if specified. The key's group belongs to serverZones if not specified second argument name. _**default:**_ $geoip_country_code country::* - -_References:_ -[https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_filter_by_set_key](https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_filter_by_set_key) - -## vts-sum-key - -For metrics keyed (or when using Prometheus, labeled) by server zone, this value is used to indicate metrics for all server zones combined. _**default:**_ * - -_References:_ -[https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_display_sum_key](https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_display_sum_key) - ## retry-non-idempotent Since 1.9.13 NGINX will not retry non-idempotent requests (POST, LOCK, PATCH) in case of an error in the upstream server. The previous behavior can be restored using the value "true". diff --git a/docs/user-guide/nginx-status-page.md b/docs/user-guide/nginx-status-page.md index 8152c5eae..1468b89a6 100644 --- a/docs/user-guide/nginx-status-page.md +++ b/docs/user-guide/nginx-status-page.md @@ -2,10 +2,3 @@ The [ngx_http_stub_status_module](http://nginx.org/en/docs/http/ngx_http_stub_status_module.html) module provides access to basic status information. This is the default module active in the url `/nginx_status` in the status port (default is 18080). - -This controller provides an alternative to this module using the [nginx-module-vts](https://github.com/vozlt/nginx-module-vts) module. -To use this module just set in the configuration configmap `enable-vts-status: "true"`. - -![nginx-module-vts screenshot](https://cloud.githubusercontent.com/assets/3648408/10876811/77a67b70-8183-11e5-9924-6a6d0c5dc73a.png "screenshot with filter") - -To extract the information in JSON format the module provides a custom URL: `/nginx_status/format/json` diff --git a/images/nginx/README.md b/images/nginx/README.md index 01f4cc7fa..dc56fa80d 100644 --- a/images/nginx/README.md +++ b/images/nginx/README.md @@ -6,7 +6,6 @@ nginx [engine x] is an HTTP and reverse proxy server, a mail proxy server, and a This custom nginx image contains: - [stream](http://nginx.org/en/docs/stream/ngx_stream_core_module.html) tcp support for upstreams -- nginx stats [nginx-module-vts](https://github.com/vozlt/nginx-module-vts) - [Dynamic TLS record sizing](https://blog.cloudflare.com/optimizing-tls-over-tcp-to-reduce-latency/) - [ngx_devel_kit](https://github.com/simpl/ngx_devel_kit) - [set-misc-nginx-module](https://github.com/openresty/set-misc-nginx-module) diff --git a/internal/ingress/annotations/annotations.go b/internal/ingress/annotations/annotations.go index 66337710b..edeea8c20 100644 --- a/internal/ingress/annotations/annotations.go +++ b/internal/ingress/annotations/annotations.go @@ -54,7 +54,6 @@ import ( "k8s.io/ingress-nginx/internal/ingress/annotations/sslpassthrough" "k8s.io/ingress-nginx/internal/ingress/annotations/upstreamhashby" "k8s.io/ingress-nginx/internal/ingress/annotations/upstreamvhost" - "k8s.io/ingress-nginx/internal/ingress/annotations/vtsfilterkey" "k8s.io/ingress-nginx/internal/ingress/annotations/xforwardedprefix" "k8s.io/ingress-nginx/internal/ingress/errors" "k8s.io/ingress-nginx/internal/ingress/resolver" @@ -90,7 +89,6 @@ type Ingress struct { UpstreamHashBy string LoadBalancing string UpstreamVhost string - VtsFilterKey string Whitelist ipwhitelist.SourceRange XForwardedPrefix bool SSLCiphers string @@ -132,7 +130,6 @@ func NewAnnotationExtractor(cfg resolver.Resolver) Extractor { "UpstreamHashBy": upstreamhashby.NewParser(cfg), "LoadBalancing": loadbalancing.NewParser(cfg), "UpstreamVhost": upstreamvhost.NewParser(cfg), - "VtsFilterKey": vtsfilterkey.NewParser(cfg), "Whitelist": ipwhitelist.NewParser(cfg), "XForwardedPrefix": xforwardedprefix.NewParser(cfg), "SSLCiphers": sslcipher.NewParser(cfg), diff --git a/internal/ingress/annotations/vtsfilterkey/main.go b/internal/ingress/annotations/vtsfilterkey/main.go deleted file mode 100644 index e349c36a6..000000000 --- a/internal/ingress/annotations/vtsfilterkey/main.go +++ /dev/null @@ -1,40 +0,0 @@ -/* -Copyright 2017 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package vtsfilterkey - -import ( - extensions "k8s.io/api/extensions/v1beta1" - - "k8s.io/ingress-nginx/internal/ingress/annotations/parser" - "k8s.io/ingress-nginx/internal/ingress/resolver" -) - -type vtsFilterKey struct { - r resolver.Resolver -} - -// NewParser creates a new vts filter key annotation parser -func NewParser(r resolver.Resolver) parser.IngressAnnotation { - return vtsFilterKey{r} -} - -// Parse parses the annotations contained in the ingress rule -// used to indicate if the location/s contains a fragment of -// configuration to be included inside the paths of the rules -func (a vtsFilterKey) Parse(ing *extensions.Ingress) (interface{}, error) { - return parser.GetStringAnnotation("vts-filter-key", ing) -} diff --git a/internal/ingress/controller/config/config.go b/internal/ingress/controller/config/config.go index 436bb0612..4b8d930a7 100644 --- a/internal/ingress/controller/config/config.go +++ b/internal/ingress/controller/config/config.go @@ -161,31 +161,6 @@ type Configuration struct { // By default this is enabled IgnoreInvalidHeaders bool `json:"ignore-invalid-headers"` - // EnableVtsStatus allows the replacement of the default status page with a third party module named - // nginx-module-vts - https://github.com/vozlt/nginx-module-vts - // By default this is disabled - EnableVtsStatus bool `json:"enable-vts-status,omitempty"` - - // Vts config on http level - // Description: Sets parameters for a shared memory zone that will keep states for various keys. The cache is shared between all worker processe - // https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_zone - // Default value is 10m - VtsStatusZoneSize string `json:"vts-status-zone-size,omitempty"` - - // Vts config on http level - // Description: Enables the keys by user defined variable. The key is a key string to calculate traffic. - // The name is a group string to calculate traffic. The key and name can contain variables such as $host, - // $server_name. The name's group belongs to filterZones if specified. The key's group belongs to serverZones - // if not specified second argument name. The example with geoip module is as follows: - // https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_filter_by_set_key - // Default value is $geoip_country_code country::* - VtsDefaultFilterKey string `json:"vts-default-filter-key,omitempty"` - - // Description: Sets sum key used by vts json output, and the sum label in prometheus output. - // These indicate metrics values for all server zones combined, rather than for a specific one. - // Default value is * - VtsSumKey string `json:"vts-sum-key,omitempty"` - // RetryNonIdempotent since 1.9.13 NGINX will not retry non-idempotent requests (POST, LOCK, PATCH) // in case of an error. The previous behavior can be restored using the value true RetryNonIdempotent bool `json:"retry-non-idempotent"` @@ -603,9 +578,6 @@ func NewDefault() Configuration { WorkerProcesses: strconv.Itoa(runtime.NumCPU()), WorkerShutdownTimeout: "10s", LoadBalanceAlgorithm: defaultLoadBalancerAlgorithm, - VtsStatusZoneSize: "10m", - VtsDefaultFilterKey: "$geoip_country_code country::*", - VtsSumKey: "*", VariablesHashBucketSize: 128, VariablesHashMaxSize: 2048, UseHTTP2: true, diff --git a/internal/ingress/controller/controller.go b/internal/ingress/controller/controller.go index 7dc6dbf3c..269b12e60 100644 --- a/internal/ingress/controller/controller.go +++ b/internal/ingress/controller/controller.go @@ -437,7 +437,6 