DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5402 commits 4 branches 217 tags 166 MiB
Commit graph

788 commits

Author SHA1 Message Date
Christian Hoffmeister
19770f5b41 Merge remote-tracking branch 'base/master' into fix/collect-metrics-if-metrics-per-host-false 2020-03-13 07:17:49 +01:00
Luis Valdés
e001b5a5b7
I found a typo :) 
Change *onyl* to * only*
 2020-02-27 23:05:37 -03:00
schaefec
141ea59b7f Allows overriding the server name used to verify the certificate of the proxied HTTPS server 2020-02-25 13:32:14 +01:00
Kubernetes Prow Robot
35264d6e8f
Merge pull request #5114 from whalecold/match 
Feat: add header-pattern annotation.
 2020-02-24 17:07:36 -08:00
Kubernetes Prow Robot
6cd223558f
Merge pull request #4981 from janosi/proxy-ssl-scope 
Applying proxy-ssl-* directives on locations only
 2020-02-24 15:53:36 -08:00
Manuel Alejandro de Brito Fontes
f1f90ef495
Release 0.30.0 (#5155) 2020-02-24 09:34:19 -03:00
Lisheng Zheng
0b33650bb8 Feat: canary supports using specific match strategy to match header value. 2020-02-21 10:02:20 +08:00
James Taylor
f97599c189
Use correct spelling of "Original" 
Fix the spelling of "original" in the annotations documentation
 2020-02-20 16:45:26 +11:00
Manuel Alejandro de Brito Fontes
f6c0faa6eb Update list of e2e tests 2020-02-19 21:24:08 -03:00
Jack Lindamood
a90452774a
ingress-path-matching: doc typo 
A small typo in the README describing the path matching.
 2020-02-18 10:19:53 -08:00
Manuel Alejandro de Brito Fontes
5c4155d9c7
Generate doc with list of e2e tests (#5093) 2020-02-16 21:39:12 -03:00
Kubernetes Prow Robot
6bd5cef01d
Merge pull request #5081 from FernFerret/patch-1 
Fixed incorrect documentation of cli flag --default-backend-service
 2020-02-15 04:49:27 -08:00
Manuel Alejandro de Brito Fontes
eedcdcdbf6
Release 0.29.0 (#5075) 2020-02-15 08:28:22 -03:00
Eric Stokes
4b317389e6
Fixed incorrect cli flag --default-backend 
The flag stated in the example readme is `--default-backend` but passing that (or looking at --help`) for the ingress controller shows:

unknown flag: --default-backend
...
      --default-backend-service string          Service used to serve HTTP requests not matching any known server name (catch-all).
                                                Takes the form "namespace/name". The controller configures NGINX to forward
                                                requests to the first port of this Service.

ref: https://github.com/kubernetes/ingress-nginx/blob/master/cmd/nginx/flags.go#L55
 2020-02-15 08:33:42 +00:00
Kubernetes Prow Robot
eb6e36fac7
Merge pull request #5071 from triodan/gzip-min-length 
Add gzip-min-length as a Configuration Option
 2020-02-14 10:22:17 -08:00
Benoit Perrot
dab11bdf4e oauth-external-auth: README.md: Link to oauth2-proxy, dashboard-ingress.yaml 2020-02-14 15:42:46 +01:00
Daniel Arifin
d48d5a61ae Add gzip-min-length as a configurable 2020-02-14 13:29:51 +07:00
Christopher M. Luciano
d13135329a
docs: reference buildx as a requirement for docker builds 
Signed-off-by: Christopher M. Luciano <cmluciano@us.ibm.com>
 2020-02-13 14:19:39 -05:00
Manuel Alejandro de Brito Fontes
0365a7c172
Remove minikube and only use kind (#5059) 2020-02-12 20:19:57 -03:00
Manuel Alejandro de Brito Fontes
2c5819e1b3
Add flag to allow custom ingress status update intervals (#5050) 2020-02-10 16:52:50 -03:00
Kubernetes Prow Robot
5e54f66ab2
Merge pull request #5040 from BrianKopp/samesite-followup 
Update documentation and remove hack fixed by upstream cookie library
 2020-02-10 10:25:53 -08:00
Kubernetes Prow Robot
352003c7de
Merge pull request #5032 from shashankv02/fix_yaml 
Fix fortune-teller app manifest
 2020-02-09 16:53:52 -08:00
Manuel Alejandro de Brito Fontes
34b6d083b8
Cleanup docs (#5043) 2020-02-09 20:50:27 -03:00
Kubernetes Prow Robot
e5aaf15639
Merge pull request #5041 from armujahid/imgbot 
36.94% size reduction of image assets using lossless compression from ImgBot
 2020-02-08 12:49:53 -08:00
Abdul Rauf
54dac873fd [ImgBot] Optimize images 
*Total -- 1,383.42kb -> 872.43kb (36.94%)

