DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6400 commits 4 branches 217 tags 166 MiB
Commit graph

1037 commits

Author SHA1 Message Date
agile6v
fc1c043437 Add http-access-log-path and stream-access-log-path options in configMap 2020-06-05 01:27:26 +08:00
Jeff Hui
6848be5b0b Add documentation for loading e2e tests without using minikube 
Use Kind to build the e2e test image and subsequently run the tests
 2020-06-03 16:36:19 -04:00
chamilad
ee84603d06 Add minor doc fixes to user guide and chart readme 2020-06-03 17:54:41 +12:00
Manuel Alejandro de Brito Fontes
2b17980e3c Remove copy of binaries and deprecated e2e task 2020-06-02 17:22:58 -04:00
Manuel Alejandro de Brito Fontes
8e2eebb197 Update timeout to align values 2020-06-02 12:13:44 -04:00
Kubernetes Prow Robot
d061375afa
Merge pull request #5571 from agile6v/dev 
feat: support the combination of Nginx variables for annotation upstream-hash-by.
 2020-06-01 15:10:14 -07:00
agile6v
c035a144f8 Support the combination of nginx variables and text value for annotation upstream-hash-by. 2020-06-01 06:37:41 +08:00
Kubernetes Prow Robot
157cc5066c
Merge pull request #5613 from koba1t/fix-oauth2-proxy-hosted-repo 
fix oauth2-proxy image repository
 2020-05-31 13:07:54 -07:00
Kubernetes Prow Robot
ee02d897d5
Merge pull request #5534 from agile6v/master 
Add annotation ssl-prefer-server-ciphers.
 2020-05-29 08:35:16 -07:00
koba1t
e51556f692
fix oauth2-proxy image repository 2020-05-29 01:35:32 +09:00
Manuel Alejandro de Brito Fontes
a53ef2b501 Add note about initial delay during first start 2020-05-20 18:55:34 -04:00
Edgars Beigarts
c0ca846bcd
Update configmap name in custom-headers/README.md 2020-05-18 11:02:52 +03:00
Edgars Beigarts
c52d55a2ed
Use ingress-nginx-* naming in docs to match the default deployment 2020-05-17 21:27:56 +03:00
agile6v
41d82005ec Add annotation ssl-prefer-server-ciphers. 2020-05-11 16:31:08 +08:00
Mark Janssen
4a36c804e6 Add 0-RTT warning 2020-05-08 12:40:11 +02:00
nirroz93
75dab4a8aa
wrong filename 
using different (and more logic) filename in the following lines
 2020-05-06 17:39:55 +03:00
Manuel Alejandro de Brito Fontes
446845114c Release 0.32.0 2020-05-01 11:16:10 -04:00
Manuel Alejandro de Brito Fontes
6c821d3093 Add note about firewall ports for admission webhook 2020-05-01 10:55:37 -04:00
Christian Hoffmeister
ef75a2d6fc Merge remote-tracking branch 'upstream/master' into fix/collect-metrics-if-metrics-per-host-false 2020-05-01 14:57:00 +02:00
Manuel Alejandro de Brito Fontes
e1e8621ffb Add install command for Digial Ocean 2020-04-29 18:59:06 -04:00
Joey Lee
8904d95738 Update helm v2 installation instructions 2020-04-29 20:38:26 +10:00
Kubernetes Prow Robot
7fbf4977e3
Merge pull request #5319 from MrAmbiG/patch-1 
Example names violate DNS naming stadards
 2020-04-28 10:52:07 -07:00
Kubernetes Prow Robot
0d2c6db75e
Merge pull request #5358 from praseodym/update-tls-configuration 
Update TLS configuration
 2020-04-28 07:46:08 -07:00
Manuel Alejandro de Brito Fontes
b68839118f Release 0.31.1 2020-04-27 10:43:23 -04:00
Manuel Alejandro de Brito Fontes
1fb6f37091 Update chart instructions 2020-04-26 20:52:54 -04:00
Manuel Alejandro de Brito Fontes
edea7c9ee6 Fix deployment links 2020-04-26 18:47:59 -04:00
Kubernetes Prow Robot
9aa0eb7114
Merge pull request #5404 from AlphaWong/patch-1 
update the helm v3 install way
 2020-04-26 14:59:29 -07:00
Manuel Alejandro de Brito Fontes
c7c06e0e6f Release 0.31.0 2020-04-26 16:45:37 -04:00
Manuel Alejandro de Brito Fontes
f9ae784541 Remove lua-resty-waf docs 2020-04-22 17:42:18 -04:00
Alpha
5cc0cf1c18
update the helm v3 install way 2020-04-20 11:29:37 +08:00
Manuel Alejandro de Brito Fontes
fd23ebc6d1 Cleanup deploy docs and remove old yaml manifests 2020-04-18 18:16:44 -04:00
Manuel Alejandro de Brito Fontes
ab3a789caa Update deployment documentation 2020-04-18 17:51:11 -04:00
Manuel Alejandro de Brito Fontes
90d07d7b69 Fix from-to-www link 2020-04-17 19:41:25 -04:00
Manuel Alejandro de Brito Fontes
d18fa90cfd Add e2e test for OCSP and new configmap setting 2020-04-17 12:53:47 -04:00
Manuel Alejandro de Brito Fontes
0257068b9b Fix plugin README.md link 2020-04-14 11:48:23 -04:00
Kubernetes Prow Robot
f745e35eb5
Merge pull request #5355 from ElvinEfendi/plugin-docs 
ingress-nginx lua plugins docs
 2020-04-14 08:04:13 -07:00
Elvin Efendi
b60e25f1db ingress-nginx lua plugins documentation 2020-04-14 09:47:58 -04:00
Kundan Kumar
40ea45aa8b Update doc 2020-04-14 15:21:03 +05:30
Mark Janssen
049b25e566 Update TLS configuration 
Enable TLSv1.3 by default and update list of ciphers. The new
configuration matches the 'Intermediate' configuration recommended by
the Mozilla SSL Configuration Generator:
https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=modern&openssl=1.1.1d&guideline=5.4
 2020-04-13 17:46:33 +02:00
Manuel Alejandro de Brito Fontes
c0db19b0ec Enable configuration of plugins using configmap 2020-04-13 11:38:42 -04:00
Manuel Alejandro de Brito Fontes
9c6873a55d Remove deprecated flags and update docs 2020-04-12 10:07:33 -04:00
Kubernetes Prow Robot
527a440e2e
Merge pull request #5349 from LucasBoisserie/validation_webhook_doc_helm 
Update doc for validating Webhook with helm
 2020-04-11 19:23:47 -07:00
LucasBoisserie
a97ff92c93 Update doc for validating Webhook with helm 2020-04-11 22:10:38 +02:00
Weihang Lo
12dddcca17
docs: fix use-gzip wrong markdown style 2020-04-11 14:28:04 +08:00
Gajendra D Ambi
f3050740ef
Example names violate DNS naming stadards 
Original names which gave errors:    myServiceA, myServiceB
Alatere suggestions:    
myServiceA --> myservicea, my_service_a, my-service-a
myServiceB --> myserviceb, my_service_b, my-service-b
 2020-04-02 23:17:20 +05:30
Ilya Mashchenko
9bb18c9a17
[docs]: fix Prerequisite section 
Clarify that mandatory command is not needed for deployment in minikube.
 2020-03-21 01:46:03 +03:00
Andreas Sommer
c6532dd3eb
Fix reference to DH param secret, recommend larger parameter size 2020-03-18 18:06:24 +01:00
Christian Hoffmeister
19770f5b41 Merge remote-tracking branch 'base/master' into fix/collect-metrics-if-metrics-per-host-false 2020-03-13 07:17:49 +01:00
Josh Soref
0ad41bf4e5
Further clarifications 
Co-Authored-By: cmluciano <cmluciano@cruznet.org>
 2020-03-10 16:52:23 -04:00
Josh Soref
28c8009850
Grammar and spelling fixes 2020-03-09 17:34:52 -04:00
Luis Valdés
e001b5a5b7
I found a typo :) 
Change *onyl* to * only*
 2020-02-27 23:05:37 -03:00
schaefec
141ea59b7f Allows overriding the server name used to verify the certificate of the proxied HTTPS server 2020-02-25 13:32:14 +01:00
Kubernetes Prow Robot
35264d6e8f
Merge pull request #5114 from whalecold/match 
Feat: add header-pattern annotation.
 2020-02-24 17:07:36 -08:00
Kubernetes Prow Robot
6cd223558f
Merge pull request #4981 from janosi/proxy-ssl-scope 
Applying proxy-ssl-* directives on locations only
 2020-02-24 15:53:36 -08:00
Manuel Alejandro de Brito Fontes
f1f90ef495
Release 0.30.0 (#5155) 2020-02-24 09:34:19 -03:00
Lisheng Zheng
0b33650bb8 Feat: canary supports using specific match strategy to match header value. 2020-02-21 10:02:20 +08:00
James Taylor
f97599c189
Use correct spelling of "Original" 
Fix the spelling of "original" in the annotations documentation
 2020-02-20 16:45:26 +11:00
Manuel Alejandro de Brito Fontes
f6c0faa6eb Update list of e2e tests 2020-02-19 21:24:08 -03:00
Jack Lindamood
a90452774a
ingress-path-matching: doc typo 
A small typo in the README describing the path matching.
 2020-02-18 10:19:53 -08:00
Manuel Alejandro de Brito Fontes
5c4155d9c7
Generate doc with list of e2e tests (#5093) 2020-02-16 21:39:12 -03:00
Kubernetes Prow Robot
6bd5cef01d
Merge pull request #5081 from FernFerret/patch-1 
Fixed incorrect documentation of cli flag --default-backend-service
 2020-02-15 04:49:27 -08:00
Manuel Alejandro de Brito Fontes
eedcdcdbf6
Release 0.29.0 (#5075) 2020-02-15 08:28:22 -03:00
Eric Stokes
4b317389e6
Fixed incorrect cli flag --default-backend 
The flag stated in the example readme is `--default-backend` but passing that (or looking at --help`) for the ingress controller shows:

