28a42686a5
Correctly format ipv6 resolver config for lua
...
It seems that when support was added for parsing resolv_conf directly a regression was introduced which effectively breaks anyone with ipv6 resolvers.
Regression of #3895
2019-09-06 21:18:07 -07:00
880b3dc5f1
Fixed test findings.
2019-08-30 19:08:03 +02:00
881e352d68
Converted sticky session balancers into separate classes.
2019-08-30 18:07:24 +02:00
9170591185
Added new affinity mode for maximum session stickyness. Fixes kubernetes/ingress-nginx#4475
2019-08-30 11:40:29 +02:00
76c2063be8
Code Review changes. Remove duplicate tests.
2019-08-26 14:00:59 -05:00
1f8ab60e40
Adds Wilcard check for hostname. Adds wildcard hostname tests.
2019-08-26 14:00:44 -05:00
57db904c92
fix lua certificate handling tests
2019-08-26 13:05:05 -04:00
8def5ef7ca
Add support for multiple alias and remove duplication of SSL certificates ( #4472 )
2019-08-26 10:58:44 -04:00
30b64df10a
ewma improvements
2019-08-15 13:13:43 -04:00
dd0fe4b458
Merge pull request #4422 from ElvinEfendi/lua-resolv-conf-search
...
teach lua about search and ndots settings in resolv.conf
2019-08-14 17:36:33 -07:00
0d690fba1a
Merge pull request #4356 from aledbf/only-dynamic-mode
...
Only support SSL dynamic mode
2019-08-14 17:08:35 -07:00
7b4655bb39
teach lua about search and ndots settings in resolv.conf
2019-08-14 18:03:30 -04:00
d46b4148fa
Lua /etc/resolv.conf parser and some refactoring
2019-08-13 18:34:54 -04:00
80bd481abb
Only support SSL dynamic mode
2019-08-13 17:33:34 -04:00
8f5fa78e1a
regression test
2019-07-26 10:18:31 -04:00
6f7b66fc7d
memoize balancer for a request
2019-07-26 09:35:58 -04:00
b424ad2681
avoid warning during lua unit test
2019-07-11 18:24:13 -04:00
97d3a0ddab
fix lua lints
2019-07-08 13:51:24 -04:00
8b208cac93
introduce proxy_alternative_upstream_name Nginx var to differentiate canary requests
2019-07-04 19:43:20 -04:00
0e5913310d
dynamic cert mode should understand domain with trailing dot
2019-07-04 17:30:41 -04:00
27df697dde
introduce ngx.var.balancer_ewma_score
2019-07-03 16:50:22 -04:00
b66f9e329d
override least recently used entries when certificate_data dictionary is full
2019-07-01 10:18:40 -04:00
2b46c3a056
fix monitor test after move to openresty
2019-06-24 14:21:19 -04:00
57a0542fa3
Merge pull request #4187 from s-shirayama/add_unit_test_case_for_balancer_lua_module
...
Add unit test cases for balancer lua module
2019-06-13 09:02:20 -07:00
6f0d6b38b8
Add unit test case for canary by header
2019-06-11 22:34:33 +09:00
0ff679baa7
Add unit test case for canary by cookie
2019-06-11 22:34:30 +09:00
e9f4c0bb0e
Add unit test case for canary by weight
2019-06-11 22:34:24 +09:00
7a15f52cf1
Add unit test case for balancer.route_to_alternative_balancer()
2019-06-11 22:34:05 +09:00
e2c6202324
bugfix: check all previously failing upstreams, not just the last one
2019-06-07 10:00:31 -04:00
b9b1ffb1d5
simplify sticky balancer
2019-06-06 16:32:33 -04:00
83f2acbe38
Session Affinity ChangeOnFailure should be boolean
2019-06-06 11:22:05 -04:00
254629cf16
Added support for annotation `session-cookie-change-on-failure`
...
1. Session cookie is updated on previous attempt failure when `session-cookie-change-on-failure = true` (default value is `false`).
2. Added tests to check both cases.
3. Updated docs.
Co-Authored-By: Vladimir Grishin <yadolov@users.noreply.github.com>
2019-05-27 13:00:07 +03:00
0e9e40a60b
use nkeys for counting lua table elements
2019-05-26 18:15:15 -04:00
dc7fa885a2
log info when endpoints change for a balancer
2019-05-25 23:50:18 -04:00
93f00b2143
fix luacheck warning
2019-04-13 15:26:48 -04:00
45add6cb7d
better certificate lua unit tests
2019-04-13 14:01:44 -04:00
42c207c548
handle default certificate correctly in Lua
2019-04-13 12:32:06 -04:00
f067712824
better logging in certificate.lua
2019-04-13 12:32:06 -04:00
8f81538b0d
lua plugin system
2019-04-04 09:25:22 -04:00
87e962682f
properly parse x-forwarded-host
2019-03-31 15:10:45 -04:00
496ff07bf1
replace some of the Nginx configuration to Lua code
2019-03-31 12:04:52 -04:00
6c1a7f1efd
Add support for IPV6 resolvers
2019-03-21 11:23:47 -03:00
d3ac73be79
Remove session-cookie-hash annotation
2019-03-04 10:34:48 -05:00
c96eae3015
Add /dbg certs command
2019-02-25 11:38:07 -05:00
15d5ef95ef
Merge pull request #3740 from Shopify/session-annotation-reload
...
