DevFW-CICD/ingress-nginx-helm
14
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1181 commits 4 branches 217 tags 166 MiB
Commit graph

634 commits

Author SHA1 Message Date
Manuel de Brito Fontes
22d63d0ad0 Auto stash before merge of "master" and "master/master" 
Remove go-reap and use tini as process reaper
 2017-05-16 16:06:33 -04:00
Kwok-kuen Cheung
a83f17c716 Set $proxy_upstream_name before location directive 
When nginx performs ssl redirect, $proxy_upstream_name used in log
is not initialized because it is set after nginx matched a location directive,
which is not the case when performing a ssl redirect.

refs #711
 2017-05-14 08:59:30 +08:00
Manuel Alejandro de Brito Fontes
12d2c4f689 Merge pull request #690 from aledbf/avoid-empty-secret 
Fix IP in logs for https traffic
 2017-05-12 10:44:20 -03:00
Payam Hekmat
dd894f0f73 Add config for X-Forwarded-For trust 
Use the same config option for `set_real_ip_from` when not using proxy protocol. The default remains `0.0.0.0/0`, which is insecure if the ingress is publicly accessible. This at least provides a workaround for #200
 2017-05-11 21:55:35 -05:00
Manuel de Brito Fontes
a537d2d0fa Remove secrets from ingress after a Delete event 2017-05-11 22:19:16 -03:00
Manuel de Brito Fontes
4bd4bf3be6 Fix remote address in log when protocol is https 2017-05-11 15:04:19 -03:00
Dan Cech
485098fd69 use nginx vts module version 0.1.14 2017-05-11 13:56:42 -04:00
David Pratt
d56d8b7da1 Use proxy-protocol to pass through source IP to nginx 2017-05-10 16:22:48 -05:00
Manuel Alejandro de Brito Fontes
317f222527 Merge pull request #679 from ckeyer/template_getenv 
add getenv
 2017-05-10 08:50:11 -03:00
Chuanjian Wang
87b05847bf
add template function getenv 
Signed-off-by: Chuanjian Wang <me@ckeyer.net>
 2017-05-10 14:35:42 +08:00
Donald Guy
2d1b6dc9c9 [nginx] pass non-SNI TLS hello to default backend, Fixes #693 2017-05-08 17:44:43 -04:00
Nick Sardo
4601775c18 [GLBC] Set Description field for backend services (#681) 
Set svc namespace/name/port in description field of backend services
 2017-05-05 11:34:40 -07:00
Julian V. Modesto
5614f42f63 Fix affinity doc. 
Should be string `cookie`, not boolean.
 2017-05-05 10:26:28 -04:00
Manuel Alejandro de Brito Fontes
45ba1c7c1d Merge pull request #685 from matjazp/fix-hsts-preload 
Fix error in generated nginx.conf for optional hsts-preload
 2017-05-04 09:03:57 -03:00
Matjaz Pancur
d402e16eb8 Fix error in generated nginx.conf hsts-preload 2017-05-04 11:29:32 +02:00
caiyixiang
f4da971b86 nginx/pkg/config: delete unuseful variable 2017-05-02 17:24:01 +08:00
Manuel Alejandro de Brito Fontes
6bf5d7586c Merge pull request #673 from jeffpearce/jeffpearce/lb 
Override load balancer alg view config map
 2017-04-29 13:13:08 -03:00
Jeff Pearce
a5d58cc521 Override load balancer alg view config map 2017-04-29 08:37:24 -07:00
Manuel Alejandro de Brito Fontes
4555a64572 Merge pull request #664 from aledbf/beta5 
Release nginx 0.9-beta.5
 2017-04-27 22:18:53 -03:00
Nick Sardo
3ac784a7ec Doc changes for version bump 2017-04-27 17:16:09 -07:00
Manuel de Brito Fontes
83cb03b51c Release 0.9-beta.5 2017-04-27 20:28:05 -03:00
Manuel Alejandro de Brito Fontes
e911f20405 Merge pull request #661 from aledbf/update-client-go 
Avoid running nginx if the configuration file is empty
 2017-04-26 23:58:15 -03:00
Manuel de Brito Fontes
f4147e9e6c Avoid running nginx if the configuration file is empty 2017-04-26 23:34:36 -03:00
Nick Sardo
b01dc68e30 [GLBC] Specify balancing mode for backends being added to existing backend service (#652) 
Add backends of proper type to backend service
 2017-04-26 16:02:17 -07:00
Nick Sardo
14054be571 [GLBC] Fix problem surfacing error (#658) 
* use syncError in defer GC