unknown flag: --default-backend
...
      --default-backend-service string          Service used to serve HTTP requests not matching any known server name (catch-all).
                                                Takes the form "namespace/name". The controller configures NGINX to forward
                                                requests to the first port of this Service.

ref: https://github.com/kubernetes/ingress-nginx/blob/master/cmd/nginx/flags.go#L55
 2020-02-15 08:33:42 +00:00
Kubernetes Prow Robot
eb6e36fac7
Merge pull request #5071 from triodan/gzip-min-length 
Add gzip-min-length as a Configuration Option
 2020-02-14 10:22:17 -08:00
Benoit Perrot
dab11bdf4e oauth-external-auth: README.md: Link to oauth2-proxy, dashboard-ingress.yaml 2020-02-14 15:42:46 +01:00
Daniel Arifin
d48d5a61ae Add gzip-min-length as a configurable 2020-02-14 13:29:51 +07:00
Christopher M. Luciano
d13135329a
docs: reference buildx as a requirement for docker builds 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-02-13 14:19:39 -05:00
Manuel Alejandro de Brito Fontes
0365a7c172
Remove minikube and only use kind (#5059) 2020-02-12 20:19:57 -03:00
Manuel Alejandro de Brito Fontes
2c5819e1b3
Add flag to allow custom ingress status update intervals (#5050) 2020-02-10 16:52:50 -03:00
Kubernetes Prow Robot
5e54f66ab2
Merge pull request #5040 from BrianKopp/samesite-followup 
Update documentation and remove hack fixed by upstream cookie library
 2020-02-10 10:25:53 -08:00
Kubernetes Prow Robot
352003c7de
Merge pull request #5032 from shashankv02/fix_yaml 
Fix fortune-teller app manifest
 2020-02-09 16:53:52 -08:00
Manuel Alejandro de Brito Fontes
34b6d083b8
Cleanup docs (#5043) 2020-02-09 20:50:27 -03:00
Kubernetes Prow Robot
e5aaf15639
Merge pull request #5041 from armujahid/imgbot 
36.94% size reduction of image assets using lossless compression from ImgBot
 2020-02-08 12:49:53 -08:00
Abdul Rauf
54dac873fd [ImgBot] Optimize images 
*Total -- 1,383.42kb -> 872.43kb (36.94%)

/docs/images/jaeger-demo.png -- 141.39kb -> 70.07kb (50.44%)
/docs/images/zipkin-demo.png -- 119.85kb -> 60.54kb (49.48%)
/deploy/grafana/dashboards/screenshot.png -- 606.25kb -> 328.93kb (45.74%)
/docs/images/prometheus-dashboard.png -- 112.45kb -> 80.67kb (28.26%)
/docs/images/elb-l7-listener.png -- 36.84kb -> 28.26kb (23.29%)
/docs/images/baremetal/cloud_overview.jpg -- 47.11kb -> 37.87kb (19.61%)
/docs/images/baremetal/baremetal_overview.jpg -- 37.34kb -> 30.15kb (19.26%)
/docs/images/baremetal/hostnetwork.jpg -- 40.53kb -> 33.71kb (16.82%)
/docs/images/baremetal/metallb.jpg -- 49.01kb -> 40.85kb (16.65%)
/docs/images/grafana.png -- 83.87kb -> 69.98kb (16.56%)
/docs/images/baremetal/nodeport.jpg -- 47.23kb -> 39.53kb (16.3%)
/docs/images/baremetal/user_edge.jpg -- 61.56kb -> 51.85kb (15.77%)

Signed-off-by: ImgBotApp <ImgBotHelp@gmail.com>
 2020-02-09 01:01:35 +05:00
BrianKopp
34b194c770 Update documentation and remove hack fixed by upstream cookie library 2020-02-08 11:54:52 -07:00
Shashank Veerapaneni
c9f4ed9283 fix formatting 2020-02-07 13:28:26 +05:30
Shashank Veerapaneni
003d1efdfd add selecrtor labels 2020-02-07 13:27:35 +05:30
Abdul Rauf
dbb0970393
docs(deploy): fix helm install command for helm v3 (#5020) 
--name flag has been removed from helm and is now mandatory
 helm install [NAME] [CHART] [flags]
 2020-02-06 20:47:28 -03:00
Kubernetes Prow Robot
4befa8cc8a
Merge pull request #5015 from aledbf/mirror 
Refactor mirror feature
 2020-02-05 08:55:56 -08:00
Manuel Alejandro de Brito Fontes
b3146354d4 Refactor mirror feature 2020-02-05 10:39:55 -03:00
Laszlo Janosi
1cca9d9623 Update developer document on dependency updates 2020-02-05 14:14:52 +01:00
Benjamin P. Jung
d1f59ca2b4 Update python syntax in OAuth2 example 2020-02-02 13:23:01 +01:00
Kubernetes Prow Robot
beef9fae2d
Merge pull request #4949 from BrianKopp/same-site 
Add SameSite support - omit None for old browsers
 2020-01-31 03:50:21 -08:00
Herr-Sepp
3f4da0fa0f
added hint why regular expressions might not be accepted 
Kubernetes validates all regular expressions using RE2 which does not support the full syntax of PCRE which uses NGINX.

