DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2501 commits 4 branches 217 tags 166 MiB
Commit graph

132 commits

Author SHA1 Message Date
Oilbeater
17f6996941 fix nil pointer when ssl with ca.crt (#2331) 2018-04-11 09:30:16 -03:00
Elvin Efendi
d6eb44376d run lua-resty-waf in different modes (#2317) 
* run lua-resty-waf in different modes

* update docs
 2018-04-09 09:19:13 -03:00
Elvin Efendi
bad8295a42 extra waf rules per ingress (#2315) 
* extra waf rules per ingress

* document annotation nginx.ingress.kubernetes.io/lua-resty-waf-extra-rules

* regenerate internal/file/bindata.go
 2018-04-09 07:14:30 -03:00
Elvin Efendi
16faf309ca annotation to ignore given list of WAF rulesets (#2314) 2018-04-08 22:55:23 -03:00
Elvin Efendi
a6fe800a47 lua-resty-waf controller (#2304) 2018-04-08 17:37:13 -03:00
Manuel Alejandro de Brito Fontes
b17ed7b6fd
Configure upload limits for setup of lua load balancer (#2309) 2018-04-08 15:47:49 -03:00
Manuel Alejandro de Brito Fontes
1c65320618
Add verification of lua load balancer to health check (#2308) 2018-04-08 15:24:37 -03:00
Manuel Alejandro de Brito Fontes
2a02b7c35c
Fix race condition when Ingress does not contains a secret (#2300) 2018-04-06 17:44:41 -03:00
Manuel Alejandro de Brito Fontes
ab8349008a
Improve indentation of generated nginx.conf (#2296) 2018-04-05 18:19:30 -03:00
Manuel Alejandro de Brito Fontes
dd2bc91018
Fix HSTS without preload (#2294) 2018-04-04 23:17:51 -03:00
Sergey Lanzman
83974c32ac Update controller.go (#2285) 2018-04-02 20:16:06 -03:00
Alvaro Aleman
e7aa74b5d4 Add NoAuthLocations and default it to "/.well-known/acme-challenge" (#2243) 
* Add NoAuthLocations and default it to "/.well-known/acme-challenge"

* Add e2e tests for no-auth-location

* Improve wording of no-auth-location tests
 2018-04-01 21:02:34 -03:00
Elvin Efendi
ee46f486c7 e2e tests for dynamic configuration and Lua features and a bug fix (#2254) 
* e2e tests for dynamic configuration and Lua features

* do not rely on force reload to dynamically configure when reload is needed

* fix misspelling

* skip dynamic configuration in the first template rendering

* dont error on first sync
 2018-04-01 17:09:27 -03:00
Elvin Efendi
931e541fb7 Fix bug when auth req is enabled(external authentication) (#2280) 
* set proxy_upstream_name correctly when auth_req module is used

* log a more meaningful message when backend is not found
 2018-03-30 14:19:33 -03:00
Manuel Alejandro de Brito Fontes
146db43794
Disable opentracing for nginx internal urls (#2272) 2018-03-29 13:47:13 -03:00
Oilbeater
c6c219a7d1 clean up tmpl (#2263) 
The nginx.conf generated now is too messy remove some section only useful when dynamic configure enabled and headers only useful for https.
 2018-03-29 09:36:00 -03:00
Antoine Cotten
b09ecf790b Use SharedIndexInformers in place of Informers (#2271) 2018-03-29 09:35:01 -03:00
Manuel Alejandro de Brito Fontes
5738ddbdb5
Revert deleted assignment in #2146 (#2270) 2018-03-28 20:33:03 -03:00
Sylvain Rabot
385368990c Managing a whitelist for _/nginx_status (#2187) 
Signed-off-by: Sylvain Rabot <s.rabot@lectra.com>
 2018-03-28 09:27:34 -03:00
Zenara Daley
6e099c5f57 Add EWMA as configurable load balancing algorithm (#2229) 2018-03-23 12:06:21 -03:00
Manuel Alejandro de Brito Fontes
b0a63fe3ff
Fix grpc json tag name (#2246) 2018-03-23 09:12:26 -03:00
Oilbeater
1f93a1ccad fix: empty ingress path (#2244) 
If the origin ingress rule has no field `path`, the default value will be an empty string which will cause issues when rendering template as other place will use `/` as the default value.
Set the default value of path to `/` when retrieve ingress rules from api-server. Thie will fix https://github.com/kubernetes/ingress-nginx/issues/1980
 2018-03-23 08:08:42 -03:00
maxlaverse
39cb880f32 Revert "Get file max from fs/file-max. (#2050)" (#2241) 
This reverts commit d8efd39694.
 2018-03-22 13:03:04 -03:00
Oilbeater
0b0a274a9a fix: cannot set $service_name if use rewrite (#2220) 
$path here is the regular expression formatted nginx location not the origin path in ingress rules. Fix https://github.com/kubernetes/ingress-nginx/issues/2131
 2018-03-22 09:43:45 -03:00
halfcrazy
b45ee8d85f Add missing configuration in #2235 (#2236) 2018-03-22 08:53:29 -03:00
fqsghostcloud
4b9cb90f30 Correct typo (#2238) 
* correct spelling

