DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1684 commits 4 branches 217 tags 166 MiB
Commit graph

289 commits

Author SHA1 Message Date
Manuel Alejandro de Brito Fontes
1045e432c7 Merge pull request #1043 from antoineco/ep-targetref 
Return reference to object providing Endpoint
 2017-08-02 19:56:22 -04:00
Seth Pollack
40a9a54082
add per minute rate limiting 2017-08-01 23:24:48 -04:00
Vladimir Pouzanov
e62bfff135 Pass through the original error text 2017-08-01 18:36:01 +01:00
Manuel de Brito Fontes
98a95282f9 Add field FileSHA in BasicDigest struct 2017-07-31 22:08:09 -04:00
Antoine Cotten
6035e55ec3
Return reference to object providing Endpoint 2017-07-29 15:27:56 +02:00
Manuel de Brito Fontes
fe1b913f21 Add function to allow custom values in Ingress status 2017-07-28 20:26:35 -04:00
Manuel de Brito Fontes
facf8f0f6f Alternative syncSecret approach #1030 2017-07-27 22:17:22 -04:00
Joao Morais
4453a06caa Change missing secret name log level to V(3) 2017-07-27 13:57:34 -03:00
Manuel Alejandro de Brito Fontes
ce5e3999ab Merge pull request #1027 from aledbf/doc-equals 
Lint code
 2017-07-27 10:39:41 -04:00
Manuel de Brito Fontes
681ca36b1c Lint code 2017-07-26 23:07:59 -04:00
Manuel de Brito Fontes
dbe1880f60 Fix random watch errors 2017-07-26 22:31:34 -04:00
Minhan Xia
ee3054dd52 adapt gce controller to godep updates 2017-07-25 17:09:27 -07:00
Vladimir Pouzanov
60926d4cca Fixed the ambiguous error message 2017-07-21 17:45:23 +01:00
Manuel de Brito Fontes
4fb61c73d1 Update go dependencies 2017-07-20 10:43:09 -07:00
Manuel de Brito Fontes
7f2b68b7df Update generic controller 2017-07-20 10:43:09 -07:00
Manuel Alejandro de Brito Fontes
fbb96f4c83 Merge pull request #981 from chrismoos/service_upstream 
Add annotation to allow use of service ClusterIP for NGINX upstream.
 2017-07-19 12:20:30 -04:00
Manuel Alejandro de Brito Fontes
e59ac13eba Merge pull request #991 from aledbf/ssl-refactoring 
Remove secret sync loop
 2017-07-19 12:19:36 -04:00
Chris Moos
666bcca495 Add annotation to allow use of service ClusterIP for NGINX upstream. 2017-07-19 16:02:04 +02:00
Manuel de Brito Fontes
5a1f845593 Remove secret sync loop 2017-07-18 22:54:32 -04:00
Manuel de Brito Fontes
bd621359ac Check errors generating pem files 2017-07-18 16:26:28 -04:00
Joao Morais
8c3bb17f56 Add sort-backends command line option 2017-07-16 11:00:02 -03:00
Manuel Alejandro de Brito Fontes
a6f7c93245 Merge pull request #973 from stibi/945-nginx-no-reload 
check number of servers in configuration comparator
 2017-07-15 13:43:58 -04:00
Martin Stiborsky
299d4c373c check number of servers in configuration comparator 2017-07-15 17:40:28 +02:00
Manuel Alejandro de Brito Fontes
438a2fa70b Merge pull request #967 from claytononeill/runningaddresses-typo 
Fix runningAddresses typo
 2017-07-14 11:01:29 -04:00
Clayton O'Neill
fb42b9979d Fix runningAddresses typo 2017-07-14 10:33:33 -04:00
Clayton O'Neill
ad583c3acb Fix error checking for pod name & NS 
Previously it would just check if POD_NAME *or* POD_NAMESPACE was set, which
could lead to very bizarre failure modes.