* surface other err as well
 2017-04-26 15:30:33 -07:00
Nick Sardo
cd3e546c80 [GLBC] Better certificate handling (#639) 
* Harden ssl cert logic to handle unknown state

* Do not delete non-controller-created certificates (pre-shared certs)

* Remove unnecessary variable

* Added three tests to check ssl certificate naming

* Address review comments

* Early return instead of large code block
 2017-04-26 11:15:19 -07:00
Manuel Alejandro de Brito Fontes
201a109bb5 Merge pull request #637 from aledbf/0.9.0-beta.4 
[nginx] 0.9.0 beta.4
 2017-04-25 18:10:16 -03:00
Yash Thakkar
09b3a998cf Update README.md 
fixed tcp services example link.

note: udp services link is also broken, I don't know correct link path.
 2017-04-26 01:40:33 +05:30
Eduardo Baitello
f737cdcae5 Fix default value information 
proxy-read-timeout and proxy-send-timeout default value is 60 seconds, not 30.
 2017-04-25 16:27:18 -03:00
Manuel de Brito Fontes
5684c82d6c Release 0.9-beta.4 2017-04-24 22:51:49 -03:00
Manuel de Brito Fontes
ab1f04b9c2 Add support for https in proxy request for external authentication 2017-04-24 22:14:38 -03:00
Arjan Schaaf
1a191846a9 Mentioned in the comments of #180 the annotation for configuration snippets was missing from the configuration documentation 2017-04-24 16:27:56 +02:00
Arjan Schaaf
389e0f527c Nginx sticky annotations #258 made the global enable-sticky-sessions obsolete 2017-04-21 14:57:45 +02:00
Manuel de Brito Fontes
12d4aadf74 Allow configuration of features underscores_in_headers and ignore_invalid_headers 2017-04-20 18:12:16 -03:00
Manuel de Brito Fontes
786d977a90 Fix lint errors 2017-04-20 16:48:14 -03:00
Manuel Alejandro de Brito Fontes
f6af1ca023 Merge pull request #614 from aledbf/refactor-passthrough 
Refactor nginx ssl passthrough
 2017-04-20 16:43:44 -03:00
Nick Sardo
893a828587 Revert "Remove the code which get same resources twice" 2017-04-19 15:00:27 -07:00
Nick Sardo
74aff2eb7e Merge pull request #511 from FengyunPan/fix-backend 
Ignore err when delete a NotFound backends
 2017-04-18 22:17:07 -07:00
Manuel de Brito Fontes
de14e2f4f1 Refactor ssl-passthroug using go to handle TLS hello 2017-04-19 01:39:14 -03:00
FengyunPan
e913c37651 Ignore err when delete a NotFound backend 
1. add() should return nil at last
2. do not return err when delete a notFound backend
 2017-04-19 12:07:51 +08:00
Nick Sardo
d2c7e9008f Merge pull request #510 from FengyunPan/delete_redundant 
Remove the code which get same resources twice
 2017-04-18 20:07:41 -07:00
Justin Santa Barbara
322be61522 Compute server_names_hash_bucket_size correctly 
There were some edge cases where we did not calculate hash_bucket_size
correctly.