/docs/images/jaeger-demo.png -- 141.39kb -> 70.07kb (50.44%)
/docs/images/zipkin-demo.png -- 119.85kb -> 60.54kb (49.48%)
/deploy/grafana/dashboards/screenshot.png -- 606.25kb -> 328.93kb (45.74%)
/docs/images/prometheus-dashboard.png -- 112.45kb -> 80.67kb (28.26%)
/docs/images/elb-l7-listener.png -- 36.84kb -> 28.26kb (23.29%)
/docs/images/baremetal/cloud_overview.jpg -- 47.11kb -> 37.87kb (19.61%)
/docs/images/baremetal/baremetal_overview.jpg -- 37.34kb -> 30.15kb (19.26%)
/docs/images/baremetal/hostnetwork.jpg -- 40.53kb -> 33.71kb (16.82%)
/docs/images/baremetal/metallb.jpg -- 49.01kb -> 40.85kb (16.65%)
/docs/images/grafana.png -- 83.87kb -> 69.98kb (16.56%)
/docs/images/baremetal/nodeport.jpg -- 47.23kb -> 39.53kb (16.3%)
/docs/images/baremetal/user_edge.jpg -- 61.56kb -> 51.85kb (15.77%)

Signed-off-by: ImgBotApp <ImgBotHelp@gmail.com>
 2020-02-09 01:01:35 +05:00
BrianKopp
34b194c770 Update documentation and remove hack fixed by upstream cookie library 2020-02-08 11:54:52 -07:00
Shashank Veerapaneni
c9f4ed9283 fix formatting 2020-02-07 13:28:26 +05:30
Shashank Veerapaneni
003d1efdfd add selecrtor labels 2020-02-07 13:27:35 +05:30
Abdul Rauf
dbb0970393
docs(deploy): fix helm install command for helm v3 (#5020) 
--name flag has been removed from helm and is now mandatory
 helm install [NAME] [CHART] [flags]
 2020-02-06 20:47:28 -03:00
Kubernetes Prow Robot
4befa8cc8a
Merge pull request #5015 from aledbf/mirror 
Refactor mirror feature
 2020-02-05 08:55:56 -08:00
Manuel Alejandro de Brito Fontes
b3146354d4 Refactor mirror feature 2020-02-05 10:39:55 -03:00
Laszlo Janosi
1cca9d9623 Update developer document on dependency updates 2020-02-05 14:14:52 +01:00
Benjamin P. Jung
d1f59ca2b4 Update python syntax in OAuth2 example 2020-02-02 13:23:01 +01:00
Kubernetes Prow Robot
beef9fae2d
Merge pull request #4949 from BrianKopp/same-site 
Add SameSite support - omit None for old browsers
 2020-01-31 03:50:21 -08:00
Herr-Sepp
3f4da0fa0f
added hint why regular expressions might not be accepted 
Kubernetes validates all regular expressions using RE2 which does not support the full syntax of PCRE which uses NGINX.

