45995525e7
Retry to download maxmind DB if it fails ( #7242 )
...
* Retry to download maxmind DB if it fails.
Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>
* Add retries count arg, move retry logic into DownloadGeoLite2DB function
Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>
* Reorder parameters in DownloadGeoLite2DB
Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>
* Remove hardcoded value
Signed-off-by: Sergey Shakuto <sshakuto@infoblox.com>
2021-08-10 11:24:39 -07:00
8b2db80433
Update configmap.md ( #7462 )
2021-08-08 05:19:30 -07:00
2d90ba14f5
Change all master reference to main ( #7369 )
2021-08-06 17:07:29 -07:00
c51a509ad8
correct ingress-controller naming ( #7450 )
2021-08-06 12:41:30 -07:00
390bd257e7
Add documentation for monitoring without helm ( #7455 )
...
* Add documentation for monitoring without helm
As someone who is currently learning Kubernetes without using helm, I wasn't able to get the ingress controller to export metrics without asking someone more experienced for help.
I think a bit more information would be a good addition for my fellow Kubernetes newcomers.
If there are any wording/ formatting issues, I will be happy to update this.
* Fix typo
2021-08-06 11:57:30 -07:00
f222c752be
Enable session affinity for canaries ( #7371 )
2021-07-29 14:23:19 -07:00
9e274dd41c
fix for #7197 & #7285 ( #7361 )
2021-07-16 06:28:09 -07:00
20b6202620
changed syntax from v1beta1 to v1 ( #7362 )
2021-07-16 04:38:09 -07:00
65ce8cfbdf
Issue #7153 : Add note about matching host names in TLS user guide ( #7239 )
2021-06-13 10:17:03 -07:00
e2f421b9f4
fixing wording for #7094 ( #7218 )
2021-06-06 12:52:38 -07:00
11d4ddca8e
Revert "feat: multiple-cors-allow-origin support ( #7134 )" ( #7168 )
...
This reverts commit 8a55801cc0
2021-05-27 05:38:24 -07:00
8a55801cc0
feat: multiple-cors-allow-origin support ( #7134 )
2021-05-23 09:13:39 -07:00
d08b742453
Merge pull request #6838 from peter-miroshnikov/annotations_custom_timeout_docs
...
Adding note to Custom Timeouts in Annotation Docs.
2021-05-03 03:40:02 -07:00
afe10c862b
Merge pull request #6942 from rwaweber/proxyrealipcidr_docs
...
[docs]: proxy-real-ip-cidr, mention default and comma-separated behavior
2021-04-29 07:58:51 -07:00
b39679911a
Merge pull request #6895 from webwurst/patch-5
...
Update link to moved repo
2021-04-29 07:06:51 -07:00
01b30a2fa0
Update the link on ketama
2021-04-03 17:23:53 +09:00
08250deedc
updating test-runner/echo in code, docs fixup
2021-03-29 12:29:48 -04:00
71c8ef119d
add support for the jaeger propagation format
...
adding default, testing w3c traceparent is propagated
2021-03-26 12:33:24 -04:00
c90d33c313
Merge pull request #6884 from timmysilv/tracing-endpoint
...
jaeger-endpoint feature for non-agent trace collectors
2021-03-09 10:59:05 -08:00
cdaf1bdd84
docs: proxy-real-ip-cidr
...
Mention default setting and comma-separated list behavior.
2021-03-08 22:03:39 -05:00
ef714ae52f
Allow multiple publish status addresses
2021-02-26 16:57:54 -05:00
3901261b43
Update link to moved repo
2021-02-22 17:14:49 +01:00
28280de175
jaeger-endpoint configmap attribute
2021-02-18 17:29:35 -05:00
4787a51ad5
Adding note to Custom Timeouts in Annotation Docs.
...
It wasnt clear that the timeout values come unitless and in seconds from firsts glance.
Adding a simple note i belive will help.
2021-02-04 11:05:11 +01:00
11f0053d59
Added docs to clear up PROXY definition
...
The current documentation does not provide information for the difference between `:PROXY` and `::PROXY`. I have added a bit of documentation that defines the difference between the two `PROXY` fields.
