DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5910 commits 4 branches 217 tags 166 MiB
Commit graph

117 commits

Author SHA1 Message Date
Kubernetes Prow Robot
d08b742453
Merge pull request #6838 from peter-miroshnikov/annotations_custom_timeout_docs 
Adding note to Custom Timeouts in Annotation Docs.
 2021-05-03 03:40:02 -07:00
shuheiktgw
01b30a2fa0 Update the link on ketama 2021-04-03 17:23:53 +09:00
peter-miroshnikov
4787a51ad5 Adding note to Custom Timeouts in Annotation Docs. 
It wasnt clear that the timeout values come unitless and in seconds from firsts glance.
Adding a simple note i belive will help.
 2021-02-04 11:05:11 +01:00
Laszlo Janosi
15eff8220a
fix the documentation for the proxy-ssl-secret and the auth-tls-secret annotations 2021-01-06 09:41:01 +00:00
Elvin Efendi
8c193a2297 fix link in annotation docs 2021-01-05 09:24:23 -05:00
Elvin Efendi
e0dece48f7 Add Global Rate Limiting support 2021-01-04 17:47:07 -05:00
Josh Soref
a8728f3d2c Spelling 2020-12-15 16:10:48 -05:00
Kubernetes Prow Robot
e3a3ea8826
Merge pull request #6294 from ianbuss/auth-error-redirect-param 
Allow customisation of redirect URL parameter in external auth redirects
 2020-11-23 01:27:37 -08:00
Julien Bouquillon
f6a430775c
docs(annotations): explicit redirect status code 2020-11-15 00:31:04 +01:00
Ian Buss
41cf628bdf Add a configurable URL redirect parameter for error URLs 2020-10-08 12:53:46 +01:00
Maxime LUCE
b7b85175f6 Add annotation to configure CORS Access-Control-Expose-Headers 2020-09-23 17:41:52 +02:00
Daniel Albuschat
d4a817325c
Update annotations.md 
Improvements to the documentation of Client Certificate Authentication. (auth-tls-* annotations).
- Mention that these rules are applied per host and not per Ingress/path
- Include more possible and default values
- Describe the headers that are sent to the upstream services
 2020-09-23 09:51:08 +02:00
Gian Ortz
3820aa416b Add annotation to set value for burst multiplier on rate limit 2020-08-30 19:43:08 -03:00
Goran
743439e75b
Added missing backend protocol. 
As per https://kubernetes.github.io/ingress-nginx/user-guide/fcgi-services/
 2020-08-14 11:16:53 +02:00
Zhongcheng Lao
c0629e92c2
Add proxy-ssl-server-name to enable passing SNI 2020-07-03 14:14:32 +08:00
chamilad
ee84603d06 Add minor doc fixes to user guide and chart readme 2020-06-03 17:54:41 +12:00
Kubernetes Prow Robot
d061375afa
Merge pull request #5571 from agile6v/dev 
feat: support the combination of Nginx variables for annotation upstream-hash-by.
 2020-06-01 15:10:14 -07:00
agile6v
c035a144f8 Support the combination of nginx variables and text value for annotation upstream-hash-by. 2020-06-01 06:37:41 +08:00
agile6v
41d82005ec Add annotation ssl-prefer-server-ciphers. 2020-05-11 16:31:08 +08:00
Manuel Alejandro de Brito Fontes
f9ae784541 Remove lua-resty-waf docs 2020-04-22 17:42:18 -04:00
Manuel Alejandro de Brito Fontes
90d07d7b69 Fix from-to-www link 2020-04-17 19:41:25 -04:00
schaefec
141ea59b7f Allows overriding the server name used to verify the certificate of the proxied HTTPS server 2020-02-25 13:32:14 +01:00
Lisheng Zheng
0b33650bb8 Feat: canary supports using specific match strategy to match header value. 2020-02-21 10:02:20 +08:00
James Taylor
f97599c189
Use correct spelling of "Original" 
Fix the spelling of "original" in the annotations documentation
 2020-02-20 16:45:26 +11:00
Kubernetes Prow Robot
5e54f66ab2
Merge pull request #5040 from BrianKopp/samesite-followup 
Update documentation and remove hack fixed by upstream cookie library
 2020-02-10 10:25:53 -08:00
Manuel Alejandro de Brito Fontes
34b6d083b8
Cleanup docs (#5043) 2020-02-09 20:50:27 -03:00
BrianKopp
34b194c770 Update documentation and remove hack fixed by upstream cookie library 2020-02-08 11:54:52 -07:00
Manuel Alejandro de Brito Fontes
b3146354d4 Refactor mirror feature 2020-02-05 10:39:55 -03:00
Brian Kopp
1b523390bb Add SameSite=None support and conditionally omit SameSite=None for backwards compatibility 2020-01-29 14:30:00 -07:00
Manuel Alejandro de Brito Fontes
0dce5be743 Migrate ingress definitions from extensions to networking.k8s.io 2019-12-12 21:25:00 -03:00
Sablu Miah
010ec6f159
Remove extra annotation when Enabling ModSecurity 
Since version 0.25, if you try to use both annotations of:

nginx.ingress.kubernetes.io/modsecurity-snippet: |
Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf
Include /etc/nginx/modsecurity/modsecurity.conf

and 

nginx.ingress.kubernetes.io/enable-modsecurity: "true"

it breaks nginx config and you will not catch it unless you have nginx admission controller enabled. 

