DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
582 commits 4 branches 217 tags 166 MiB
Commit graph

264 commits

Author SHA1 Message Date
Manuel Alejandro de Brito Fontes
0ed8260704 Merge pull request #133 from aledbf/fix-tcp-stream 
Add TCP and UDP services removed in migration
 2017-01-19 09:06:03 -03:00
Justin Santa Barbara
f1520a1232 Merge pull request #142 from aledbf/file-max 
Use system fs.max-files as limits instead of hard-coded value
 2017-01-19 01:46:49 -05:00
Manuel de Brito Fontes
9ce52c51f1 Use system fs.max-files as limits instead of hard-coded value 2017-01-19 00:29:31 -03:00
Manuel de Brito Fontes
ba98383c2d Add TCP and UDP services removed in migration 2017-01-18 23:46:03 -03:00
Manuel de Brito Fontes
7fa5aecd71 Add reuse port and backlog to port 80 and 443 2017-01-18 23:04:00 -03:00
caiyixiang
5131b76fe5 const-reference 2017-01-18 11:29:59 +08:00
chentao1596
af8f2881f1 add content: Server-side HTTPS enforcement through redirect 2017-01-18 10:21:29 +08:00
chentao1596
4fbe1ed422 add description for 'map-hash-bucket-size' 2017-01-18 09:58:22 +08:00
Peter Sutherland
9e94863db2 Incorporate feedback 2017-01-17 14:47:54 +00:00
Peter Sutherland
b81a49cdfd Sort config map params alphabetically 2017-01-15 23:38:57 +00:00
Peter Sutherland
727eb2ce81 Many mostly small tweaks to the documentation 2017-01-15 23:38:50 +00:00
Manuel de Brito Fontes
64a5e43394 Add tests and godebug to compare structs 2017-01-13 10:26:13 -03:00
Manuel de Brito Fontes
dbd368adf2 Add nginx tests 2017-01-13 09:54:00 -03:00
Manuel Alejandro de Brito Fontes
71492a6f8f Merge pull request #115 from safework/master 
add default_server to listen statement for default backend
 2017-01-13 09:11:25 -03:00
Manuel Alejandro de Brito Fontes
43a3d67561 Merge pull request #99 from aledbf/update-nginx 
Update nginx to 1.11.8
 2017-01-12 21:17:17 -03:00
Manuel de Brito Fontes
597a0e691a Deny location mapping in case of specific errors 2017-01-12 13:40:32 -03:00
Manuel Alejandro de Brito Fontes
c49b03facc Merge pull request #123 from aledbf/fix-resolver 
Add resolver configuration to nginx
 2017-01-12 13:03:46 -03:00
Manuel de Brito Fontes
d570ea6381 Add resolver configuration to nginx 2017-01-12 12:31:39 -03:00
Mark Cola
939c6d9128 add default_server to listen statement for default backend 2017-01-09 11:30:44 +11:00
Manuel de Brito Fontes
af9375aa96 Add support to disable server_tokens directive 2017-01-02 16:27:57 -03:00
Manuel de Brito Fontes
c0b5be6ff7 Refactoring of nginx configuration deserialization 2017-01-02 11:09:24 -03:00
Prashanth B
5cdb8fe4fb Merge pull request #77 from aledbf/dns-resolver 
Add support for IPV6 in dns resolvers
 2017-01-01 20:21:52 -08:00
Manuel de Brito Fontes
def1e034d8 Update nginx to 1.11.8 2016-12-29 20:27:21 -03:00
Justin Santa Barbara
fb8208cf8b Fix typo PassthrougBackends -> PassthroughBackends 2016-12-29 17:57:51 -05:00
Manuel de Brito Fontes
99209ad33d Add support for IPV6 in dns resolvers 2016-12-28 07:30:58 -03:00
Manuel de Brito Fontes
3b4358b861 Fix x-forwarded-port mapping 2016-12-26 10:56:22 -03:00
Manuel de Brito Fontes
99fb1f4874 Fix incorrect X-Forwarded-Port for TLS 2016-12-22 10:03:58 -03:00
Manuel Alejandro de Brito Fontes
f0762ba144 Merge pull request #34 from euank/nginx-ipv6ish 
nginx: also listen on ipv6
 2016-12-21 13:53:49 -03:00
Giancarlo Rubio
bda6646905 Fix "invalid port in upstream" on nginx controller 2016-12-14 17:42:34 +01:00
Prashanth B
0af8cccc7f Merge pull request #54 from bprashanth/devel_docs 
Expand developer docs
 2016-12-13 14:21:17 -08:00
bprashanth
939cb9c122 Expand developer docs 2016-12-13 10:50:08 -08:00
Euan Kemp
8fe1efe396 nginx: also listen on ivp6 
This allows a brave user to run this in host networking mode and support
ipv6.
 2016-12-12 09:56:42 -08:00
Giancarlo Rubio
bd9ec42042 fix typo in variable ProxyRealIPCIDR 2016-12-12 14:23:45 +01:00
Manuel de Brito Fontes
86dbf979cb Add nginx metrics to prometheus 2016-11-29 18:10:06 -03:00
Manuel de Brito Fontes
81cd7782c6 Restart nginx if master process dies 2016-11-29 14:21:44 -03:00
Manuel de Brito Fontes
478d51c827 Add healthz checker 2016-11-27 02:28:04 -03:00
Manuel de Brito Fontes
16c5800545 Add e2e boilerplate 2016-11-23 21:34:30 -03:00
Manuel de Brito Fontes
42b58e957c Avoid nginx reloads 2016-11-23 21:19:07 -03:00
Manuel de Brito Fontes
5a8e090736 Add Generic interface 2016-11-23 21:17:49 -03:00
Manuel de Brito Fontes
f2b627486d Remove interface 2016-11-23 21:17:49 -03:00
Manuel de Brito Fontes
ed9a416b01 Split implementations from generic code 2016-11-23 21:17:49 -03:00
Manuel de Brito Fontes
0dbe499a3b Fix lint errors 2016-11-11 19:46:09 -03:00
Manuel de Brito Fontes
e963d095ab Remove nginx-alpha, examples and simplify read files 2016-11-10 18:46:41 -03:00
Kubernetes Submit Queue
bff5d0e5a2 Merge pull request #1879 from r2d4/map_hash_bucket_size 
Automatic merge from submit-queue