see: #4989
 2020-01-30 19:22:41 +01:00
Brian Kopp
1b523390bb Add SameSite=None support and conditionally omit SameSite=None for backwards compatibility 2020-01-29 14:30:00 -07:00
Laszlo Janosi
bc79fe1532 Add: documentation for proxy-ssl-location-only 2020-01-29 10:00:55 +01:00
Manuel Alejandro de Brito Fontes
19e9e9d7ed
Fix image version (#4977) 2020-01-28 08:56:12 -03:00
Manuel Alejandro de Brito Fontes
9fa3940089
Release 0.28.0 (#4970) 2020-01-28 07:56:33 -03:00
Manuel Alejandro de Brito Fontes
68dd1583e7
Fix ssl-dh-param example (#4946) 2020-01-17 16:17:39 -03:00
Manuel Alejandro de Brito Fontes
1257ded99e
Release 0.27.1 (#4929) 2020-01-15 15:03:37 -03:00
Andy Chen
d0f39109f9
Update README.md 2020-01-11 16:56:57 -08:00
Manuel Alejandro de Brito Fontes
77ddda7f61
Release 0.27.0 (#4906) 2020-01-11 18:04:18 -03:00
Manuel Alejandro de Brito Fontes
74944b99e9
Enable download of GeoLite2 databases (#4896) 2020-01-08 19:46:43 -03:00
Sungmin Lee
d7be5db7de Support sample rate and global sampling configuration for Datadog in ConfigMap 2020-01-07 16:59:59 -08:00
Dave Anderson
2fe3e92633
Correct MetalLB setup instructions. 
MetalLB IPs must not be shared with any other system. That includes DHCP servers and Kubernetes node IPs. IP conflicts result in hard to debug failures, and generally just doesn't work correctly.
 2020-01-04 16:21:55 -08:00
Manuel Alejandro de Brito Fontes
bcc7d98d8e Use yaml files from a particular tag, not from master 2020-01-04 15:56:25 -03:00
Manuel Alejandro de Brito Fontes
025d4eaceb Migrate to alpine linux 2020-01-04 13:23:16 -03:00
Denis Boulas
8bf155d0d7
Fixed documentation for FCGI annotation. 2019-12-19 03:48:55 +03:00
Manuel Alejandro de Brito Fontes
0dce5be743 Migrate ingress definitions from extensions to networking.k8s.io 2019-12-12 21:25:00 -03:00
Manuel Alejandro de Brito Fontes
d890303a3f
Fix markdown list (#4801) 2019-12-01 21:57:09 -03:00
Manuel Alejandro de Brito Fontes
e864fc7198
Update sysctl example (#4800) 2019-12-01 21:48:00 -03:00
Sablu Miah
010ec6f159
Remove extra annotation when Enabling ModSecurity 
Since version 0.25, if you try to use both annotations of:

nginx.ingress.kubernetes.io/modsecurity-snippet: |
Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf
Include /etc/nginx/modsecurity/modsecurity.conf

and 

nginx.ingress.kubernetes.io/enable-modsecurity: "true"

it breaks nginx config and you will not catch it unless you have nginx admission controller enabled. 

You do not need the annotation of `Include /etc/nginx/modsecurity/modsecurity.conf` from version 0.25
 2019-11-28 15:16:09 +00:00
Kubernetes Prow Robot
b286c2a336
Merge pull request #4732 from willthames/enable-opentracing-annotation 
Allow enabling/disabling opentracing for ingresses
 2019-11-26 17:31:21 -08:00
Will Thames
0ae463a5f3 Provide annotation to control opentracing 
By default you might want opentracing off, but on for a particular
ingress.

Similarly, you might want opentracing globally on, but disabled for
a specific endpoint. To achieve this, `opentracing_propagate_context`
cannot be set when combined with `opentracing off`

A new annotation, `enable-opentracing` allows more fine grained control
of opentracing for specific ingresses.
 2019-11-27 11:07:26 +10:00
Matt Busche
6b0a6ec8b3 Fix extra word 2019-11-20 19:01:56 -06:00
Kubernetes Prow Robot
e32f60fe38
Merge pull request #4749 from skomma/patch-1 
Update documentation for rate limiting
 2019-11-18 20:31:42 -08:00
Syunsuke Komma
73aaf0ff28
Update annotations.md 
Add links to proxy-buffering section
 2019-11-13 12:54:42 +09:00
Syunsuke Komma
0b38a48ac9
Update annotations.md 
Add notes of limit-rate/limit-rate-after
 2019-11-13 12:49:59 +09:00
argeas
efc64c85a4 fix ingress name in get example 2019-11-13 02:24:48 +00:00
argeas
f5cf7e5566 set correct apiVersion 2019-11-13 02:23:27 +00:00
Manuel Alejandro de Brito Fontes
d1eea794e9
Fix broken links in documentation (#4746) 2019-11-08 16:22:52 -03:00
Kubernetes Prow Robot
2771095b8c
Merge pull request #4727 from nothinux/master 
update docs, remove output in prometheus deploy command
 2019-11-08 09:02:14 -08:00
Kubernetes Prow Robot
0d244e1c41
Merge pull request #4730 from stamm/master 
add configuration for http2_max_concurrent_streams
 2019-11-08 07:12:29 -08:00
Kubernetes Prow Robot
a0dc3a9a51
Merge pull request #4695 from janosi/secure-verify-ca-secret 
Removing secure-verify-ca-secret support
 2019-11-08 07:12:21 -08:00
Rustam Zagirov
d9cfad1894 add configuration for http2_max_concurrent_streams 2019-10-31 15:13:38 +03:00
nothinux
d8c2d38a39 remove output in prometheus deploy command 2019-10-31 10:29:14 +07:00
Carlos Panato
40e0e5bef8
add proxy-max-temp-file-size doc 2019-10-23 09:55:46 +02:00
Kubernetes Prow Robot
bd4b62029d
Merge pull request #4694 from panpan0000/add-remote-addr-into-l4-logs 
Enhancement : add remote_addr in TCP access log
 2019-10-20 19:39:37 -07:00
Peter Pan
ee24bf1bbc Doc: Add remote_addr into default values in configmap for TCP logging format 2019-10-21 10:18:17 +08:00
Laszlo Janosi
31227d61c2 Removing secure-verify-ca-secret support and writing an error log if that annotation is used in an Ingress definition 2019-10-18 10:58:57 +02:00
Matthew Wickman
ad17d71387 Adding some documentation about the use of metrics-per-host and enable-metrics cmd line flags 2019-10-17 17:22:49 -06:00
Valentin Rul
66c3d70208
Fixed upgrading example command 2019-10-16 14:58:30 +03:00
mantuliu
8a8959cd47
Fix documentation describing inaccurate issues 2019-10-16 13:48:35 +08:00
张潇
cabab54eab Increase the kubernetes 1.14 version to the installation prompt 2019-10-15 07:31:46 +08:00
Guangming Wang
e7590ef727 remove duplicated line in docs 
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
 2019-10-01 10:08:45 +08:00
Kubernetes Prow Robot
fb025ab501
Merge pull request #4087 from MRoci/master 
Define Modsecurity Snippet via ConfigMap
 2019-09-30 15:19:32 -07:00
Manuel Alejandro de Brito Fontes
d5d2b4037c
Fix ports collision when hostNetwork=true (#4617) 2019-09-28 17:30:57 -03:00
MRoci
72c4ffa8b5
add modsecurity-snippet key 2019-09-28 09:54:07 +02:00
Manuel Alejandro de Brito Fontes
6715108d8a
Release 0.26.0 2019-09-27 10:23:12 -03:00
Kubernetes Prow Robot
50b6715f06
Merge pull request #4604 from aledbf/2353 
Change default for proxy-add-original-uri-header
 2019-09-25 07:28:00 -07:00
Manuel Alejandro de Brito Fontes
2bd8121338
Change default for proxy-add-original-uri-header 2019-09-25 10:57:31 -03:00
Kubernetes Prow Robot
ceddec4ea0
Merge pull request #4588 from multi-io/patch-1 
tls user guide --default-ssl-certificate clarification
 2019-09-25 06:14:00 -07:00
Manuel Alejandro de Brito Fontes
ea5add6f5c
Rollback change of ModSecurity setting SecAuditLog 2019-09-24 14:53:44 -03:00
A Gardner
786a3b6862 Add support for configmap of headers to be sent to external auth service 2019-09-24 10:53:23 -04:00
Kubernetes Prow Robot
f6c2f5fb97
Merge pull request #4514 from alexmaret/4475-stickyness-mode 
Added new affinity mode for maximum session stickyness.
 2019-09-24 05:09:27 -07:00
Olaf Klischat
1a5e2d57a6
tls user guide --default-ssl-certificate clarification 
Evidently the `--default-ssl-certificate` option is used not only for the catch-all server, but also for all ingress `tls:` sections that don't have a `secretName` option. This doesn't seem to be documented anywhere, hence this change.
 2019-09-23 12:35:10 +02:00
Manuel Alejandro de Brito Fontes
ba38153561
Update kubectl-plugin docs (#4582) 2019-09-22 16:39:19 -03:00
Manuel Alejandro de Brito Fontes
c1ed6db468
Fix spelling and remove local reference of 404 docker image (#4581) 2019-09-22 16:08:47 -03:00
Manuel Alejandro de Brito Fontes
4b4176c830
Fix log format after #4557 2019-09-18 12:52:09 -03:00
Kubernetes Prow Robot
87ad033483
Merge pull request #4569 from mkabischev/jaeger-header-configuration 
allow to configure jaeger header names
 2019-09-17 20:29:29 -07:00
Mike Kabischev
d5563a7e47 allow to configure jaeger header names 2019-09-17 12:35:53 +03:00
Kubernetes Prow Robot
846ff00363
Merge pull request #4560 from Shopify/basic-auth-map 
Support configuring basic auth credentials as a map of user/password hashes
 2019-09-16 07:52:39 -07:00
A Gardner
376b862c23 Add annotation to support map of user/pass pairs in basic auth 2019-09-13 11:33:33 -04:00
Manuel Alejandro de Brito Fontes
9af574a234
Remove the_real_ip variable 2019-09-12 20:01:33 -03:00
Kubernetes Prow Robot
74031cc8b8
Merge pull request #4528 from aledbf/clean-docker 
Cleanup of docker images
 2019-09-03 18:04:58 -07:00
Manuel Alejandro de Brito Fontes
dc20551288
Cleanup of docker images 2019-09-03 19:10:40 -04:00
Ricardo Katz
9c51676f17 Add support to CRL (#3164) 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Add support to CRL