see: #4989
 2020-01-30 19:22:41 +01:00
Brian Kopp
1b523390bb Add SameSite=None support and conditionally omit SameSite=None for backwards compatibility 2020-01-29 14:30:00 -07:00
Laszlo Janosi
bc79fe1532 Add: documentation for proxy-ssl-location-only 2020-01-29 10:00:55 +01:00
Manuel Alejandro de Brito Fontes
19e9e9d7ed
Fix image version (#4977) 2020-01-28 08:56:12 -03:00
Manuel Alejandro de Brito Fontes
9fa3940089
Release 0.28.0 (#4970) 2020-01-28 07:56:33 -03:00
Manuel Alejandro de Brito Fontes
68dd1583e7
Fix ssl-dh-param example (#4946) 2020-01-17 16:17:39 -03:00
Manuel Alejandro de Brito Fontes
1257ded99e
Release 0.27.1 (#4929) 2020-01-15 15:03:37 -03:00
Andy Chen
d0f39109f9
Update README.md 2020-01-11 16:56:57 -08:00
Manuel Alejandro de Brito Fontes
77ddda7f61
Release 0.27.0 (#4906) 2020-01-11 18:04:18 -03:00
Manuel Alejandro de Brito Fontes
74944b99e9
Enable download of GeoLite2 databases (#4896) 2020-01-08 19:46:43 -03:00
Sungmin Lee
d7be5db7de Support sample rate and global sampling configuration for Datadog in ConfigMap 2020-01-07 16:59:59 -08:00
Dave Anderson
2fe3e92633
Correct MetalLB setup instructions. 
MetalLB IPs must not be shared with any other system. That includes DHCP servers and Kubernetes node IPs. IP conflicts result in hard to debug failures, and generally just doesn't work correctly.
 2020-01-04 16:21:55 -08:00
Manuel Alejandro de Brito Fontes
bcc7d98d8e Use yaml files from a particular tag, not from master 2020-01-04 15:56:25 -03:00
Manuel Alejandro de Brito Fontes
025d4eaceb Migrate to alpine linux 2020-01-04 13:23:16 -03:00
Denis Boulas
8bf155d0d7
Fixed documentation for FCGI annotation. 2019-12-19 03:48:55 +03:00
Manuel Alejandro de Brito Fontes
0dce5be743 Migrate ingress definitions from extensions to networking.k8s.io 2019-12-12 21:25:00 -03:00
Manuel Alejandro de Brito Fontes
d890303a3f
Fix markdown list (#4801) 2019-12-01 21:57:09 -03:00
Manuel Alejandro de Brito Fontes
e864fc7198
Update sysctl example (#4800) 2019-12-01 21:48:00 -03:00
Sablu Miah
010ec6f159
Remove extra annotation when Enabling ModSecurity 
Since version 0.25, if you try to use both annotations of:

nginx.ingress.kubernetes.io/modsecurity-snippet: |
Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf
Include /etc/nginx/modsecurity/modsecurity.conf

and 

nginx.ingress.kubernetes.io/enable-modsecurity: "true"

it breaks nginx config and you will not catch it unless you have nginx admission controller enabled. 

You do not need the annotation of `Include /etc/nginx/modsecurity/modsecurity.conf` from version 0.25
 2019-11-28 15:16:09 +00:00
Kubernetes Prow Robot
b286c2a336
Merge pull request #4732 from willthames/enable-opentracing-annotation 
Allow enabling/disabling opentracing for ingresses
 2019-11-26 17:31:21 -08:00
Will Thames
0ae463a5f3 Provide annotation to control opentracing 
By default you might want opentracing off, but on for a particular
ingress.

Similarly, you might want opentracing globally on, but disabled for
a specific endpoint. To achieve this, `opentracing_propagate_context`
cannot be set when combined with `opentracing off`