Make map_hash_bucket_size configurable

I was getting an error while trying to run the nginx controller in minikube.  This allows this nginx configuration option to be passed in through a configmap.  

The default value depends on the processor's cache line size (32 | 64 | 128), however ServerNameHashBucketSize is determined similarly, so I've set it to the same default (64).

Fixes #1817

ref https://github.com/kubernetes/minikube/issues/611

cc @bprashanth
 2016-11-03 09:39:47 -07:00
Kubernetes Submit Queue
e1faa8ebe9 Merge pull request #1813 from marketlogicsoftware/kayrus/nginx-log-format 
Automatic merge from submit-queue

Added domain name and server port into nginx logs

I replaced dashes so it shouldn't brake log parsers.
In addition here are the [fluentd rules](dc71d8db4a/docker/fluentd/td-agent.conf (L230..L237)) which parse these logs (requires https://github.com/tagomoris/fluent-plugin-parser plugin)
 2016-10-25 09:51:43 -07:00
Manuel de Brito Fontes
248699cbc3 Sync yaml probes with published image 2016-10-21 11:59:12 -03:00
Matt Rickard
c8487c1973 Make map_hash_bucket_size configurable 2016-10-14 11:20:34 -07:00
Kubernetes Submit Queue
6456025035 Merge pull request #1830 from aledbf/dbackend 
Automatic merge from submit-queue

