f6f18a167d
Merge pull request #3532 from ArchangelSDY/ingress-update
...
Ignore updates of ingresses with invalid class
2018-12-07 04:28:14 -08:00
af460f7e15
Fix a bug with Canary becoming main server
2018-12-06 11:04:32 -05:00
ece5e1c678
Pass `k8sStore` to member functions by pointer
...
Passing `k8sStore` by value implies read and copy of `backendConfig`,
which is not protected by a mutex and may cause race conditions.
2018-12-06 22:11:19 +08:00
d58dbde5e3
Add a mutex to protect against simultaneous read/write to backend config
...
This addresses issues found by race detector.
2018-12-06 22:02:17 +08:00
9122c08b3e
Ignore updates of ingress with invalid class
2018-12-06 22:02:17 +08:00
05d2baede6
Fix log output format
...
Signed-off-by: Zhenhai Gao <gaozh1988@live.com>
2018-12-06 09:59:31 +08:00
68f344233b
Fix lint issues
2018-12-05 13:28:28 -03:00
1fed943b3d
Update process-exporter methods
2018-12-05 13:28:10 -03:00
2fa55eabf6
Replace glog with klog
2018-12-05 13:27:55 -03:00
06d33c16b5
Allow to disable NGINX metrics
2018-12-05 10:14:35 -03:00
c4ba23832a
Merge pull request #3474 from aledbf/improve-parsing
...
Improve parsing of annotations and use of Ingress wrapper
2018-12-05 03:33:18 -08:00
497246f8ba
Annotations cannot being empty
2018-12-02 16:07:46 -03:00
f78e2e3849
Only copy fields being used
2018-12-02 15:35:36 -03:00
67808c0ed8
Improve parsing of annotations and use of Ingress wrapper
2018-12-02 15:35:36 -03:00
4eabd535f9
be consistent with what Nginx supports
2018-12-02 22:20:56 +04:00
ccd7b890fd
Merge pull request #3492 from aledbf/fix-units
...
Fix data size validations
2018-12-02 09:01:12 -08:00
b80b19902a
Use opentracing_grpc_propagate_context when necessary
2018-12-01 16:31:10 -05:00
24f3e508b4
Merge pull request #3446 from Shopify/add_tests_merge_canary
...
add more testing for mergeAlternativeBackends
2018-11-30 14:22:44 -08:00
6098f6c0e7
Fix data size validations
2018-11-30 10:40:33 -03:00
e93763da6a
delete unused LoadBalanceAlgorithm
2018-11-28 14:49:37 +04:00
60569137ca
delete unused buildLoadBalancingConfig
2018-11-28 11:55:41 +04:00
710ea8c76f
Merge pull request #3333 from Shopify/dont-trust-by-default
...
breaking change: by default do not trust any client
2018-11-27 05:12:48 -08:00
b6b221aebb
Watch controller Pods list
2018-11-26 15:35:31 -05:00
988189cf9f
add more testing for mergeAlternativeBackends
...
- fix edge cases caught by new testing
2018-11-26 10:00:57 -05:00
8aac340203
Merge pull request #3453 from Shopify/monitor-fixes
...
Monitor fixes
2018-11-21 09:28:24 -08:00
d8b928f501
remove already unused endpoint metric
2018-11-21 20:05:44 +04:00
068d633e81
fix Status key conflic, fixes https://github.com/kubernetes/ingress-nginx/issues/3451
2018-11-21 20:03:15 +04:00
003027b800
Merge pull request #3443 from aledbf/initial-reload
...
Remove initial log error during reconfiguration
2018-11-21 05:44:54 -08:00
5d4dc78926
Remove initial log error during reconfiguration
2018-11-21 09:28:04 -03:00
c99716aadf
Merge pull request #3437 from Shopify/ingress-annotations
...
Use struct to pack Ingress and its annotations
2018-11-21 00:41:58 -08:00
a5341822d5
Increase log level when there is an invalid size value
2018-11-20 15:09:03 -03:00
12766cdfc6
Use struct to pack Ingress and its annotations
2018-11-20 09:38:22 -05:00
96f5ae6668
Merge pull request #3417 from Shopify/fix_canary_merge_self_def
...
bugfix: do not merge catch-all canary backends with itself
2018-11-20 05:03:52 -08:00
82721e575d
Merge pull request #3372 from Shopify/session-cookie-path
...