2021-01-27 11:27:54 -08:00
54b13bd216
Add flag to allow setting a shutdown grace period
2021-01-27 14:09:04 +01:00
15eff8220a
fix the documentation for the proxy-ssl-secret and the auth-tls-secret annotations
2021-01-06 09:41:01 +00:00
8c193a2297
fix link in annotation docs
2021-01-05 09:24:23 -05:00
e0dece48f7
Add Global Rate Limiting support
2021-01-04 17:47:07 -05:00
bbf831afae
add string split function to template funcMap
2020-12-29 13:57:30 +08:00
a8728f3d2c
Spelling
2020-12-15 16:10:48 -05:00
11825698ff
fix log-format-upstream sample
...
- Align column names to snake case.
- Align the space.
2020-12-03 23:14:06 +09:00
35338c4193
Merge pull request #6553 from agile6v/stream
...
fixes: allow user to specify the maxmium number of retries in stream block
2020-12-02 03:08:51 -08:00
06f53bcf05
feat: allow user to specify the maxmium number of retries in stream block.
2020-12-02 14:54:14 +08:00
948265f2e8
indicate configuration for DHE based ciphers
2020-12-01 16:43:11 +01:00
e3a3ea8826
Merge pull request #6294 from ianbuss/auth-error-redirect-param
...
Allow customisation of redirect URL parameter in external auth redirects
2020-11-23 01:27:37 -08:00
1152e80058
Fix typo
2020-11-17 16:03:20 +09:00
f6a430775c
docs(annotations): explicit redirect status code
2020-11-15 00:31:04 +01:00
3eb440d5ac
Update test images
2020-10-29 19:34:05 -03:00
fb6a03ffb4
Merge pull request #6331 from kundan2707/pathType
...
fix for 6219
2020-10-15 06:26:24 -07:00
f7372d603e
fix for 6219
2020-10-15 12:18:25 +05:30
57b10f5693
Add datadog environment as a configuration option
...
(cherry picked from commit 4306558baa595606cd6befff08c8c815d6fe2bd4)
2020-10-12 13:52:15 -07:00
41cf628bdf
Add a configurable URL redirect parameter for error URLs
2020-10-08 12:53:46 +01:00
d4152c74fc
Sync user guide with config defaults changes
...
PRs #6226 and #6143 changed the configuration defaults but didn't update
all the configuration defaults docs in the user guide.
This PR updates the user guide to be in sync with the defaults.
Signed-off-by: Stevo Slavić <sslavic@gmail.com>
2020-10-05 10:15:06 +02:00
6fd891f3df
Merge pull request #6217 from touchifyapp/@feature/cors-expose-headers
...
Add annotation to configure CORS Access-Control-Expose-Headers
2020-09-26 16:52:48 -07:00
a990ac3910
Change defaults
2020-09-24 21:33:56 -03:00
b7b85175f6
Add annotation to configure CORS Access-Control-Expose-Headers
2020-09-23 17:41:52 +02:00
d4a817325c
Update annotations.md
...
Improvements to the documentation of Client Certificate Authentication. (auth-tls-* annotations).
- Mention that these rules are applied per host and not per Ingress/path
- Include more possible and default values
- Describe the headers that are sent to the upstream services
2020-09-23 09:51:08 +02:00
e050ff1b9f
disable session tickets by default
2020-09-18 00:08:00 -04:00
87aa96b468
Change server-tokens default value to false
2020-09-17 09:52:07 -03:00
93cd78aa45
Docs: remove redundant --election-id arg from Multiple Ingresses
2020-09-15 13:55:24 -04:00
b1c64fa822
Merge pull request #6101 from GianOrtiz/burst
...
Add annotation to set value for burst multiplier on rate limit
2020-09-10 05:09:45 -07:00
d1e0da7a36
Fixed proxy protocol link
2020-09-04 17:41:11 +08:00
3820aa416b
Add annotation to set value for burst multiplier on rate limit
2020-08-30 19:43:08 -03:00
903e511b9d
fix: log warning if empty ingress class is monitored. Improve docs related to --ingress-class
2020-08-21 09:25:43 +02:00
743439e75b
Added missing backend protocol.
...
As per https://kubernetes.github.io/ingress-nginx/user-guide/fcgi-services/
2020-08-14 11:16:53 +02:00
c500bd4b3f
Merge pull request #4139 from choffmeister/fix/collect-metrics-if-metrics-per-host-false
...