* correct typo
 2018-03-22 08:14:06 -03:00
maxlaverse
8575769781 Make proxy_next_upstream_tries configurable (#2232) 
* Make proxy_next_upstream_tries configurable

* Code generation
 2018-03-22 08:12:36 -03:00
halfcrazy
4f5fa47d27 add proxy header ssl-client-issuer-dn, fix #2178 (#2235) 2018-03-22 01:38:47 -03:00
Manuel Alejandro de Brito Fontes
adf12fced1
Add support for gRPC (#2223) 
* Update nginx to 1.13.10 and enable gRPC

* Add support for grpc
 2018-03-22 00:38:47 -03:00
Elvin Efendi
2b5d4d7928 clean backends data before sending to Lua endpoint (#2233) 2018-03-21 23:47:39 -03:00
Elvin Efendi
634959fd79 do not hardcode keepalive for upstream_balancer (#2227) 2018-03-21 00:42:22 -03:00
Elvin Efendi
df50487a35 fix wrong config generation when upstream-hash-by is set (#2215) 2018-03-19 17:37:51 -03:00
Elvin Efendi
08252e2eef allow ipv6 localhost when enabled (#2210) 2018-03-19 13:32:55 -03:00
Manuel Alejandro de Brito Fontes
6b7491f432
Fix dynamic configuration when custom errors are enabled (#2212) 2018-03-19 12:55:17 -03:00
Oilbeater
28e6f54a69 Add bindata verify check and fix missing bindata changes (#2208) 
Add script to verify if bindata is up to date.
Add changes in https://github.com/kubernetes/ingress-nginx/pull/2205 to bindata and reformat bindata file to the format that go-bindata generated.
 2018-03-19 09:27:30 -03:00
chenpengdev
f4caa13b28 fix go test TestSkipEnqueue error, move queue.Run (#2209) 2018-03-19 08:46:54 -03:00
Alvaro Aleman
94deb3a01a Add configoption to exclude routes from tls upgrading (#2203) 
* Add configoption to exclude routes from tls upgrading

* Add tests for IsLocationInLocationList

* Seperate elements in NoTLSRedirectLocations by comma

* Set NoTLSRedirectLocations to "/.well-known/acme-challenge/" by default

* Remove trailing slash from "/.well-known/acme-challenge" default
 2018-03-18 17:44:59 -03:00
Oilbeater
5c02d700cb Allow config to disable geoip (#2202) 
For a offline or private cloud environment, geoip is not needed.
Implementing https://github.com/kubernetes/ingress-nginx/issues/2179
 2018-03-18 13:30:05 -03:00
Elvin Efendi
c90a4e811e Live Nginx (re)configuration without reloading (#2174) 2018-03-18 10:13:41 -03:00
Oilbeater
41cefeb178 Add worker-cpu-affinity nginx option (#2201) 
worker_cpu_affinity is a common optimization method for improving nginx performance, adding this as a custom configuration. Also fix some format issues found during editing.
 2018-03-16 13:32:45 -03:00
Oilbeater
ebcdfade8e fix wrong json tag (#2193) 
json tags are case sensitive when encode, change omitEmpty to omitempty
 2018-03-12 03:36:35 -07:00
Elvin Efendi
36cce00fdd configuring load balancing per ingress (#2167) 
* configure load balancing through a ingress annotation

* update docs
 2018-03-09 13:09:41 -08:00
Antoine Cotten
4a49d67adc Add checker test for bad pid (#2191) 2018-03-09 09:21:02 -08:00
Oilbeater
f6b8506b17 change nginx process pgid (#2181) 
put restarted nginx process in another process group, just like the normal nginx start did in https://github.com/kubernetes/ingress-nginx/blob/master/internal/ingress/controller/nginx.go#L289
 2018-03-08 06:58:54 -08:00
Antoine Cotten
5ba0f4ea18 Remove ProxyPassParams setting (#2185) 
This reverts commit c0fecd5bd7
 2018-03-07 16:40:22 -08:00
Elvin Efendi
38b35c292e use the correct error channel (#2164) 2018-03-03 09:23:06 -03:00
Qiu Jian
56036ddc57 Add publish-status-address flag (#2148) 
* Add publish-status-address flag

If this flag is set, status of ingress resources will be updated
with this address.

* Address aledbf's comment
 2018-02-27 00:02:19 -03:00
Manuel Alejandro de Brito Fontes
3c67976969
In case of TLS errors do not allow traffic (#2146) 2018-02-25 17:20:14 -03:00
Manuel Alejandro de Brito Fontes
216fe01a07
Add option in the configuration configmap to enable remote logging (syslog) (#2145) 2018-02-25 12:47:14 -03:00
Manuel Alejandro de Brito Fontes
0dee303ac2
Add annotation to disable logs in a location (#2144) 2018-02-25 11:38:54 -03:00