Add annotation for session affinity path
2018-11-19 07:25:32 -08:00
50b29feb4a
Add annotation for session affinity path
2018-11-19 09:15:24 -05:00
bf7ad0daca
Merge pull request #3374 from aledbf/restore-tcp-udp
...
Revert removal of support for TCP and UDP services
2018-11-18 08:33:29 -08:00
af2dce901d
Fix tests
2018-11-18 08:17:18 -03:00
654eceda46
Add tcp e2e test
2018-11-16 21:07:52 -03:00
168f30d1ec
Revert removal of support for TCP and UDP services
2018-11-16 13:48:47 -03:00
95b3042b6e
Add a Snippet for ModSecurity
...
Allows for the configuration of Mod Security rules via
a Snippet.
2018-11-14 23:31:27 -06:00
ec28539e43
bugfix: do not merge catch-all canary backends with itself
2018-11-13 13:20:15 -05:00
a22c656f30
Merge pull request #3409 from Shopify/client-max-body-size
...
Convert isValidClientBodyBufferSize to something more generic
2018-11-13 08:36:06 -08:00
0f3e2b9bf0
Convert isValidClientBodyBufferSize to something more generic and use it for client_max_body_size
2018-11-13 10:11:40 -05:00
2850fb538a
fix logging calls
2018-11-13 16:02:27 +08:00
5f3b48e16d
breaking change: do not trust x-forwarded-* headers by default
2018-11-13 10:35:59 +04:00
950a2f9174
Merge pull request #3387 from xichengliudui/fix181109
...
Modify the wrong function name
2018-11-09 06:14:55 -08:00
d2b1d37ee3
Modify the wrong function name
2018-11-08 15:17:40 -05:00
b3d789edca
Fix typos: reqrite -> rewrite
...
Signed-off-by: mooncake <xcoder@tenxcloud.com>
2018-11-09 00:54:51 +08:00
b85f1fa551
Fix typos
2018-11-08 17:04:46 +08:00
d97999c07d
Merge pull request #3309 from diazjf/modsecurity-location
...
Customize ModSecurity to be used in Locations
2018-11-07 09:29:01 -08:00
76aae20b64
fix the typos
2018-11-07 17:53:17 +08:00
5195600841
Allows ModSecurity to be configured per location
...
The following annotations will be added:
- enable-modsecurity
- enable-owasp-core-rules
- modsecurity-transaction-id
Fixes #3167
2018-11-06 22:24:31 -06:00
17cad51e47
Merge pull request #3341 from Shopify/canary_upstream
...
Add canary annotation and alternative backends for traffic shaping
2018-11-06 12:22:16 -08:00
412cd70d3a
implement canary annotation and alternative backends
...
Adds the ability to create alternative backends. Alternative backends enable
traffic shaping by sharing a single location but routing to different
backends depending on the TrafficShapingPolicy defined by AlternativeBackends.
When the list of upstreams and servers are retrieved, we then call
mergeAlternativeBackends which iterates through the paths of every ingress
and checks if the backend supporting the path is a AlternativeBackend. If
so, we then iterate through the map of servers and find the real backend
that the AlternativeBackend should fall under. Once found, the
AlternativeBackend is embedded in the list of VirtualBackends for the real
backend.
If no matching real backend for a AlternativeBackend is found, then the
AlternativeBackend is deleted as it cannot be backed by any server.
2018-11-06 13:13:14 -05:00
265f96bf14
Merge pull request #3344 from ecosia/jg-customerrors-per-ingress
...
Adds CustomHTTPErrors ingress annotation and test
2018-11-06 09:21:49 -08:00
0ebf0354cb
Adds CustomHTTPErrors ingress annotation and test
...
Adds per-server/location error-catch functionality to nginx template
Adds documentation
Reduces template duplication with helper function for CUSTOM_ERRORS data
Updates documentation
Adds e2e test for customerrors
Removes AllCustomHTTPErrors, replaces with template function with deduplication and adds e2e test of deduplication
Fixes copy-paste error in test, adds additional test cases
Reverts noop change in controller.go (unused now)
2018-11-06 16:47:52 +01:00
08d5ffabbf
Merge pull request #3367 from aledbf/503-restart
...
Remove reloads when there is no endpoints
2018-11-06 06:39:04 -08:00
d53b492d73
Merge pull request #3343 from abaruni/auth-snippet
...