A new annotation, `enable-opentracing` allows more fine grained control
of opentracing for specific ingresses.
 2019-11-27 11:07:26 +10:00
Matt Busche
6b0a6ec8b3 Fix extra word 2019-11-20 19:01:56 -06:00
Kubernetes Prow Robot
e32f60fe38
Merge pull request #4749 from skomma/patch-1 
Update documentation for rate limiting
 2019-11-18 20:31:42 -08:00
Syunsuke Komma
73aaf0ff28
Update annotations.md 
Add links to proxy-buffering section
 2019-11-13 12:54:42 +09:00
Syunsuke Komma
0b38a48ac9
Update annotations.md 
Add notes of limit-rate/limit-rate-after
 2019-11-13 12:49:59 +09:00
argeas
efc64c85a4 fix ingress name in get example 2019-11-13 02:24:48 +00:00
argeas
f5cf7e5566 set correct apiVersion 2019-11-13 02:23:27 +00:00
Manuel Alejandro de Brito Fontes
d1eea794e9
Fix broken links in documentation (#4746) 2019-11-08 16:22:52 -03:00
Kubernetes Prow Robot
2771095b8c
Merge pull request #4727 from nothinux/master 
update docs, remove output in prometheus deploy command
 2019-11-08 09:02:14 -08:00
Kubernetes Prow Robot
0d244e1c41
Merge pull request #4730 from stamm/master 
add configuration for http2_max_concurrent_streams
 2019-11-08 07:12:29 -08:00
Kubernetes Prow Robot
a0dc3a9a51
Merge pull request #4695 from janosi/secure-verify-ca-secret 
Removing secure-verify-ca-secret support
 2019-11-08 07:12:21 -08:00
Rustam Zagirov
d9cfad1894 add configuration for http2_max_concurrent_streams 2019-10-31 15:13:38 +03:00
nothinux
d8c2d38a39 remove output in prometheus deploy command 2019-10-31 10:29:14 +07:00
Carlos Panato
40e0e5bef8
add proxy-max-temp-file-size doc 2019-10-23 09:55:46 +02:00
Kubernetes Prow Robot
bd4b62029d
Merge pull request #4694 from panpan0000/add-remote-addr-into-l4-logs 
Enhancement : add remote_addr in TCP access log
 2019-10-20 19:39:37 -07:00
Peter Pan
ee24bf1bbc Doc: Add remote_addr into default values in configmap for TCP logging format 2019-10-21 10:18:17 +08:00
Laszlo Janosi
31227d61c2 Removing secure-verify-ca-secret support and writing an error log if that annotation is used in an Ingress definition 2019-10-18 10:58:57 +02:00
Matthew Wickman
ad17d71387 Adding some documentation about the use of metrics-per-host and enable-metrics cmd line flags 2019-10-17 17:22:49 -06:00
Valentin Rul
66c3d70208
Fixed upgrading example command 2019-10-16 14:58:30 +03:00
mantuliu
8a8959cd47
Fix documentation describing inaccurate issues 2019-10-16 13:48:35 +08:00
张潇
cabab54eab Increase the kubernetes 1.14 version to the installation prompt 2019-10-15 07:31:46 +08:00
Guangming Wang
e7590ef727 remove duplicated line in docs 
Signed-off-by: Guangming Wang <guangming.wang@daocloud.io>
 2019-10-01 10:08:45 +08:00
Kubernetes Prow Robot
fb025ab501
Merge pull request #4087 from MRoci/master 
Define Modsecurity Snippet via ConfigMap
 2019-09-30 15:19:32 -07:00