Fix ingress updating for session-cookie-* annotation changes
2019-02-19 15:14:21 -08:00
c180a0998b
Fix session-cookie-* annotation reloading
2019-02-19 17:27:08 -05:00
f6aded2c51
Fix DNS failures in L4 services
2019-02-17 14:12:10 -08:00
d9845c79c5
Merge pull request #3671 from moonming/randomseed-bugfix
...
bugfix: fixed duplicated seeds.
2019-02-10 11:33:42 -08:00
018a1e4d94
respond with 503 when there are no endpoints
...
* related to:
* https://github.com/kubernetes/ingress-nginx/issues/3070
* https://github.com/kubernetes/ingress-nginx/issues/3335
* add a 503 test
* test a service that starts out empty
(a.k.a. ingress-nginx controller (re-)start)
* test scaling up (should route traffic accordingly)
* test scaling down to empty service
* use custom deployments for scaling test.
* provide a fix by updating the lua table (cache) of the configured backends
to unset the backend if there are no endpoints available.
2019-02-03 11:43:47 +01:00
d4d25f6fb4
Merge pull request #3619 from minherz/add-canary-header-by-value
...
add header-value annotation
2019-02-01 14:45:54 -08:00
57440c9464
fix issue with failing e2e tests
2019-02-01 22:11:09 +02:00
de2a1ece6d
add header-value annotation
...
add new annotation (header-value)
parse it and propogate to lua script
alter balancer rule to include it into the canary routing logic
add e2e test to validate fallback for canary-by-header-value
add description of canary-by-header-value to documentation
2019-01-30 23:23:44 +02:00
8ea7501d8b
added more error info and keep test cases.
2019-01-21 17:32:18 +08:00
a36961f9f9
used table functions of LuaJIT for better performance.
2019-01-19 11:16:31 +08:00
1d37e83a18
used cjson.safe instead of pcall.
2019-01-18 23:12:22 +08:00
c782f22c5d
fixed test case for math.randomseed.
2019-01-18 10:08:33 +08:00
011062967a
bugfix: fixed duplicated seeds.
...
ngx.time() + ngx.worker.pid() maybe get duplicated seeds. get from /dev/urandom first.
2019-01-18 00:21:25 +08:00
1db9c91af4
Merge pull request #3363 from skeeey/master
...
Document for cookie expires annotation
2019-01-14 07:52:28 -08:00
39dd0c50da
Remove stickyness cookie domain from Lua balancer to match old behavior ( #3648 )
2019-01-11 22:24:45 -03:00
7aa5834948
add cookie expires document and fix a flaw for session-cookie-expires
2019-01-11 15:35:39 +08:00
ba7b542d78
canary by cookie should support hypen in cookie name
2019-01-08 13:15:02 -05:00
60b983503b
Consistent hashing to a subset of nodes. It works like consistent hash,
...
but instead of mapping to a single node, we map to a subset of nodes.
2019-01-03 01:32:52 -03:00
4896b064ca
lua randomseed per worker
2018-12-20 17:09:29 +04:00
ee3a8fe581
Merge pull request #3505 from Shopify/watch-pod-lua
...
Update lua configuration_data when number of controller pod change
2018-12-17 00:10:30 -08:00
f90881b367
Update lua configuration_data when number of controller pod change
2018-12-14 13:34:54 -05:00
ff8bfb6a86
Fix --enable-dynamic-certificates for nested subdomain
2018-12-12 09:16:39 -05:00
f03c8a8544
testing that a secure cookie gets set when being in ssl mode
...
Signed-off-by: Fabian Topfstedt <topfstedt@schneevonmorgen.com>
2018-12-06 09:08:25 +01:00
6c46adf2b7
reverted changing $https globally in the unit tests
...
Signed-off-by: Fabian Topfstedt <topfstedt@schneevonmorgen.com>
2018-12-06 09:01:08 +01:00
1e31767b51
[1759] Ingress affinity session cookie with Secure flag for HTTPS
...