Auth snippet
2018-11-06 04:37:34 -08:00
3838145a8c
Remove reloads when there is no endpoints
2018-11-06 09:26:04 -03:00
ecf605bf60
Merge pull request #3369 from SataQiu/fix-20181106
...
Fix some typos
2018-11-06 04:02:10 -08:00
c19f7eb1df
Merge pull request #3370 from xichengliudui/fix181106
...
Fix typo: whitlelist -> whitelist
2018-11-06 04:00:49 -08:00
a13ea30e6d
Fix typo: whitlelist -> whitelist
2018-11-06 04:59:03 -05:00
76b5a7b45e
fix typos
2018-11-06 15:58:56 +08:00
b511333130
add support for auth-snippet annotation
...
add test for new auth-snippet annotation
document auth-snippet annotation
add e2e test for auth-snippet annotation
add log warning and update documentation
2018-11-05 16:02:29 -06:00
b4c5af1b85
Merge pull request #3366 from mooncak/fix_typos
...
Fix some typos
2018-11-05 07:45:35 -08:00
4b518ec03c
Fix some typos
...
Signed-off-by: mooncake <xcoder@tenxcloud.com>
2018-11-05 22:10:11 +08:00
19cc5e5b96
Merge pull request #3345 from xichengliudui/fix181102
...
update annotation
2018-11-04 12:58:15 -08:00
c74e59fa4c
Use second as cookie expires unit
2018-11-02 17:05:38 +08:00
ce6e564f82
merge from master
2018-11-02 13:13:24 +08:00
648f8dfc20
update annotation
2018-11-01 23:50:08 -04:00
71ebe1cba5
Code linting
2018-10-30 20:46:48 -03:00
c9668dd40b
Fix e2e tests
2018-10-30 13:35:31 -03:00
bec97b36c7
Merge pull request #3321 from mbode/geoip2
...
Add configuration for geoip2 module
2018-10-30 05:09:38 -07:00
c27c57dc8b
Add configuration for geoip2 module
...
Based on closed PRs #2551 , #2755
2018-10-29 21:25:23 +01:00
fed013ab6f
Fix status update in case of connection errors
2018-10-29 13:01:41 -03:00
ad57c76b73
Support cookie expires
2018-10-29 15:21:10 +08:00
ed107a489a
Delete some extra words
2018-10-29 02:48:56 -04:00
3cbfd63992
Refactor EWMA to not use shared dictionaries
2018-10-25 22:33:42 +04:00
bc6f2e7016
Merge pull request #3285 from Shopify/probe-timeout
...
Add health-check-timeout as command line argument
2018-10-25 06:31:32 -07:00
063f652711
Merge pull request #3187 from DesmondHoLLM/feature/annotations-resty-lua
...
UPT: annotation enhancement for resty-lua-waf
2018-10-25 00:06:03 -07:00
bf03046a80
UPT: updated e2e test and default true for process-multipart-body annotation
2018-10-25 14:17:38 +08:00
9f2a0b6363
Add healthcheck timeout as CLA
2018-10-24 16:02:28 -04:00
9fe500319c
Merge pull request #3282 from SataQiu/fix-20181024
...
Fix some typos
2018-10-24 06:00:09 -07:00
51fffc653d
fix typos
2018-10-24 20:30:56 +08:00
4a71111d4c
Fix usages of %q formatting for numbers (%d)
...
This caused logs like "Adjusting ServerNameHashBucketSize variable to '@'"
2018-10-23 18:21:16 +03:00
bab521e81a
UPT: align waf options
2018-10-20 12:46:39 +08:00
04a89ce234
UPT: annotation enhancement for resty-lua-waf
2018-10-20 12:09:38 +08:00
cdb244e579
fix two bugs with backend-protocol annotation
2018-10-19 09:11:21 -04:00
ad89a93a29
Merge pull request #3195 from diazjf/auth-tls-e2e
...
Add e2e Tests for AuthTLS
2018-10-19 03:02:43 -07:00
12fba876c3
Merge pull request #3270 from ukinau/Fix-3269-sort-should-be-done-before-pass-to-update-status
...
Don't sort IngressStatus from each Goroutine(update for each ingress)
2018-10-19 02:46:54 -07:00
4845daeb35
Don't sort IngressStatus from each Goroutine(update for each ingress)
...