You do not need the annotation of `Include /etc/nginx/modsecurity/modsecurity.conf` from version 0.25
 2019-11-28 15:16:09 +00:00
Kubernetes Prow Robot
b286c2a336
Merge pull request #4732 from willthames/enable-opentracing-annotation 
Allow enabling/disabling opentracing for ingresses
 2019-11-26 17:31:21 -08:00
Will Thames
0ae463a5f3 Provide annotation to control opentracing 
By default you might want opentracing off, but on for a particular
ingress.

Similarly, you might want opentracing globally on, but disabled for
a specific endpoint. To achieve this, `opentracing_propagate_context`
cannot be set when combined with `opentracing off`

A new annotation, `enable-opentracing` allows more fine grained control
of opentracing for specific ingresses.
 2019-11-27 11:07:26 +10:00
Syunsuke Komma
73aaf0ff28
Update annotations.md 
Add links to proxy-buffering section
 2019-11-13 12:54:42 +09:00
Syunsuke Komma
0b38a48ac9
Update annotations.md 
Add notes of limit-rate/limit-rate-after
 2019-11-13 12:49:59 +09:00
Kubernetes Prow Robot
a0dc3a9a51
Merge pull request #4695 from janosi/secure-verify-ca-secret 
Removing secure-verify-ca-secret support
 2019-11-08 07:12:21 -08:00
Carlos Panato
40e0e5bef8
add proxy-max-temp-file-size doc 2019-10-23 09:55:46 +02:00
Laszlo Janosi
31227d61c2 Removing secure-verify-ca-secret support and writing an error log if that annotation is used in an Ingress definition 2019-10-18 10:58:57 +02:00
A Gardner
786a3b6862 Add support for configmap of headers to be sent to external auth service 2019-09-24 10:53:23 -04:00
Kubernetes Prow Robot
f6c2f5fb97
Merge pull request #4514 from alexmaret/4475-stickyness-mode 
Added new affinity mode for maximum session stickyness.
 2019-09-24 05:09:27 -07:00
A Gardner
376b862c23 Add annotation to support map of user/pass pairs in basic auth 2019-09-13 11:33:33 -04:00
Tobias Bradtke
d7dc7be276 Fix relative links (#4522) 2019-09-03 09:02:07 -04:00
Alexander Maret-Huskinson
9170591185 Added new affinity mode for maximum session stickyness. Fixes kubernetes/ingress-nginx#4475 2019-08-30 11:40:29 +02:00
Manuel Alejandro de Brito Fontes
8def5ef7ca
Add support for multiple alias and remove duplication of SSL certificates (#4472) 2019-08-26 10:58:44 -04:00
Tim Hobbs
2c604e7d38
Add rate limit units and error status 
Signed-off-by: Tim Hobbs <timothy.hobbs@ic-consult.com>
 2019-08-22 16:03:41 +02:00
Gabor Lekeny
65b9e2c574 Merge branch 'master' of https://github.com/kubernetes/ingress-nginx into proxyssl 2019-08-16 06:21:53 +02:00
Fernando Diaz
386486e969 Allow Requests to be Mirrored to different backends 
Add a feature which allows traffic to be mirrored to
additional backends. This is useful for testing how
requests will behave on different "test" backends.

See https://nginx.org/en/docs/http/ngx_http_mirror_module.html
 2019-08-01 11:53:58 -05:00
Gabor Lekeny
def13fc06c Add proxy_ssl_* directives 
Add support for backends which require client certificate (eg. NiFi)
authentication. The `proxy-ssl-secret` k8s annotation references a
secret which is used to authenticate to the backend server. All other
directives fine tune the backend communication.

The following annotations are supported:
* proxy-ssl-secret
* proxy-ssl-ciphers
* proxy-ssl-protocol
* proxy-ssl-verify
* proxy-ssl-verify-depth
 2019-07-18 03:21:52 +02:00
Kubernetes Prow Robot
589c9a20f9
Merge pull request #4278 from moolen/feat/auth-req-cache 
feat: auth-req caching
 2019-07-17 12:06:12 -07:00
Moritz Johner
23504db770 feat: auth-req caching 
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.

[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2019-07-17 18:39:04 +02:00