DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6392 commits 4 branches 217 tags 166 MiB
Commit graph

502 commits

Author SHA1 Message Date
A Gardner
786a3b6862 Add support for configmap of headers to be sent to external auth service 2019-09-24 10:53:23 -04:00
Kubernetes Prow Robot
f6c2f5fb97
Merge pull request #4514 from alexmaret/4475-stickyness-mode 
Added new affinity mode for maximum session stickyness.
 2019-09-24 05:09:27 -07:00
Olaf Klischat
1a5e2d57a6
tls user guide --default-ssl-certificate clarification 
Evidently the `--default-ssl-certificate` option is used not only for the catch-all server, but also for all ingress `tls:` sections that don't have a `secretName` option. This doesn't seem to be documented anywhere, hence this change.
 2019-09-23 12:35:10 +02:00
Manuel Alejandro de Brito Fontes
c1ed6db468
Fix spelling and remove local reference of 404 docker image (#4581) 2019-09-22 16:08:47 -03:00
Manuel Alejandro de Brito Fontes
4b4176c830
Fix log format after #4557 2019-09-18 12:52:09 -03:00
Kubernetes Prow Robot
87ad033483
Merge pull request #4569 from mkabischev/jaeger-header-configuration 
allow to configure jaeger header names
 2019-09-17 20:29:29 -07:00
Mike Kabischev
d5563a7e47 allow to configure jaeger header names 2019-09-17 12:35:53 +03:00
Kubernetes Prow Robot
846ff00363
Merge pull request #4560 from Shopify/basic-auth-map 
Support configuring basic auth credentials as a map of user/password hashes
 2019-09-16 07:52:39 -07:00
A Gardner
376b862c23 Add annotation to support map of user/pass pairs in basic auth 2019-09-13 11:33:33 -04:00
Manuel Alejandro de Brito Fontes
9af574a234
Remove the_real_ip variable 2019-09-12 20:01:33 -03:00
Tobias Bradtke
d7dc7be276 Fix relative links (#4522) 2019-09-03 09:02:07 -04:00
Rui Lopes
2ba1a9e71a fix typo (#4520) 2019-09-02 17:29:37 -04:00
Alexander Maret-Huskinson
9170591185 Added new affinity mode for maximum session stickyness. Fixes kubernetes/ingress-nginx#4475 2019-08-30 11:40:29 +02:00
Manuel Alejandro de Brito Fontes
8def5ef7ca
Add support for multiple alias and remove duplication of SSL certificates (#4472) 2019-08-26 10:58:44 -04:00
Manuel Alejandro de Brito Fontes
7d6ce5701f
Fix log format markdown (#4489) 2019-08-24 22:48:17 -04:00
Tim Hobbs
2c604e7d38
Add rate limit units and error status 
Signed-off-by: Tim Hobbs <timothy.hobbs@ic-consult.com>
 2019-08-22 16:03:41 +02:00
Gabor Lekeny
65b9e2c574 Merge branch 'master' of https://github.com/kubernetes/ingress-nginx into proxyssl 2019-08-16 06:21:53 +02:00
Kubernetes Prow Robot
0b375989f3
Merge pull request #4412 from Shopify/ssl-early-data 
Add nginx ssl_early_data option support
 2019-08-15 10:08:35 -07:00
Elvin Efendi
b21c721196 lua-shared-dicts improvements, fixes and documentation 2019-08-14 22:10:56 -04:00
Kubernetes Prow Robot
adef152db8
Merge pull request #4379 from diazjf/mirror 
Allow Requests to be Mirrored to different backends
 2019-08-13 17:52:24 -07:00
Pierrick Charron
f459515d0d Add quote function in template 
Co-authored-by: Charle Demers <charle.demers@gmail.com>
 2019-08-09 15:47:29 -04:00
Manuel Alejandro de Brito Fontes
4a9b02bc03
Remove dynamic TLS records 2019-08-08 15:52:56 -04:00
Maxime Ginters
7219130da4 Add nginx ssl_early_data option support 2019-08-07 16:04:09 -04:00
Fernando Diaz
386486e969 Allow Requests to be Mirrored to different backends 
Add a feature which allows traffic to be mirrored to
additional backends. This is useful for testing how
requests will behave on different "test" backends.

See https://nginx.org/en/docs/http/ngx_http_mirror_module.html
 2019-08-01 11:53:58 -05:00
Charle Demers
72271e9313
FastCGI backend support (#2982) 
Co-authored-by: Pierrick Charron <pierrick@adoy.net>
 2019-07-31 10:39:21 -04:00
Oguzhan Inan
cbc5d3a917
duplicate argument "--disable-catch-all" 2019-07-22 14:48:23 +03:00
Jude Zhu
5e64b6834c
Add [$proxy_alternative_upstream_name] 
https://github.com/kubernetes/ingress-nginx/pull/4246
 2019-07-19 07:36:13 +08:00
Gabor Lekeny
def13fc06c Add proxy_ssl_* directives 
Add support for backends which require client certificate (eg. NiFi)
authentication. The `proxy-ssl-secret` k8s annotation references a
secret which is used to authenticate to the backend server. All other
directives fine tune the backend communication.

The following annotations are supported:
* proxy-ssl-secret
* proxy-ssl-ciphers
* proxy-ssl-protocol
* proxy-ssl-verify
* proxy-ssl-verify-depth
 2019-07-18 03:21:52 +02:00
Kubernetes Prow Robot
589c9a20f9
Merge pull request #4278 from moolen/feat/auth-req-cache 
feat: auth-req caching
 2019-07-17 12:06:12 -07:00
Moritz Johner
23504db770 feat: auth-req caching 
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.