Manuel Alejandro de Brito Fontes
d5d2b4037c
Fix ports collision when hostNetwork=true (#4617) 2019-09-28 17:30:57 -03:00
MRoci
72c4ffa8b5
add modsecurity-snippet key 2019-09-28 09:54:07 +02:00
Manuel Alejandro de Brito Fontes
6715108d8a
Release 0.26.0 2019-09-27 10:23:12 -03:00
Kubernetes Prow Robot
50b6715f06
Merge pull request #4604 from aledbf/2353 
Change default for proxy-add-original-uri-header
 2019-09-25 07:28:00 -07:00
Manuel Alejandro de Brito Fontes
2bd8121338
Change default for proxy-add-original-uri-header 2019-09-25 10:57:31 -03:00
Kubernetes Prow Robot
ceddec4ea0
Merge pull request #4588 from multi-io/patch-1 
tls user guide --default-ssl-certificate clarification
 2019-09-25 06:14:00 -07:00
Manuel Alejandro de Brito Fontes
ea5add6f5c
Rollback change of ModSecurity setting SecAuditLog 2019-09-24 14:53:44 -03:00
A Gardner
786a3b6862 Add support for configmap of headers to be sent to external auth service 2019-09-24 10:53:23 -04:00
Kubernetes Prow Robot
f6c2f5fb97
Merge pull request #4514 from alexmaret/4475-stickyness-mode 
Added new affinity mode for maximum session stickyness.
 2019-09-24 05:09:27 -07:00
Olaf Klischat
1a5e2d57a6
tls user guide --default-ssl-certificate clarification 
Evidently the `--default-ssl-certificate` option is used not only for the catch-all server, but also for all ingress `tls:` sections that don't have a `secretName` option. This doesn't seem to be documented anywhere, hence this change.
 2019-09-23 12:35:10 +02:00
Manuel Alejandro de Brito Fontes
ba38153561
Update kubectl-plugin docs (#4582) 2019-09-22 16:39:19 -03:00
Manuel Alejandro de Brito Fontes
c1ed6db468
Fix spelling and remove local reference of 404 docker image (#4581) 2019-09-22 16:08:47 -03:00
Manuel Alejandro de Brito Fontes
4b4176c830
Fix log format after #4557 2019-09-18 12:52:09 -03:00
Kubernetes Prow Robot
87ad033483
Merge pull request #4569 from mkabischev/jaeger-header-configuration 
allow to configure jaeger header names
 2019-09-17 20:29:29 -07:00
Mike Kabischev
d5563a7e47 allow to configure jaeger header names 2019-09-17 12:35:53 +03:00
Kubernetes Prow Robot
846ff00363
Merge pull request #4560 from Shopify/basic-auth-map 
Support configuring basic auth credentials as a map of user/password hashes
 2019-09-16 07:52:39 -07:00
A Gardner
376b862c23 Add annotation to support map of user/pass pairs in basic auth 2019-09-13 11:33:33 -04:00
Manuel Alejandro de Brito Fontes
9af574a234
Remove the_real_ip variable 2019-09-12 20:01:33 -03:00
Kubernetes Prow Robot
74031cc8b8
Merge pull request #4528 from aledbf/clean-docker 
Cleanup of docker images
 2019-09-03 18:04:58 -07:00
Manuel Alejandro de Brito Fontes
dc20551288
Cleanup of docker images 2019-09-03 19:10:40 -04:00
Ricardo Katz
9c51676f17 Add support to CRL (#3164) 
Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>