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>
 2019-09-03 16:47:28 -04:00
Tobias Bradtke
d7dc7be276 Fix relative links (#4522) 2019-09-03 09:02:07 -04:00
Rui Lopes
2ba1a9e71a fix typo (#4520) 2019-09-02 17:29:37 -04:00
Alexander Maret-Huskinson
9170591185 Added new affinity mode for maximum session stickyness. Fixes kubernetes/ingress-nginx#4475 2019-08-30 11:40:29 +02:00
Manuel Alejandro de Brito Fontes
8def5ef7ca
Add support for multiple alias and remove duplication of SSL certificates (#4472) 2019-08-26 10:58:44 -04:00
Manuel Alejandro de Brito Fontes
7d6ce5701f
Fix log format markdown (#4489) 2019-08-24 22:48:17 -04:00
Tim Hobbs
2c604e7d38
Add rate limit units and error status 
Signed-off-by: Tim Hobbs <timothy.hobbs@ic-consult.com>
 2019-08-22 16:03:41 +02:00
Kubernetes Prow Robot
75d65bbd15
Merge pull request #4327 from leki75/proxyssl 
Add proxy_ssl_* directives
 2019-08-18 09:14:04 -07:00
Gabor Lekeny
65b9e2c574 Merge branch 'master' of https://github.com/kubernetes/ingress-nginx into proxyssl 2019-08-16 06:21:53 +02:00
Elvin Efendi
a8a68dd3f5 implementation proposal for zone aware routing 2019-08-15 23:31:47 -04:00
Elvin Efendi
d9de505341 KEP: availability zone aware routing 2019-08-15 19:46:36 -04:00
Kubernetes Prow Robot
0b375989f3
Merge pull request #4412 from Shopify/ssl-early-data 
Add nginx ssl_early_data option support
 2019-08-15 10:08:35 -07:00
Kubernetes Prow Robot
6948cd7d65
Merge pull request #4351 from aledbf/static-mode 
KEP: Remove static SSL configuration mode
 2019-08-14 21:26:33 -07:00
Elvin Efendi
b21c721196 lua-shared-dicts improvements, fixes and documentation 2019-08-14 22:10:56 -04:00
Kubernetes Prow Robot
0d690fba1a
Merge pull request #4356 from aledbf/only-dynamic-mode 
Only support SSL dynamic mode
 2019-08-14 17:08:35 -07:00
Kubernetes Prow Robot
adef152db8
Merge pull request #4379 from diazjf/mirror 
Allow Requests to be Mirrored to different backends
 2019-08-13 17:52:24 -07:00
Manuel Alejandro de Brito Fontes
80bd481abb
Only support SSL dynamic mode 2019-08-13 17:33:34 -04:00
Pierrick Charron
f459515d0d Add quote function in template 
Co-authored-by: Charle Demers <charle.demers@gmail.com>
 2019-08-09 15:47:29 -04:00
Kubernetes Prow Robot
8c472190d1
Merge pull request #4086 from jeroen92/issue-4038 
Resolve #4038, move X-Forwarded-Port variable to the location context
 2019-08-09 08:07:25 -07:00
Manuel Alejandro de Brito Fontes
4a9b02bc03
Remove dynamic TLS records 2019-08-08 15:52:56 -04:00
Maxime Ginters
7219130da4 Add nginx ssl_early_data option support 2019-08-07 16:04:09 -04:00
Jeroen Schutrup
39144bb987
Add documentation on how to build the Docker image for end-to-end testing 2019-08-06 17:00:56 +02:00
Manuel Alejandro de Brito Fontes
041a8457aa
Fix docs build due to an invalid link (#4389) 2019-08-01 19:57:09 -04:00
Fernando Diaz
386486e969 Allow Requests to be Mirrored to different backends 
Add a feature which allows traffic to be mirrored to
additional backends. This is useful for testing how
requests will behave on different "test" backends.

See https://nginx.org/en/docs/http/ngx_http_mirror_module.html
 2019-08-01 11:53:58 -05:00
Kubernetes Prow Robot
292aca7c7a
Merge pull request #4329 from steakunderscore/update-oauth2_proxy-docs 
Update references to oauth2_proxy
 2019-08-01 06:58:15 -07:00
otnielvh
3b34d56c92 Add support for psp 2019-08-01 09:45:58 +03:00
Kubernetes Prow Robot
c8a3710fb8
Merge pull request #4344 from Nuglif/fastcgi-backend-support 
Add FastCGI backend support (#2982)
 2019-07-31 11:20:14 -07:00
Charle Demers
72271e9313
FastCGI backend support (#2982) 
Co-authored-by: Pierrick Charron <pierrick@adoy.net>
 2019-07-31 10:39:21 -04:00
Manuel Alejandro de Brito Fontes
1abc11af90
Remove static SSL configuration mode 2019-07-25 09:19:06 -04:00
Kubernetes Prow Robot
e1f062dd53
Merge pull request #4348 from aledbf/kep 
KEP process
 2019-07-24 18:39:51 -07:00
Manuel Alejandro de Brito Fontes
cb33c4ed26
Start using KEPs for new features or breaking changes 2019-07-24 21:08:07 -04:00
Oguzhan Inan
cbc5d3a917
duplicate argument "--disable-catch-all" 2019-07-22 14:48:23 +03:00
Jude Zhu
5e64b6834c
Add [$proxy_alternative_upstream_name] 
https://github.com/kubernetes/ingress-nginx/pull/4246
 2019-07-19 07:36:13 +08:00
Henry Jenkins
b8cedabbff Update references to oauth2_proxy 
The custodian of the project has been shifted from [bitly] to [pusher].
So this diff updates these references.

