DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2503 commits 4 branches 217 tags 166 MiB
Commit graph

100 commits

Author SHA1 Message Date
oilbeater
1be1f658b4 disable lua for arch s390x and ppc64le 
LuaJIT is not available for s390x and ppc64le, disable the lua part in nginx.tmpl on these platform.
 2018-04-12 08:30:56 +08:00
Elvin Efendi
d6eb44376d run lua-resty-waf in different modes (#2317) 
* run lua-resty-waf in different modes

* update docs
 2018-04-09 09:19:13 -03:00
Elvin Efendi
a6fe800a47 lua-resty-waf controller (#2304) 2018-04-08 17:37:13 -03:00
Manuel Alejandro de Brito Fontes
1c65320618
Add verification of lua load balancer to health check (#2308) 2018-04-08 15:24:37 -03:00
Manuel Alejandro de Brito Fontes
2a02b7c35c
Fix race condition when Ingress does not contains a secret (#2300) 2018-04-06 17:44:41 -03:00
Sergey Lanzman
83974c32ac Update controller.go (#2285) 2018-04-02 20:16:06 -03:00
Alvaro Aleman
e7aa74b5d4 Add NoAuthLocations and default it to "/.well-known/acme-challenge" (#2243) 
* Add NoAuthLocations and default it to "/.well-known/acme-challenge"

* Add e2e tests for no-auth-location

* Improve wording of no-auth-location tests
 2018-04-01 21:02:34 -03:00
Elvin Efendi
ee46f486c7 e2e tests for dynamic configuration and Lua features and a bug fix (#2254) 
* e2e tests for dynamic configuration and Lua features

* do not rely on force reload to dynamically configure when reload is needed

* fix misspelling

* skip dynamic configuration in the first template rendering

* dont error on first sync
 2018-04-01 17:09:27 -03:00
Antoine Cotten
b09ecf790b Use SharedIndexInformers in place of Informers (#2271) 2018-03-29 09:35:01 -03:00
Manuel Alejandro de Brito Fontes
5738ddbdb5
Revert deleted assignment in #2146 (#2270) 2018-03-28 20:33:03 -03:00
Sylvain Rabot
385368990c Managing a whitelist for _/nginx_status (#2187) 
Signed-off-by: Sylvain Rabot <s.rabot@lectra.com>
 2018-03-28 09:27:34 -03:00
Manuel Alejandro de Brito Fontes
b0a63fe3ff
Fix grpc json tag name (#2246) 2018-03-23 09:12:26 -03:00
Oilbeater
1f93a1ccad fix: empty ingress path (#2244) 
If the origin ingress rule has no field `path`, the default value will be an empty string which will cause issues when rendering template as other place will use `/` as the default value.
Set the default value of path to `/` when retrieve ingress rules from api-server. Thie will fix https://github.com/kubernetes/ingress-nginx/issues/1980
 2018-03-23 08:08:42 -03:00
maxlaverse
39cb880f32 Revert "Get file max from fs/file-max. (#2050)" (#2241) 
This reverts commit d8efd39694.
 2018-03-22 13:03:04 -03:00
fqsghostcloud
4b9cb90f30 Correct typo (#2238) 
* correct spelling

* correct typo
 2018-03-22 08:14:06 -03:00
maxlaverse
8575769781 Make proxy_next_upstream_tries configurable (#2232) 
* Make proxy_next_upstream_tries configurable

* Code generation
 2018-03-22 08:12:36 -03:00
Manuel Alejandro de Brito Fontes
adf12fced1
Add support for gRPC (#2223) 
* Update nginx to 1.13.10 and enable gRPC

* Add support for grpc
 2018-03-22 00:38:47 -03:00
Elvin Efendi
2b5d4d7928 clean backends data before sending to Lua endpoint (#2233) 2018-03-21 23:47:39 -03:00
Elvin Efendi
df50487a35 fix wrong config generation when upstream-hash-by is set (#2215) 2018-03-19 17:37:51 -03:00
Alvaro Aleman
94deb3a01a Add configoption to exclude routes from tls upgrading (#2203) 
* Add configoption to exclude routes from tls upgrading

* Add tests for IsLocationInLocationList

* Seperate elements in NoTLSRedirectLocations by comma

* Set NoTLSRedirectLocations to "/.well-known/acme-challenge/" by default

* Remove trailing slash from "/.well-known/acme-challenge" default
 2018-03-18 17:44:59 -03:00
Oilbeater
5c02d700cb Allow config to disable geoip (#2202) 
For a offline or private cloud environment, geoip is not needed.
Implementing https://github.com/kubernetes/ingress-nginx/issues/2179
 2018-03-18 13:30:05 -03:00
Elvin Efendi
c90a4e811e Live Nginx (re)configuration without reloading (#2174) 2018-03-18 10:13:41 -03:00
Oilbeater
41cefeb178 Add worker-cpu-affinity nginx option (#2201) 
worker_cpu_affinity is a common optimization method for improving nginx performance, adding this as a custom configuration. Also fix some format issues found during editing.
 2018-03-16 13:32:45 -03:00
Elvin Efendi
36cce00fdd configuring load balancing per ingress (#2167) 
* configure load balancing through a ingress annotation