[nginx-ingress-controller] Add support for default backend in Ingress rule

replaces #1759
 2016-10-06 14:28:10 -07:00
Kubernetes Submit Queue
a2aae637dc Merge pull request #1808 from whitlockjc/document-nginx-connection-header 
Automatic merge from submit-queue

ingress/controllers/nginx: WebSocket documentation

For those that do not understand the default way in which nginx proxies
requests not containing a "Connection" header, the approach for enabling
WebSocket support might not make sense.  This commit adds documentation
that explains why things are done this way.
 2016-10-05 10:09:18 -07:00
Manuel de Brito Fontes
a0776997c3 Add support for default backend in Ingress rule 2016-10-04 09:28:21 -03:00
Manuel de Brito Fontes
541928e27d Add external authentication using auth_request 2016-10-03 11:54:02 -03:00
kayrus
0bae7c4b7c Added domain name and server port into nginx logs 2016-09-30 12:32:25 +02:00
Manuel de Brito Fontes
25bf00a1fc Add docs about the log format 2016-09-29 22:16:32 -03:00
Jeremy Whitlock
0373ce6f31 ingress/controllers/nginx: WebSocket documentation 
For those that do not understand the default way in which nginx proxies
requests not containing a "Connection" header, the approach for enabling
WebSocket support might not make sense.  This commit adds documentation
that explains why things are done this way.
 2016-09-29 15:42:46 -06:00
Kubernetes Submit Queue
90d8402293 Merge pull request #1802 from aledbf/fix-vars 
Automatic merge from submit-queue

[nginx-ingress-controller] Initialize proxy_upstream_name variable

fixes #1801
 2016-09-29 11:28:25 -07:00
Manuel de Brito Fontes
75dd1d3c6a Initialize proxy_upstream_name variable 2016-09-29 14:53:54 -03:00
Manuel de Brito Fontes
db3388e777 Avoid replacing nginx.conf file if the new configuration is invalid 2016-09-28 21:35:20 -03:00
Manuel de Brito Fontes
e74b8039a5 Add annotation to add CORS support 2016-09-27 13:35:57 -03:00
Kubernetes Submit Queue
b49a91965c Merge pull request #1786 from aledbf/custom-funcs-docs 
Automatic merge from submit-queue

[nginx-ingress-controller] Add docs about go template

Address https://github.com/kubernetes/contrib/pull/1711#issuecomment-249474385
 2016-09-26 15:44:20 -07:00
Kubernetes Submit Queue
741ac710cd Merge pull request #1749 from aledbf/cloud-health-check 
Automatic merge from submit-queue

[nginx-ingress-controller] Readiness probe that works behind a CP lb

fixes #1507
 2016-09-26 15:44:12 -07:00
Manuel de Brito Fontes
428d8e3a85 Add docs about go template 2016-09-26 11:41:29 -03:00
Kubernetes Submit Queue
d90ceb7f3c Merge pull request #1711 from aledbf/add-helper-to-funcmap 
Automatic merge from submit-queue

[nginx-ingress-controller]: Add function helpers to nginx template

fixes #1695
 2016-09-25 21:03:32 -07:00
Brad Bowman
c33d05a467 Fix link to auth example 2016-09-22 14:33:22 -06:00
Manuel de Brito Fontes
a965f44f84 Clarify the controller uses endpoints and not services 2016-09-21 17:53:39 -03:00
Manuel de Brito Fontes
4e722f9d6d Add the name of the upstream in the log 2016-09-18 11:50:42 -03:00
Manuel de Brito Fontes
9d4dfe7609 Change readiness probe for nginx ingress that works behind a CP lb 2016-09-16 19:09:29 -03:00
Kubernetes Submit Queue
77afc22875 Merge pull request #1743 from vyshane/nginx-ingress-controller-proxy-buffer-size-2 
Automatic merge from submit-queue

Allow customisation of the nginx proxy_buffer_size directive via ConfigMap

I'm opening a new PR with the same changes as #1693 because I pushed the latter with an email address that can't be used to sign the CLA. Description from the previous PR:

