DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1086 commits 4 branches 217 tags 166 MiB
Commit graph

114 commits

Author SHA1 Message Date
Manuel de Brito Fontes
2399be867e Cleanup custom log format configuration 2017-03-04 18:35:33 -03:00
Manuel Alejandro de Brito Fontes
75124bc9f1 Merge pull request #356 from gianrubio/patch-1 
Disable listen only on ipv6 and fix proxy_protocol
 2017-03-03 09:50:43 -03:00
Peter Wilson
1a72b3f775 add ForceSSLRedirect ingress annotation 2017-03-03 16:44:29 +11:00
Aaron Roydhouse
336f3cb108 Fix error caused by increasing proxy_buffer_size (#363) 
This fixes the bug raised in #363, by increasing the size of the proxy_buffers (memory allocation) to match the size of the proxy buffer. This leaves the default values (with no ingress setting) unchanged:
```
proxy_buffer_size      4k
proxy_buffers            4 4k
```
If 'proxy-buffer-size' is set, then now both the buffer size and the memory allocation size is increased:
```
proxy_buffer_size     "{{ $location.Proxy.BufferSize }}";
proxy_buffers           4 "{{ $location.Proxy.BufferSize }}";
```
I have been using this patch with 0.8.3 and 0.9.0-beta.2.
 2017-03-02 16:11:27 -05:00
rsafronov
05526e4a66 Merge remote-tracking branch 'upstream/master' into nginx/extauth_headers 
# Conflicts:
#	controllers/nginx/pkg/template/template.go
 2017-03-02 14:46:18 -05:00
Giancarlo Rubio
0ca3aef0f5 Add ability to customize upstream and stream log format 2017-03-01 18:47:11 +01:00
Giancarlo Rubio
90fdea751b Disable listen only on ipv6 and fix proxy_protocol 
- Always listen on ipv4 address for port 443
- Rollback previous PR #227 that broke the proxy_protocol when passthroughBackends is disabled
 2017-03-01 15:31:00 +01:00
electroma
c8eda8f17f Merge branch 'master' into nginx/extauth_headers 2017-02-27 16:28:11 -05:00
Manuel de Brito Fontes
02d44ccbaa Fix client source IP address 2017-02-26 19:01:07 -03:00
Ricardo Pchevuzinske Katz
a342c0bce3 Adds correct support for TLS Muthual autentication and depth verification 
modified:   controllers/nginx/configuration.md
	modified:   controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
	modified:   core/pkg/ingress/annotations/authtls/main.go
	modified:   core/pkg/ingress/controller/backend_ssl.go
	modified:   core/pkg/ingress/controller/controller.go
	modified:   core/pkg/ingress/controller/util_test.go
	modified:   core/pkg/ingress/resolver/main.go
	modified:   core/pkg/ingress/types.go
	modified:   core/pkg/net/ssl/ssl.go
	modified:   examples/PREREQUISITES.md
	new file:   examples/auth/client-certs/nginx/README.md
	new file:   examples/auth/client-certs/nginx/nginx-tls-auth.yaml
 2017-02-24 22:49:01 -03:00
Manuel de Brito Fontes
84324af140 Refactoring of TCP and UDP services 2017-02-24 20:14:43 -03:00
Manuel Alejandro de Brito Fontes
33ab550290 Merge pull request #332 from aledbf/snippets 
Add annotation to customize nginx configuration
 2017-02-24 18:39:45 -03:00
Giancarlo Rubio
704a18cec9 Add support for proxy cookie path/proxy cookie domain 2017-02-24 16:06:30 +01:00
Manuel de Brito Fontes
a20c287614 Add annotation to customize nginx location configuration 2017-02-23 16:48:59 -03:00
caiyixiang
e68abf067b change 'buildSSPassthrouthUpstreams' to 'buildSSLPassthroughUpstreams' 2017-02-20 10:30:37 +08:00
Manuel de Brito Fontes
8fd12b26ba Change nginx variable to use in filter of access_log 2017-02-17 18:21:46 -03:00
Manuel Alejandro de Brito Fontes
e603066d92 Merge pull request #290 from aledbf/update-nginx 
Update nginx version in ingress controller to 1.11.10
 2017-02-17 15:46:52 -03:00
Prashanth B
698c08402a Merge pull request #258 from rikatz/nginx-sticky-annotations 
Nginx sticky annotations
 2017-02-17 05:27:18 +05:30
Manuel de Brito Fontes
2d0971d6b0 Update nginx version in ingress controller to 1.11.10 2017-02-16 15:10:14 -03:00
Manuel Alejandro de Brito Fontes
b5819d8f4d Merge pull request #246 from aledbf/set-headers 
Add support for custom proxy headers using a ConfigMap
 2017-02-16 07:35:57 -03:00
Manuel de Brito Fontes
0cdc4bd8ba Pass headers to custom error backend 2017-02-14 17:43:31 -03:00
Ricardo Pchevuzinske Katz
a158e5fc5a Improve the session affinity feature 2017-02-12 21:13:39 -02:00
Ricardo Pchevuzinske Katz
6809319318 Adds support for configuring stickness per Ingress 2017-02-10 12:24:16 -02:00
Ricardo Pchevuzinske Katz
79e186cb77 New sticky session configuration 2017-02-10 01:33:23 -02:00
Ricardo Pchevuzinske Katz
d0c4e0d713 Adds support for disabling the entire access_log 2017-02-09 21:20:12 -02:00
rsafronov
4c2b2512f5 Merge branch 'upstream' into nginx/extauth_headers 2017-02-08 16:57:03 -05:00
Manuel de Brito Fontes
5cc5669938 Add support for custom proxy headers using a ConfigMap 2017-02-07 17:00:23 -03:00
Manuel de Brito Fontes
36f842c011 Add information about proxy_protocol in port 442 2017-02-04 21:29:35 -03:00
Justin Santa Barbara
8d71557b13 Remove proxy_protocol from 442 listener 
The proxy_protocol processing should only happen once, on the
"external-facing" listeners.
 2017-02-04 19:02:24 -05:00
Justin Santa Barbara
6fa461c2a7 proxy_protocol on ssl_passthrough listener 
Move proxy_protocol to listener.

