diff --git a/controllers/nginx/pkg/cmd/controller/nginx.go b/controllers/nginx/pkg/cmd/controller/nginx.go index 133bc9a55..63419a1e6 100644 --- a/controllers/nginx/pkg/cmd/controller/nginx.go +++ b/controllers/nginx/pkg/cmd/controller/nginx.go @@ -48,11 +48,11 @@ import ( type statusModule string const ( - ngxHealthPort = 18080 ngxHealthPath = "/healthz" defaultStatusModule statusModule = "default" vtsStatusModule statusModule = "vts" + defaultServerPort = "default-server-port" ) var ( @@ -317,6 +317,7 @@ func (n NGINXController) Info() *ingress.BackendInfo { // ConfigureFlags allow to configure more flags before the parsing of // command line arguments func (n *NGINXController) ConfigureFlags(flags *pflag.FlagSet) { + flags.Int(defaultServerPort, 18080, `Port used to expose the default server in NGINX.`) } // OverrideFlags customize NGINX controller flags @@ -334,6 +335,9 @@ func (n *NGINXController) OverrideFlags(flags *pflag.FlagSet) { flags.Set("ingress-class", ic) n.stats = newStatsCollector(wc, ic, n.binary) + + dlp, _ := flags.GetInt(defaultServerPort) + n.DefaultServerPort = dlp } // DefaultIngressClass just return the default ingress class @@ -568,7 +572,7 @@ func (n NGINXController) Name() string { // Check returns if the nginx healthz endpoint is returning ok (status code 200) func (n NGINXController) Check(_ *http.Request) error { - res, err := http.Get(fmt.Sprintf("http://localhost:%v%v", ngxHealthPort, ngxHealthPath)) + res, err := http.Get(fmt.Sprintf("http://localhost:%v%v", n.DefaultServerPort, ngxHealthPath)) if err != nil { return err } diff --git a/core/pkg/ingress/controller/controller.go b/core/pkg/ingress/controller/controller.go index aad79c34c..c558647f2 100644 --- a/core/pkg/ingress/controller/controller.go +++ b/core/pkg/ingress/controller/controller.go @@ -63,11 +63,6 @@ const ( rootLocation = "/" ) -var ( - // list of ports that cannot be used by TCP or UDP services - reservedPorts = []string{"80", "443", "8181", "18080"} -) - // GenericController holds the boilerplate code required to build an Ingress controlller. type GenericController struct { cfg *Configuration @@ -110,6 +105,14 @@ type GenericController struct { stopCh chan struct{} } +// ListenPort contains all the ports used in the ingress controller. +type ListenPort struct { + HTTP int + HTTPS int + DefaultBackend int + Health int +} + // Configuration contains all the settings required by an Ingress controller type Configuration struct { Client clientset.Interface @@ -137,6 +140,9 @@ type Configuration struct { UpdateStatus bool ElectionID string + + // Ports contains the configuration of the used ports in the controller + Ports *ListenPort } // newIngressController creates an Ingress controller @@ -449,6 +455,13 @@ func (ic *GenericController) getStreamServices(configmapName string, proto api.P return []ingress.L4Service{} } + usedPorts := []string{ + strconv.Itoa(ic.cfg.Ports.DefaultBackend), + strconv.Itoa(ic.cfg.Ports.HTTP), + strconv.Itoa(ic.cfg.Ports.HTTPS), + strconv.Itoa(ic.cfg.Ports.Health), + } + var svcs []ingress.L4Service // k -> port to expose // v -> /: @@ -459,8 +472,8 @@ func (ic *GenericController) getStreamServices(configmapName string, proto api.P continue } - // this ports used by the backend - if local_strings.StringInSlice(k, reservedPorts) { + // this ports used are already used by the controller + if local_strings.StringInSlice(k, usedPorts) { glog.Warningf("port %v cannot be used for TCP or UDP services. It is reserved for the Ingress controller", k) continue } diff --git a/core/pkg/ingress/controller/launch.go b/core/pkg/ingress/controller/launch.go index 9bb162488..76961b819 100644 --- a/core/pkg/ingress/controller/launch.go +++ b/core/pkg/ingress/controller/launch.go @@ -73,6 +73,12 @@ func NewIngressController(backend ingress.Controller) *GenericController { healthzPort = flags.Int("healthz-port", 10254, "port for healthz endpoint.") + httpPort = flags.Int("http-port", 80, "port used to expose HTTP protocol") + + httpsPort = flags.Int("https-port", 443, "port used to expose HTTPS protocol") + + localDefaultBackendPort = flags.Int("local-default-backend-port", 8181, "port used to expose the default backend service") + profiling = flags.Bool("profiling", true, `Enable profiling via web interface host:port/debug/pprof/`) defSSLCertificate = flags.String("default-ssl-certificate", "", `Name of the secret @@ -164,6 +170,12 @@ func NewIngressController(backend ingress.Controller) *GenericController { PublishService: *publishSvc, Backend: backend, ForceNamespaceIsolation: *forceIsolation, + Ports: &ListenPort{ + HTTP: *httpPort, + HTTPS: *httpsPort, + DefaultBackend: *localDefaultBackendPort, + Health: *healthzPort, + }, } ic := newIngressController(config) diff --git a/core/pkg/ingress/controller/util.go b/core/pkg/ingress/controller/util.go index 4feb882ba..add25d517 100644 --- a/core/pkg/ingress/controller/util.go +++ b/core/pkg/ingress/controller/util.go @@ -17,6 +17,7 @@ limitations under the License. package controller import ( + "strconv" "strings" "unicode/utf8" @@ -30,8 +31,11 @@ import ( const DeniedKeyName = "Denied" // newDefaultServer return an BackendServer to be use as default server that returns 503. -func newDefaultServer() ingress.Endpoint { - return ingress.Endpoint{Address: "127.0.0.1", Port: "8181"} +func (ic *GenericController) newDefaultServer() ingress.Endpoint { + return ingress.Endpoint{ + Address: "127.0.0.1", + Port: strconv.Itoa(ic.cfg.Ports.DefaultBackend), + } } // newUpstream creates an upstream without servers.