[bitly]: https://github.com/bitly/oauth2_proxy
[pusher]: https://github.com/pusher/oauth2_proxy
 2019-07-18 07:59:22 +01:00
Gabor Lekeny
def13fc06c Add proxy_ssl_* directives 
Add support for backends which require client certificate (eg. NiFi)
authentication. The `proxy-ssl-secret` k8s annotation references a
secret which is used to authenticate to the backend server. All other
directives fine tune the backend communication.

The following annotations are supported:
* proxy-ssl-secret
* proxy-ssl-ciphers
* proxy-ssl-protocol
* proxy-ssl-verify
* proxy-ssl-verify-depth
 2019-07-18 03:21:52 +02:00
Kubernetes Prow Robot
589c9a20f9
Merge pull request #4278 from moolen/feat/auth-req-cache 
feat: auth-req caching
 2019-07-17 12:06:12 -07:00
Moritz Johner
23504db770 feat: auth-req caching 
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.

[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2019-07-17 18:39:04 +02:00
Kautilya Tripathi
d9c0ede20a
Update how-it-works.md 
Changed text to link
 2019-07-12 14:12:15 +05:30
E. Stuart Hicks
3b0c523e49 added proxy-http-version annotation to override the HTTP/1.1 default connection type to reverse proxy backends 2019-07-08 14:32:00 -04:00
Elvin Efendi
cd25a0c17a adjust docs 2019-07-01 10:24:09 -04:00
Roemer Hendrikx
ef3ebbeab5
Add notes on timeouts while using long GRPC streams 
GRPC streams longer than 60s hit multiple timeouts that NGINX has defined. Not all of them are easy to find, so I added some notes to the GRPC example to warn users of setting the correct timeouts if the wish their stream to not be aborted after 60 seconds.
 2019-06-25 10:29:39 +02:00
Tristan Matthews
ef4b560499
Update annotations.md 2019-06-20 20:19:11 -04:00
Manuel Alejandro de Brito Fontes
84102eec2b
Migrate to new networking.k8s.io/v1beta1 package 2019-06-13 11:32:39 -04:00
Jorrit Salverda
f77eaaee50 Add opentracing-operation-name and opentracing-location-operation-name config settings 
With these settings custom span names can be used for the server span and location span

Signed-off-by: Jorrit Salverda <jsalverda@travix.com>
 2019-06-07 14:19:34 +02:00
Kubernetes Prow Robot
e76418cd99
Merge pull request #4162 from stramel/patch-1 
Add "text/javascript" to compressible MIME types
 2019-06-06 11:35:34 -07:00
Michael Stramel
686f2310e4 Add "text/javascript" to compressible MIME types 
Based on the HTML Standard, https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguages, servers _should_ use `text/javascript`.
 2019-06-06 13:11:56 -05:00
Kubernetes Prow Robot
286ff13af2
Merge pull request #4048 from fedunineyu/change-upstream-on-error-with-sticky-session 
Change upstream on error when sticky session balancer is used
 2019-06-06 07:22:17 -07:00
Manuel Alejandro de Brito Fontes
78d6ce6e6e
Partially revert usage of kustomize for installation (#4159) 2019-06-05 10:59:38 -04:00
Nikolas Skoufis
4a913fac2a
Add clarification on how to enable path matching 
The fact that you need to explicitly add the annotation is easy to miss.
This makes this more explicit, while leaving the finer details to the
linked annotations document.
 2019-06-05 11:14:50 +10:00
Christian Hoffmeister
413450d7f6 Fix typo in docs 2019-06-01 11:07:24 +02:00
Christian Hoffmeister
3ee5161cca Always collect metrics when --metrics-per-host=false 2019-05-31 12:31:10 +02:00
Chuan Long
30d3505e7e
Update README.md for external-auth Test 4 
Title for Test 4 should be `secure service with valid auth header`. The current one is the same as Test 3.
 2019-05-29 13:23:20 -05:00
Eugene Fedunin
254629cf16 Added support for annotation session-cookie-change-on-failure 
1. Session cookie is updated on previous attempt failure when `session-cookie-change-on-failure = true` (default value is `false`).
2. Added tests to check both cases.
3. Updated docs.

Co-Authored-By: Vladimir Grishin <yadolov@users.noreply.github.com>
 2019-05-27 13:00:07 +03:00
Kubernetes Prow Robot
dfa7f10fc9
Merge pull request #4055 from nicknovitski/kustomize 
Rearrange deployment files into kustomizations
 2019-05-25 14:43:50 -07:00
MMeent
73c70e28b4
Clear up some inconsistent / unclear wording 
IPv6 enabled/disabled working was confusing or contradicting itself. This updates the wording to what is expected, based on the default values in the table above, and the behaviour that I could find in code.
 2019-05-21 15:27:58 +02:00
reynaldi.wijaya
616b1e239a UPT: Opentracing configmap documentation 2019-05-21 18:14:33 +08:00
reynaldi.wijaya
d468cd5ec5 UPT: Modify configmap to include jaeger sampler host and jaeger sampler port 2019-05-21 17:54:29 +08:00
Nick Novitski
51ad0bc54b Rearrange deployment files into kustomizations 2019-05-19 12:35:54 -07:00
Kubernetes Prow Robot
19501b217d
Merge pull request #4089 from alanjcastonguay/docs/use-gzip-configmap-defaults 
Docs: configmap: use-gzip
 2019-05-18 04:09:14 -07:00
Kubernetes Prow Robot
c12059bff5
Merge pull request #4098 from kevinsimper/patch-1 
Update configmap about adding custom locations
 2019-05-18 03:39:12 -07:00
Kevin Pullin
3ef6689bbd
Docs - Update capture group placeholder 
The current ingress example uses the `$2` capture group placeholder, however the description refers to the `$1` placeholder (this was previously correct, but was not updated when the ingress example changed from $1 to $2).
 2019-05-17 16:01:17 -07:00
Kevin Simper
ddc2ce5c70
Update configmap about adding custom locations 2019-05-17 21:39:40 +02:00
Alan J Castonguay
f5b090518d Docs: configmap: use-gzip 
Move the "gzip-types" value default from the "use-gzip" to the "gzip-types"
heading, and link to it from use-gzip.

Document that the "use-gzip" default is "true", matching the style of other
configmap items.
 2019-05-15 13:09:45 -04:00
Alan J Castonguay
5eda92b1c9
Explain references in custom-headers documentation 
Augment description of custom-headers behavior. Explain the purpose of the two configmaps, making explicit that one cites the other by `namespace/name`. Link the two example yaml files, so they're more easily navigated to from a browser looking at https://kubernetes.github.io/ingress-nginx/examples/customization/custom-headers/

Campfire: grammar, standard installation is in the `ingress-nginx` namespace.
 2019-05-13 17:50:59 -04:00
okryvoshapka-connyun
4811168d2a Fixed typos 2019-05-06 09:04:12 +02:00
okryvoshapka-connyun
8cc9afe8ee Added Global External Authentication settings to configmap parameters incl. addons 2019-05-03 12:08:16 +02:00
Kubernetes Prow Robot
b4f2880ee6
Merge pull request #3802 from tjamet/admission-controller 
Add a validating webhook for ingress sanity check
 2019-05-02 07:52:25 -07:00
Kubernetes Prow Robot
7ff6643372
Merge pull request #4037 from marcostvz/fix-doc-rewrite 
[doc] fixing regex in example of rewrite
 2019-05-02 07:02:23 -07:00
Marcos Estevez
69c1efc0e3
[doc] fixing regex in example of rewrite 
avoids /somethingfoo to be matched by regex

Signed-off-by: Marcos Estevez <marcos.stvz@gmail.com>
 2019-04-25 12:43:32 +02:00
James Humphries
2a31790887
Docs have incorrect command in baremetal.md 
The output shown is for `kubectl get node` and not `kubectl describe node`.

