DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
410 commits 4 branches 217 tags 166 MiB
Commit graph

203 commits

Author SHA1 Message Date
Kubernetes Submit Queue
d90ceb7f3c Merge pull request #1711 from aledbf/add-helper-to-funcmap 
Automatic merge from submit-queue

[nginx-ingress-controller]: Add function helpers to nginx template

fixes #1695
 2016-09-25 21:03:32 -07:00
Brad Bowman
c33d05a467 Fix link to auth example 2016-09-22 14:33:22 -06:00
Manuel de Brito Fontes
a965f44f84 Clarify the controller uses endpoints and not services 2016-09-21 17:53:39 -03:00
Manuel de Brito Fontes
4e722f9d6d Add the name of the upstream in the log 2016-09-18 11:50:42 -03:00
Manuel de Brito Fontes
9d4dfe7609 Change readiness probe for nginx ingress that works behind a CP lb 2016-09-16 19:09:29 -03:00
Kubernetes Submit Queue
77afc22875 Merge pull request #1743 from vyshane/nginx-ingress-controller-proxy-buffer-size-2 
Automatic merge from submit-queue

Allow customisation of the nginx proxy_buffer_size directive via ConfigMap

I'm opening a new PR with the same changes as #1693 because I pushed the latter with an email address that can't be used to sign the CLA. Description from the previous PR:

When using nginx as a proxy we can run into the following error:

```
upstream sent too big header while reading response header from upstream
```

In order to fix this, we need to be able to configure the proxy_buffer_size nginx directive to increase its value. This PR updates the nginx-ingress-controller to allow that.
 2016-09-15 09:49:58 -07:00
Vy-Shane Xie
ae1c4503b3 Allow customisation of the nginx proxy_buffer_size directive via ConfigMap 2016-09-15 23:14:16 +08:00
oilbeater
baf5c07446 Fix typo 2016-09-12 19:00:12 +08:00
Jan Chaloupka
8053699360 Remove "All rights reserved" from all the headers 2016-09-08 13:02:39 +02:00
Manuel de Brito Fontes
15cc763b2d Add function helpers to nginx template 2016-09-07 13:21:28 -07:00
Kubernetes Submit Queue
fbff29d1ec Merge pull request #1672 from pdoreau/patch-1 
Automatic merge from submit-queue

Add firewall rules and ing class clarifications
 2016-09-02 14:39:33 -07:00
Pierrick
aad635636b Update README.md 2016-09-02 23:11:22 +02:00
Pierrick
dc14774bac Update README.md 2016-09-02 10:20:06 +02:00
Pierrick
1cc40b45da Update README.md 2016-09-02 10:18:28 +02:00
Kubernetes Submit Queue
42e3a61d3c Merge pull request #1596 from aledbf/improve-defaults 
Automatic merge from submit-queue

[nginx-ingress-controller]: Adapt nginx hash sizes to the number of ingress

This change allows the tuning of 2 important NGINX variables:
- server_names_hash_max_size
- server_names_hash_bucket_size

The default values should be enough for most of the users but after +300 Ingress rules or long hostnames as FQDN NGINX requires tuning of this values or it will not start.

The introduced change allows the self-tuning using the Ingress information
Using `--v=3` it's possible to see the changes:
```
...
I0822 21:42:10.517778       1 template.go:84] adjusting ServerNameHashMaxSize variable from 4096 to 16384
...
```

fixes #1487
 2016-09-01 14:11:47 -07:00
Pierrick
f4854b60c9 Add firewall rules and ing class clarifications 2016-09-01 11:19:26 +02:00
Manuel de Brito Fontes
05add360d2 Update image version 2016-08-29 15:47:20 -03:00
Kubernetes Submit Queue
c6a1b820f0 Merge pull request #1571 from marketlogicsoftware/kayrus/fix_default_namespace 
Automatic merge from submit-queue

ingress: use POD_NAMESPACE as a namespace in cli parameters

When you deploy ingress not into `default` namespace, ingress RC fails with the `no service with name default/default-http-backend found: services "default-http-backend" not found` error message.