Currently ingress controller try to update status for each ingress
resource in a parallel by using Goroutine, and inside this Goroutine we
are trying to sort same IngressStatus reference which is shared between
all Goroutine, this will break the original refrence if some Goroutine
tried to sort exact same time.
So we should have done sorting before passing reference to each
Goroutine to prevent from breaking original reference
fixes : #3269
2018-10-19 11:10:31 +08:00
b503c6bdeb
Add e2e Tests for AuthTLS
...
Adds E2E tests for the following annotations:
- auth-tls-secret
- auth-tls-verify-depth
- auth-tls-verify-client
- auth-tls-error-page
- auth-tls-pass-certificate-to-upstream
2018-10-18 20:09:21 -05:00
dc553d8f91
Refactor probe url requests
2018-10-15 16:29:32 -03:00
1b63ca355f
Improve dynamic lua confguration
2018-10-12 14:29:41 -03:00
9af9ef5fd9
Merge pull request #3230 from reactiveops/backoff-dynamic-config
...
Retry initial backend configuration
2018-10-12 10:01:21 -07:00
e0020e22d1
Switch to using wait.ExponentialBackoff
2018-10-12 09:19:20 -04:00
0baf62dd6a
Merge pull request #3222 from diazjf/add-timeouts-and-such
...
Allow Ability to Configure Upstream Keepalive
2018-10-12 06:15:09 -07:00
ee6bb942e5
Retry initial backend configuration
2018-10-12 00:12:59 -04:00
12955a4a1b
Allow Ability to Configure Upstream Keepalive
...
Allows Upstream Keepalive values like keepalive_timeout and
keepalive_requests to be configured via ConfigMap.
Fixes #3099
2018-10-11 20:46:42 -05:00
4c46ee95c9
Update leader election methods
2018-10-10 21:46:45 -03:00
3038da8719
Merge pull request #3215 from hchenxa/hchenxa
...
align opentracing user-guide with nginx configmap configuration
2018-10-10 06:56:15 -07:00
3edf11b85f
Merge pull request #3198 from aledbf/only-dynamic
...
Only support dynamic configuration
2018-10-10 05:07:34 -07:00
f8052385f9
aline opentracing user-guide with nginx configmap configuration
2018-10-10 11:25:53 +08:00
74c2f93de6
Only support dynamic configuration
2018-10-09 22:05:45 -03:00
f56ab42cd2
Merge pull request #3194 from bshelton229/literal-dollar-character
...
Make literal $ character work in set $location_path
2018-10-09 15:52:39 -07:00
3686e4f366
Move escapeLocationPathVar to escapeLiteralDollar
2018-10-09 12:58:50 -07:00
78f12c25c5
delete upstream healthcheck annotation
2018-10-09 09:14:13 -04:00
859b298d42
Remove annotations grpc-backend and secure-backend already deprecated
2018-10-08 12:26:06 -03:00
3dc131bd57
Make literal $ character work in set $location_path
2018-10-07 12:58:39 -07:00
44bdc7eb59
Remove support for TCP and UDP services
2018-10-07 10:53:37 -03:00
bd3f56eaa0
allow curly braces to be used in regex paths
2018-10-04 10:58:38 -04:00
d9f58144eb
Merge pull request #3145 from Shopify/regex-modifier
...
Add "use-regex" Annotation to Toggle Regular Expression Location Modifier
2018-10-01 11:31:43 -07:00
f29bdc3e8d
Add 'use regex' annotation to toggle nginx regex location modifier
2018-10-01 13:54:11 -04:00
a7c2633e4e
remove payload from log ( #3135 )
2018-09-26 12:09:14 -03:00
b3a22f7fc0
do not require --default-backend-service
2018-09-25 21:14:28 -04:00
6393ca6aaf
Merge pull request #2997 from StarOfService/global-block-ip-ua-ref
...
Provide possibility to block IPs, User-Agents and Referers globally
2018-09-25 05:51:56 -07:00
7212d0081b
Provide possibility to block CIDRs, User-Agents and Referers globally
2018-09-25 14:16:20 +03:00
5cca38304e
Fix tests
2018-09-22 15:09:54 -03:00
55ccaf4be3
Update prometheus methods
2018-09-22 14:54:11 -03:00
9766ad8f4b
Filter hostnames before creation of metrics
2018-09-22 14:25:57 -03:00
91ae204f6c
Replace standard json encoding with jsoniter
2018-09-22 14:25:01 -03:00
0de19c8062
Fix/add unit tests; Styling changes
2018-09-14 15:07:57 -04:00
0e6f0bb88d
enforce ^~ location modifier when rewrite-target annotation is set
2018-09-13 10:39:52 -04:00
281318b4b6
Replace client-go deprecated method
2018-09-10 14:42:10 -03:00
361f06b791
Join host/port with go helper (supports ipv6)
2018-09-09 16:34:18 -03:00
66486203db
fix: Don't try and find local certs when secretName is not specified
...