Always collect metrics when --metrics-per-host=false
2020-08-08 12:02:19 -07:00
2baca9e32a
Merge branch 'add-opentracing-operation-name-settings' of https://github.com/JorritSalverda/ingress-nginx into add-opentracing-operation-name-settings
2020-07-23 11:42:44 -07:00
d52141c2b9
Add enable-real-ip
2020-07-15 15:25:29 -04:00
c0629e92c2
Add proxy-ssl-server-name to enable passing SNI
2020-07-03 14:14:32 +08:00
3402d07ff0
doc: update docs and fixed typos ( #5821 )
2020-07-01 10:02:52 -04:00
a3f2be6b90
Fixup docs for the ingress-class flag.
...
According to this issue, there is no way to handle all ingress classes.
https://github.com/kubernetes/ingress-nginx/issues/3101
2020-06-26 13:12:48 -04:00
f232a264ab
Add default-type as a configurable for default_type
2020-06-21 11:10:51 +08:00
8242fc712c
Fix typo
2020-06-09 14:14:58 +02:00
99aad291a5
Merge pull request #5656 from agile6v/dev
...
feat: add http-access-log-path and stream-access-log-path options in configMap
2020-06-08 06:27:46 -07:00
1e6cd68e79
Add URL to official grafana dashboards
...
Convert from italic text to clickable link.
2020-06-08 00:19:52 +02:00
fc1c043437
Add http-access-log-path and stream-access-log-path options in configMap
2020-06-05 01:27:26 +08:00
ee84603d06
Add minor doc fixes to user guide and chart readme
2020-06-03 17:54:41 +12:00
d061375afa
Merge pull request #5571 from agile6v/dev
...
feat: support the combination of Nginx variables for annotation upstream-hash-by.
2020-06-01 15:10:14 -07:00
c035a144f8
Support the combination of nginx variables and text value for annotation upstream-hash-by.
2020-06-01 06:37:41 +08:00
ee02d897d5
Merge pull request #5534 from agile6v/master
...
Add annotation ssl-prefer-server-ciphers.
2020-05-29 08:35:16 -07:00
c52d55a2ed
Use ingress-nginx-* naming in docs to match the default deployment
2020-05-17 21:27:56 +03:00
41d82005ec
Add annotation ssl-prefer-server-ciphers.
2020-05-11 16:31:08 +08:00
4a36c804e6
Add 0-RTT warning
2020-05-08 12:40:11 +02:00
ef75a2d6fc
Merge remote-tracking branch 'upstream/master' into fix/collect-metrics-if-metrics-per-host-false
2020-05-01 14:57:00 +02:00
7fbf4977e3
Merge pull request #5319 from MrAmbiG/patch-1
...
Example names violate DNS naming stadards
2020-04-28 10:52:07 -07:00
0d2c6db75e
Merge pull request #5358 from praseodym/update-tls-configuration
...
Update TLS configuration
2020-04-28 07:46:08 -07:00
f9ae784541
Remove lua-resty-waf docs
2020-04-22 17:42:18 -04:00
90d07d7b69
Fix from-to-www link
2020-04-17 19:41:25 -04:00
d18fa90cfd
Add e2e test for OCSP and new configmap setting
2020-04-17 12:53:47 -04:00
0257068b9b
Fix plugin README.md link
2020-04-14 11:48:23 -04:00
b60e25f1db
ingress-nginx lua plugins documentation
2020-04-14 09:47:58 -04:00
049b25e566
Update TLS configuration
...
Enable TLSv1.3 by default and update list of ciphers. The new
configuration matches the 'Intermediate' configuration recommended by
the Mozilla SSL Configuration Generator:
https://ssl-config.mozilla.org/#server=nginx&version=1.17.7&config=modern&openssl=1.1.1d&guideline=5.4
2020-04-13 17:46:33 +02:00
c0db19b0ec
Enable configuration of plugins using configmap
2020-04-13 11:38:42 -04:00
9c6873a55d
Remove deprecated flags and update docs
2020-04-12 10:07:33 -04:00
12dddcca17
docs: fix use-gzip wrong markdown style
2020-04-11 14:28:04 +08:00
f3050740ef
Example names violate DNS naming stadards
...