Fix #623
 2017-04-18 22:29:51 -04:00
FengyunPan
d42f4942bc Remove the code which get same resources twice 
There is no need to get the same ingress resources from
ingressclient twice.
 2017-04-19 09:46:06 +08:00
Nick Sardo
642cb74cc7 [GLBC] Support backside re-encryption (#519) 
Support backside re-encryption
 2017-04-18 12:44:17 -07:00
Manuel de Brito Fontes
aba45a01ad Process exited cleanly before we hit wait4 2017-04-16 20:04:32 -03:00
Manuel Alejandro de Brito Fontes
cd6a2123c4 Merge pull request #607 from aledbf/master 
Allow custom server_names_hash_max_size & server_names_hash_bucket_size
 2017-04-14 22:20:38 -03:00
Manuel Alejandro de Brito Fontes
4817ddff3a Merge pull request #604 from jonaskint/master 
Fixing wildcard in hostname for the upstream map
 2017-04-14 21:07:41 -03:00
Manuel de Brito Fontes
9994365ae4 Allow custom server_names_hash_max_size and server_names_hash_bucket_size values 2017-04-14 20:59:10 -03:00
Jonas Kint
a7b09e71a1 Fixing wildcard in hostname for the upstream map 2017-04-13 17:27:20 +02:00
Manuel de Brito Fontes
256cd6b1df Replace custom child reap code with go-reap 2017-04-12 20:20:18 -03:00
Manuel Alejandro de Brito Fontes
3810515663 Merge pull request #583 from stibi/patch-1 
fixed lua_package_path in nginx.tmpl
 2017-04-12 17:04:05 -03:00
Manuel de Brito Fontes
6038e17728 Remove Host header from auth_request proxy configuration 2017-04-12 09:37:03 -03:00
Manuel Alejandro de Brito Fontes
9ff3b86315 Merge pull request #588 from aledbf/avoid-multiple-reads 
Read resolv.conf file just once
 2017-04-11 15:35:38 -03:00
Manuel de Brito Fontes
8f3f51367a Remove test because of the refactoring 2017-04-11 14:50:28 -03:00
Nick Sardo
987540f8f6 [GLBC] Update firewall source ranges if outdated (#574) 
check firewall rule source ranges
 2017-04-11 09:01:42 -07:00
Manuel de Brito Fontes
190788848a Read resolv file just oncce 2017-04-11 11:47:49 -03:00
Martin Stiborsky
beb17f39ab fixed lua_package_path in nginx.tmpl 
I did my own build of the nginx-ingress-controller and its docker image, but I had troubles with the `error_page.lua` module, which couldn't be loaded, there was an error in the log, module was not found.