Signed-off-by: Fabian Topfstedt <topfstedt@schneevonmorgen.com>
2018-12-04 10:51:52 +01:00
a4bad90f1f
fix an ewma unit test
2018-12-03 15:56:58 +04:00
7ae2583ff9
dynamic certificate mode should support widlcard hosts
2018-11-29 15:41:34 +04:00
c03ac375ef
test for ewma:after_balance function
2018-11-26 17:20:26 +04:00
f81f06151d
store ewma stats per backend
2018-11-26 16:59:26 +04:00
8aac340203
Merge pull request #3453 from Shopify/monitor-fixes
...
Monitor fixes
2018-11-21 09:28:24 -08:00
d8b928f501
remove already unused endpoint metric
2018-11-21 20:05:44 +04:00
068d633e81
fix Status key conflic, fixes https://github.com/kubernetes/ingress-nginx/issues/3451
2018-11-21 20:03:15 +04:00
2b109b360b
Only set cookies on paths that enable session affinity
2018-11-19 11:42:12 -05:00
82721e575d
Merge pull request #3372 from Shopify/session-cookie-path
...
Add annotation for session affinity path
2018-11-19 07:25:32 -08:00
50b29feb4a
Add annotation for session affinity path
2018-11-19 09:15:24 -05:00
af2dce901d
Fix tests
2018-11-18 08:17:18 -03:00
654eceda46
Add tcp e2e test
2018-11-16 21:07:52 -03:00
168f30d1ec
Revert removal of support for TCP and UDP services
2018-11-16 13:48:47 -03:00
764740a09a
be more defensive when deciding alternative balancer
2018-11-13 16:03:26 +04:00
41c925f390
bugfix: set canary attributes when initializing balancer
2018-11-13 15:44:57 +04:00
17cad51e47
Merge pull request #3341 from Shopify/canary_upstream
...
Add canary annotation and alternative backends for traffic shaping
2018-11-06 12:22:16 -08:00
412cd70d3a
implement canary annotation and alternative backends
...
Adds the ability to create alternative backends. Alternative backends enable
traffic shaping by sharing a single location but routing to different
backends depending on the TrafficShapingPolicy defined by AlternativeBackends.
When the list of upstreams and servers are retrieved, we then call
mergeAlternativeBackends which iterates through the paths of every ingress
and checks if the backend supporting the path is a AlternativeBackend. If
so, we then iterate through the map of servers and find the real backend
that the AlternativeBackend should fall under. Once found, the
AlternativeBackend is embedded in the list of VirtualBackends for the real
backend.
If no matching real backend for a AlternativeBackend is found, then the
AlternativeBackend is deleted as it cannot be backed by any server.
2018-11-06 13:13:14 -05:00
3838145a8c
Remove reloads when there is no endpoints
2018-11-06 09:26:04 -03:00
3477df4c12
pass static-check
2018-11-02 17:17:29 +08:00
c74e59fa4c
Use second as cookie expires unit
2018-11-02 17:05:38 +08:00
ce6e564f82
merge from master
2018-11-02 13:13:24 +08:00
9e639f9788
fix sticky session implementation
2018-10-30 16:23:08 +04:00
38279366a5
add e2e test for cookie annotations
2018-10-30 19:27:21 +08:00
7de718f359
pass code static-check
2018-10-29 15:39:43 +08:00
ad57c76b73
Support cookie expires
2018-10-29 15:21:10 +08:00
3cbfd63992
Refactor EWMA to not use shared dictionaries
2018-10-25 22:33:42 +04:00
3dc21ead49
do not hardcode the path
2018-09-17 10:52:21 +08:00
e73510d818
fix some typos
...
Signed-off-by: Lei Gong <lgong@alauda.io>
2018-09-08 21:49:04 +08:00
72112fe9d0
Merge pull request #2966 from Shopify/add-sticky-unit-tests
...