Original names which gave errors: myServiceA, myServiceB
Alatere suggestions:
myServiceA --> myservicea, my_service_a, my-service-a
myServiceB --> myserviceb, my_service_b, my-service-b
2020-04-02 23:17:20 +05:30
19770f5b41
Merge remote-tracking branch 'base/master' into fix/collect-metrics-if-metrics-per-host-false
2020-03-13 07:17:49 +01:00
e001b5a5b7
I found a typo :)
...
Change *onyl* to * only*
2020-02-27 23:05:37 -03:00
141ea59b7f
Allows overriding the server name used to verify the certificate of the proxied HTTPS server
2020-02-25 13:32:14 +01:00
35264d6e8f
Merge pull request #5114 from whalecold/match
...
Feat: add header-pattern annotation.
2020-02-24 17:07:36 -08:00
6cd223558f
Merge pull request #4981 from janosi/proxy-ssl-scope
...
Applying proxy-ssl-* directives on locations only
2020-02-24 15:53:36 -08:00
0b33650bb8
Feat: canary supports using specific match strategy to match header value.
2020-02-21 10:02:20 +08:00
f97599c189
Use correct spelling of "Original"
...
Fix the spelling of "original" in the annotations documentation
2020-02-20 16:45:26 +11:00
a90452774a
ingress-path-matching: doc typo
...
A small typo in the README describing the path matching.
2020-02-18 10:19:53 -08:00
d48d5a61ae
Add gzip-min-length as a configurable
2020-02-14 13:29:51 +07:00
0365a7c172
Remove minikube and only use kind ( #5059 )
2020-02-12 20:19:57 -03:00
2c5819e1b3
Add flag to allow custom ingress status update intervals ( #5050 )
2020-02-10 16:52:50 -03:00
5e54f66ab2
Merge pull request #5040 from BrianKopp/samesite-followup
...
Update documentation and remove hack fixed by upstream cookie library
2020-02-10 10:25:53 -08:00
34b6d083b8
Cleanup docs ( #5043 )
2020-02-09 20:50:27 -03:00
34b194c770
Update documentation and remove hack fixed by upstream cookie library
2020-02-08 11:54:52 -07:00
b3146354d4
Refactor mirror feature
2020-02-05 10:39:55 -03:00
beef9fae2d
Merge pull request #4949 from BrianKopp/same-site
...
Add SameSite support - omit None for old browsers
2020-01-31 03:50:21 -08:00
3f4da0fa0f
added hint why regular expressions might not be accepted
...
Kubernetes validates all regular expressions using RE2 which does not support the full syntax of PCRE which uses NGINX.
see: #4989
2020-01-30 19:22:41 +01:00
1b523390bb
Add SameSite=None support and conditionally omit SameSite=None for backwards compatibility
2020-01-29 14:30:00 -07:00
bc79fe1532
Add: documentation for proxy-ssl-location-only
2020-01-29 10:00:55 +01:00
74944b99e9
Enable download of GeoLite2 databases ( #4896 )
2020-01-08 19:46:43 -03:00
d7be5db7de
Support sample rate and global sampling configuration for Datadog in ConfigMap
2020-01-07 16:59:59 -08:00
8bf155d0d7
Fixed documentation for FCGI annotation.
2019-12-19 03:48:55 +03:00
0dce5be743
Migrate ingress definitions from extensions to networking.k8s.io
2019-12-12 21:25:00 -03:00
010ec6f159
Remove extra annotation when Enabling ModSecurity
...
Since version 0.25, if you try to use both annotations of:
nginx.ingress.kubernetes.io/modsecurity-snippet: |
Include /etc/nginx/owasp-modsecurity-crs/nginx-modsecurity.conf
Include /etc/nginx/modsecurity/modsecurity.conf
and
nginx.ingress.kubernetes.io/enable-modsecurity: "true"
it breaks nginx config and you will not catch it unless you have nginx admission controller enabled.
You do not need the annotation of `Include /etc/nginx/modsecurity/modsecurity.conf` from version 0.25
2019-11-28 15:16:09 +00:00
b286c2a336
Merge pull request #4732 from willthames/enable-opentracing-annotation
...