[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2019-07-17 18:39:04 +02:00
E. Stuart Hicks
3b0c523e49 added proxy-http-version annotation to override the HTTP/1.1 default connection type to reverse proxy backends 2019-07-08 14:32:00 -04:00
Elvin Efendi
cd25a0c17a adjust docs 2019-07-01 10:24:09 -04:00
Tristan Matthews
ef4b560499
Update annotations.md 2019-06-20 20:19:11 -04:00
Jorrit Salverda
f77eaaee50 Add opentracing-operation-name and opentracing-location-operation-name config settings 
With these settings custom span names can be used for the server span and location span

Signed-off-by: Jorrit Salverda <jsalverda@travix.com>
 2019-06-07 14:19:34 +02:00
Kubernetes Prow Robot
e76418cd99
Merge pull request #4162 from stramel/patch-1 
Add "text/javascript" to compressible MIME types
 2019-06-06 11:35:34 -07:00
Michael Stramel
686f2310e4 Add "text/javascript" to compressible MIME types 
Based on the HTML Standard, https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguages, servers _should_ use `text/javascript`.
 2019-06-06 13:11:56 -05:00
Kubernetes Prow Robot
286ff13af2
Merge pull request #4048 from fedunineyu/change-upstream-on-error-with-sticky-session 
Change upstream on error when sticky session balancer is used
 2019-06-06 07:22:17 -07:00
Nikolas Skoufis
4a913fac2a
Add clarification on how to enable path matching 
The fact that you need to explicitly add the annotation is easy to miss.
This makes this more explicit, while leaving the finer details to the
linked annotations document.
 2019-06-05 11:14:50 +10:00
Christian Hoffmeister
413450d7f6 Fix typo in docs 2019-06-01 11:07:24 +02:00
Christian Hoffmeister
3ee5161cca Always collect metrics when --metrics-per-host=false 2019-05-31 12:31:10 +02:00
Eugene Fedunin
254629cf16 Added support for annotation session-cookie-change-on-failure 
1. Session cookie is updated on previous attempt failure when `session-cookie-change-on-failure = true` (default value is `false`).
2. Added tests to check both cases.
3. Updated docs.

Co-Authored-By: Vladimir Grishin <yadolov@users.noreply.github.com>
 2019-05-27 13:00:07 +03:00
Kubernetes Prow Robot
dfa7f10fc9
Merge pull request #4055 from nicknovitski/kustomize 
Rearrange deployment files into kustomizations
 2019-05-25 14:43:50 -07:00
MMeent
73c70e28b4
Clear up some inconsistent / unclear wording 
IPv6 enabled/disabled working was confusing or contradicting itself. This updates the wording to what is expected, based on the default values in the table above, and the behaviour that I could find in code.
 2019-05-21 15:27:58 +02:00
reynaldi.wijaya
616b1e239a UPT: Opentracing configmap documentation 2019-05-21 18:14:33 +08:00
reynaldi.wijaya
d468cd5ec5 UPT: Modify configmap to include jaeger sampler host and jaeger sampler port 2019-05-21 17:54:29 +08:00
Nick Novitski
51ad0bc54b Rearrange deployment files into kustomizations 2019-05-19 12:35:54 -07:00
Kubernetes Prow Robot
19501b217d
Merge pull request #4089 from alanjcastonguay/docs/use-gzip-configmap-defaults 
Docs: configmap: use-gzip
 2019-05-18 04:09:14 -07:00
Kevin Simper
ddc2ce5c70
Update configmap about adding custom locations 2019-05-17 21:39:40 +02:00
Alan J Castonguay
f5b090518d Docs: configmap: use-gzip 
Move the "gzip-types" value default from the "use-gzip" to the "gzip-types"
heading, and link to it from use-gzip.

Document that the "use-gzip" default is "true", matching the style of other
configmap items.
 2019-05-15 13:09:45 -04:00
okryvoshapka-connyun
4811168d2a Fixed typos 2019-05-06 09:04:12 +02:00
okryvoshapka-connyun
8cc9afe8ee Added Global External Authentication settings to configmap parameters incl. addons 2019-05-03 12:08:16 +02:00
Thibault Jamet
1cd17cd12c
Implement a validation webhook 
In case some ingress have a syntax error in the snippet configuration,
the freshly generated configuration will not be reloaded to prevent tearing down existing rules.
Although, once inserted, this configuration is preventing from any other valid configuration to be inserted as it remains in the ingresses of the cluster.
To solve this problem, implement an optional validation webhook that simulates the addition of the ingress to be added together with the rest of ingresses.
In case the generated configuration is not validated by nginx, deny the insertion of the ingress.

In case certificates are mounted using kubernetes secrets, when those
changes, keys are automatically updated in the container volume, and the
controller reloads it using the filewatcher.

