DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4493 commits 4 branches 217 tags 166 MiB
Commit graph

613 commits

Author SHA1 Message Date
otnielvh
3b34d56c92 Add support for psp 2019-08-01 09:45:58 +03:00
Kubernetes Prow Robot
c8a3710fb8
Merge pull request #4344 from Nuglif/fastcgi-backend-support 
Add FastCGI backend support (#2982)
 2019-07-31 11:20:14 -07:00
Charle Demers
72271e9313
FastCGI backend support (#2982) 
Co-authored-by: Pierrick Charron <pierrick@adoy.net>
 2019-07-31 10:39:21 -04:00
Manuel Alejandro de Brito Fontes
1abc11af90
Remove static SSL configuration mode 2019-07-25 09:19:06 -04:00
Kubernetes Prow Robot
e1f062dd53
Merge pull request #4348 from aledbf/kep 
KEP process
 2019-07-24 18:39:51 -07:00
Manuel Alejandro de Brito Fontes
cb33c4ed26
Start using KEPs for new features or breaking changes 2019-07-24 21:08:07 -04:00
Oguzhan Inan
cbc5d3a917
duplicate argument "--disable-catch-all" 2019-07-22 14:48:23 +03:00
Jude Zhu
5e64b6834c
Add [$proxy_alternative_upstream_name] 
https://github.com/kubernetes/ingress-nginx/pull/4246
 2019-07-19 07:36:13 +08:00
Henry Jenkins
b8cedabbff Update references to oauth2_proxy 
The custodian of the project has been shifted from [bitly] to [pusher].
So this diff updates these references.

[bitly]: https://github.com/bitly/oauth2_proxy
[pusher]: https://github.com/pusher/oauth2_proxy
 2019-07-18 07:59:22 +01:00
Gabor Lekeny
def13fc06c Add proxy_ssl_* directives 
Add support for backends which require client certificate (eg. NiFi)
authentication. The `proxy-ssl-secret` k8s annotation references a
secret which is used to authenticate to the backend server. All other
directives fine tune the backend communication.

The following annotations are supported:
* proxy-ssl-secret
* proxy-ssl-ciphers
* proxy-ssl-protocol
* proxy-ssl-verify
* proxy-ssl-verify-depth
 2019-07-18 03:21:52 +02:00
Kubernetes Prow Robot
589c9a20f9
Merge pull request #4278 from moolen/feat/auth-req-cache 
feat: auth-req caching
 2019-07-17 12:06:12 -07:00
Moritz Johner
23504db770 feat: auth-req caching 
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.

[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2019-07-17 18:39:04 +02:00
Kautilya Tripathi
d9c0ede20a
Update how-it-works.md 
Changed text to link
 2019-07-12 14:12:15 +05:30
E. Stuart Hicks
3b0c523e49 added proxy-http-version annotation to override the HTTP/1.1 default connection type to reverse proxy backends 2019-07-08 14:32:00 -04:00
Elvin Efendi
cd25a0c17a adjust docs 2019-07-01 10:24:09 -04:00
Roemer Hendrikx
ef3ebbeab5
Add notes on timeouts while using long GRPC streams 
GRPC streams longer than 60s hit multiple timeouts that NGINX has defined. Not all of them are easy to find, so I added some notes to the GRPC example to warn users of setting the correct timeouts if the wish their stream to not be aborted after 60 seconds.
 2019-06-25 10:29:39 +02:00
Tristan Matthews
ef4b560499
Update annotations.md 2019-06-20 20:19:11 -04:00
Manuel Alejandro de Brito Fontes
84102eec2b
Migrate to new networking.k8s.io/v1beta1 package 2019-06-13 11:32:39 -04:00
Kubernetes Prow Robot
e76418cd99
Merge pull request #4162 from stramel/patch-1 
Add "text/javascript" to compressible MIME types
 2019-06-06 11:35:34 -07:00
Michael Stramel
686f2310e4 Add "text/javascript" to compressible MIME types 
Based on the HTML Standard, https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguages, servers _should_ use `text/javascript`.
 2019-06-06 13:11:56 -05:00
Kubernetes Prow Robot
286ff13af2
Merge pull request #4048 from fedunineyu/change-upstream-on-error-with-sticky-session 
Change upstream on error when sticky session balancer is used
 2019-06-06 07:22:17 -07:00
Manuel Alejandro de Brito Fontes
78d6ce6e6e
Partially revert usage of kustomize for installation (#4159) 2019-06-05 10:59:38 -04:00
Nikolas Skoufis
4a913fac2a
Add clarification on how to enable path matching 
The fact that you need to explicitly add the annotation is easy to miss.
This makes this more explicit, while leaving the finer details to the
linked annotations document.
 2019-06-05 11:14:50 +10:00
Chuan Long
30d3505e7e
Update README.md for external-auth Test 4 
Title for Test 4 should be `secure service with valid auth header`. The current one is the same as Test 3.
 2019-05-29 13:23:20 -05:00
Eugene Fedunin
254629cf16 Added support for annotation session-cookie-change-on-failure 
1. Session cookie is updated on previous attempt failure when `session-cookie-change-on-failure = true` (default value is `false`).
2. Added tests to check both cases.
3. Updated docs.