I've updated the docs to use the correct command.
 2019-04-25 11:10:16 +01:00
William Zhang
a94eea2c03 🔧 fix navigation error in file baremetal.md 
Signed-off-by: William Zhang <zhang.wanmin@zte.com.cn>
 2019-04-24 15:45:04 +08:00
Kubernetes Prow Robot
e68b68d20c
Merge pull request #3966 from GabrielNicolasAvellaneda/master 
Documentation example code fix
 2019-04-19 09:33:54 -07:00
Thibault Jamet
1cd17cd12c
Implement a validation webhook 
In case some ingress have a syntax error in the snippet configuration,
the freshly generated configuration will not be reloaded to prevent tearing down existing rules.
Although, once inserted, this configuration is preventing from any other valid configuration to be inserted as it remains in the ingresses of the cluster.
To solve this problem, implement an optional validation webhook that simulates the addition of the ingress to be added together with the rest of ingresses.
In case the generated configuration is not validated by nginx, deny the insertion of the ingress.

In case certificates are mounted using kubernetes secrets, when those
changes, keys are automatically updated in the container volume, and the
controller reloads it using the filewatcher.

Related changes:

- Update vendors
- Extract useful functions to check configuration with an additional ingress
- Update documentation for validating webhook
- Add validating webhook examples
- Add a metric for each syntax check success and errors
- Add more certificate generation examples
 2019-04-18 19:07:04 +02:00
Alex Kursell
ffeb1fe348 Support proxy_next_upstream_timeout 2019-04-15 11:08:57 -04:00
Kubernetes Prow Robot
c6204d8684
Merge pull request #3978 from aledbf/ca-cert-docs 
Fix CA certificate example docs
 2019-04-09 16:52:11 -07:00
Alex Kursell
5a2bb05e80 Add kubectl plugin docs 2019-04-08 18:12:00 -04:00
Manuel Alejandro de Brito Fontes
d589fb485a
Fix CA certificate example docs 2019-04-08 08:35:34 -04:00
Manuel Alejandro de Brito Fontes
4efe549502
Update yaml files to 0.24.0 [skip-ci] (#3975) 2019-04-07 20:25:17 -04:00
Gabriel Nicolas Avellaneda
d8764de423
Proper use of quotes for running the command 
$1 on a shell has a special meaning and inside of double quotes (") it will be expaned to an empty string. Using single quotes fixes the issue.
 2019-04-05 14:06:00 -03:00
Kubernetes Prow Robot
39ecab8d5a
Merge pull request #3954 from Shopify/lb-configmap 
Fix load-balance configmap value
 2019-04-02 05:10:34 -07:00
Alex Kursell
4f819b6256 Fix load-balance configmap value 2019-04-01 15:55:36 -04:00
Alan
fd1f200eb4
fix typo: delete '`' 
fix typo: delete '`'
 2019-03-29 13:42:03 +08:00
Kubernetes Prow Robot
f66902db1d
Merge pull request #3841 from shroudedcode/improve-sticky-session-docs 
Improve "Sticky session" docs
 2019-03-27 16:42:47 -07:00
Sean Fern
bf670a314f
Update apiVersion to apps/v1, drop duplicate line 2019-03-25 11:43:36 -04:00
Gregor Noczinski
1bef3e75b2 Set X-Request-ID for the default-backend, too. 2019-03-22 11:33:11 +01:00
Niklas Higi
ec7247058d
Improve "Sticky sessions" documentation page 2019-03-18 22:31:59 +01:00
Elvin Efendi
1d59e4f1fe enable dynamic SSL mode by default 2019-03-17 14:58:06 -04:00
Alex Kursell
1e96671e26 Remove sort-backends flag from cli docs 2019-03-12 14:48:05 -04:00
Alex Kursell
68038eec63 Make sure cli-arguments doc is in alphabetical order 2019-03-12 14:43:05 -04:00
Alex Kursell
d8fe2d992b Remove useless nodeip call and deprecate --force-namespace-isolation 2019-03-11 18:19:13 -04:00
Chris Carty
5fb1116282 update GKE header to match link in contents 2019-03-10 09:13:34 -04:00
Manuel Alejandro de Brito Fontes
1186d88f08
Fix name of field used to sort ingresses (#3871) 2019-03-07 21:24:46 -03:00
Alex Kursell
d3ac73be79 Remove session-cookie-hash annotation 2019-03-04 10:34:48 -05:00
Alex Kursell
d4b14b40ff Use incantation from release page 2019-02-27 12:57:55 -05:00
Alex Kursell
25a0d7a01c Fix plugin install location 2019-02-27 12:26:12 -05:00
Kubernetes Prow Robot
ec632817ad
Merge pull request #3780 from arturxx8/master 
Enable access log for default backend
 2019-02-26 05:51:39 -08:00
Mikhail Marchenko
8b3702c829 Enable access log for default backend 
disable log on default_server
 2019-02-26 11:14:31 +03:00
Alex Kursell
9e424a4a6a Add kubectl plugin 2019-02-25 15:54:00 -05:00
jasongwartz
3865e30a00 Changes CustomHTTPErrors annotation to use custom default backend 
Updates e2e test

Removes focus from e2e test

Fixes renamed function

Adds tests for new template funcs

Addresses gofmt

Updates e2e test, fixes custom-default-backend test by creating service

Updates docs
 2019-02-24 22:48:56 +01:00
Kubernetes Prow Robot
7b2495047f
Merge pull request #3781 from zoumo/proxy-buffer-number 
feat: configurable proxy buffers number
 2019-02-22 12:11:46 -08:00
Jim Zhang
dc63e5d185 fix: rename proxy-buffer-number to proxy-buffers-number 2019-02-22 10:21:17 +08:00
Elvin Efendi
3bb1a1e1ea use correct host for jaeger-collector-host in docs 2019-02-20 10:16:34 -05:00
Jim Zhang
81e4440bdb docs: add docs for proxy-buffer-number 2019-02-20 18:07:40 +08:00
Anthony Ho
ec04852526 Create custom annotation for satisfy "value" 2019-02-19 15:58:35 -05:00
Manuel Alejandro de Brito Fontes
d36de8a63d
Fix dashboard link [skip ci] (#3772) 2019-02-16 19:58:26 -03:00
Alan J Castonguay
a29c27ed4c Datadog Opentracing support - part 2 
This commit is part 2 of 2, adding configuration of the
Datadog Opentracing module to the controller.

Fixes half of #3752
 2019-02-15 15:20:10 -05:00
Carlos Diaz-Padron
2340738fb9
Add mention of secure-backends to backend-protocol docs 2019-02-11 15:40:36 -08:00
Kubernetes Prow Robot
9ba67992be
Merge pull request #3686 from Shopify/dbg-tool 
Add debug binary to the docker image
 2019-02-11 07:27:15 -08:00
Sebastiaan Tammer
ab48aab83b Added link for fieldRef information 2019-02-10 17:24:32 +01:00
Sebastiaan Tammer
fc5e99a151 Parse environment variables in OpenTracing configuration 2019-02-10 16:59:05 +01:00
Alex Kursell
9534f8bc43 Add debug tool to image 2019-02-08 11:25:04 -05:00
Kubernetes Prow Robot
17e788b8e1
Merge pull request #3684 from aledbf/health 
Replace Status port using a socket
 2019-02-06 13:49:08 -08:00
Manuel Alejandro de Brito Fontes
34b0580225
Replace Status port using a socket 2019-02-06 18:00:10 -03:00
Alex Kursell
18ebb68f41 Update a doc example that uses rewrite-target 2019-02-06 10:48:08 -05:00
minherz
de2a1ece6d add header-value annotation 
add new annotation (header-value)
parse it and propogate to lua script
alter balancer rule to include it into the canary routing logic
add e2e test to validate fallback for canary-by-header-value
add description of canary-by-header-value to documentation
 2019-01-30 23:23:44 +02:00
Kubernetes Prow Robot
bd248250be
Merge pull request #3702 from stamm/access_logs_params 
Add params for access log
 2019-01-28 07:30:00 -08:00
Tyler Horvath
6824c78c1b
make usage more clear about default-backend annotation 2019-01-26 11:47:19 -07:00
Rustam Zagirov
5dee6af957 add params for access log 2019-01-26 21:42:11 +03:00
Shreyans Sheth
05993e8a13
Correcting links for gRPC Fortune Teller app 
The link was erroneous, corrected the same.
 2019-01-23 17:02:16 +05:30
Kubernetes Prow Robot
1db9c91af4
Merge pull request #3363 from skeeey/master 
Document for cookie expires annotation
 2019-01-14 07:52:28 -08:00
Manuel Alejandro de Brito Fontes
b10b60f9ae
Revert max-worker-connections default value (#3660) 2019-01-13 10:53:18 -03:00
liuwei
7aa5834948 add cookie expires document and fix a flaw for session-cookie-expires 2019-01-11 15:35:39 +08:00
Manuel Alejandro de Brito Fontes
0e783b3b82
Add note about SSL Certificate common names 2019-01-10 20:59:50 -03:00
Shai Katz
edd87fbae3 add limit connection status code 
add default conn status code