This fix uses `POD_NAMESPACE` which we already pass into the pod ENV.
 2016-08-26 16:11:52 -07:00
Manuel de Brito Fontes
b06fcbb8c3 Adapt nginx hash sizes to the number of ingress 2016-08-26 19:32:28 -03:00
Manuel de Brito Fontes
3c3880d28f Update sysctl method 2016-08-26 18:52:56 -03:00
Manuel de Brito Fontes
e91c23ff2d Refactoring of templates 2016-08-25 14:08:29 -03:00
kayrus
d8fbe2f582 ingress: removed unnecessary whitespaces 2016-08-23 10:37:10 +02:00
Kubernetes Submit Queue
e4236ad0f2 Merge pull request #1577 from aledbf/update-nginx-controller 
Automatic merge from submit-queue

WIP: [nginx-ingress-controller] Release 0.8.3

fixes #1572
 2016-08-22 11:33:31 -07:00
Manuel de Brito Fontes
4f92eb9da2 Always listen on port 443, even without ingress rules 2016-08-22 10:51:11 -03:00
Manuel de Brito Fontes
9d07120eb1 Release 0.8.3 2016-08-19 11:44:22 -03:00
kayrus
e4de1e62b8 ingress: use POD_NAMESPACE as a namespace in cli parameters 2016-08-19 10:25:38 +02:00
Kubernetes Submit Queue
727a62421e Merge pull request #1467 from aledbf/change-client 
Automatic merge from submit-queue

[nginx-ingress-controller]: Use ClientConfig to configure connection

fixes #1459

Running with `docker run`:
```
core@localhost ~ $ docker run -it aledbf/nginx-third-party:0.31 bash
root@f6a96f46eab0:/# export KUBERNETES_MASTER=http://172.17.4.99:8080
root@f6a96f46eab0:/# /nginx-ingress-controller --default-backend-service=default/nginx-errors
I0802 14:44:58.604384       7 main.go:94] Using build: https://github.com/aledbf/contrib - git-5b9146a
W0802 14:44:58.605282       7 main.go:118] unexpected error getting runtime information: unable to get POD information (missing POD_NAME or POD_NAMESPACE environment variable)
I0802 14:44:58.607270       7 main.go:123] Validated default/nginx-errors as the default backend
W0802 14:44:58.611322       7 ssl.go:132] no file dhparam.pem found in secrets
I0802 14:44:58.615637       7 controller.go:1128] starting NGINX loadbalancer controller
I0802 14:44:58.615902       7 command.go:35] Starting NGINX process...
```

Running inside in a cluster:
```
I0802 14:47:50.254736       1 main.go:94] Using build: https://github.com/aledbf/contrib - git-5b9146a
I0802 14:47:50.254920       1 merged_client_builder.go:103] No kubeconfig could be created, falling back to service account.
I0802 14:47:50.343440       1 main.go:123] Validated default/nginx-errors as the default backend
W0802 14:47:50.343677       1 ssl.go:132] no file dhparam.pem found in secrets
I0802 14:47:50.347322       1 controller.go:1128] starting NGINX loadbalancer controller
I0802 14:47:50.347870       1 command.go:35] Starting NGINX process...
```