 2017-07-14 09:26:50 -04:00
Manuel de Brito Fontes
14a02d128c Simplify handling of ssl certificates 2017-07-12 15:29:03 -04:00
Manuel de Brito Fontes
6a4679b028 Add support for proxy protocol in TCP services 2017-07-02 17:09:09 -04:00
Manuel Alejandro de Brito Fontes
9af4fb573e Merge pull request #906 from aledbf/fix-race-condition 
Fix race condition with closed channels
 2017-06-28 14:47:57 -04:00
Gorka Lerchundi Osa
5503e8d0e9 nginx/proxy: allow specifying next upstream behaviour 2017-06-27 23:30:43 +02:00
Manuel de Brito Fontes
8e8277f1a4 Fix race condition with closed channels 2017-06-26 13:16:53 -04:00
Manuel de Brito Fontes
67e0e0b920 Fix nginx sticky sessions 2017-06-25 21:30:30 -04:00
Manuel de Brito Fontes
3b903c5913 Always reload after a change in the configuration 2017-06-25 18:12:07 -04:00
Manuel Alejandro de Brito Fontes
312c9ec7e2 Merge pull request #871 from aledbf/fix-sticky 
Add feature to allow sticky sessions per location
 2017-06-23 13:22:12 -04:00
Manuel de Brito Fontes
83d03a19a6 Add feature to allow sticky sessions per location 2017-06-22 14:12:57 -04:00
Manuel de Brito Fontes
4ee2bdc302 Add support for SubjectAltName in SSL certificates 2017-06-20 19:47:06 -04:00
Manuel de Brito Fontes
05a976f9e5 Add flag to skip the update of Ingress status on shutdown 2017-06-20 09:47:18 -04:00
Manuel de Brito Fontes
92eeb7828b Implement Equaler 2017-06-15 00:17:54 -04:00
Manuel de Brito Fontes
75a4a61254 WIP: Avoid reloads implementing Equals in structs 2017-06-14 23:58:31 -04:00
Manuel de Brito Fontes
45c77a951d Code linting 2017-06-14 19:49:35 -04:00
Manuel de Brito Fontes
aa8c66ec01 Remove dead code 2017-06-14 19:42:13 -04:00
Manuel Alejandro de Brito Fontes
bd1429ddac Merge pull request #855 from aledbf/lint 
Lint code
 2017-06-13 11:31:32 -04:00
Giancarlo Rubio
b4c8a66b1f Don't expose certificate metrics for default server 
The default server has a self signed certificate so it's not important to monitor
 2017-06-13 16:01:05 +02:00
Fabian Ruff
8304feb497 ensure private key and certificate match 
Adding an ingress tls secret with a non matching certificate and private key break at least the nginx-controller permanently until the offending secret is deleted.

In that case nginx refuses to start/reload with an error like this:
```
Error: exit status 1
2017/06/13 12:16:53 [emerg] 51#51: SSL_CTX_use_PrivateKey_file("/ingress-controller/ssl/monsoon3-tls-baremetal-3-eu-de-1-cloud-sap.pem") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
nginx: [emerg] SSL_CTX_use_PrivateKey_file("/ingress-controller/ssl/tls-baremetal-3-example-com.pem") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
nginx: configuration file /tmp/nginx-cfg728491545 test failed
```
 2017-06-13 15:16:24 +02:00
Manuel de Brito Fontes
aacb7a5abb Lint 2017-06-13 09:07:14 -04:00
Giancarlo Rubio
d9cf043552 Instrument nginx to expose metric "ssl certficate expiration time " 
Add a console warning message 10 days before the certificate expire
 2017-06-13 13:44:00 +02:00
Justin Santa Barbara
cacc7bc21e Match ServicePort to Endpoints by Name 
We can never match on the EndpointPort.Port; that is the container port.