Allow enabling/disabling opentracing for ingresses
2019-11-26 17:31:21 -08:00
0ae463a5f3
Provide annotation to control opentracing
...
By default you might want opentracing off, but on for a particular
ingress.
Similarly, you might want opentracing globally on, but disabled for
a specific endpoint. To achieve this, `opentracing_propagate_context`
cannot be set when combined with `opentracing off`
A new annotation, `enable-opentracing` allows more fine grained control
of opentracing for specific ingresses.
2019-11-27 11:07:26 +10:00
6b0a6ec8b3
Fix extra word
2019-11-20 19:01:56 -06:00
73aaf0ff28
Update annotations.md
...
Add links to proxy-buffering section
2019-11-13 12:54:42 +09:00
0b38a48ac9
Update annotations.md
...
Add notes of limit-rate/limit-rate-after
2019-11-13 12:49:59 +09:00
d1eea794e9
Fix broken links in documentation ( #4746 )
2019-11-08 16:22:52 -03:00
2771095b8c
Merge pull request #4727 from nothinux/master
...
update docs, remove output in prometheus deploy command
2019-11-08 09:02:14 -08:00
0d244e1c41
Merge pull request #4730 from stamm/master
...
add configuration for http2_max_concurrent_streams
2019-11-08 07:12:29 -08:00
a0dc3a9a51
Merge pull request #4695 from janosi/secure-verify-ca-secret
...
Removing secure-verify-ca-secret support
2019-11-08 07:12:21 -08:00
d9cfad1894
add configuration for http2_max_concurrent_streams
2019-10-31 15:13:38 +03:00
d8c2d38a39
remove output in prometheus deploy command
2019-10-31 10:29:14 +07:00
40e0e5bef8
add proxy-max-temp-file-size doc
2019-10-23 09:55:46 +02:00
bd4b62029d
Merge pull request #4694 from panpan0000/add-remote-addr-into-l4-logs
...
Enhancement : add remote_addr in TCP access log
2019-10-20 19:39:37 -07:00
ee24bf1bbc
Doc: Add `remote_addr` into default values in configmap for TCP logging format
2019-10-21 10:18:17 +08:00
31227d61c2
Removing secure-verify-ca-secret support and writing an error log if that annotation is used in an Ingress definition
2019-10-18 10:58:57 +02:00
ad17d71387
Adding some documentation about the use of metrics-per-host and enable-metrics cmd line flags
2019-10-17 17:22:49 -06:00
fb025ab501
Merge pull request #4087 from MRoci/master
...
Define Modsecurity Snippet via ConfigMap
2019-09-30 15:19:32 -07:00
d5d2b4037c
Fix ports collision when hostNetwork=true ( #4617 )
2019-09-28 17:30:57 -03:00
72c4ffa8b5
add modsecurity-snippet key
2019-09-28 09:54:07 +02:00
6715108d8a
Release 0.26.0
2019-09-27 10:23:12 -03:00
50b6715f06
Merge pull request #4604 from aledbf/2353
...
Change default for proxy-add-original-uri-header
2019-09-25 07:28:00 -07:00
2bd8121338
Change default for proxy-add-original-uri-header
2019-09-25 10:57:31 -03:00
ceddec4ea0
Merge pull request #4588 from multi-io/patch-1
...
tls user guide --default-ssl-certificate clarification
2019-09-25 06:14:00 -07:00
ea5add6f5c
Rollback change of ModSecurity setting SecAuditLog
2019-09-24 14:53:44 -03:00
786a3b6862
Add support for configmap of headers to be sent to external auth service
2019-09-24 10:53:23 -04:00
f6c2f5fb97
Merge pull request #4514 from alexmaret/4475-stickyness-mode
...
Added new affinity mode for maximum session stickyness.
2019-09-24 05:09:27 -07:00
1a5e2d57a6
tls user guide --default-ssl-certificate clarification
...
Evidently the `--default-ssl-certificate` option is used not only for the catch-all server, but also for all ingress `tls:` sections that don't have a `secretName` option. This doesn't seem to be documented anywhere, hence this change.