add missing colon

add limit connection status code
 2019-01-09 19:31:10 +02:00
Kubernetes Prow Robot
8f57f9578d
Merge pull request #3586 from Shopify/disable-catch-all 
Add --disable-catch-all option to disable catch-all server
 2019-01-07 07:16:26 -08:00
Kubernetes Prow Robot
2c3ce07135
Merge pull request #3396 from flugel-it/master 
New balancer implementation: consistent hash subset
 2019-01-04 10:31:03 -08:00
chainhelen
ccacef6a8a Typo: docs/examples/rewrite/README.md 2019-01-04 21:48:46 +08:00
Davide Icardi
25776353bb Add basic usage documentation 2019-01-03 19:58:27 +01:00
Diego Woitasen
60b983503b Consistent hashing to a subset of nodes. It works like consistent hash, 
but instead of mapping to a single node, we map to a subset of nodes.
 2019-01-03 01:32:52 -03:00
Kubernetes Prow Robot
71cc6df74f
Merge pull request #3174 from Shopify/rewrite-regex 
Generalize Rewrite Block Creation and Deprecate AddBaseUrl (not backwards compatible)
 2019-01-02 12:30:18 -08:00
ramnes
bf7b5ebd81 Add an option to automatically set worker_connections based on worker_rlimit_nofile 2018-12-27 18:36:19 +01:00
Anish Ramasekar
382049a0bf Adds support for HTTP2 Push Preload annotation 
update test for backendprotocols

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Adds support for HTTP2 Push Preload annotation
 2018-12-24 17:13:25 -02:00
Maxime Ginters
1678d99a03 Add --disable-catch-all option to disable catch-all server 2018-12-21 13:22:26 -05:00
Kubernetes Prow Robot
22efaab1f7
Merge pull request #3575 from Shopify/document-ingress-wildcard 
Add documentation for spec.rules.host format
 2018-12-20 05:37:53 -08:00
Zenara Daley
e4459940fa add documentation 2018-12-18 12:53:54 -05:00
Fernando Diaz
85ab6bf26d Update Certificate Generation Docs to not use MD5 
Updates the TLS and CA certificate sections to use algorithms
better than md5. Using md5 as a digest causes nginx to fail
to load because it is not accepted by open ssl.

Closes #3571
 2018-12-18 11:17:06 -06:00
Zenara Daley
67654a6fd5 Generalize Rewrite Block Creation 2018-12-13 13:02:05 -05:00
Kubernetes Prow Robot
184eef84d5
Merge pull request #3482 from gorshunovr/patch-1 
Annotations doc links: minor fixes and unification
 2018-12-03 14:07:50 -08:00
Jeffrey Sica
513497e534 update version to latest dashboard version (v1.10.0) 2018-11-29 20:01:15 -05:00
Roman Gorshunov
f910d96ad1
Annotations doc links: minor fixes and unification 2018-11-28 16:16:15 +01:00
Elvin Efendi
13e7e6a7e1 clarify canary ingress 2018-11-28 11:28:37 +04:00
k8s-ci-robot
710ea8c76f
Merge pull request #3333 from Shopify/dont-trust-by-default 
breaking change: by default do not trust any client
 2018-11-27 05:12:48 -08:00
Manuel Alejandro de Brito Fontes
6eac5785ac
Rever TCP/UDP documentation removal and links (#3456) 2018-11-21 23:24:34 -03:00
Zenara Daley
2b109b360b Only set cookies on paths that enable session affinity 2018-11-19 11:42:12 -05:00
k8s-ci-robot
82721e575d
Merge pull request #3372 from Shopify/session-cookie-path 
Add annotation for session affinity path
 2018-11-19 07:25:32 -08:00
Zenara Daley
50b29feb4a Add annotation for session affinity path 2018-11-19 09:15:24 -05:00
Fernando Diaz
95b3042b6e Add a Snippet for ModSecurity 
Allows for the configuration of Mod Security rules via
a Snippet.
 2018-11-14 23:31:27 -06:00
Elvin Efendi
5f3b48e16d breaking change: do not trust x-forwarded-* headers by default 2018-11-13 10:35:59 +04:00
mooncake
2d64e15f95 Fix some documents issues 
Signed-off-by: mooncake <xcoder@tenxcloud.com>
 2018-11-10 19:33:51 +08:00
Manuel Alejandro de Brito Fontes
5cc139999a
Fix link in documentation [skip ci] (#3392) 2018-11-09 15:57:20 -03:00
crystaljade
50e30b47ff
Update annotations.md 2018-11-09 20:19:22 +08:00
Fernando Diaz
5195600841 Allows ModSecurity to be configured per location 
The following annotations will be added:

- enable-modsecurity
- enable-owasp-core-rules
- modsecurity-transaction-id

Fixes #3167
 2018-11-06 22:24:31 -06:00
k8s-ci-robot
17cad51e47
Merge pull request #3341 from Shopify/canary_upstream 
Add canary annotation and alternative backends for traffic shaping
 2018-11-06 12:22:16 -08:00
Conor Landry
412cd70d3a implement canary annotation and alternative backends 
Adds the ability to create alternative backends. Alternative backends enable
traffic shaping by sharing a single location but routing to different
backends depending on the TrafficShapingPolicy defined by AlternativeBackends.

When the list of upstreams and servers are retrieved, we then call
mergeAlternativeBackends which iterates through the paths of every ingress
and checks if the backend supporting the path is a AlternativeBackend. If
so, we then iterate through the map of servers and find the real backend
that the AlternativeBackend should fall under. Once found, the
AlternativeBackend is embedded in the list of VirtualBackends for the real
backend.

If no matching real backend for a AlternativeBackend is found, then the
AlternativeBackend is deleted as it cannot be backed by any server.
 2018-11-06 13:13:14 -05:00
k8s-ci-robot
265f96bf14
Merge pull request #3344 from ecosia/jg-customerrors-per-ingress 
Adds CustomHTTPErrors ingress annotation and test
 2018-11-06 09:21:49 -08:00
jasongwartz
0ebf0354cb Adds CustomHTTPErrors ingress annotation and test 
Adds per-server/location error-catch functionality to nginx template

Adds documentation

Reduces template duplication with helper function for CUSTOM_ERRORS data

Updates documentation

Adds e2e test for customerrors

Removes AllCustomHTTPErrors, replaces with template function with deduplication and adds e2e test of deduplication