Add support to CRL

Signed-off-by: Ricardo Pchevuzinske Katz <ricardo.katz@serpro.gov.br>
 2019-09-03 16:47:28 -04:00
Tobias Bradtke
d7dc7be276 Fix relative links (#4522) 2019-09-03 09:02:07 -04:00
Rui Lopes
2ba1a9e71a fix typo (#4520) 2019-09-02 17:29:37 -04:00
Alexander Maret-Huskinson
9170591185 Added new affinity mode for maximum session stickyness. Fixes kubernetes/ingress-nginx#4475 2019-08-30 11:40:29 +02:00
Manuel Alejandro de Brito Fontes
8def5ef7ca
Add support for multiple alias and remove duplication of SSL certificates (#4472) 2019-08-26 10:58:44 -04:00
Manuel Alejandro de Brito Fontes
7d6ce5701f
Fix log format markdown (#4489) 2019-08-24 22:48:17 -04:00
Tim Hobbs
2c604e7d38
Add rate limit units and error status 
Signed-off-by: Tim Hobbs <timothy.hobbs@ic-consult.com>
 2019-08-22 16:03:41 +02:00
Kubernetes Prow Robot
75d65bbd15
Merge pull request #4327 from leki75/proxyssl 
Add proxy_ssl_* directives
 2019-08-18 09:14:04 -07:00
Gabor Lekeny
65b9e2c574 Merge branch 'master' of https://github.com/kubernetes/ingress-nginx into proxyssl 2019-08-16 06:21:53 +02:00
Elvin Efendi
a8a68dd3f5 implementation proposal for zone aware routing 2019-08-15 23:31:47 -04:00
Elvin Efendi
d9de505341 KEP: availability zone aware routing 2019-08-15 19:46:36 -04:00
Kubernetes Prow Robot
0b375989f3
Merge pull request #4412 from Shopify/ssl-early-data 
Add nginx ssl_early_data option support
 2019-08-15 10:08:35 -07:00
Kubernetes Prow Robot
6948cd7d65
Merge pull request #4351 from aledbf/static-mode 
KEP: Remove static SSL configuration mode
 2019-08-14 21:26:33 -07:00
Elvin Efendi
b21c721196 lua-shared-dicts improvements, fixes and documentation 2019-08-14 22:10:56 -04:00
Kubernetes Prow Robot
0d690fba1a
Merge pull request #4356 from aledbf/only-dynamic-mode 
Only support SSL dynamic mode
 2019-08-14 17:08:35 -07:00
Kubernetes Prow Robot
adef152db8
Merge pull request #4379 from diazjf/mirror 
Allow Requests to be Mirrored to different backends
 2019-08-13 17:52:24 -07:00
Manuel Alejandro de Brito Fontes
80bd481abb
Only support SSL dynamic mode 2019-08-13 17:33:34 -04:00
Pierrick Charron
f459515d0d Add quote function in template 
Co-authored-by: Charle Demers <charle.demers@gmail.com>
 2019-08-09 15:47:29 -04:00
Kubernetes Prow Robot
8c472190d1
Merge pull request #4086 from jeroen92/issue-4038 
Resolve #4038, move X-Forwarded-Port variable to the location context
 2019-08-09 08:07:25 -07:00
Manuel Alejandro de Brito Fontes
4a9b02bc03
Remove dynamic TLS records 2019-08-08 15:52:56 -04:00
Maxime Ginters
7219130da4 Add nginx ssl_early_data option support 2019-08-07 16:04:09 -04:00
Jeroen Schutrup
39144bb987
Add documentation on how to build the Docker image for end-to-end testing 2019-08-06 17:00:56 +02:00
Manuel Alejandro de Brito Fontes
041a8457aa
Fix docs build due to an invalid link (#4389) 2019-08-01 19:57:09 -04:00
Fernando Diaz
386486e969 Allow Requests to be Mirrored to different backends 
Add a feature which allows traffic to be mirrored to
additional backends. This is useful for testing how
requests will behave on different "test" backends.

See https://nginx.org/en/docs/http/ngx_http_mirror_module.html
 2019-08-01 11:53:58 -05:00
Kubernetes Prow Robot
292aca7c7a
Merge pull request #4329 from steakunderscore/update-oauth2_proxy-docs 
Update references to oauth2_proxy
 2019-08-01 06:58:15 -07:00
otnielvh
3b34d56c92 Add support for psp 2019-08-01 09:45:58 +03:00
Kubernetes Prow Robot
c8a3710fb8
Merge pull request #4344 from Nuglif/fastcgi-backend-support 
Add FastCGI backend support (#2982)
 2019-07-31 11:20:14 -07:00
Charle Demers
72271e9313
FastCGI backend support (#2982) 
Co-authored-by: Pierrick Charron <pierrick@adoy.net>
 2019-07-31 10:39:21 -04:00
Manuel Alejandro de Brito Fontes
1abc11af90
Remove static SSL configuration mode 2019-07-25 09:19:06 -04:00
Kubernetes Prow Robot
e1f062dd53
Merge pull request #4348 from aledbf/kep 
KEP process
 2019-07-24 18:39:51 -07:00
Manuel Alejandro de Brito Fontes
cb33c4ed26
Start using KEPs for new features or breaking changes 2019-07-24 21:08:07 -04:00
Oguzhan Inan
cbc5d3a917
duplicate argument "--disable-catch-all" 2019-07-22 14:48:23 +03:00
Jude Zhu
5e64b6834c
Add [$proxy_alternative_upstream_name] 
https://github.com/kubernetes/ingress-nginx/pull/4246
 2019-07-19 07:36:13 +08:00
Henry Jenkins
b8cedabbff Update references to oauth2_proxy 
The custodian of the project has been shifted from [bitly] to [pusher].
So this diff updates these references.