Co-Authored-By: Vladimir Grishin <yadolov@users.noreply.github.com>
 2019-05-27 13:00:07 +03:00
Kubernetes Prow Robot
dfa7f10fc9
Merge pull request #4055 from nicknovitski/kustomize 
Rearrange deployment files into kustomizations
 2019-05-25 14:43:50 -07:00
MMeent
73c70e28b4
Clear up some inconsistent / unclear wording 
IPv6 enabled/disabled working was confusing or contradicting itself. This updates the wording to what is expected, based on the default values in the table above, and the behaviour that I could find in code.
 2019-05-21 15:27:58 +02:00
reynaldi.wijaya
616b1e239a UPT: Opentracing configmap documentation 2019-05-21 18:14:33 +08:00
reynaldi.wijaya
d468cd5ec5 UPT: Modify configmap to include jaeger sampler host and jaeger sampler port 2019-05-21 17:54:29 +08:00
Nick Novitski
51ad0bc54b Rearrange deployment files into kustomizations 2019-05-19 12:35:54 -07:00
Kubernetes Prow Robot
19501b217d
Merge pull request #4089 from alanjcastonguay/docs/use-gzip-configmap-defaults 
Docs: configmap: use-gzip
 2019-05-18 04:09:14 -07:00
Kubernetes Prow Robot
c12059bff5
Merge pull request #4098 from kevinsimper/patch-1 
Update configmap about adding custom locations
 2019-05-18 03:39:12 -07:00
Kevin Pullin
3ef6689bbd
Docs - Update capture group placeholder 
The current ingress example uses the `$2` capture group placeholder, however the description refers to the `$1` placeholder (this was previously correct, but was not updated when the ingress example changed from $1 to $2).
 2019-05-17 16:01:17 -07:00
Kevin Simper
ddc2ce5c70
Update configmap about adding custom locations 2019-05-17 21:39:40 +02:00
Alan J Castonguay
f5b090518d Docs: configmap: use-gzip 
Move the "gzip-types" value default from the "use-gzip" to the "gzip-types"
heading, and link to it from use-gzip.

Document that the "use-gzip" default is "true", matching the style of other
configmap items.
 2019-05-15 13:09:45 -04:00
Alan J Castonguay
5eda92b1c9
Explain references in custom-headers documentation 
Augment description of custom-headers behavior. Explain the purpose of the two configmaps, making explicit that one cites the other by `namespace/name`. Link the two example yaml files, so they're more easily navigated to from a browser looking at https://kubernetes.github.io/ingress-nginx/examples/customization/custom-headers/

Campfire: grammar, standard installation is in the `ingress-nginx` namespace.
 2019-05-13 17:50:59 -04:00
okryvoshapka-connyun
4811168d2a Fixed typos 2019-05-06 09:04:12 +02:00
okryvoshapka-connyun
8cc9afe8ee Added Global External Authentication settings to configmap parameters incl. addons 2019-05-03 12:08:16 +02:00
Kubernetes Prow Robot
b4f2880ee6
Merge pull request #3802 from tjamet/admission-controller 
Add a validating webhook for ingress sanity check
 2019-05-02 07:52:25 -07:00
Kubernetes Prow Robot
7ff6643372
Merge pull request #4037 from marcostvz/fix-doc-rewrite 
[doc] fixing regex in example of rewrite
 2019-05-02 07:02:23 -07:00
Marcos Estevez
69c1efc0e3
[doc] fixing regex in example of rewrite 
avoids /somethingfoo to be matched by regex

Signed-off-by: Marcos Estevez <marcos.stvz@gmail.com>
 2019-04-25 12:43:32 +02:00
James Humphries
2a31790887
Docs have incorrect command in baremetal.md 
The output shown is for `kubectl get node` and not `kubectl describe node`.