Add unit tests for sticky lua module
2018-08-23 20:32:16 -07:00
cbf041fc3e
Add Lua module to serve SSL Certificates dynamically
2018-08-23 22:15:54 -04:00
32426b95e6
Add reset_ngx method to sticky_test.lua
2018-08-23 14:09:08 -04:00
c7b75970ca
Refactor ngx mock and indent using 2 spaces
2018-08-23 14:02:42 -04:00
14145b3129
Update tests to account for balance() return value
2018-08-21 15:07:32 -04:00
86c1b1211c
Add unit tests for sticky lua module
2018-08-21 14:22:44 -04:00
27cd1af4a7
fix variable parsing when key is number
2018-08-21 13:42:21 -04:00
2207d7694d
batch metrics and flush periodically
2018-08-18 13:17:21 -04:00
7a3c8f2536
suppress stdout during lua test run
2018-08-16 14:12:33 -04:00
589069d566
wrap IPv6 addresses into square brackets
2018-08-16 14:12:10 -04:00
4b07e73e5d
refactor lua balancer and fix ipv6 issue
2018-08-16 13:03:41 -04:00
9d26a68b17
Add Backends unit tests to configuration_test.lua
2018-08-15 15:59:26 -04:00
5200a38bd7
Add lua endpoint to handle certificates in dynamic configuration mode
2018-08-07 08:18:34 -04:00
a2692ce946
fix issues introduced in #2804
2018-07-26 14:23:51 -04:00
d4faf68416
add support for ExternalName service type in dynamic mode
2018-07-25 09:05:47 -04:00
fcaf337b30
cleanup lua tests
2018-07-21 22:36:05 -04:00
1542a12764
Refactor controller metrics interface
2018-07-12 12:46:34 -04:00
479a519630
Use docker to build go binaries
2018-07-06 23:48:40 -04:00
6c8647a27d
Remove prometheus labels with high cardinality
2018-06-25 09:43:56 -04:00
cb4755835e
refactor some lua code
2018-06-19 12:46:49 +04:00
c4ec773966
Use a unix socket instead udp for reception of metrics ( #2652 )
2018-06-17 11:04:03 -04:00
966e9f5e25
Add monitor lua module
2018-06-13 22:54:31 -04:00
b4e6513fc8
make sure `after_balance` is actually otional
...
add inline comment to make LB algorithm change detection logic clearer
also require port in addition to host
2018-05-28 16:08:53 -04:00
04b7356190
fix ewma.balance and add unit tests for it
2018-05-28 15:51:58 -04:00
da3a87646a
make sure balancer gets deleted when ther is no backend
2018-05-28 15:51:58 -04:00
e9dc275b81
refactor balancer into more testable and extensible interface
2018-05-28 15:51:58 -04:00
7ac4e1db30
fix bug with lua sticky session implementation and refactor balancer
2018-05-16 21:00:39 -04:00
44ddd8abba
force backend sync when worker starts
2018-05-14 17:08:23 -04:00
992a68de23
upstream-hash-by should override load-balance annotation
2018-05-10 13:47:19 -04:00
6cb28e059c
use roundrobin from lua-resty-balancer library and refactor balancer.lua
2018-05-10 13:47:19 -04:00
2ce9196ecf
upstream-hash-by annotation support for dynamic configuraton mode
2018-04-27 14:28:43 -04:00
9533aa45cc
Merge pull request #2408 from Shopify/updated-buffered-backends
...
Read backends data even if buffered to temp file
2018-04-24 14:09:02 -07:00
d3d383d1cc
Endpoint Awareness: Read backends data from tmp file as well
...
Actually read from the file
Logs probably shouldn't assume knowledge of implementation detail
Typos
Added integration test, and dynamic update config refactor
Don't force the 8k default
Minimal test case to make the configuration/backends request body write to temp file
Leverage new safe config updating methods, and use 2 replicas instead of 4
Small refactor
Better integration test, addresses other feedback
Update bindata
2018-04-24 15:07:59 -04:00
0d0d33aec9
add balancer unit tests
2018-04-24 12:10:57 -04:00
4f9865529a
Add busted unit testing framework for lua code
2018-04-23 10:46:28 -04:00
6ed256dde6
Add session affinity to custom load balancing
2018-04-12 14:21:42 -04:00
a6fe800a47
lua-resty-waf controller ( #2304 )
2018-04-08 17:37:13 -03:00
931e541fb7
Fix bug when auth req is enabled(external authentication) ( #2280 )
...
* set proxy_upstream_name correctly when auth_req module is used
* log a more meaningful message when backend is not found
2018-03-30 14:19:33 -03:00
6e099c5f57
Add EWMA as configurable load balancing algorithm ( #2229 )
2018-03-23 12:06:21 -03:00
977cfcb4c7
add luacheck to lint lua files ( #2205 )
2018-03-18 13:31:49 -03:00
c90a4e811e
Live Nginx (re)configuration without reloading ( #2174 )
2018-03-18 10:13:41 -03:00
Thomas Jackson
Alexander Maret-Huskinson
Zovin Khanmohammed
Elvin Efendi
Manuel Alejandro de Brito Fontes
Kubernetes Prow Robot
s-shirayama
Eugene Fedunin
Alex Kursell
Kevin Pullin
Tim Reddehase
minherz
WenMing
Maximilian Gaß
liuwei
Diego Woitasen
Maxime Ginters
Fabian Topfstedt
Zenara Daley
Conor Landry
Henry Tran
Hui Chen
Lei Gong
Francisco Mejia
Andrew Louis
Zenara Daley
halfcrazy