When using nginx as a proxy we can run into the following error:

```
upstream sent too big header while reading response header from upstream
```

In order to fix this, we need to be able to configure the proxy_buffer_size nginx directive to increase its value. This PR updates the nginx-ingress-controller to allow that.
 2016-09-15 09:49:58 -07:00
Vy-Shane Xie
ae1c4503b3 Allow customisation of the nginx proxy_buffer_size directive via ConfigMap 2016-09-15 23:14:16 +08:00
oilbeater
baf5c07446 Fix typo 2016-09-12 19:00:12 +08:00
Jan Chaloupka
8053699360 Remove "All rights reserved" from all the headers 2016-09-08 13:02:39 +02:00
Manuel de Brito Fontes
15cc763b2d Add function helpers to nginx template 2016-09-07 13:21:28 -07:00
Kubernetes Submit Queue
fbff29d1ec Merge pull request #1672 from pdoreau/patch-1 
Automatic merge from submit-queue

Add firewall rules and ing class clarifications
 2016-09-02 14:39:33 -07:00
Pierrick
aad635636b Update README.md 2016-09-02 23:11:22 +02:00
Pierrick
dc14774bac Update README.md 2016-09-02 10:20:06 +02:00
Pierrick
1cc40b45da Update README.md 2016-09-02 10:18:28 +02:00
Kubernetes Submit Queue
42e3a61d3c Merge pull request #1596 from aledbf/improve-defaults 
Automatic merge from submit-queue

[nginx-ingress-controller]: Adapt nginx hash sizes to the number of ingress

This change allows the tuning of 2 important NGINX variables:
- server_names_hash_max_size
- server_names_hash_bucket_size

The default values should be enough for most of the users but after +300 Ingress rules or long hostnames as FQDN NGINX requires tuning of this values or it will not start.

The introduced change allows the self-tuning using the Ingress information
Using `--v=3` it's possible to see the changes:
```
...
I0822 21:42:10.517778       1 template.go:84] adjusting ServerNameHashMaxSize variable from 4096 to 16384
...
```

fixes #1487
 2016-09-01 14:11:47 -07:00
Pierrick
f4854b60c9 Add firewall rules and ing class clarifications 2016-09-01 11:19:26 +02:00
Manuel de Brito Fontes
05add360d2 Update image version 2016-08-29 15:47:20 -03:00
Kubernetes Submit Queue
c6a1b820f0 Merge pull request #1571 from marketlogicsoftware/kayrus/fix_default_namespace 
Automatic merge from submit-queue

ingress: use POD_NAMESPACE as a namespace in cli parameters

When you deploy ingress not into `default` namespace, ingress RC fails with the `no service with name default/default-http-backend found: services "default-http-backend" not found` error message.

This fix uses `POD_NAMESPACE` which we already pass into the pod ENV.
 2016-08-26 16:11:52 -07:00
Manuel de Brito Fontes
b06fcbb8c3 Adapt nginx hash sizes to the number of ingress 2016-08-26 19:32:28 -03:00
Manuel de Brito Fontes
3c3880d28f Update sysctl method 2016-08-26 18:52:56 -03:00
Manuel de Brito Fontes
e91c23ff2d Refactoring of templates 2016-08-25 14:08:29 -03:00
kayrus
d8fbe2f582 ingress: removed unnecessary whitespaces 2016-08-23 10:37:10 +02:00
Kubernetes Submit Queue
e4236ad0f2 Merge pull request #1577 from aledbf/update-nginx-controller 
Automatic merge from submit-queue

WIP: [nginx-ingress-controller] Release 0.8.3

fixes #1572
 2016-08-22 11:33:31 -07:00
Manuel de Brito Fontes
4f92eb9da2 Always listen on port 443, even without ingress rules 2016-08-22 10:51:11 -03:00
Manuel de Brito Fontes
9d07120eb1 Release 0.8.3 2016-08-19 11:44:22 -03:00
kayrus
e4de1e62b8 ingress: use POD_NAMESPACE as a namespace in cli parameters 2016-08-19 10:25:38 +02:00
Kubernetes Submit Queue
727a62421e Merge pull request #1467 from aledbf/change-client 
Automatic merge from submit-queue