Related changes:

- Update vendors
- Extract useful functions to check configuration with an additional ingress
- Update documentation for validating webhook
- Add validating webhook examples
- Add a metric for each syntax check success and errors
- Add more certificate generation examples
 2019-04-18 19:07:04 +02:00
Alex Kursell
ffeb1fe348 Support proxy_next_upstream_timeout 2019-04-15 11:08:57 -04:00
Kubernetes Prow Robot
39ecab8d5a
Merge pull request #3954 from Shopify/lb-configmap 
Fix load-balance configmap value
 2019-04-02 05:10:34 -07:00
Alex Kursell
4f819b6256 Fix load-balance configmap value 2019-04-01 15:55:36 -04:00
Alan
fd1f200eb4
fix typo: delete '`' 
fix typo: delete '`'
 2019-03-29 13:42:03 +08:00
Gregor Noczinski
1bef3e75b2 Set X-Request-ID for the default-backend, too. 2019-03-22 11:33:11 +01:00
Elvin Efendi
1d59e4f1fe enable dynamic SSL mode by default 2019-03-17 14:58:06 -04:00
Alex Kursell
1e96671e26 Remove sort-backends flag from cli docs 2019-03-12 14:48:05 -04:00
Alex Kursell
68038eec63 Make sure cli-arguments doc is in alphabetical order 2019-03-12 14:43:05 -04:00
Alex Kursell
d8fe2d992b Remove useless nodeip call and deprecate --force-namespace-isolation 2019-03-11 18:19:13 -04:00
Alex Kursell
d3ac73be79 Remove session-cookie-hash annotation 2019-03-04 10:34:48 -05:00
Mikhail Marchenko
8b3702c829 Enable access log for default backend 
disable log on default_server
 2019-02-26 11:14:31 +03:00
jasongwartz
3865e30a00 Changes CustomHTTPErrors annotation to use custom default backend 
Updates e2e test

Removes focus from e2e test

Fixes renamed function

Adds tests for new template funcs

Addresses gofmt

Updates e2e test, fixes custom-default-backend test by creating service

Updates docs
 2019-02-24 22:48:56 +01:00
Kubernetes Prow Robot
7b2495047f
Merge pull request #3781 from zoumo/proxy-buffer-number 
feat: configurable proxy buffers number
 2019-02-22 12:11:46 -08:00
Jim Zhang
dc63e5d185 fix: rename proxy-buffer-number to proxy-buffers-number 2019-02-22 10:21:17 +08:00
Elvin Efendi
3bb1a1e1ea use correct host for jaeger-collector-host in docs 2019-02-20 10:16:34 -05:00
Jim Zhang
81e4440bdb docs: add docs for proxy-buffer-number 2019-02-20 18:07:40 +08:00
Anthony Ho
ec04852526 Create custom annotation for satisfy "value" 2019-02-19 15:58:35 -05:00
Alan J Castonguay
a29c27ed4c Datadog Opentracing support - part 2 
This commit is part 2 of 2, adding configuration of the
Datadog Opentracing module to the controller.

Fixes half of #3752
 2019-02-15 15:20:10 -05:00
Carlos Diaz-Padron
2340738fb9
Add mention of secure-backends to backend-protocol docs 2019-02-11 15:40:36 -08:00
Sebastiaan Tammer
ab48aab83b Added link for fieldRef information 2019-02-10 17:24:32 +01:00
Sebastiaan Tammer
fc5e99a151 Parse environment variables in OpenTracing configuration 2019-02-10 16:59:05 +01:00
Kubernetes Prow Robot
17e788b8e1
Merge pull request #3684 from aledbf/health 
Replace Status port using a socket
 2019-02-06 13:49:08 -08:00
Manuel Alejandro de Brito Fontes
34b0580225
Replace Status port using a socket 2019-02-06 18:00:10 -03:00
Alex Kursell
18ebb68f41 Update a doc example that uses rewrite-target 2019-02-06 10:48:08 -05:00
minherz
de2a1ece6d add header-value annotation 
add new annotation (header-value)
parse it and propogate to lua script
alter balancer rule to include it into the canary routing logic
add e2e test to validate fallback for canary-by-header-value
add description of canary-by-header-value to documentation
 2019-01-30 23:23:44 +02:00
Kubernetes Prow Robot
bd248250be
Merge pull request #3702 from stamm/access_logs_params 
Add params for access log
 2019-01-28 07:30:00 -08:00
Tyler Horvath
6824c78c1b
make usage more clear about default-backend annotation 2019-01-26 11:47:19 -07:00
Rustam Zagirov
5dee6af957 add params for access log 2019-01-26 21:42:11 +03:00
Manuel Alejandro de Brito Fontes
b10b60f9ae
Revert max-worker-connections default value (#3660) 2019-01-13 10:53:18 -03:00
Manuel Alejandro de Brito Fontes
0e783b3b82
Add note about SSL Certificate common names 2019-01-10 20:59:50 -03:00
Shai Katz
edd87fbae3 add limit connection status code 
add default conn status code

add missing colon

add limit connection status code
 2019-01-09 19:31:10 +02:00
Kubernetes Prow Robot
8f57f9578d
Merge pull request #3586 from Shopify/disable-catch-all 
Add --disable-catch-all option to disable catch-all server
 2019-01-07 07:16:26 -08:00
Kubernetes Prow Robot
2c3ce07135
Merge pull request #3396 from flugel-it/master 
New balancer implementation: consistent hash subset
 2019-01-04 10:31:03 -08:00
Davide Icardi
25776353bb Add basic usage documentation 2019-01-03 19:58:27 +01:00
Diego Woitasen
60b983503b Consistent hashing to a subset of nodes. It works like consistent hash, 
but instead of mapping to a single node, we map to a subset of nodes.
 2019-01-03 01:32:52 -03:00
Kubernetes Prow Robot
71cc6df74f
Merge pull request #3174 from Shopify/rewrite-regex 
Generalize Rewrite Block Creation and Deprecate AddBaseUrl (not backwards compatible)
 2019-01-02 12:30:18 -08:00
ramnes
bf7b5ebd81 Add an option to automatically set worker_connections based on worker_rlimit_nofile 2018-12-27 18:36:19 +01:00
Anish Ramasekar
382049a0bf Adds support for HTTP2 Push Preload annotation 
update test for backendprotocols