 2017-06-12 23:02:28 -04:00
Manuel de Brito Fontes
dca6de883c Simplify controller interface 2017-06-11 15:56:30 -04:00
Joao Morais
6b54ae58ac Create or delete ingress based on class annotation 2017-06-07 13:16:34 -03:00
Manuel Alejandro de Brito Fontes
3f0307a96e Merge pull request #792 from aledbf/refactor-has-synced 
Avoid checking if the controllers are synced
 2017-05-29 20:38:30 -04:00
Manuel Alejandro de Brito Fontes
5f71bde601 Merge pull request #753 from jcmoraisjr/jm-secret-tracker 
Move secretTracker updating to GetAuthCertificate()
 2017-05-29 17:01:40 -04:00
Manuel de Brito Fontes
5472555186 Avoid checking if the controllers are synced 2017-05-29 12:22:30 -04:00
Joao Morais
37f8c8bb40 Add ConfigureFlags() on controller interface 2017-05-24 21:03:52 -03:00
Manuel de Brito Fontes
797560ab8c Change recorder event scheme 2017-05-24 14:02:51 -04:00
Manuel de Brito Fontes
e347413649 Replace use of endpoint as locks with configmap 2017-05-24 01:55:13 -04:00
Joao Morais
c4d8011fa4 Move secretTracker updating to GetAuthCertificate() 2017-05-23 14:20:31 -03:00
Manuel Alejandro de Brito Fontes
42e40557b9 Merge pull request #749 from aledbf/remove-service-annotation 
Remove service annotation for namedPorts
 2017-05-22 23:34:42 -04:00
Manuel de Brito Fontes
d98a052972 Remove service annotation for namedPorts 2017-05-22 22:55:39 -04:00
Manuel de Brito Fontes
b1d6468d5d Replace NodeLegacyHostIP with NodeInternalIP 2017-05-20 20:11:58 -04:00
Manuel Alejandro de Brito Fontes
3dc7717a68 Merge pull request #716 from jcmoraisjr/jm-secure-ca 
Add secure-verify-ca-secret annotation
 2017-05-17 07:41:13 -04:00
Manuel Alejandro de Brito Fontes
8ca5fbeece Merge pull request #717 from caiyixiang/del_unuseful_var 
delete unuseful variable
 2017-05-15 22:19:18 -04:00
zouyee
bb72a03bc2 nodeController sync 2017-05-15 14:34:08 +08:00
caiyixiang
c05b7a0094 \core\pkg\ingress\errors:delete unuseful variable 2017-05-15 10:22:58 +08:00
Joao Morais
8b5a6e7661 Add secure-verify-ca-secret annotation 2017-05-14 19:14:27 -03:00
Manuel de Brito Fontes
a537d2d0fa Remove secrets from ingress after a Delete event 2017-05-11 22:19:16 -03:00
Manuel de Brito Fontes
5c9c5a301a Avoid periodic check for secret changes 2017-05-10 21:54:30 -03:00
Frieder Paape
3694788ed5 Adding support for externalIP Services 2017-05-09 16:23:40 +02:00
Manuel de Brito Fontes
5d9728b16e Convert CN SSL Certificate to lowercase before comparison 2017-05-01 20:01:05 -03:00
Manuel de Brito Fontes
87b484eb47 Allow more frequent reload events 2017-04-27 14:29:31 -03:00
Manuel Alejandro de Brito Fontes
a1b6fa7d5b Merge pull request #663 from aledbf/remove-todo 
Remove helper required in go < 1.8
 2017-04-27 00:14:29 -03:00
Manuel Alejandro de Brito Fontes
192d832458 Merge pull request #662 from aledbf/fix-647 
Add debug information about ingress class
 2017-04-27 00:08:04 -03:00
Manuel de Brito Fontes
d1e77f132f Remove helper required in go < 1.8 2017-04-26 23:52:03 -03:00
Manuel de Brito Fontes
8fc09d521f Add debug information about ingress class 2017-04-26 23:43:52 -03:00
Manuel de Brito Fontes
7eee34f473 Rollback queue refactoring 2017-04-26 22:52:04 -03:00