I've updated the docs to use the correct command.
 2019-04-25 11:10:16 +01:00
William Zhang
a94eea2c03 🔧 fix navigation error in file baremetal.md 
Signed-off-by: William Zhang <zhang.wanmin@zte.com.cn>
 2019-04-24 15:45:04 +08:00
Kubernetes Prow Robot
e68b68d20c
Merge pull request #3966 from GabrielNicolasAvellaneda/master 
Documentation example code fix
 2019-04-19 09:33:54 -07:00
Thibault Jamet
1cd17cd12c
Implement a validation webhook 
In case some ingress have a syntax error in the snippet configuration,
the freshly generated configuration will not be reloaded to prevent tearing down existing rules.
Although, once inserted, this configuration is preventing from any other valid configuration to be inserted as it remains in the ingresses of the cluster.
To solve this problem, implement an optional validation webhook that simulates the addition of the ingress to be added together with the rest of ingresses.
In case the generated configuration is not validated by nginx, deny the insertion of the ingress.

In case certificates are mounted using kubernetes secrets, when those
changes, keys are automatically updated in the container volume, and the
controller reloads it using the filewatcher.

Related changes:

- Update vendors
- Extract useful functions to check configuration with an additional ingress
- Update documentation for validating webhook
- Add validating webhook examples
- Add a metric for each syntax check success and errors
- Add more certificate generation examples
 2019-04-18 19:07:04 +02:00
Alex Kursell
ffeb1fe348 Support proxy_next_upstream_timeout 2019-04-15 11:08:57 -04:00
Kubernetes Prow Robot
c6204d8684
Merge pull request #3978 from aledbf/ca-cert-docs 
Fix CA certificate example docs
 2019-04-09 16:52:11 -07:00
Alex Kursell
5a2bb05e80 Add kubectl plugin docs 2019-04-08 18:12:00 -04:00
Manuel Alejandro de Brito Fontes
d589fb485a
Fix CA certificate example docs 2019-04-08 08:35:34 -04:00
Manuel Alejandro de Brito Fontes
4efe549502
Update yaml files to 0.24.0 [skip-ci] (#3975) 2019-04-07 20:25:17 -04:00
Gabriel Nicolas Avellaneda
d8764de423
Proper use of quotes for running the command 
$1 on a shell has a special meaning and inside of double quotes (") it will be expaned to an empty string. Using single quotes fixes the issue.
 2019-04-05 14:06:00 -03:00
Kubernetes Prow Robot
39ecab8d5a
Merge pull request #3954 from Shopify/lb-configmap 
Fix load-balance configmap value
 2019-04-02 05:10:34 -07:00
Alex Kursell
4f819b6256 Fix load-balance configmap value 2019-04-01 15:55:36 -04:00
Alan
fd1f200eb4
fix typo: delete '`' 
fix typo: delete '`'
 2019-03-29 13:42:03 +08:00
Kubernetes Prow Robot
f66902db1d
Merge pull request #3841 from shroudedcode/improve-sticky-session-docs 
Improve "Sticky session" docs
 2019-03-27 16:42:47 -07:00
Sean Fern
bf670a314f
Update apiVersion to apps/v1, drop duplicate line 2019-03-25 11:43:36 -04:00
Gregor Noczinski
1bef3e75b2 Set X-Request-ID for the default-backend, too. 2019-03-22 11:33:11 +01:00
Niklas Higi
ec7247058d
Improve "Sticky sessions" documentation page 2019-03-18 22:31:59 +01:00
Elvin Efendi
1d59e4f1fe enable dynamic SSL mode by default 2019-03-17 14:58:06 -04:00
Alex Kursell
1e96671e26 Remove sort-backends flag from cli docs 2019-03-12 14:48:05 -04:00
Alex Kursell
68038eec63 Make sure cli-arguments doc is in alphabetical order 2019-03-12 14:43:05 -04:00
Alex Kursell
d8fe2d992b Remove useless nodeip call and deprecate --force-namespace-isolation 2019-03-11 18:19:13 -04:00
Chris Carty
5fb1116282 update GKE header to match link in contents 2019-03-10 09:13:34 -04:00
Manuel Alejandro de Brito Fontes
1186d88f08
Fix name of field used to sort ingresses (#3871) 2019-03-07 21:24:46 -03:00
Alex Kursell
d3ac73be79 Remove session-cookie-hash annotation 2019-03-04 10:34:48 -05:00
Alex Kursell
d4b14b40ff Use incantation from release page 2019-02-27 12:57:55 -05:00
Alex Kursell
25a0d7a01c Fix plugin install location 2019-02-27 12:26:12 -05:00
Kubernetes Prow Robot
ec632817ad
Merge pull request #3780 from arturxx8/master 
Enable access log for default backend
 2019-02-26 05:51:39 -08:00
Mikhail Marchenko
8b3702c829 Enable access log for default backend 
disable log on default_server
 2019-02-26 11:14:31 +03:00
Alex Kursell
9e424a4a6a Add kubectl plugin 2019-02-25 15:54:00 -05:00
jasongwartz
3865e30a00 Changes CustomHTTPErrors annotation to use custom default backend 
Updates e2e test