Fix #207
 2017-02-04 02:38:36 -05:00
rsafronov
302fa5f4bb Added: support for http header passing from external authentication service response 2017-02-03 19:43:15 -05:00
Manuel de Brito Fontes
c3ac562429 Fix template error 2017-01-27 17:52:09 -03:00
Manuel Alejandro de Brito Fontes
87d4145c76 Merge pull request #178 from aledbf/proxy-name 
Add initialization of proxy variable
 2017-01-26 16:50:20 -03:00
Ricardo Pchevuzinske Katz
cc1413261f Allows the usage of Default SSL Cert 2017-01-26 16:51:55 -02:00
Manuel de Brito Fontes
2baa1def46 Add initialization of proxy variable 2017-01-26 11:52:48 -03:00
Manuel de Brito Fontes
08eda50ebb Update nginx to 1.11.9 2017-01-25 15:16:31 -03:00
Manuel de Brito Fontes
3df139cb56 Add configuration and annotation for port_in_redirect 2017-01-21 23:01:21 -03:00
Manuel de Brito Fontes
87322b84ba Add support for custom header sizes 2017-01-21 12:46:20 -03:00
Manuel de Brito Fontes
b0c2619594 Add annotation to allow custom body sizes 2017-01-21 11:50:05 -03:00
Manuel Alejandro de Brito Fontes
0ed8260704 Merge pull request #133 from aledbf/fix-tcp-stream 
Add TCP and UDP services removed in migration
 2017-01-19 09:06:03 -03:00
Justin Santa Barbara
f1520a1232 Merge pull request #142 from aledbf/file-max 
Use system fs.max-files as limits instead of hard-coded value
 2017-01-19 01:46:49 -05:00
Manuel de Brito Fontes
9ce52c51f1 Use system fs.max-files as limits instead of hard-coded value 2017-01-19 00:29:31 -03:00
Manuel de Brito Fontes
ba98383c2d Add TCP and UDP services removed in migration 2017-01-18 23:46:03 -03:00
Manuel de Brito Fontes
7fa5aecd71 Add reuse port and backlog to port 80 and 443 2017-01-18 23:04:00 -03:00
Manuel Alejandro de Brito Fontes
71492a6f8f Merge pull request #115 from safework/master 
add default_server to listen statement for default backend
 2017-01-13 09:11:25 -03:00
Manuel Alejandro de Brito Fontes
43a3d67561 Merge pull request #99 from aledbf/update-nginx 
Update nginx to 1.11.8
 2017-01-12 21:17:17 -03:00
Manuel de Brito Fontes
597a0e691a Deny location mapping in case of specific errors 2017-01-12 13:40:32 -03:00
Mark Cola
939c6d9128 add default_server to listen statement for default backend 2017-01-09 11:30:44 +11:00
Manuel de Brito Fontes
af9375aa96 Add support to disable server_tokens directive 2017-01-02 16:27:57 -03:00
Prashanth B
5cdb8fe4fb Merge pull request #77 from aledbf/dns-resolver 
Add support for IPV6 in dns resolvers
 2017-01-01 20:21:52 -08:00
Manuel de Brito Fontes
def1e034d8 Update nginx to 1.11.8 2016-12-29 20:27:21 -03:00
Justin Santa Barbara
fb8208cf8b Fix typo PassthrougBackends -> PassthroughBackends 2016-12-29 17:57:51 -05:00
Manuel de Brito Fontes
99209ad33d Add support for IPV6 in dns resolvers 2016-12-28 07:30:58 -03:00
Manuel de Brito Fontes
3b4358b861 Fix x-forwarded-port mapping 2016-12-26 10:56:22 -03:00
Manuel de Brito Fontes
99fb1f4874 Fix incorrect X-Forwarded-Port for TLS 2016-12-22 10:03:58 -03:00
Manuel Alejandro de Brito Fontes
f0762ba144 Merge pull request #34 from euank/nginx-ipv6ish 
nginx: also listen on ipv6
 2016-12-21 13:53:49 -03:00
Euan Kemp
8fe1efe396 nginx: also listen on ivp6 
This allows a brave user to run this in host networking mode and support
ipv6.
 2016-12-12 09:56:42 -08:00
Giancarlo Rubio
bd9ec42042 fix typo in variable ProxyRealIPCIDR 2016-12-12 14:23:45 +01:00
Manuel de Brito Fontes
86dbf979cb Add nginx metrics to prometheus 2016-11-29 18:10:06 -03:00
Manuel de Brito Fontes
81cd7782c6 Restart nginx if master process dies 2016-11-29 14:21:44 -03:00
Manuel de Brito Fontes
16c5800545 Add e2e boilerplate 2016-11-23 21:34:30 -03:00
Manuel de Brito Fontes
5a8e090736 Add Generic interface 2016-11-23 21:17:49 -03:00
Manuel de Brito Fontes
f2b627486d Remove interface 2016-11-23 21:17:49 -03:00
Manuel de Brito Fontes
ed9a416b01 Split implementations from generic code 2016-11-23 21:17:49 -03:00