* update docs
 2018-03-09 13:09:41 -08:00
Antoine Cotten
4a49d67adc Add checker test for bad pid (#2191) 2018-03-09 09:21:02 -08:00
Oilbeater
f6b8506b17 change nginx process pgid (#2181) 
put restarted nginx process in another process group, just like the normal nginx start did in https://github.com/kubernetes/ingress-nginx/blob/master/internal/ingress/controller/nginx.go#L289
 2018-03-08 06:58:54 -08:00
Elvin Efendi
38b35c292e use the correct error channel (#2164) 2018-03-03 09:23:06 -03:00
Qiu Jian
56036ddc57 Add publish-status-address flag (#2148) 
* Add publish-status-address flag

If this flag is set, status of ingress resources will be updated
with this address.

* Address aledbf's comment
 2018-02-27 00:02:19 -03:00
Manuel Alejandro de Brito Fontes
3c67976969
In case of TLS errors do not allow traffic (#2146) 2018-02-25 17:20:14 -03:00
Manuel Alejandro de Brito Fontes
216fe01a07
Add option in the configuration configmap to enable remote logging (syslog) (#2145) 2018-02-25 12:47:14 -03:00
Manuel Alejandro de Brito Fontes
0dee303ac2
Add annotation to disable logs in a location (#2144) 2018-02-25 11:38:54 -03:00
Manuel Alejandro de Brito Fontes
a8ce680d43
Fix error loading modules (#2141) 2018-02-24 18:09:23 -03:00
Guang Ya Liu
f26c881e3f Updated log level to v2 for sysctlFSFileMax. (#2137) 
This is very importatnt log for trouble-shooting, we should update
it to v2 by default.
 2018-02-23 13:11:54 -03:00
Manuel Alejandro de Brito Fontes
0990c5b6ad
Migrate to codecov.io (#2120) 
* Migrate to codecov.io

* Fix data race

* Update nginx to 1.13.9
 2018-02-20 08:27:02 -08:00
Karl Stoney
d1b6f32981 Enabled the dynamic reload of GeoIP data (#2107) 
* Moved geoip data into its own folder so it can be volume mounted

* Added FS watches for the geoip data

* Fixed single quotes issue (interpolation)

* Fixed gofmt errors

* Updated to directory crawl
 2018-02-17 12:24:50 -08:00
Manuel Alejandro de Brito Fontes
9bcb5b08ea
Use a ring channel to avoid blocking write of events (#2082) 
* Use a ring channel to avoid blocking write of events

* Add eapache/channels dependency
 2018-02-13 17:46:18 -08:00
Manuel Alejandro de Brito Fontes
33475b7184
Fix opentracing configuration when multiple options are configured (#2075) 2018-02-12 16:08:49 -08:00
Manuel Alejandro de Brito Fontes
98213efee3
Fix spelling errors (#2076) 2018-02-12 14:33:26 -08:00
Manuel Alejandro de Brito Fontes
e596a084f8
Do not cancel the synchronization of secrets (#2069) 2018-02-11 21:37:02 -08:00
Guang Ya Liu
d8efd39694 Get file max from fs/file-max. (#2050) 2018-02-08 08:55:25 -08:00
Lihua Tang
1947f35121 Fix typos (#2046) 2018-02-07 19:15:50 -08:00
Guang Ya Liu
e34afc0fa4 The maximum number of open file descriptors should be maxOpenFiles. (#2031) 2018-02-02 21:05:01 -08:00
Luke Jolly
42076e8ed0 Added configmap option to disable IPv6 in nginx DNS resolver (#1992) 2018-02-02 11:53:28 -08:00
Anish Ramasekar
d7ef6b3fc7 Add support for enabling ssl_ciphers per host (#2006) 
* Add support for adding ssl_ciphers

* Add documentation
 2018-01-31 08:53:07 -08:00
Anish Ramasekar
2f700a9ad5 Add limit-request-status-code option (#2001) 
* Add support for limit_req_status

* Add documentation

* Fix comment
 2018-01-30 07:24:44 -06:00
Qiu Jian
951a704cec Add connection-proxy-header annotation (#1999) 
This is the override the default connection header
 2018-01-29 22:29:03 -06:00
Anish Ramasekar
b020686599 Add support to enable/disable proxy buffering (#1998) 
* Enable proxy buffering using configmap and annotation

* add documentation
 2018-01-29 08:43:55 -06:00
Fernando Diaz
d1ae7ff29c Enable Customization of Auth Request Redirect (#1993) 
Adds the 'nginx.ingress.kubernetes.io/auth-request-redirect'
annotation, which allows the customization of the
'X-Auth-Request-Redirect' Header. Fixes: #1979
 2018-01-27 21:32:08 -03:00
Manuel Alejandro de Brito Fontes
444a56c001
Fix chain completion and default certificate flag issues (#1978) 2018-01-25 10:46:20 -03:00
Manuel Alejandro de Brito Fontes
6bd97d195f
Only secrets in the local store can be updated (#1974) 2018-01-24 14:46:43 -03:00