Cleanup

internal/ingress/controller/controller.go

@@ -210,6 +210,17 @@ func (n *NGINXController) getStreamServices(configmapName string, proto apiv1.Pr
 	var svcProxyProtocol ingress.ProxyProtocol
 	// k -> port to expose
 	// v -> <namespace>/<service name>:<port from service to be used>
+
+	rp := []int{
+		n.cfg.ListenPorts.HTTP,
+		n.cfg.ListenPorts.HTTPS,
+		n.cfg.ListenPorts.SSLProxy,
+		n.cfg.ListenPorts.Status,
+		n.cfg.ListenPorts.Health,
+		n.cfg.ListenPorts.Default,
+	}
+	reserverdPorts := sets.NewInt(rp...)
+
 	for k, v := range configmap.Data {
 		externalPort, err := strconv.Atoi(k)
 		if err != nil {
@@ -217,16 +228,7 @@ func (n *NGINXController) getStreamServices(configmapName string, proto apiv1.Pr
 			continue
 		}
 
-		rp := []int{
+		if reserverdPorts.Has(externalPort) {
-			n.cfg.ListenPorts.HTTP,
-			n.cfg.ListenPorts.HTTPS,
-			n.cfg.ListenPorts.SSLProxy,
-			n.cfg.ListenPorts.Status,
-			n.cfg.ListenPorts.Health,
-			n.cfg.ListenPorts.Default,
-		}
-
-		if intInSlice(externalPort, rp) {
 			glog.Warningf("port %v cannot be used for TCP or UDP services. It is reserved for the Ingress controller", k)
 			continue
 		}

internal/ingress/controller/store/backend_ssl.go

@@ -25,6 +25,7 @@ import (
 
 	apiv1 "k8s.io/api/core/v1"
 	extensions "k8s.io/api/extensions/v1beta1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	"k8s.io/ingress-nginx/internal/file"
 	"k8s.io/ingress-nginx/internal/ingress"
@@ -221,3 +222,17 @@ func (s k8sStore) ReadSecrets(ing *extensions.Ingress) {
 	}
 	s.syncSecret(key)
 }
+
+// sendDummyEvent sends a dummy event to trigger an update
+// This is used in when a secret change
+func (s *k8sStore) sendDummyEvent() {
+	s.updateCh <- Event{
+		Type: UpdateEvent,
+		Obj: &extensions.Ingress{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      "dummy",
+				Namespace: "dummy",
+			},
+		},
+	}
+}

internal/ingress/controller/store/store.go

@@ -28,7 +28,6 @@ import (
 
 	apiv1 "k8s.io/api/core/v1"
 	extensions "k8s.io/api/extensions/v1beta1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/apimachinery/pkg/util/wait"
@@ -169,10 +168,15 @@ func (c *Controller) Run(stopCh chan struct{}) {
 type k8sStore struct {
 	isOCSPCheckEnabled bool
 
+	// backendConfig contains the running configuration from the configmap
+	// this is required because this rarely changes but is a very expensive
+	// operation to execute in each OnUpdate invocation
 	backendConfig ngx_config.Configuration
 
+	// cache contains the cache Controllers
 	cache *Controller
-	// listers
+
+	// listers contains the cache.Store used in the ingress controller
 	listers *Lister
 
 	// sslStore local store of SSL certificates (certificates used in ingress)
@@ -184,8 +188,10 @@ type k8sStore struct {
 
 	filesystem file.Filesystem
 
+	// updateCh
 	updateCh chan Event
 
+	// mu mutex used to avoid simultaneous incovations to syncSecret
 	mu *sync.Mutex
 }
 
@@ -546,16 +552,3 @@ func (s k8sStore) Run(stopCh chan struct{}) {
 		go wait.Until(s.checkSSLChainIssues, 60*time.Second, stopCh)
 	}
 }
-
-// sendDummyEvent sends a dummy event to trigger an update
-func (s *k8sStore) sendDummyEvent() {
-	s.updateCh <- Event{
-		Type: UpdateEvent,
-		Obj: &extensions.Ingress{
-			ObjectMeta: metav1.ObjectMeta{
-				Name:      "dummy",
-				Namespace: "dummy",
-			},
-		},
-	}
-}

internal/ingress/controller/template/configmap.go

@@ -26,6 +26,7 @@ import (
 
 	"github.com/mitchellh/mapstructure"
 
+	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/ingress-nginx/internal/ingress/controller/config"
 	ing_net "k8s.io/ingress-nginx/internal/net"
 )
@@ -42,7 +43,7 @@ const (
 )
 
 var (
-	validRedirectCodes = []int{301, 302, 307, 308}
+	validRedirectCodes = sets.NewInt([]int{301, 302, 307, 308}...)
 )
 
 // ReadConfig obtains the configuration defined by the user merged with the defaults.
@@ -114,7 +115,7 @@ func ReadConfig(src map[string]string) config.Configuration {
 		if err != nil {
 			glog.Warningf("%v is not a valid HTTP code: %v", val, err)
 		} else {
-			if intInSlice(j, validRedirectCodes) {
+			if validRedirectCodes.Has(j) {
 				redirectCode = j
 			} else {
 				glog.Warningf("The code %v is not a valid as HTTP redirect code. Using the default.", val)
@@ -175,12 +176,3 @@ func filterErrors(codes []int) []int {
 
 	return fa
 }
-
-func intInSlice(i int, list []int) bool {
-	for _, v := range list {
-		if v == i {
-			return true
-		}
-	}
-	return false
-}

internal/ingress/controller/util.go

@@ -66,12 +66,3 @@ func sysctlFSFileMax() int {
 	}
 	return int(rLimit.Max)
 }
-
-func intInSlice(i int, list []int) bool {
-	for _, v := range list {
-		if v == i {
-			return true
-		}
-	}
-	return false
-}

internal/ingress/controller/util_test.go

@@ -26,26 +26,6 @@ func (fe *fakeError) Error() string {
 	return "fakeError"
 }
 
-func TestIntInSlice(t *testing.T) {
-	fooTests := []struct {
-		i    int
-		list []int
-		er   bool
-	}{
-		{1, []int{1, 2}, true},
-		{3, []int{1, 2}, false},
-		{1, nil, false},
-		{0, nil, false},
-	}
-
-	for _, fooTest := range fooTests {
-		r := intInSlice(fooTest.i, fooTest.list)
-		if r != fooTest.er {
-			t.Errorf("returned %t but expected %t for s=%v & list=%v", r, fooTest.er, fooTest.i, fooTest.list)
-		}
-	}
-}
-
 func TestSysctlFSFileMax(t *testing.T) {
 	i := sysctlFSFileMax()
 	if i < 1 {