2019-09-23 12:35:10 +02:00
c1ed6db468
Fix spelling and remove local reference of 404 docker image ( #4581 )
2019-09-22 16:08:47 -03:00
4b4176c830
Fix log format after #4557
2019-09-18 12:52:09 -03:00
87ad033483
Merge pull request #4569 from mkabischev/jaeger-header-configuration
...
allow to configure jaeger header names
2019-09-17 20:29:29 -07:00
d5563a7e47
allow to configure jaeger header names
2019-09-17 12:35:53 +03:00
846ff00363
Merge pull request #4560 from Shopify/basic-auth-map
...
Support configuring basic auth credentials as a map of user/password hashes
2019-09-16 07:52:39 -07:00
376b862c23
Add annotation to support map of user/pass pairs in basic auth
2019-09-13 11:33:33 -04:00
9af574a234
Remove the_real_ip variable
2019-09-12 20:01:33 -03:00
d7dc7be276
Fix relative links ( #4522 )
2019-09-03 09:02:07 -04:00
2ba1a9e71a
fix typo ( #4520 )
2019-09-02 17:29:37 -04:00
9170591185
Added new affinity mode for maximum session stickyness. Fixes kubernetes/ingress-nginx#4475
2019-08-30 11:40:29 +02:00
8def5ef7ca
Add support for multiple alias and remove duplication of SSL certificates ( #4472 )
2019-08-26 10:58:44 -04:00
7d6ce5701f
Fix log format markdown ( #4489 )
2019-08-24 22:48:17 -04:00
2c604e7d38
Add rate limit units and error status
...
Signed-off-by: Tim Hobbs <timothy.hobbs@ic-consult.com>
2019-08-22 16:03:41 +02:00
65b9e2c574
Merge branch 'master' of https://github.com/kubernetes/ingress-nginx into proxyssl
2019-08-16 06:21:53 +02:00
0b375989f3
Merge pull request #4412 from Shopify/ssl-early-data
...
Add nginx ssl_early_data option support
2019-08-15 10:08:35 -07:00
b21c721196
lua-shared-dicts improvements, fixes and documentation
2019-08-14 22:10:56 -04:00
adef152db8
Merge pull request #4379 from diazjf/mirror
...
Allow Requests to be Mirrored to different backends
2019-08-13 17:52:24 -07:00
f459515d0d
Add quote function in template
...
Co-authored-by: Charle Demers <charle.demers@gmail.com>
2019-08-09 15:47:29 -04:00
4a9b02bc03
Remove dynamic TLS records
2019-08-08 15:52:56 -04:00
7219130da4
Add nginx ssl_early_data option support
2019-08-07 16:04:09 -04:00
386486e969
Allow Requests to be Mirrored to different backends
...
Add a feature which allows traffic to be mirrored to
additional backends. This is useful for testing how
requests will behave on different "test" backends.
See https://nginx.org/en/docs/http/ngx_http_mirror_module.html
2019-08-01 11:53:58 -05:00
72271e9313
FastCGI backend support ( #2982 )
...
Co-authored-by: Pierrick Charron <pierrick@adoy.net>
2019-07-31 10:39:21 -04:00
cbc5d3a917
duplicate argument "--disable-catch-all"
2019-07-22 14:48:23 +03:00
5e64b6834c
Add [$proxy_alternative_upstream_name]
...
https://github.com/kubernetes/ingress-nginx/pull/4246
2019-07-19 07:36:13 +08:00
def13fc06c
Add proxy_ssl_* directives
...
Add support for backends which require client certificate (eg. NiFi)
authentication. The `proxy-ssl-secret` k8s annotation references a
secret which is used to authenticate to the backend server. All other
directives fine tune the backend communication.
The following annotations are supported:
* proxy-ssl-secret
* proxy-ssl-ciphers
* proxy-ssl-protocol
* proxy-ssl-verify
* proxy-ssl-verify-depth
2019-07-18 03:21:52 +02:00
589c9a20f9
Merge pull request #4278 from moolen/feat/auth-req-cache
...
feat: auth-req caching
2019-07-17 12:06:12 -07:00
23504db770
feat: auth-req caching
...
add a way to configure the `proxy_cache_*` [1] directive for external-auth.
The user-defined cache_key may contain sensitive information
(e.g. Authorization header).
We want to store *only* a hash of that key, not the key itself on disk.