[nginx-ingress-controller]: Use ClientConfig to configure connection

fixes #1459

Running with `docker run`:
```
core@localhost ~ $ docker run -it aledbf/nginx-third-party:0.31 bash
root@f6a96f46eab0:/# export KUBERNETES_MASTER=http://172.17.4.99:8080
root@f6a96f46eab0:/# /nginx-ingress-controller --default-backend-service=default/nginx-errors
I0802 14:44:58.604384       7 main.go:94] Using build: https://github.com/aledbf/contrib - git-5b9146a
W0802 14:44:58.605282       7 main.go:118] unexpected error getting runtime information: unable to get POD information (missing POD_NAME or POD_NAMESPACE environment variable)
I0802 14:44:58.607270       7 main.go:123] Validated default/nginx-errors as the default backend
W0802 14:44:58.611322       7 ssl.go:132] no file dhparam.pem found in secrets
I0802 14:44:58.615637       7 controller.go:1128] starting NGINX loadbalancer controller
I0802 14:44:58.615902       7 command.go:35] Starting NGINX process...
```

Running inside in a cluster:
```
I0802 14:47:50.254736       1 main.go:94] Using build: https://github.com/aledbf/contrib - git-5b9146a
I0802 14:47:50.254920       1 merged_client_builder.go:103] No kubeconfig could be created, falling back to service account.
I0802 14:47:50.343440       1 main.go:123] Validated default/nginx-errors as the default backend
W0802 14:47:50.343677       1 ssl.go:132] no file dhparam.pem found in secrets
I0802 14:47:50.347322       1 controller.go:1128] starting NGINX loadbalancer controller
I0802 14:47:50.347870       1 command.go:35] Starting NGINX process...
```

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.kubernetes.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.kubernetes.io/reviews/kubernetes/contrib/1467)
<!-- Reviewable:end -->
 2016-08-17 13:40:11 -07:00
Manuel de Brito Fontes
4fe3462a82 Change healthz port to avoid conflicts when running using hostNetwork 2016-08-02 23:10:47 -04:00
Manuel de Brito Fontes
0f70b80745 Use ClientConfig to configure connection 2016-08-02 10:46:35 -04:00
Manuel de Brito Fontes
0886c7e58a Check for errors in nginx template 2016-07-28 17:41:12 -04:00
Manuel de Brito Fontes
9f64273b9c Use system self signed certificate as default SSL certificate 2016-07-22 19:30:00 -04:00
Manuel de Brito Fontes
2c7d921d76 Update changelog 2016-07-20 16:39:46 -04:00
Manuel de Brito Fontes
3ef038c557 Change nginx status port to 18080 to avoid conflicts with port 8080 2016-07-20 16:39:46 -04:00
Manuel de Brito Fontes
0d1dd32567 Release 0.8.2 2016-07-20 16:39:46 -04:00
Prashanth B
bff40d7c14 Merge pull request #1351 from aledbf/check-certificate 
[nginx-ingress-controller]: Avoid generation of invalid ssl certificates
 2016-07-20 13:36:23 -07:00
Manuel de Brito Fontes
de6b00daa3 Change container /proc values to improve nginx performance 2016-07-20 15:00:30 -04:00
Manuel de Brito Fontes
bf5113d91c Avoid generation of invalid ssl certificates 2016-07-20 14:36:15 -04:00
Prashanth B
1a04fa4881 Merge pull request #1398 from aledbf/nginx-httpoxy 
Mitigate HTTPoxy Vulnerability
 2016-07-20 10:56:17 -07:00
Prashanth B
5306ca4eb9 Merge pull request #1384 from atombender/issue_1883 
Unset Authorization header when proxying
 2016-07-20 10:54:57 -07:00