The fact that you need to explicitly add the annotation is easy to miss.
This makes this more explicit, while leaving the finer details to the
linked annotations document.
1. Session cookie is updated on previous attempt failure when `session-cookie-change-on-failure = true` (default value is `false`).
2. Added tests to check both cases.
3. Updated docs.
Co-Authored-By: Vladimir Grishin <yadolov@users.noreply.github.com>
IPv6 enabled/disabled working was confusing or contradicting itself. This updates the wording to what is expected, based on the default values in the table above, and the behaviour that I could find in code.
The current ingress example uses the `$2` capture group placeholder, however the description refers to the `$1` placeholder (this was previously correct, but was not updated when the ingress example changed from $1 to $2).
Move the "gzip-types" value default from the "use-gzip" to the "gzip-types"
heading, and link to it from use-gzip.
Document that the "use-gzip" default is "true", matching the style of other
configmap items.
Augment description of custom-headers behavior. Explain the purpose of the two configmaps, making explicit that one cites the other by `namespace/name`. Link the two example yaml files, so they're more easily navigated to from a browser looking at https://kubernetes.github.io/ingress-nginx/examples/customization/custom-headers/
Campfire: grammar, standard installation is in the `ingress-nginx` namespace.
In case some ingress have a syntax error in the snippet configuration,
the freshly generated configuration will not be reloaded to prevent tearing down existing rules.
Although, once inserted, this configuration is preventing from any other valid configuration to be inserted as it remains in the ingresses of the cluster.
To solve this problem, implement an optional validation webhook that simulates the addition of the ingress to be added together with the rest of ingresses.
In case the generated configuration is not validated by nginx, deny the insertion of the ingress.
In case certificates are mounted using kubernetes secrets, when those
changes, keys are automatically updated in the container volume, and the
controller reloads it using the filewatcher.
Related changes:
- Update vendors
- Extract useful functions to check configuration with an additional ingress
- Update documentation for validating webhook
- Add validating webhook examples
- Add a metric for each syntax check success and errors
- Add more certificate generation examples