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.kubernetes.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.kubernetes.io/reviews/kubernetes/contrib/1467)
<!-- Reviewable:end -->
 2016-08-17 13:40:11 -07:00
Manuel de Brito Fontes
4fe3462a82 Change healthz port to avoid conflicts when running using hostNetwork 2016-08-02 23:10:47 -04:00
Manuel de Brito Fontes
0f70b80745 Use ClientConfig to configure connection 2016-08-02 10:46:35 -04:00
Manuel de Brito Fontes
0886c7e58a Check for errors in nginx template 2016-07-28 17:41:12 -04:00
Manuel de Brito Fontes
9f64273b9c Use system self signed certificate as default SSL certificate 2016-07-22 19:30:00 -04:00
Manuel de Brito Fontes
2c7d921d76 Update changelog 2016-07-20 16:39:46 -04:00
Manuel de Brito Fontes
3ef038c557 Change nginx status port to 18080 to avoid conflicts with port 8080 2016-07-20 16:39:46 -04:00
Manuel de Brito Fontes
0d1dd32567 Release 0.8.2 2016-07-20 16:39:46 -04:00
Prashanth B
bff40d7c14 Merge pull request #1351 from aledbf/check-certificate 
[nginx-ingress-controller]: Avoid generation of invalid ssl certificates
 2016-07-20 13:36:23 -07:00
Manuel de Brito Fontes
de6b00daa3 Change container /proc values to improve nginx performance 2016-07-20 15:00:30 -04:00
Manuel de Brito Fontes
bf5113d91c Avoid generation of invalid ssl certificates 2016-07-20 14:36:15 -04:00
Prashanth B
1a04fa4881 Merge pull request #1398 from aledbf/nginx-httpoxy 
Mitigate HTTPoxy Vulnerability
 2016-07-20 10:56:17 -07:00
Prashanth B
5306ca4eb9 Merge pull request #1384 from atombender/issue_1883 
Unset Authorization header when proxying
 2016-07-20 10:54:57 -07:00
Prashanth B
eabad1c990 Merge pull request #1338 from aledbf/ssl-default-backend 
[nginx-ingress-controller]: Add HTTPS default backend
 2016-07-20 10:35:15 -07:00
Prashanth B
fe59e29f5e Merge pull request #1336 from aledbf/skip-ingress-rules 
[nginx-ingress-controller]: Add annotation to skip ingress rule
 2016-07-20 10:33:17 -07:00
Manuel de Brito Fontes
a38f2b21a1 Mitigate HTTPoxy Vulnerability 2016-07-20 09:55:46 -04:00
Manuel de Brito Fontes
d3d6c879d5 Refactor nginx certificate creation. 2016-07-18 17:08:00 -04:00
Alexander Staubo
5effb7b4e3 Unset Authorization header when proxying. 2016-07-17 22:02:02 -04:00
Prashanth B
ce7085d277 Merge pull request #1289 from simonswine/docs-kube-lego 
ingress: nginx suggest kube-lego for automated cert management
 2016-07-15 17:51:03 -07:00
Manuel de Brito Fontes
b4f1b7c0f5 Show warning in case of low number of connections 2016-07-12 00:40:45 -04:00
Manuel de Brito Fontes
8b25cc67a5 Improve nginx performance to match listen backlog with net.core.somaxconn 2016-07-11 23:04:21 -04:00
Manuel de Brito Fontes
8f4efb4e3d Add HTTPS default backend 2016-07-08 17:20:14 -04:00
Manuel de Brito Fontes
89bbb8d4ee Add annotation to skip ingress rule 2016-07-08 17:01:40 -04:00
Prashanth B
ba964cdcda Merge pull request #1299 from Nalum/patch-2 
Formatting fix
 2016-07-06 13:47:26 -07:00
Manuel de Brito Fontes
9b762b7d54 Release 0.8.1 2016-07-06 12:22:07 -04:00
Prashanth B
a7570a8b37 Merge pull request #1315 from fcvarela/master 
Addresses #1314 [nginx-ingress-controller ssl nginx reload abort]
 2016-07-06 09:10:53 -07:00
Filipe Varela
9285335ce3 Fixes #1314 
Removed comment to be consistent w/ rest of code

