Override load balancer alg view config map

controllers/nginx/configuration.md

@@ -304,6 +304,12 @@ The zero value disables keep-alive client connections.
 http://nginx.org/en/docs/http/ngx_http_core_module.html#keepalive_timeout
 
 
+**load-balance:** Sets the algorithm to use for load balancing. The value can either be round_robin to
+use the default round robin load balancer, least_conn to use the least connected method, or
+ip_hash to use a hash of the server for routing. The default is least_conn.
+http://nginx.org/en/docs/http/load_balancing.html.
+
+
 **max-worker-connections:** Sets the maximum number of simultaneous connections that can be opened by each [worker process](http://nginx.org/en/docs/ngx_core_module.html#worker_connections).
 
 

controllers/nginx/pkg/config/config.go

@@ -73,6 +73,9 @@ const (
 	// Size of the SSL shared cache between all worker processes.
 	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache
 	sslSessionCacheSize = "10m"
+
+	// Default setting for load balancer algorithm
+	defaultLoadBalancerAlgorithm = "least_conn"
 )
 
 var (
@@ -266,6 +269,9 @@ type Configuration struct {
 	// Defines the number of worker processes. By default auto means number of available CPU cores
 	// http://nginx.org/en/docs/ngx_core_module.html#worker_processes
 	WorkerProcesses string `json:"worker-processes,omitempty"`
+
+	// Defines the load balancing algorithm to use. The deault is round-robin
+	LoadBalanceAlgorithm string `json:"load-balance,omitempty"`
 }
 
 // NewDefault returns the default nginx configuration
@@ -301,6 +307,7 @@ func NewDefault() Configuration {
 		SSLSessionTimeout:        sslSessionTimeout,
 		UseGzip:                  true,
 		WorkerProcesses:          strconv.Itoa(runtime.NumCPU()),
+		LoadBalanceAlgorithm:     defaultLoadBalancerAlgorithm,
 		VtsStatusZoneSize:        "10m",
 		UseHTTP2:                 true,
 		Backend: defaults.Backend{

controllers/nginx/pkg/template/configmap_test.go

@@ -74,3 +74,12 @@ func TestMergeConfigMapToStruct(t *testing.T) {
 		t.Errorf("unexpected diff: (-got +want)\n%s", diff)
 	}
 }
+
+func TestDefaultLoadBalance(t *testing.T) {
+	conf := map[string]string{
+	}
+	to := ReadConfig(conf)
+	if to.LoadBalanceAlgorithm != "least_conn" {
+		t.Errorf("default load balance algorithm wrong")
+	}
+}

controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl

@@ -1,4 +1,4 @@
-{{ $cfg := .Cfg }} 
+{{ $cfg := .Cfg }}
 {{ $IsIPV6Enabled := .IsIPV6Enabled }}
 {{ $healthzURI := .HealthzURI }}
 {{ $backends := .Backends }}
@@ -60,7 +60,7 @@ http {
 
     client_header_buffer_size       {{ $cfg.ClientHeaderBufferSize }};
     large_client_header_buffers     {{ $cfg.LargeClientHeaderBuffers }};
-    
+
     http2_max_field_size            {{ $cfg.HTTP2MaxFieldSize }};
     http2_max_header_size           {{ $cfg.HTTP2MaxHeaderSize }};
 
@@ -206,7 +206,10 @@ http {
         {{ if eq $upstream.SessionAffinity.AffinityType "cookie" }}
         sticky hash={{$upstream.SessionAffinity.CookieSessionAffinity.Hash}} name={{$upstream.SessionAffinity.CookieSessionAffinity.Name}}  httponly;
         {{ else }}
-        least_conn;
+        # Load balance algorithm; empty for round robin, which is the default
+        {{ if ne $cfg.LoadBalanceAlgorithm "round_robin" }}
+        {{ $cfg.LoadBalanceAlgorithm }};
+        {{ end }}
         {{ end }}
         {{ range $server := $upstream.Endpoints }}server {{ $server.Address }}:{{ $server.Port }} max_fails={{ $server.MaxFails }} fail_timeout={{ $server.FailTimeout }};
         {{ end }}
@@ -252,7 +255,7 @@ http {
         ssl_verify_client on;
         ssl_verify_depth {{ $location.CertificateAuth.ValidationDepth }};
         {{ end }}
-        
+
         {{ if (or $location.Redirect.ForceSSLRedirect (and (not (empty $server.SSLCertificate)) $location.Redirect.SSLRedirect)) }}
         # enforce ssl on server side
         if ($pass_access_scheme = http) {
@@ -281,7 +284,7 @@ http {
             {{ end }}
             proxy_pass_request_headers  on;
             proxy_set_header            Host {{ $location.ExternalAuth.Host }};
-            proxy_ssl_server_name       on;            
+            proxy_ssl_server_name       on;
 
             set $target {{ $location.ExternalAuth.URL }};
             proxy_pass $target;