[1] http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_key
Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2019-07-17 18:39:04 +02:00
3b0c523e49
added proxy-http-version annotation to override the HTTP/1.1 default connection type to reverse proxy backends
2019-07-08 14:32:00 -04:00
cd25a0c17a
adjust docs
2019-07-01 10:24:09 -04:00
ef4b560499
Update annotations.md
2019-06-20 20:19:11 -04:00
f77eaaee50
Add opentracing-operation-name and opentracing-location-operation-name config settings
...
With these settings custom span names can be used for the server span and location span
Signed-off-by: Jorrit Salverda <jsalverda@travix.com>
2019-06-07 14:19:34 +02:00
e76418cd99
Merge pull request #4162 from stramel/patch-1
...
Add "text/javascript" to compressible MIME types
2019-06-06 11:35:34 -07:00
686f2310e4
Add "text/javascript" to compressible MIME types
...
Based on the HTML Standard, https://html.spec.whatwg.org/multipage/scripting.html#scriptingLanguages , servers _should_ use `text/javascript`.
2019-06-06 13:11:56 -05:00
286ff13af2
Merge pull request #4048 from fedunineyu/change-upstream-on-error-with-sticky-session
...
Change upstream on error when sticky session balancer is used
2019-06-06 07:22:17 -07:00
4a913fac2a
Add clarification on how to enable path matching
...
The fact that you need to explicitly add the annotation is easy to miss.
This makes this more explicit, while leaving the finer details to the
linked annotations document.
2019-06-05 11:14:50 +10:00
413450d7f6
Fix typo in docs
2019-06-01 11:07:24 +02:00
3ee5161cca
Always collect metrics when --metrics-per-host=false
2019-05-31 12:31:10 +02:00
254629cf16
Added support for annotation `session-cookie-change-on-failure`
...
1. Session cookie is updated on previous attempt failure when `session-cookie-change-on-failure = true` (default value is `false`).
2. Added tests to check both cases.
3. Updated docs.
Co-Authored-By: Vladimir Grishin <yadolov@users.noreply.github.com>
2019-05-27 13:00:07 +03:00
dfa7f10fc9
Merge pull request #4055 from nicknovitski/kustomize
...
Rearrange deployment files into kustomizations
2019-05-25 14:43:50 -07:00
73c70e28b4
Clear up some inconsistent / unclear wording
...
IPv6 enabled/disabled working was confusing or contradicting itself. This updates the wording to what is expected, based on the default values in the table above, and the behaviour that I could find in code.
2019-05-21 15:27:58 +02:00
616b1e239a
UPT: Opentracing configmap documentation
2019-05-21 18:14:33 +08:00
d468cd5ec5
UPT: Modify configmap to include jaeger sampler host and jaeger sampler port
2019-05-21 17:54:29 +08:00
51ad0bc54b
Rearrange deployment files into kustomizations
2019-05-19 12:35:54 -07:00
19501b217d
Merge pull request #4089 from alanjcastonguay/docs/use-gzip-configmap-defaults
...
Docs: configmap: use-gzip
2019-05-18 04:09:14 -07:00
ddc2ce5c70
Update configmap about adding custom locations
2019-05-17 21:39:40 +02:00
f5b090518d
Docs: configmap: use-gzip
...
Move the "gzip-types" value default from the "use-gzip" to the "gzip-types"
heading, and link to it from use-gzip.
Document that the "use-gzip" default is "true", matching the style of other
configmap items.
2019-05-15 13:09:45 -04:00
4811168d2a
Fixed typos
2019-05-06 09:04:12 +02:00
8cc9afe8ee
Added Global External Authentication settings to configmap parameters incl. addons
2019-05-03 12:08:16 +02:00
1cd17cd12c
Implement a validation webhook
...
In case some ingress have a syntax error in the snippet configuration,
the freshly generated configuration will not be reloaded to prevent tearing down existing rules.
Although, once inserted, this configuration is preventing from any other valid configuration to be inserted as it remains in the ingresses of the cluster.
To solve this problem, implement an optional validation webhook that simulates the addition of the ingress to be added together with the rest of ingresses.
In case the generated configuration is not validated by nginx, deny the insertion of the ingress.
In case certificates are mounted using kubernetes secrets, when those
changes, keys are automatically updated in the container volume, and the
controller reloads it using the filewatcher.