Fixes #3048
2018-09-06 11:35:16 +01:00
3f6314aa2f
Merge pull request #3016 from diazjf/better-logging
...
Log Errors Missing in Internal
2018-09-05 05:18:33 -07:00
9099f3b4db
add support for http2-max-requests in configmap
2018-09-02 23:53:30 -06:00
a92555f4cb
Merge pull request #3017 from diazjf/more-e2e-1
...
Add e2e tests for CORS
2018-09-02 16:00:41 -07:00
2a990d2d2c
Add e2e tests for CORS and more
...
Adds the missing e2e tests for Cross-Origin Resource Sharing(CORS).
This will include all the CORS annotations. Also adds more unit tests.
2018-09-01 16:14:52 -05:00
b0e242fe73
Add support for valgrind
2018-08-30 21:32:06 -03:00
10de8cac56
Log Errors Missing in Internal
...
Adds a few missing errors and fix formatting for others.
Fixes #3013
2018-08-30 15:02:42 -05:00
16fce7444f
Check if cgroup cpu limits are defined to get the number of CPUs
2018-08-25 18:34:44 -03:00
db947e344e
Fix formatting args
2018-08-25 12:18:28 -03:00
cbf041fc3e
Add Lua module to serve SSL Certificates dynamically
2018-08-23 22:15:54 -04:00
dc952dc462
consistently fallback to default certificate when TLS is configured
2018-08-22 20:53:25 -04:00
c083599a4b
Merge pull request #2899 from jeroenvand/jvd-fix-rewrite
...
fixed rewrites for paths not ending in /
2018-08-19 02:49:22 -07:00
2207d7694d
batch metrics and flush periodically
2018-08-18 13:17:21 -04:00
7faf089082
Add dynamic certificate feature to controller
2018-08-16 20:19:33 -04:00
b5bcb93a4b
Merge branch 'master' into xff
2018-08-16 18:15:14 +02:00
e428095e3c
fixed rewrites for paths not ending in /
2018-08-15 21:15:40 +02:00
3f5af6eecf
Merge pull request #2889 from hnrytrn/dynamic-cert-endpoint
...
Add Lua endpoint to support dynamic certificate serving functionality
2018-08-13 10:49:43 -07:00
f311668625
Add misspell target
2018-08-11 08:26:14 -04:00
6d9772ce00
fix: Sort TCP/UDP upstream order ( #2885 )
...
Fixes #2721
2018-08-10 07:09:14 -04:00
7af93e03c7
Add annotation backend-protocol
2018-08-07 08:59:38 -04:00
5200a38bd7
Add lua endpoint to handle certificates in dynamic configuration mode
2018-08-07 08:18:34 -04:00
123ffc0c38
Fix IPV6 detection
2018-08-06 13:05:32 -04:00
7f7f59df79
Merge pull request #2894 from aledbf/authbind
...
Use authbind to bind privileged ports
2018-08-05 08:43:43 -07:00
b148f113ae
Use authbind to bind privileged ports
2018-08-05 11:18:50 -04:00
9b3207d4c6
Merge pull request #2897 from aledbf/enable-reuseport
...
Enable reuse-port by default
2018-08-04 19:43:43 -07:00
Kubernetes Prow Robot
Maxime Ginters
Archangel_SDY
Zhenhai Gao
Manuel Alejandro de Brito Fontes
Elvin Efendi
Andre Marianiello
Conor Landry
Zenara Daley
Fernando Diaz
mikeweiwei
xichengliudui
mooncake
SataQiu
jasongwartz
Adnan Baruni
liuwei
Maximilian Bode
Henry Tran
Desmond Ho
Aarni Koskela
Yuki Nishiwaki
Corey O'Brien
Hui Chen
Bryan Shelton
Zenara Daley
Pavel Sinkevych
Mike Bryant
Derek Perkins
Dario Nieuwenhuis
Jeroen van Dongen
Mike Bryant