I think the lua package path is wrong, here is a fix.
 2017-04-11 09:43:33 +02:00
Manuel Alejandro de Brito Fontes
64d0b08128 Merge pull request #577 from aledbf/avoid-childs 
Avoid zombie child processes
 2017-04-09 15:29:04 -03:00
Manuel de Brito Fontes
25bb7e4311 Set different listeners per protocol version 2017-04-09 15:03:27 -03:00
Manuel de Brito Fontes
1c6c4273c9 Avoid child processes 2017-04-09 13:58:03 -03:00
Nick Sardo
7c635a8c83 Merge pull request #570 from nicksardo/pkg-rename 
Renaming few remaining packages
 2017-04-07 07:21:14 -07:00
Nick Sardo
5b37d2b315 Rename packages from api to api_v1 2017-04-06 22:27:50 -07:00
Manuel Alejandro de Brito Fontes
7ca7652ab2 Merge pull request #563 from aledbf/hsts-preload 
Add option to disable hsts preload
 2017-04-05 23:20:35 -03:00
Manuel Alejandro de Brito Fontes
427c5c747c Merge pull request #556 from aledbf/update-nginx-controller 
Update nginx version and remove dumb-init
 2017-04-05 22:54:43 -03:00
Manuel de Brito Fontes
cbe4029597 Add option to disable hsts preload 2017-04-05 22:48:43 -03:00
Nick Sardo
12a0373d2e Merge pull request #539 from aledbf/migrate-client-go 
Migrate to client-go
 2017-04-05 13:50:21 -07:00
Manuel de Brito Fontes
e492a4b396 Add flag to specify the api server url 2017-04-05 10:10:34 -03:00
Manuel de Brito Fontes
62c13fb7bc Update nginx version and remove dumb-init 2017-04-04 17:59:54 -03:00
Manuel Alejandro de Brito Fontes
0fe0d6f504 Merge pull request #551 from gianrubio/review-prometheus 
Build namespace and ingress class as label
 2017-04-04 11:55:23 -03:00
Manuel de Brito Fontes
e0561ddeb9 Update nginx and generic controller 2017-04-04 11:51:50 -03:00
Manuel de Brito Fontes
c7c2a564a9 Update gce controller 2017-04-04 11:51:50 -03:00
Giancarlo Rubio
197acf0f2b Build namespace and ingress class as label 2017-04-04 16:23:40 +02:00
Manuel Alejandro de Brito Fontes
22c3226377 Merge pull request #550 from gianrubio/fix-args 
Fix args
 2017-04-04 09:16:43 -03:00
Giancarlo Rubio
c21f7ce666 OverrideFlags was called before parsing arguments (arguments was always empty) 
correct args order for newStatsCollector
 2017-04-04 13:15:06 +02:00
Manuel Alejandro de Brito Fontes
79f8019c5b Merge pull request #493 from aledbf/update-nginx 
Update nginx and vts module
 2017-04-03 19:33:05 -03:00
Manuel de Brito Fontes
bc68f9eea3 Update nginx and vts module 2017-04-02 16:07:38 -03:00
Manuel de Brito Fontes
4103537ea1 Fix lint errors 2017-04-02 11:07:07 -03:00
Manuel Alejandro de Brito Fontes
02cd3ce885 Merge pull request #225 from electroma/nginx/extauth_headers 
Support for http header passing from external authentication service
 2017-04-01 20:40:29 -03:00
Manuel Alejandro de Brito Fontes
c14d0d852b Merge pull request #532 from aledbf/ssl_ecdh_curve 
Add setting to configure ecdh curve
 2017-03-31 11:55:44 -03:00
Manuel de Brito Fontes
8e41bdd3d4 Add setting to configure ecdh curve 2017-03-30 23:23:14 -03:00
Manuel de Brito Fontes
3fc79625e6 Fix link to examples 2017-03-30 23:13:43 -03:00
Manuel de Brito Fontes
7e86cfe64b Fix link to custom nginx configuration 2017-03-30 23:01:45 -03:00
Manuel de Brito Fontes
cf82f694de Avoid negative values configuring the max number of open files 2017-03-30 10:10:47 -03:00
Manuel Alejandro de Brito Fontes
39feaf10df Merge pull request #516 from aledbf/workers-auto 
Convert WorkerProcesses setting to string to allow the value auto
 2017-03-28 19:59:22 -03:00
Manuel de Brito Fontes
1278a97dc6 Convert WorkerProcesses setting to string to allow the value auto 2017-03-28 19:58:09 -03:00
Andreas Kohn
9dcac88b3d Fix typos regarding the ssl-passthrough annotation documentation 2017-03-27 10:19:21 +02:00
Manuel de Brito Fontes
40f9064ca3 Add information about SSL Passthrough annotation 2017-03-26 17:25:05 -03:00
Manuel Alejandro de Brito Fontes
f5211458ce Merge pull request #454 from danielqsj/master 
Pass request port to real server
 2017-03-26 08:01:11 -03:00
rsafronov
6d07d32003 Merge branch 'upstream' into nginx/extauth_headers 2017-03-24 20:25:18 -04:00
Canh Ngo
46a42a2905 Adds support for CORS with Authorization header 2017-03-23 16:17:47 +01:00
Canh Ngo
df76382055 Adds support for CORS on error responses 2017-03-23 16:17:37 +01:00
Nick Sardo
116fbe8c33 Merge pull request #477 from nicksardo/glbc-service-watch 
[GLBC] Sync ingress when default backend service is modified.
 2017-03-22 13:08:30 -07:00
Nick Sardo
a94d31e87d glbc: watch backend service 2017-03-22 13:07:37 -07:00
Nick Sardo
0a75f42884 Merge pull request #479 from matthewg/master 
Add 35.191.0.0/16 range to GCE firewalls
 2017-03-22 10:22:46 -07:00
Thomas Peitz
3b55e09e23 Remove unnecessary quote in nginx log format 2017-03-22 15:48:15 +01:00
Matthew Sachs
04b87d5945 Add 35.191.0.0/16 range to GCE firewalls (issue #478) 2017-03-22 00:18:26 -07:00
Nick Sardo
509aaf10c6 Merge pull request #472 from nicksardo/git-ignore-glbc 
[gce] Add .gitignore
 2017-03-21 12:43:19 -07:00
shijunqian
43469a8179 Pass request port to real server 2017-03-21 10:33:11 +08:00
Nick Sardo
3706f32639 git ignore glbc 2017-03-20 16:36:18 -07:00
chentao1596
37bdb3952e fix all go style mistakes about fmt.Errorf 2017-03-17 08:35:55 +08:00