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Adds support for HTTP2 Push Preload annotation

Adds support for HTTP2 Push Preload annotation
 2018-12-24 17:13:25 -02:00
Maxime Ginters
1678d99a03 Add --disable-catch-all option to disable catch-all server 2018-12-21 13:22:26 -05:00
Zenara Daley
e4459940fa add documentation 2018-12-18 12:53:54 -05:00
Zenara Daley
67654a6fd5 Generalize Rewrite Block Creation 2018-12-13 13:02:05 -05:00
Roman Gorshunov
f910d96ad1
Annotations doc links: minor fixes and unification 2018-11-28 16:16:15 +01:00
Elvin Efendi
13e7e6a7e1 clarify canary ingress 2018-11-28 11:28:37 +04:00
k8s-ci-robot
710ea8c76f
Merge pull request #3333 from Shopify/dont-trust-by-default 
breaking change: by default do not trust any client
 2018-11-27 05:12:48 -08:00
Manuel Alejandro de Brito Fontes
6eac5785ac
Rever TCP/UDP documentation removal and links (#3456) 2018-11-21 23:24:34 -03:00
Zenara Daley
2b109b360b Only set cookies on paths that enable session affinity 2018-11-19 11:42:12 -05:00
k8s-ci-robot
82721e575d
Merge pull request #3372 from Shopify/session-cookie-path 
Add annotation for session affinity path
 2018-11-19 07:25:32 -08:00
Zenara Daley
50b29feb4a Add annotation for session affinity path 2018-11-19 09:15:24 -05:00
Fernando Diaz
95b3042b6e Add a Snippet for ModSecurity 
Allows for the configuration of Mod Security rules via
a Snippet.
 2018-11-14 23:31:27 -06:00
Elvin Efendi
5f3b48e16d breaking change: do not trust x-forwarded-* headers by default 2018-11-13 10:35:59 +04:00
mooncake
2d64e15f95 Fix some documents issues 
Signed-off-by: mooncake <xcoder@tenxcloud.com>
 2018-11-10 19:33:51 +08:00
Manuel Alejandro de Brito Fontes
5cc139999a
Fix link in documentation [skip ci] (#3392) 2018-11-09 15:57:20 -03:00
crystaljade
50e30b47ff
Update annotations.md 2018-11-09 20:19:22 +08:00
Fernando Diaz
5195600841 Allows ModSecurity to be configured per location 
The following annotations will be added:

- enable-modsecurity
- enable-owasp-core-rules
- modsecurity-transaction-id

Fixes #3167
 2018-11-06 22:24:31 -06:00
k8s-ci-robot
17cad51e47
Merge pull request #3341 from Shopify/canary_upstream 
Add canary annotation and alternative backends for traffic shaping
 2018-11-06 12:22:16 -08:00
Conor Landry
412cd70d3a implement canary annotation and alternative backends 
Adds the ability to create alternative backends. Alternative backends enable
traffic shaping by sharing a single location but routing to different
backends depending on the TrafficShapingPolicy defined by AlternativeBackends.

When the list of upstreams and servers are retrieved, we then call
mergeAlternativeBackends which iterates through the paths of every ingress
and checks if the backend supporting the path is a AlternativeBackend. If
so, we then iterate through the map of servers and find the real backend
that the AlternativeBackend should fall under. Once found, the
AlternativeBackend is embedded in the list of VirtualBackends for the real
backend.

If no matching real backend for a AlternativeBackend is found, then the
AlternativeBackend is deleted as it cannot be backed by any server.
 2018-11-06 13:13:14 -05:00
k8s-ci-robot
265f96bf14
Merge pull request #3344 from ecosia/jg-customerrors-per-ingress 
Adds CustomHTTPErrors ingress annotation and test
 2018-11-06 09:21:49 -08:00
jasongwartz
0ebf0354cb Adds CustomHTTPErrors ingress annotation and test 
Adds per-server/location error-catch functionality to nginx template

Adds documentation

Reduces template duplication with helper function for CUSTOM_ERRORS data

Updates documentation

Adds e2e test for customerrors

Removes AllCustomHTTPErrors, replaces with template function with deduplication and adds e2e test of deduplication

Fixes copy-paste error in test, adds additional test cases

Reverts noop change in controller.go (unused now)
 2018-11-06 16:47:52 +01:00
Adnan Baruni
b511333130 add support for auth-snippet annotation 
add test for new auth-snippet annotation