Related changes:
- Update vendors
- Extract useful functions to check configuration with an additional ingress
- Update documentation for validating webhook
- Add validating webhook examples
- Add a metric for each syntax check success and errors
- Add more certificate generation examples
2019-04-18 19:07:04 +02:00
ffeb1fe348
Support proxy_next_upstream_timeout
2019-04-15 11:08:57 -04:00
39ecab8d5a
Merge pull request #3954 from Shopify/lb-configmap
...
Fix load-balance configmap value
2019-04-02 05:10:34 -07:00
4f819b6256
Fix load-balance configmap value
2019-04-01 15:55:36 -04:00
fd1f200eb4
fix typo: delete '`'
...
fix typo: delete '`'
2019-03-29 13:42:03 +08:00
1bef3e75b2
Set `X-Request-ID` for the `default-backend`, too.
2019-03-22 11:33:11 +01:00
1d59e4f1fe
enable dynamic SSL mode by default
2019-03-17 14:58:06 -04:00
1e96671e26
Remove sort-backends flag from cli docs
2019-03-12 14:48:05 -04:00
68038eec63
Make sure cli-arguments doc is in alphabetical order
2019-03-12 14:43:05 -04:00
d8fe2d992b
Remove useless nodeip call and deprecate --force-namespace-isolation
2019-03-11 18:19:13 -04:00
d3ac73be79
Remove session-cookie-hash annotation
2019-03-04 10:34:48 -05:00
8b3702c829
Enable access log for default backend
...
disable log on default_server
2019-02-26 11:14:31 +03:00
3865e30a00
Changes CustomHTTPErrors annotation to use custom default backend
...
Updates e2e test
Removes focus from e2e test
Fixes renamed function
Adds tests for new template funcs
Addresses gofmt
Updates e2e test, fixes custom-default-backend test by creating service
Updates docs
2019-02-24 22:48:56 +01:00
7b2495047f
Merge pull request #3781 from zoumo/proxy-buffer-number
...
feat: configurable proxy buffers number
2019-02-22 12:11:46 -08:00
Sergey Shakuto
Sergey Lanzman
Ricardo Katz
Benedikt
Jennifer Kirsch
wasker
Long
kevgrig
James Strong
Alex Zhang
Kubernetes Prow Robot
shuheiktgw
Matthew Silverman
rwaweber
AnaClaudia
Tobias Bradtke
peter-miroshnikov
Gerard Hickey
Björn Carlsson
Laszlo Janosi
Elvin Efendi
andyxning
Josh Soref
inosato
agile6v
Matthieu Paret
Round_Robin
Julien Bouquillon
Manuel Alejandro de Brito Fontes
Kundan Kumar
Aditya Purandare
Ian Buss
Stevo Slavić
Maxime LUCE
Daniel Albuschat
Caleb Lloyd
ozhuang
Gian Ortz
Tore Lønøy
Goran
Bernard Van De Walle
David Schwartz
Zhongcheng Lao
Mason Staugler
mengqi.wmq
Julian Rüth
Michał Sochoń
chamilad
Edgars Beigarts
Mark Janssen
Christian Hoffmeister
Weihang Lo
Gajendra D Ambi
Luis Valdés
schaefec
Lisheng Zheng
James Taylor
Jack Lindamood
Daniel Arifin
BrianKopp
Herr-Sepp
Sungmin Lee
Denis Boulas
Sablu Miah
Will Thames
Matt Busche
Syunsuke Komma
Rustam Zagirov
nothinux
Carlos Panato
Peter Pan
Matthew Wickman
MRoci
A Gardner
Olaf Klischat
Mike Kabischev
Rui Lopes
Alexander Maret-Huskinson
Tim Hobbs
Gabor Lekeny
Pierrick Charron
Maxime Ginters
Fernando Diaz
Charle Demers
Oguzhan Inan
Jude Zhu
Moritz Johner
E. Stuart Hicks
Tristan Matthews
Jorrit Salverda
Michael Stramel
Nikolas Skoufis
Eugene Fedunin
MMeent
reynaldi.wijaya
Nick Novitski
Kevin Simper
Alan J Castonguay
okryvoshapka-connyun
Thibault Jamet
Alex Kursell
Alan
Gregor Noczinski
Mikhail Marchenko
jasongwartz