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([] loc.Redirect = anns.Redirect loc.Rewrite = anns.Rewrite loc.UpstreamVhost = anns.UpstreamVhost - loc.VtsFilterKey = anns.VtsFilterKey loc.Whitelist = anns.Whitelist loc.Denied = anns.Denied loc.XForwardedPrefix = anns.XForwardedPrefix @@ -476,7 +475,6 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([] Redirect: anns.Redirect, Rewrite: anns.Rewrite, UpstreamVhost: anns.UpstreamVhost, - VtsFilterKey: anns.VtsFilterKey, Whitelist: anns.Whitelist, Denied: anns.Denied, XForwardedPrefix: anns.XForwardedPrefix, @@ -912,7 +910,6 @@ func (n *NGINXController) createServers(data []*extensions.Ingress, // defLoc.Redirect = anns.Redirect // defLoc.Rewrite = anns.Rewrite defLoc.UpstreamVhost = anns.UpstreamVhost - defLoc.VtsFilterKey = anns.VtsFilterKey defLoc.Whitelist = anns.Whitelist defLoc.Denied = anns.Denied defLoc.GRPC = anns.GRPC diff --git a/internal/ingress/types.go b/internal/ingress/types.go index 647bebeb2..c111bbe2b 100644 --- a/internal/ingress/types.go +++ b/internal/ingress/types.go @@ -242,10 +242,6 @@ type Location struct { // UsePortInRedirects indicates if redirects must specify the port // +optional UsePortInRedirects bool `json:"usePortInRedirects"` - // VtsFilterKey contains the vts filter key on the location level - // https://github.com/vozlt/nginx-module-vts#vhost_traffic_status_filter_by_set_key - // +optional - VtsFilterKey string `json:"vtsFilterKey,omitempty"` // ConfigurationSnippet contains additional configuration for the backend // to be considered in the configuration of the location ConfigurationSnippet string `json:"configurationSnippet"` diff --git a/rootfs/etc/nginx/template/nginx.tmpl b/rootfs/etc/nginx/template/nginx.tmpl index a3366feb5..1e0489612 100644 --- a/rootfs/etc/nginx/template/nginx.tmpl +++ b/rootfs/etc/nginx/template/nginx.tmpl @@ -106,11 +106,6 @@ http { geoip_proxy_recursive on; {{ end }} - {{ if $cfg.EnableVtsStatus }} - vhost_traffic_status_zone shared:vhost_traffic_status:{{ $cfg.VtsStatusZoneSize }}; - vhost_traffic_status_filter_by_set_key {{ $cfg.VtsDefaultFilterKey }}; - {{ end }} - aio threads; aio_write on; @@ -543,14 +538,8 @@ http { opentracing off; {{ end }} - {{ if $cfg.EnableVtsStatus }} - vhost_traffic_status_display; - vhost_traffic_status_display_format html; - vhost_traffic_status_display_sum_key {{ $cfg.VtsSumKey }}; - {{ else }} access_log off; stub_status on; - {{ end }} } {{ if $all.DynamicConfigurationEnabled }} @@ -935,8 +924,6 @@ stream { port_in_redirect {{ if $location.UsePortInRedirects }}on{{ else }}off{{ end }}; - {{ if $all.Cfg.EnableVtsStatus }}{{ if $location.VtsFilterKey }} vhost_traffic_status_filter_by_set_key {{ $location.VtsFilterKey }};{{ end }}{{ end }} - set $proxy_upstream_name "{{ buildUpstreamName $server.Hostname $all.Backends $location $all.DynamicConfigurationEnabled }}"; {{/* redirect to HTTPS can be achieved forcing the redirect or having a SSL Certificate configured for the server */}} diff --git a/test/data/config.json b/test/data/config.json index b023858aa..36ea6d64f 100644 --- a/test/data/config.json +++ b/test/data/config.json @@ -21,7 +21,6 @@ "bodySize": "1m", "enableDynamicTlsRecords": true, "enableSpdy": false, - "enableVtsStatus": true, "errorLogLevel": "notice", "gzipTypes": "application/atom+xml application/javascript application/x-javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/svg+xml image/x-icon text/css text/plain text/x-component", "hsts": true, @@ -46,7 +45,6 @@ "useGzip": true, "useHttp2": true, "proxyStreamTimeout": "600s", - "vtsStatusZoneSize": "10m", "workerProcesses": 1, "limitConnZoneVariable": "$the_real_ip" }, @@ -117,9 +115,7 @@ "keyFilename": "", "caFilename": "", "pemSha": "" - }, - "vtsDefaultFilterKey": "$uri $server_name" - + } }, { "path": "/", "isDefBackend": true,