document auth-snippet annotation

add e2e test for auth-snippet annotation

add log warning and update documentation
 2018-11-05 16:02:29 -06:00
crystaljade
8f93b9847d
Update cli-arguments.md 2018-11-02 13:48:00 +08:00
crystaljade
b80540c3af
Update cli-arguments.md 2018-11-02 13:17:52 +08:00
Maximilian Bode
c27c57dc8b Add configuration for geoip2 module 
Based on closed PRs #2551, #2755
 2018-10-29 21:25:23 +01:00
xichengliudui
ed107a489a Delete some extra words 2018-10-29 02:48:56 -04:00
samuela
decdf72f26 "diretly" typo (#3263) 
* "diretly" typo
 2018-10-27 08:17:45 -03:00
Desmond Ho
bf03046a80 UPT: updated e2e test and default true for process-multipart-body annotation 2018-10-25 14:17:38 +08:00
Desmond Ho
bab521e81a UPT: align waf options 2018-10-20 12:46:39 +08:00
Desmond Ho
04a89ce234 UPT: annotation enhancement for resty-lua-waf 2018-10-20 12:09:38 +08:00
Hui Chen
32b95be1bb the sample ingress spec error 2018-10-19 18:15:13 +08:00
Ricardo Katz
091c914bab Add missing annotations to Docs (#3264) 
Add missing annotations to Docs
 2018-10-18 12:38:37 -03:00
Hui Chen
b276800d2c remote the command args of enable-dynamic-configuration 2018-10-16 10:52:19 +08:00
k8s-ci-robot
0baf62dd6a
Merge pull request #3222 from diazjf/add-timeouts-and-such 
Allow Ability to Configure Upstream Keepalive
 2018-10-12 06:15:09 -07:00
Fernando Diaz
12955a4a1b Allow Ability to Configure Upstream Keepalive 
Allows Upstream Keepalive values like keepalive_timeout and
keepalive_requests to be configured via ConfigMap.

Fixes #3099
 2018-10-11 20:46:42 -05:00
Manuel Alejandro de Brito Fontes
469797e242
Fix documentation links [skip ci] (#3229) 2018-10-11 22:09:01 -03:00
Hui Chen
f8052385f9 aline opentracing user-guide with nginx configmap configuration 2018-10-10 11:25:53 +08:00
Elvin Efendi
78f12c25c5 delete upstream healthcheck annotation 2018-10-09 09:14:13 -04:00
k8s-ci-robot
9cf4f9e7ae
Merge pull request #3209 from ms4720/master 
Fix: update config map name
 2018-10-09 03:59:28 -07:00
Marc Spitzer
2387c38624 Fix: update config map name 2018-10-09 11:15:09 +08:00
Manuel Alejandro de Brito Fontes
859b298d42 Remove annotations grpc-backend and secure-backend already deprecated 2018-10-08 12:26:06 -03:00
k8s-ci-robot
b46523a1f4
Merge pull request #3149 from diazjf/proxy-e2e-tests 
Add e2e Tests for Proxy Annotations
 2018-10-05 05:15:09 -07:00
Zenara Daley
bd3f56eaa0 allow curly braces to be used in regex paths 2018-10-04 10:58:38 -04:00
Yann
6d9977b622 Fix yaml indentation in server-snippet doc 
Copy / Pasting the code made errors when injecting config in
kubernetes cluster. With this change, annotations now works
in ingresses metadata.
 2018-10-03 19:31:14 +02:00
Fernando Diaz
c981a65058 Add e2e Tests for Proxy Annotations 
Adds e2e tests for the following annotations:

- proxy-body-size
- proxy-connect-timeout
- proxy-send-timeout
- proxy-read-timeout
- proxy-buffering
- proxy-buffer-size
- proxy-request-buffering
- proxy-next-upstream
- proxy-next-upstream-tries
- proxy-cookie-domain
- proxy-cookie-path

and also updates some documentation.
 2018-10-01 16:10:09 -05:00
Zenara Daley
f29bdc3e8d Add 'use regex' annotation to toggle nginx regex location modifier 2018-10-01 13:54:11 -04:00
Elvin Efendi
14815c546c update docs 2018-09-25 21:49:37 -04:00
k8s-ci-robot
6393ca6aaf
Merge pull request #2997 from StarOfService/global-block-ip-ua-ref 
Provide possibility to block IPs, User-Agents and Referers globally
 2018-09-25 05:51:56 -07:00
Pavel Sinkevych
7212d0081b Provide possibility to block CIDRs, User-Agents and Referers globally 2018-09-25 14:16:20 +03:00
Rui Cao
0853a9f4f5 Typo fix: adresses -> addresses 
Signed-off-by: Rui Cao <ruicao@alauda.io>
 2018-09-24 22:51:16 +08:00
Hui Chen
be87141fe7 doc issue related to monitor part 2018-09-20 17:34:07 +08:00
Hui Chen
aff2400ea4 update annotation name from rewrite-log to enable-rewrite-log 2018-09-17 11:54:25 +08:00
Mitchell Turner
ccc3b6354e Added notes to regarding external access 2018-09-14 12:11:22 -04:00
Manuel de Brito Fontes
4ffe3a2fdd
Update mkdocs 2018-09-13 17:52:15 -03:00
Antoine Cotten
a99f56dcbe
Complete documentation about SSL Passthrough 2018-09-10 19:41:27 +02:00
Manuel Alejandro de Brito Fontes
e60cbc4804
Remove link to invalid example [ci-skip] (#3039) 2018-09-04 20:13:47 -03:00
Derek Perkins
9099f3b4db add support for http2-max-requests in configmap 2018-09-02 23:53:30 -06:00
k8s-ci-robot
a92555f4cb
Merge pull request #3017 from diazjf/more-e2e-1 
Add e2e tests for CORS
 2018-09-02 16:00:41 -07:00
Fernando Diaz
2a990d2d2c Add e2e tests for CORS and more 
Adds the missing e2e tests for Cross-Origin Resource Sharing(CORS).
This will include all the CORS annotations. Also adds more unit tests.
 2018-09-01 16:14:52 -05:00
Manuel de Brito Fontes
f5dda5fecc
Fix documentation format 2018-08-30 15:31:12 -03:00
Henry Tran
0af9d5b62a Add documentation for enable-dynamic-certificates feature 2018-08-24 09:51:41 -04:00
Dario Nieuwenhuis
b5bcb93a4b
Merge branch 'master' into xff 2018-08-16 18:15:14 +02:00
k8s-ci-robot
01cc29e17b
Merge pull request #2912 from aledbf/prometheus-grafana 
Add documentation to install prometheus and grafana
 2018-08-13 09:03:08 -07:00
Lorenzo Fontana
5c680ba629
docs: Precisations on the usage of the InfluxDB module 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2018-08-12 11:24:06 +02:00
Manuel de Brito Fontes
f311668625 Add misspell target 2018-08-11 08:26:14 -04:00
Manuel de Brito Fontes
322dae6cee
Add documentation to install prometheus and grafana 2018-08-08 18:44:18 -04:00
Manuel de Brito Fontes
7af93e03c7
Add annotation backend-protocol 2018-08-07 08:59:38 -04:00
Manuel Alejandro de Brito Fontes
a68820808a
Fix documentation (#2902) 2018-08-05 22:30:46 -04:00
k8s-ci-robot
9b3207d4c6
Merge pull request #2897 from aledbf/enable-reuseport 
Enable reuse-port by default
 2018-08-04 19:43:43 -07:00
Manuel Alejandro de Brito Fontes
d31f5ec31a
Fix default sync-period doc (#2898) 2018-08-04 17:57:15 -04:00
Manuel de Brito Fontes
1d00a5c2bc Enable reuse-port by default 2018-08-04 17:43:34 -04:00
Tom Reznik
b7bcf92480 support configuring multi_accept directive via configmap 2018-08-04 19:20:01 +03:00
Tom Reznik
1bacf1655e support custom configuration to main context of nginx config 2018-08-04 00:53:06 +03:00
Karl Stoney
09832557ed
Add permanent-redirect-code annotation 2018-07-29 11:50:16 +02:00
Elvin Efendi
8a67ace5c3 enable dynamic backend configuration by default 2018-07-26 15:16:06 -04:00
Vincent Gramer
9024d2f451 doc log-format: add variables about ingress 2018-07-19 17:38:38 +02:00
Fernando Diaz
52ecdf0b46 Add Better Error Handling for SSLSessionTicketKey 
Adds more error handling when writing an SSLSessionTicketKey to
the config map. Also adds tests and makes the function for modular.