Manuel de Brito Fontes
ab1f04b9c2 Add support for https in proxy request for external authentication 2017-04-24 22:14:38 -03:00
Manuel de Brito Fontes
786d977a90 Fix lint errors 2017-04-20 16:48:14 -03:00
Manuel Alejandro de Brito Fontes
b18f8e86ad Merge pull request #629 from aledbf/externalname-feature 
Add support for services of type ExternalName
 2017-04-20 16:44:03 -03:00
Manuel de Brito Fontes
c71fe9f73f Add support for services of type ExternalName 2017-04-19 23:30:51 -03:00
Manuel de Brito Fontes
de14e2f4f1 Refactor ssl-passthroug using go to handle TLS hello 2017-04-19 01:39:14 -03:00
Manuel de Brito Fontes
c4ef98240d Status leader election must consired the ingress class 2017-04-16 15:48:12 -03:00
Manuel Alejandro de Brito Fontes
0f9f082959 Merge pull request #599 from aledbf/force-isolation 
Add flag to force namespace isolation
 2017-04-15 11:42:46 -03:00
caiyixiang
25a5b92e94 add a judgment 2017-04-13 16:38:07 +08:00
Manuel de Brito Fontes
77c9f4e5fc Add flag to force namespace isolation 2017-04-12 22:50:54 -03:00
chentao1596
f5baeb2f4a add unit test cases for core/pkg/ingress/controller/backend_ssl 2017-04-11 15:27:22 +08:00
chentao1596
2ec3bb810e remove reduntants alias 2017-04-11 11:13:09 +08:00
Manuel de Brito Fontes
5bd729a1b6 Detect if the ingress controller is running with multiple replicas 2017-04-09 16:14:20 -03:00
Manuel de Brito Fontes
f28142ae8e Replace secret workqueue 2017-04-09 13:52:10 -03:00
Joao Morais
239166b4b7 Revert merge annotations to the implicit root context 2017-04-06 22:18:51 -03:00
Joao Morais
4558ef6a52 Fix intermittent misconfiguration of backend.secure and sticky 2017-04-05 22:21:34 -03:00
Manuel Alejandro de Brito Fontes
ed6987e716 Merge pull request #540 from jcmoraisjr/jm-ssl-passthrough 
Add Backends.SSLPassthrough attribute
 2017-04-05 17:53:29 -03:00
Nick Sardo
12a0373d2e Merge pull request #539 from aledbf/migrate-client-go 
Migrate to client-go
 2017-04-05 13:50:21 -07:00
Manuel de Brito Fontes
e0561ddeb9 Update nginx and generic controller 2017-04-04 11:51:50 -03:00
Giancarlo Rubio
c21f7ce666 OverrideFlags was called before parsing arguments (arguments was always empty) 
correct args order for newStatsCollector
 2017-04-04 13:15:06 +02:00
Andreas Kohn
049790918c
Fix a couple of 'does not contains' typos 2017-04-03 12:22:08 +02:00
Manuel de Brito Fontes
4103537ea1 Fix lint errors 2017-04-02 11:07:07 -03:00
Joao Morais
b59d49a4a7 Add Backends.SSLPassthrough attribute 2017-04-01 23:32:22 -03:00
Manuel Alejandro de Brito Fontes
02cd3ce885 Merge pull request #225 from electroma/nginx/extauth_headers 
Support for http header passing from external authentication service
 2017-04-01 20:40:29 -03:00
Manuel Alejandro de Brito Fontes
638ea2b51e Merge pull request #527 from jcmoraisjr/jm-ann-root-context 
Add annotations to location of default backend (root context)
 2017-04-01 11:21:06 -03:00
Manuel de Brito Fontes
00ce4f46f3 Add test for ingress status update 2017-03-31 09:46:51 -03:00
Joao Morais
8552351af0 Add annotations to location of default backend (root context) 2017-03-30 22:30:39 -03:00