Fixes copy-paste error in test, adds additional test cases

Reverts noop change in controller.go (unused now)
 2018-11-06 16:47:52 +01:00
Adnan Baruni
b511333130 add support for auth-snippet annotation 
add test for new auth-snippet annotation

document auth-snippet annotation

add e2e test for auth-snippet annotation

add log warning and update documentation
 2018-11-05 16:02:29 -06:00
Manuel Alejandro de Brito Fontes
38f5df26cb
Fix links format [skip-ci] (#3364) 2018-11-05 06:50:49 -03:00
crystaljade
8f93b9847d
Update cli-arguments.md 2018-11-02 13:48:00 +08:00
crystaljade
b80540c3af
Update cli-arguments.md 2018-11-02 13:17:52 +08:00
Angga Lanuma
c4834e5063 fix baremetal.md link 2018-10-31 00:13:21 +07:00
Maximilian Bode
c27c57dc8b Add configuration for geoip2 module 
Based on closed PRs #2551, #2755
 2018-10-29 21:25:23 +01:00
Sebastiaan van Steenis
4c25bfe75a Fix links in deploy index docs 2018-10-29 14:07:54 +01:00
xichengliudui
ed107a489a Delete some extra words 2018-10-29 02:48:56 -04:00
samuela
decdf72f26 "diretly" typo (#3263) 
* "diretly" typo
 2018-10-27 08:17:45 -03:00
k8s-ci-robot
063f652711
Merge pull request #3187 from DesmondHoLLM/feature/annotations-resty-lua 
UPT: annotation enhancement for resty-lua-waf
 2018-10-25 00:06:03 -07:00
Desmond Ho
bf03046a80 UPT: updated e2e test and default true for process-multipart-body annotation 2018-10-25 14:17:38 +08:00
Fernando Diaz
d6dcc3a681 Add Better Documentation for using AuthTLS (#3275) 
Enhances the documentation for enabling and using Mutual Authentication.
 2018-10-22 16:15:28 -03:00
Desmond Ho
bab521e81a UPT: align waf options 2018-10-20 12:46:39 +08:00
Desmond Ho
04a89ce234 UPT: annotation enhancement for resty-lua-waf 2018-10-20 12:09:38 +08:00
Hui Chen
32b95be1bb the sample ingress spec error 2018-10-19 18:15:13 +08:00
Ricardo Katz
091c914bab Add missing annotations to Docs (#3264) 
Add missing annotations to Docs
 2018-10-18 12:38:37 -03:00
Hui Chen
b276800d2c remote the command args of enable-dynamic-configuration 2018-10-16 10:52:19 +08:00
Ray Foss
4c3001bdc1
not a script 2018-10-15 16:03:56 -05:00
Ray Foss
dfacb6cb8e
Clarify mandatory script doc 
The warnings should probably be above the script, not below, especially in the ever popular GKE, where they are prerequisites. Generic Deployment sounds like it's a deployment that should work on all vanilla Kubernetes installations. It sounds like an OR logic operator, when it should be an AND.
 2018-10-15 15:41:47 -05:00
Ricardo Katz
f444c4ee7f
Add a note to the deployment into GKE 2018-10-14 15:50:20 -03:00
k8s-ci-robot
0baf62dd6a
Merge pull request #3222 from diazjf/add-timeouts-and-such 
Allow Ability to Configure Upstream Keepalive
 2018-10-12 06:15:09 -07:00
Fernando Diaz
12955a4a1b Allow Ability to Configure Upstream Keepalive 
Allows Upstream Keepalive values like keepalive_timeout and
keepalive_requests to be configured via ConfigMap.

Fixes #3099
 2018-10-11 20:46:42 -05:00
Manuel Alejandro de Brito Fontes
469797e242
Fix documentation links [skip ci] (#3229) 2018-10-11 22:09:01 -03:00
k8s-ci-robot
3c1a5c5fc2
Merge pull request #3166 from gabel/patch-1 
Added ingress tls values.yaml example to documentation
 2018-10-10 10:19:12 -07:00
k8s-ci-robot
12b4a1b0f4
Merge pull request #3212 from SgtCoDFish/master 
Add some extra detail to the client cert auth example regarding potential gotcha
 2018-10-10 06:57:45 -07:00
Hui Chen
f8052385f9 aline opentracing user-guide with nginx configmap configuration 2018-10-10 11:25:53 +08:00
Ashley Davis
72de2600d7 Add some extra detail to the client cert auth example 
Multiple people within my work organisation were caught out by the fact
that the trusted client cert issuers must be given in a file named
`ca.crt` and that other filenames will fail to work.

This change makes it more clear to those who stumble across the
documentation that this is a potential gotcha.
 2018-10-09 22:51:00 +01:00
Elvin Efendi
78f12c25c5 delete upstream healthcheck annotation 2018-10-09 09:14:13 -04:00
k8s-ci-robot
9cf4f9e7ae
Merge pull request #3209 from ms4720/master 
Fix: update config map name
 2018-10-09 03:59:28 -07:00
Marc Spitzer
2387c38624 Fix: update config map name 2018-10-09 11:15:09 +08:00
Manuel Alejandro de Brito Fontes
859b298d42 Remove annotations grpc-backend and secure-backend already deprecated 2018-10-08 12:26:06 -03:00
mooncake
df79cd8e58 remove duplication 2018-10-07 23:05:23 +08:00
k8s-ci-robot
b46523a1f4
Merge pull request #3149 from diazjf/proxy-e2e-tests 
Add e2e Tests for Proxy Annotations
 2018-10-05 05:15:09 -07:00
Zenara Daley
bd3f56eaa0 allow curly braces to be used in regex paths 2018-10-04 10:58:38 -04:00
Yann
6d9977b622 Fix yaml indentation in server-snippet doc 
Copy / Pasting the code made errors when injecting config in
kubernetes cluster. With this change, annotations now works
in ingresses metadata.
 2018-10-03 19:31:14 +02:00
Martin F
64c68b61e9
Added ingress tls values.yaml example to documentation 
In the live documentation (mkdocs) the file is hidden. A link only would still hide the content, so adding the content to the docs itself.
 2018-10-02 08:22:12 +02:00
Fernando Diaz
c981a65058 Add e2e Tests for Proxy Annotations 
Adds e2e tests for the following annotations:

- proxy-body-size
- proxy-connect-timeout
- proxy-send-timeout
- proxy-read-timeout
- proxy-buffering
- proxy-buffer-size
- proxy-request-buffering
- proxy-next-upstream
- proxy-next-upstream-tries
- proxy-cookie-domain
- proxy-cookie-path

and also updates some documentation.
 2018-10-01 16:10:09 -05:00
k8s-ci-robot
d9f58144eb
Merge pull request #3145 from Shopify/regex-modifier 
Add "use-regex" Annotation to Toggle Regular Expression Location Modifier
 2018-10-01 11:31:43 -07:00
Zenara Daley
f29bdc3e8d Add 'use regex' annotation to toggle nginx regex location modifier 2018-10-01 13:54:11 -04:00
Marc Spitzer
751d76c7eb
update name of config map 2018-09-30 10:51:42 +08:00
Elvin Efendi
14815c546c update docs 2018-09-25 21:49:37 -04:00
Max Braitmaiere
d1b678c1d4
multi-tls readme to reference the file 
Makes the doc on https://kubernetes.github.io/ingress-nginx/examples/multi-tls/ clearer by pointing to the example file, not directory context there as in Github
 2018-09-25 20:41:19 +03:00
k8s-ci-robot
6393ca6aaf
Merge pull request #2997 from StarOfService/global-block-ip-ua-ref 
Provide possibility to block IPs, User-Agents and Referers globally
 2018-09-25 05:51:56 -07:00
Pavel Sinkevych
7212d0081b Provide possibility to block CIDRs, User-Agents and Referers globally 2018-09-25 14:16:20 +03:00
Rui Cao
0853a9f4f5 Typo fix: adresses -> addresses 
Signed-off-by: Rui Cao <ruicao@alauda.io>
 2018-09-24 22:51:16 +08:00
eutopian
797affbe48 Fixed link to aws elb 2018-09-20 15:39:08 -04:00
Hui Chen
be87141fe7 doc issue related to monitor part 2018-09-20 17:34:07 +08:00
Hui Chen
aff2400ea4 update annotation name from rewrite-log to enable-rewrite-log 2018-09-17 11:54:25 +08:00