Fixes #2756
 2018-07-15 19:53:39 -05:00
Manuel Alejandro de Brito Fontes
3b947eb90d
Update docs and mkdoc dependencies [ci skip] (#2778) 2018-07-13 19:23:13 -04:00
Info-Screen
e2f4d2cdaa
Use language neutral links to MDN insetead of es 2018-07-10 04:23:56 +02:00
Jason Stangroome
8e06afbb45 Allow gzip compress level to be controlled via ConfigMap 2018-07-09 10:30:59 +10:00
Andrii Kostenko
bc53d1eb74
Sample rate configmap option for zipkin in nginx-opentracing 2018-06-28 18:13:31 +03:00
Antoine Cotten
130866b51c
Proofreading 2018-06-25 00:04:43 +02:00
Fernando Diaz
7370694609 Enhance Distributed Tracing Documentation 
Corrects a few items in the Zipkin Collector Example. Adds a Example
of setting up the Jaeger Collector.
 2018-06-23 23:51:46 -05:00
jstoja
0cfd6dca83 Add documentation for proxy-cookie-domain annotation (#2034) 2018-06-19 22:25:57 +02:00
Manuel de Brito Fontes
63b38e1c21
Remove VTS from the ingress controller 2018-06-14 11:11:29 -04:00
Dario Nieuwenhuis
4dfc83a698 Capitalize NGINX in docs. 2018-06-13 21:10:56 +02:00
Antoine Cotten
55679aa268 Update documentation for custom error pages (#2630) 
* Update documentation for custom error pages

* custom-error-pages: Fix path to error pages

Bump version to 0.2
 2018-06-12 18:03:48 -04:00
Dario Nieuwenhuis
94266ff167 Document use-forwarded-headers configmap option. 2018-06-12 21:48:32 +02:00
Jian Qiu
92182596eb Add annotation doc on proxy buffer size 2018-06-12 16:06:30 +08:00
Antoine Cotten
a74c34dbf1
Proofread cmd package and update flags description 2018-06-11 13:15:45 +02:00
k8s-ci-robot
fa9823634c
Merge pull request #2504 from jrthrawny/proxy-protocol-timeout-for-passthrough-pr 
Add Timeout For TLS Passthrough
 2018-06-03 22:54:53 -07:00
Jason Roberts
d637a9b978 Configurable Proxy Protocol header timeout for TLS passthrough 2018-06-03 20:10:41 -05:00
Borek Bernard
fcfa4f2eb0
Improved link in modsecurity.md 2018-05-30 09:25:12 +02:00
Tobias Bradtke
0c2aa4bc98
Fix wrong default value for enable-brotli 
Brotli is disabled by default since c67e9185b6
 2018-05-24 17:36:32 +02:00
Elvin Efendi
7d8a0130a5 use better defaults for proxy-next-upstream(-tries) 2018-05-23 21:37:56 -04:00
k8s-ci-robot
b8b5e5bc51
Merge pull request #2548 from Stono/master 
Implement generate-request-id
 2018-05-21 13:55:12 -07:00
Karl Stoney
206d32a2cd Implement generate-request-id 
Fixes https://github.com/kubernetes/ingress-nginx/issues/2546
 2018-05-21 08:32:50 +01:00
Lorenzo Fontana
93be8db612
Annotations for the InfluxDB Module 
Signed-off-by: Lorenzo Fontana <lo@linux.com>
 2018-05-19 09:22:46 +02:00
k8s-ci-robot
aa256ac887
Merge pull request #2423 from diazjf/fix-2074 
Resolves issue with proxy-redirect nginx configuration
 2018-05-18 12:42:51 -07:00
Roman Sokolkov
d004fcac05
DOCS: Correct ssl-passthrough annotation description. 2018-05-18 17:22:21 +02:00
Fernando Diaz
e224259e38 Resolves issue with proxy-redirect nginx configuration 
Resolves an issue where the proxy-redirect annotations were not generating the
correct configuration possibly because of user error. This is done by only
setting the proxy_redirect if both proxy-redirect-from and proxy-redirect-to
have valid values. Also adds the e2e tests.