[bitly]: https://github.com/bitly/oauth2_proxy
[pusher]: https://github.com/pusher/oauth2_proxy
 2019-07-18 07:59:22 +01:00
Gabor Lekeny
def13fc06c Add proxy_ssl_* directives 
Add support for backends which require client certificate (eg. NiFi)
authentication. The `proxy-ssl-secret` k8s annotation references a
secret which is used to authenticate to the backend server. All other
directives fine tune the backend communication.

The following annotations are supported:
* proxy-ssl-secret
* proxy-ssl-ciphers
* proxy-ssl-protocol
* proxy-ssl-verify
* proxy-ssl-verify-depth
 2019-07-18 03:21:52 +02:00
Kubernetes Prow Robot
589c9a20f9
Merge pull request #4278 from moolen/feat/auth-req-cache 
feat: auth-req caching
 2019-07-17 12:06:12 -07:00
Moritz Johner
23504db770 feat: auth-req caching 
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.

[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key

Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
 2019-07-17 18:39:04 +02:00
Kautilya Tripathi
d9c0ede20a
Update how-it-works.md 
Changed text to link
 2019-07-12 14:12:15 +05:30
E. Stuart Hicks
3b0c523e49 added proxy-http-version annotation to override the HTTP/1.1 default connection type to reverse proxy backends 2019-07-08 14:32:00 -04:00
Elvin Efendi
cd25a0c17a adjust docs 2019-07-01 10:24:09 -04:00
Roemer Hendrikx
ef3ebbeab5
Add notes on timeouts while using long GRPC streams 
GRPC streams longer than 60s hit multiple timeouts that NGINX has defined. Not all of them are easy to find, so I added some notes to the GRPC example to warn users of setting the correct timeouts if the wish their stream to not be aborted after 60 seconds.
 2019-06-25 10:29:39 +02:00
Tristan Matthews
ef4b560499
Update annotations.md 2019-06-20 20:19:11 -04:00
Manuel Alejandro de Brito Fontes
84102eec2b
Migrate to new networking.k8s.io/v1beta1 package 2019-06-13 11:32:39 -04:00
Jorrit Salverda
f77eaaee50 Add opentracing-operation-name and opentracing-location-operation-name config settings 
With these settings custom span names can be used for the server span and location span

Signed-off-by: Jorrit Salverda <jsalverda@travix.com>
 2019-06-07 14:19:34 +02:00
Kubernetes Prow Robot
e76418cd99
Merge pull request #4162 from stramel/patch-1 
Add "text/javascript" to compressible MIME types
 2019-06-06 11:35:34 -07:00
Michael Stramel
686f2310e4 Add "text/javascript" to compressible MIME types 
Based on the HTML Standard, https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguages, servers _should_ use `text/javascript`.
 2019-06-06 13:11:56 -05:00
Kubernetes Prow Robot
286ff13af2
Merge pull request #4048 from fedunineyu/change-upstream-on-error-with-sticky-session 
Change upstream on error when sticky session balancer is used
 2019-06-06 07:22:17 -07:00
Manuel Alejandro de Brito Fontes
78d6ce6e6e
Partially revert usage of kustomize for installation (#4159) 2019-06-05 10:59:38 -04:00
Nikolas Skoufis
4a913fac2a
Add clarification on how to enable path matching 
The fact that you need to explicitly add the annotation is easy to miss.
This makes this more explicit, while leaving the finer details to the
linked annotations document.
 2019-06-05 11:14:50 +10:00
Christian Hoffmeister
413450d7f6 Fix typo in docs 2019-06-01 11:07:24 +02:00
Christian Hoffmeister
3ee5161cca Always collect metrics when --metrics-per-host=false 2019-05-31 12:31:10 +02:00
Chuan Long
30d3505e7e
Update README.md for external-auth Test 4 
Title for Test 4 should be `secure service with valid auth header`. The current one is the same as Test 3.
 2019-05-29 13:23:20 -05:00
Eugene Fedunin
254629cf16 Added support for annotation session-cookie-change-on-failure 
1. Session cookie is updated on previous attempt failure when `session-cookie-change-on-failure = true` (default value is `false`).
2. Added tests to check both cases.
3. Updated docs.

Co-Authored-By: Vladimir Grishin <yadolov@users.noreply.github.com>
 2019-05-27 13:00:07 +03:00