Removes focus from e2e test

Fixes renamed function

Adds tests for new template funcs

Addresses gofmt

Updates e2e test, fixes custom-default-backend test by creating service

Updates docs
 2019-02-24 22:48:56 +01:00
Kubernetes Prow Robot
7b2495047f
Merge pull request #3781 from zoumo/proxy-buffer-number 
feat: configurable proxy buffers number
 2019-02-22 12:11:46 -08:00
Jim Zhang
dc63e5d185 fix: rename proxy-buffer-number to proxy-buffers-number 2019-02-22 10:21:17 +08:00
Elvin Efendi
3bb1a1e1ea use correct host for jaeger-collector-host in docs 2019-02-20 10:16:34 -05:00
Jim Zhang
81e4440bdb docs: add docs for proxy-buffer-number 2019-02-20 18:07:40 +08:00
Anthony Ho
ec04852526 Create custom annotation for satisfy "value" 2019-02-19 15:58:35 -05:00
Manuel Alejandro de Brito Fontes
d36de8a63d
Fix dashboard link [skip ci] (#3772) 2019-02-16 19:58:26 -03:00
Alan J Castonguay
a29c27ed4c Datadog Opentracing support - part 2 
This commit is part 2 of 2, adding configuration of the
Datadog Opentracing module to the controller.

Fixes half of #3752
 2019-02-15 15:20:10 -05:00
Carlos Diaz-Padron
2340738fb9
Add mention of secure-backends to backend-protocol docs 2019-02-11 15:40:36 -08:00
Kubernetes Prow Robot
9ba67992be
Merge pull request #3686 from Shopify/dbg-tool 
Add debug binary to the docker image
 2019-02-11 07:27:15 -08:00
Sebastiaan Tammer
ab48aab83b Added link for fieldRef information 2019-02-10 17:24:32 +01:00
Sebastiaan Tammer
fc5e99a151 Parse environment variables in OpenTracing configuration 2019-02-10 16:59:05 +01:00
Alex Kursell
9534f8bc43 Add debug tool to image 2019-02-08 11:25:04 -05:00
Kubernetes Prow Robot
17e788b8e1
Merge pull request #3684 from aledbf/health 
Replace Status port using a socket
 2019-02-06 13:49:08 -08:00
Manuel Alejandro de Brito Fontes
34b0580225
Replace Status port using a socket 2019-02-06 18:00:10 -03:00
Alex Kursell
18ebb68f41 Update a doc example that uses rewrite-target 2019-02-06 10:48:08 -05:00
minherz
de2a1ece6d add header-value annotation 
add new annotation (header-value)
parse it and propogate to lua script
alter balancer rule to include it into the canary routing logic
add e2e test to validate fallback for canary-by-header-value
add description of canary-by-header-value to documentation
 2019-01-30 23:23:44 +02:00
Kubernetes Prow Robot
bd248250be
Merge pull request #3702 from stamm/access_logs_params 
Add params for access log
 2019-01-28 07:30:00 -08:00
Tyler Horvath
6824c78c1b
make usage more clear about default-backend annotation 2019-01-26 11:47:19 -07:00
Rustam Zagirov
5dee6af957 add params for access log 2019-01-26 21:42:11 +03:00
Shreyans Sheth
05993e8a13
Correcting links for gRPC Fortune Teller app 
The link was erroneous, corrected the same.
 2019-01-23 17:02:16 +05:30
Kubernetes Prow Robot
1db9c91af4
Merge pull request #3363 from skeeey/master 
Document for cookie expires annotation
 2019-01-14 07:52:28 -08:00
Manuel Alejandro de Brito Fontes
b10b60f9ae
Revert max-worker-connections default value (#3660) 2019-01-13 10:53:18 -03:00
liuwei
7aa5834948 add cookie expires document and fix a flaw for session-cookie-expires 2019-01-11 15:35:39 +08:00
Manuel Alejandro de Brito Fontes
0e783b3b82
Add note about SSL Certificate common names 2019-01-10 20:59:50 -03:00
Shai Katz
edd87fbae3 add limit connection status code 
add default conn status code

add missing colon

add limit connection status code
 2019-01-09 19:31:10 +02:00
Kubernetes Prow Robot
8f57f9578d
Merge pull request #3586 from Shopify/disable-catch-all 
Add --disable-catch-all option to disable catch-all server
 2019-01-07 07:16:26 -08:00
Kubernetes Prow Robot
2c3ce07135
Merge pull request #3396 from flugel-it/master 
New balancer implementation: consistent hash subset
 2019-01-04 10:31:03 -08:00
chainhelen
ccacef6a8a Typo: docs/examples/rewrite/README.md 2019-01-04 21:48:46 +08:00
Davide Icardi
25776353bb Add basic usage documentation 2019-01-03 19:58:27 +01:00