Fixes #2074
 2018-05-17 11:22:31 -05:00
k8s-ci-robot
2e53fa21e6
Merge pull request #2517 from gmile/patch-1 
Fix typo about the kind of request
 2018-05-16 15:51:50 -07:00
Manuel de Brito Fontes
a085808d2d
Add tests for bind-address 2018-05-16 14:53:29 -04:00
Eugene Pirogov
552df3bdcd
Fix typo about the kind of request 2018-05-16 09:53:17 +03:00
Mike Tougeron
17e5b35f10 Add some clarification around multiple ingress controller behavior 2018-05-11 16:10:41 -07:00
Aarni Koskela
f1e5c9b2dd Clean up annotations.md; extract default backend from miscellaneous 2018-05-03 15:44:57 +03:00
Aarni Koskela
4b85ef9c9c Add note about changing annotation prefixes 2018-05-03 14:42:47 +03:00
Aarni Koskela
b66efdd8bd Reformat log-format.md 2018-05-03 14:42:47 +03:00
Aarni Koskela
572aac4421 multiple-ingress.md: rework page for clarity and less repetition 2018-05-03 14:42:47 +03:00
Aarni Koskela
ed48199b30 TLS.md: Remove useless manual TOC 2018-05-02 17:49:18 +03:00
Aarni Koskela
ec56200ee0 TLS.md: Reformat and grammar check 2018-05-02 17:49:15 +03:00
Aarni Koskela
aca5097a56 TLS.md: Remove the frankly useless curl output in the default certificate section 2018-05-02 17:49:13 +03:00
Aarni Koskela
f65c8f0aaa TLS.md: Clarify how to set --default-ssl-certificate 2018-05-02 17:49:11 +03:00
Aarni Koskela
451a01bb0a TLS.md: Move the TLS secret misc bit to the TLS document 2018-05-02 17:49:06 +03:00
Manuel de Brito Fontes
d97bf0675a Add gRPC annotation doc 2018-04-30 14:29:29 -03:00
Francisco de Brito Fontes
2f6f9a29ba Improve documentation format 2018-04-29 03:17:29 -03:00
k8s-ci-robot
0813b38314
Merge pull request #2437 from JordanP/rewrite_log 
Add annotation to enable rewrite logs in a location
 2018-04-27 10:27:19 -07:00
JordanP
c995031ffd Add annotation to enable rewrite logs in a location 2018-04-27 17:50:14 +02:00
Sam Fleming
ce9d42b52d
Update custom-errors.md 
Fix grammatical errors
 2018-04-27 16:24:05 +01:00
k8s-ci-robot
22f78325b7
Merge pull request #2436 from mustafaakin/patch-1 
Update exposing-tcp-udp-services.md
 2018-04-27 04:46:19 -07:00
Mustafa Akın
e5ed2165e2
Update exposing-tcp-udp-services.md 
Minor tick missing for syntax highlighting which makes it look ugly on https://kubernetes.github.io/ingress-nginx/user-guide/exposing-tcp-udp-services/
 2018-04-27 13:45:12 +03:00
Manuel de Brito Fontes
4ddedd41a6
Fix broken links in the docs 2018-04-26 22:24:50 -03:00
Aarni Koskela
8aa9db8397 Move documents related to third-party extensions under third-party-addons 2018-04-26 13:57:18 +03:00
Aarni Koskela
e677ea22e2 Remove default-ssl-certificate.md (the content is already in tls.md) 2018-04-26 13:57:18 +03:00
Aarni Koskela
1196b48745 Regenerate cli-arguments.md from the actual usage of 0.13 2018-04-26 13:57:18 +03:00
Aarni Koskela
17745a920d Move "Customizing NGINX" documentation under "NGINX Configuration" 2018-04-26 13:57:18 +03:00
Aarni Koskela
34314254f3 Remove empty ingress-annotations document; fix up annotations.md's layout slightly 2018-04-26 13:57:18 +03:00
Aarni Koskela
d1479a2d21 Move miscellaneous tidbits from README to miscellaneous.md and other files 2018-04-26 13:57:18 +03:00
Antoine Cotten
9211f3beaf
Document changes to annotations with Secret reference 2018-04-20 00:31:25 +02:00
Roman Sokolkov
54f1568e11
DOCS: Add clarification regarding ssl passthrough 2018-04-19 17:13:46 +02:00
Rajat Jindal
4237f290ed fix the default cookie name in doc 2018-04-18 09:27:34 -07:00
Nick Novitski
8886b8a50e Add vts-sum-key config flag 2018-04-17 11:39:32 -07:00
Giancarlo Rubio
c60ed24f4b Detect if header injected request_id before creating one 2018-04-17 15:49:35 +02:00
k8s-ci-robot
564ec885fb
Merge pull request #2353 from bashofmann/master 
Add proxy-add-original-uri-header config flag
 2018-04-16 05:46:59 -07:00
Bastian Hofmann
1c17962ba0 Add proxy-add-original-uri-header config flag 
This makes it configurable if a location adds an X-Original-Uri header to the backend request. Default is "true", the current behaviour.
 2018-04-16 12:34:26 +02:00
AdamDang
bf9edcc9f7
Typo fix in cli-arguments.md 
it's endpoints->its endpoints
 2018-04-15 23:45:01 +08:00
Elvin Efendi
d6eb44376d run lua-resty-waf in different modes (#2317) 
* run lua-resty-waf in different modes