Fixes typo and string concat
 2016-07-06 12:35:08 +01:00
Manuel de Brito Fontes
a2d9c6e48b Fix duplicated real_ip_header 2016-07-05 12:37:54 -04:00
Prashanth B
15f199c84a Merge pull request #1259 from aledbf/release-0.8 
[nginx-ingress-controller] Release 0.8
 2016-07-01 20:12:21 -07:00
Manuel de Brito Fontes
6d03a101be Add mime aplication/x-javascript to the gzip list and show the defaults in configuration.md 2016-07-01 21:15:54 -04:00
Prashanth B
0d5917e6a4 Merge pull request #1296 from Nalum/patch-1 
Fix formatting
 2016-07-01 17:23:50 -07:00
Manuel de Brito Fontes
0bcfcef8f8 Release 0.8 2016-07-01 19:18:45 -04:00
Manuel de Brito Fontes
09d7b756db Add support for dynamic TLS records and spdy 2016-07-01 14:07:48 -04:00
Luke Mallon
cd2e2b0717 Formatting fix 2016-06-30 15:12:34 +01:00
Luke Mallon
c398b66aa9 Fix formatting 
Fix the formatting of this README
 2016-06-30 09:53:28 +01:00
Christian Simon
7303019de1 Suggest kube-lego for automated cert management 2016-06-29 09:30:03 +02:00
Manuel de Brito Fontes
26fd12a81c Avoid sync without a reachable master 2016-06-23 10:38:08 -04:00
Prashanth B
bf9ea5eec4 Revert "[nginx-ingress-controller]: Avoid sync without a reachable master" 2016-06-22 22:56:46 -07:00
Prashanth B
7e8760b9db Merge pull request #1233 from aledbf/avoid-sync 
[nginx-ingress-controller]: Avoid sync without a reachable master
 2016-06-22 22:44:12 -07:00
Prashanth B
db825411fb Merge pull request #1253 from aledbf/use-delayed-queue 
[nginx-ingress-controller]: Use delayed queue
 2016-06-22 22:40:16 -07:00
Prashanth B
b9740c96d9 Merge pull request #1130 from aledbf/improve-docs 
[nginx-ingress-controller] Improve docs and examples
 2016-06-22 22:37:43 -07:00
Manuel de Brito Fontes
a153187ce7 Use delayed queue 2016-06-22 17:48:13 -04:00
Prashanth B
b728a0cbd5 Merge pull request #1239 from aledbf/conditional-log 
[nginx-ingress-controller]: Add support for conditional log of urls
 2016-06-22 10:47:41 -07:00
Manuel de Brito Fontes
56a2bc68ab Change annotation name secure-upstreams to secure-backends 2016-06-22 12:34:45 -04:00
Manuel de Brito Fontes
4335d831a9 Improve docs 2016-06-22 08:10:05 -04:00
Manuel de Brito Fontes
3cbe01767f Add support for conditional log of urls 2016-06-18 18:04:07 -04:00
Manuel de Brito Fontes
ed41a706b9 Avoid sync without a reachable master 2016-06-17 19:13:52 -04:00
Manuel de Brito Fontes
e68aa3806a Fix stats by country in nginx status page 2016-06-17 18:26:08 -04:00
Cory Klein
57c0eab11d Fix typo "does no" -> "does not" 2016-06-15 12:00:48 -06:00
Prashanth B
5d49051168 Merge pull request #1144 from aledbf/ip-whitelisting 
[nginx-ingress-controller] Add cidr whitelist support
 2016-06-13 18:34:20 -07:00
Manuel de Brito Fontes
17e42ed902 Add example 2016-06-13 14:22:03 -04:00
Manuel de Brito Fontes
e792e940b2 Add ip/cidr white list support 2016-06-09 17:59:46 -04:00
Manuel de Brito Fontes
b1a17c565a Fix nginx rewrite rule order 2016-06-09 17:08:29 -04:00
Christian Simon
3ae80fd3cc ingress: adds configurable SSL redirect nginx controller 
* add global value to config map
* add per ingress value as annotation to ingress resources
 2016-06-05 15:30:09 +01:00
Christian Simon
08a05db93c Refactor nginx config into own package 2016-06-05 15:29:59 +01:00
Christian Simon
00b2180a8f ingress: nginx controller watches referenced tls secrets 
* reload certificates on change
 2016-06-03 16:53:21 +01:00
Manuel de Brito Fontes
74b66beda9 Add support for services running ssl 2016-06-02 17:39:13 -04:00
Manuel de Brito Fontes
ae52257c3a Watch for updates in configuration configmaps 2016-06-02 17:39:13 -04:00
Manuel de Brito Fontes
71ca55440b Fix lint errors 2016-06-02 17:39:12 -04:00
Manuel de Brito Fontes
0b031b9894 Update examples 2016-06-02 17:39:12 -04:00
Manuel de Brito Fontes
a4a1491789 Add description for options in custom configuration 2016-06-02 17:39:12 -04:00
Manuel de Brito Fontes
568844913a Bump up nginx controller to 0.7 2016-06-02 17:39:12 -04:00
Manuel de Brito Fontes
6b841edff0 Address comments. Move auth and healthcheck inside nginx package 2016-05-31 14:34:04 -04:00
Manuel de Brito Fontes
221b823ca7 Use authentication and add example 2016-05-31 14:26:13 -04:00
Manuel de Brito Fontes
0d5ba276de Allow authentication in Ingress rules 2016-05-31 14:25:39 -04:00
Manuel de Brito Fontes
e603976721 Remove blank lines from template rendering 2016-05-31 13:43:36 -04:00
Manuel de Brito Fontes
ccaf15cdd4 Add support for rate limiting in ingress rule locations 2016-05-31 13:34:09 -04:00
Manuel de Brito Fontes
f8ea58882b Add option to append a base tag in the head 2016-05-31 12:30:35 -04:00
Manuel de Brito Fontes
95e85b57e3 Add support for rewrite 2016-05-31 12:25:50 -04:00
Manuel de Brito Fontes
6968e23f8d Add support for geoip in stats 2016-05-30 18:31:04 -04:00
Manuel de Brito Fontes
675ce396ac Allow custom health checks 2016-05-27 21:31:21 -03:00
Manuel de Brito Fontes
28f982845d Change errors to a list of codes 2016-05-26 11:52:17 -03:00
Manuel de Brito Fontes
5faa855e66 Custom errors should be optional 2016-05-26 11:52:17 -03:00
Prashanth B
e93d8d8152 Merge pull request #1019 from aledbf/update-echoheaders 
Update echoheaders
 2016-05-25 21:03:34 -07:00