* update docs
 2018-04-09 09:19:13 -03:00
Elvin Efendi
bad8295a42 extra waf rules per ingress (#2315) 
* extra waf rules per ingress

* document annotation nginx.ingress.kubernetes.io/lua-resty-waf-extra-rules

* regenerate internal/file/bindata.go
 2018-04-09 07:14:30 -03:00
Elvin Efendi
16faf309ca annotation to ignore given list of WAF rulesets (#2314) 2018-04-08 22:55:23 -03:00
Elvin Efendi
a6fe800a47 lua-resty-waf controller (#2304) 2018-04-08 17:37:13 -03:00
Alvaro Aleman
e7aa74b5d4 Add NoAuthLocations and default it to "/.well-known/acme-challenge" (#2243) 
* Add NoAuthLocations and default it to "/.well-known/acme-challenge"

* Add e2e tests for no-auth-location

* Improve wording of no-auth-location tests
 2018-04-01 21:02:34 -03:00
AdamDang
660e67dc9e Typo fixes in modsecurity.md (#2274) 
* Update modsecurity.md

Some typo fixes

* Update modsecurity.md
 2018-03-29 13:48:16 -03:00
Sylvain Rabot
385368990c Managing a whitelist for _/nginx_status (#2187) 
Signed-off-by: Sylvain Rabot <s.rabot@lectra.com>
 2018-03-28 09:27:34 -03:00
AdamDang
5c016bee87 Update annotations.md (#2255) 
a typo fix
 2018-03-25 12:55:30 -03:00
Zenara Daley
6e099c5f57 Add EWMA as configurable load balancing algorithm (#2229) 2018-03-23 12:06:21 -03:00
maxlaverse
8575769781 Make proxy_next_upstream_tries configurable (#2232) 
* Make proxy_next_upstream_tries configurable

* Code generation
 2018-03-22 08:12:36 -03:00
Manuel Alejandro de Brito Fontes
df00b03a70
Fix log format documentation (#2219) 2018-03-20 08:51:04 -03:00
Manuel Alejandro de Brito Fontes
41217eb9e4
Update cli-arguments.md (#2213) 2018-03-19 13:17:44 -03:00
Alvaro Aleman
94deb3a01a Add configoption to exclude routes from tls upgrading (#2203) 
* Add configoption to exclude routes from tls upgrading

* Add tests for IsLocationInLocationList

* Seperate elements in NoTLSRedirectLocations by comma

* Set NoTLSRedirectLocations to "/.well-known/acme-challenge/" by default

* Remove trailing slash from "/.well-known/acme-challenge" default
 2018-03-18 17:44:59 -03:00
Oilbeater
5c02d700cb Allow config to disable geoip (#2202) 
For a offline or private cloud environment, geoip is not needed.
Implementing https://github.com/kubernetes/ingress-nginx/issues/2179
 2018-03-18 13:30:05 -03:00
Oilbeater
41cefeb178 Add worker-cpu-affinity nginx option (#2201) 
worker_cpu_affinity is a common optimization method for improving nginx performance, adding this as a custom configuration. Also fix some format issues found during editing.
 2018-03-16 13:32:45 -03:00
Elvin Efendi
36cce00fdd configuring load balancing per ingress (#2167) 
* configure load balancing through a ingress annotation

* update docs
 2018-03-09 13:09:41 -08:00
maxlaverse
31306658f1 Add documentation about secure-verify-ca-secret (#2169) 2018-03-05 11:01:50 -08:00
Qiu Jian
56036ddc57 Add publish-status-address flag (#2148) 
* Add publish-status-address flag

If this flag is set, status of ingress resources will be updated
with this address.

* Address aledbf's comment
 2018-02-27 00:02:19 -03:00
Manuel Alejandro de Brito Fontes
0dee303ac2
Add annotation to disable logs in a location (#2144) 2018-02-25 11:38:54 -03:00
Thanatat Tamtan
309a79483f fix limit-req-status-code doc (#2133) 2018-02-22 11:39:16 -08:00
nrmitchi
a4874806f2 Update configmap.md (#2124) 2018-02-21 11:09:32 -08:00
Victor Trac
131fdf1e01 replace '&#8209;' with actual dashes '-' (#2111) 2018-02-16 15:02:41 -08:00
Mathieu Parent
b02c0f502a Fix proxy_redirect description (#2102) 2018-02-16 09:59:12 -08:00
Bea
f468007d6c Updates and extends client cert documentation (#2105) 
Updates and extends the documentation about enabling client certificate authentication.
 2018-02-16 07:17:29 -08:00
Oilbeater
7ede78f004 fix spell error reslover -> resolver (#2041) 2018-02-07 07:24:09 -08:00