merge from master

2018-11-02 13:13:24 +08:00 · 2018-11-02 13:13:24 +08:00 · ce6e564f82
commit ce6e564f82
parent 6d2d42ee0b 7982beb5f2
86 changed files with 1448 additions and 3530 deletions
--- a/internal/ingress/controller/checker.go
+++ b/internal/ingress/controller/checker.go
@ -38,7 +38,8 @@ func (n NGINXController) Name() string {
 func (n *NGINXController) Check(_ *http.Request) error {

 	url := fmt.Sprintf("http://127.0.0.1:%v%v", n.cfg.ListenPorts.Status, ngxHealthPath)
-	statusCode, err := simpleGet(url)
+	timeout := n.cfg.HealthCheckTimeout
+	statusCode, err := simpleGet(url, timeout)
 	if err != nil {
 		return err
 	}
@ -48,7 +49,7 @@ func (n *NGINXController) Check(_ *http.Request) error {
 	}

 	url = fmt.Sprintf("http://127.0.0.1:%v/is-dynamic-lb-initialized", n.cfg.ListenPorts.Status)
-	statusCode, err = simpleGet(url)
+	statusCode, err = simpleGet(url, timeout)
 	if err != nil {
 		return err
 	}
@ -75,9 +76,9 @@ func (n *NGINXController) Check(_ *http.Request) error {
 	return err
 }

-func simpleGet(url string) (int, error) {
+func simpleGet(url string, timeout time.Duration) (int, error) {
 	client := &http.Client{
-		Timeout:   10 * time.Second,
+		Timeout:   timeout * time.Second,
 		Transport: &http.Transport{DisableKeepAlives: true},
 	}

--- a/internal/ingress/controller/config/config.go
+++ b/internal/ingress/controller/config/config.go
@ -102,10 +102,10 @@ type Configuration struct {
 	// By default access logs go to /var/log/nginx/access.log
 	AccessLogPath string `json:"access-log-path,omitempty"`

-	// WorkerCpuAffinity bind nginx worker processes to CPUs this will improve response latency
+	// WorkerCPUAffinity bind nginx worker processes to CPUs this will improve response latency
 	// http://nginx.org/en/docs/ngx_core_module.html#worker_cpu_affinity
 	// By default this is disabled
-	WorkerCpuAffinity string `json:"worker-cpu-affinity,omitempty"`
+	WorkerCPUAffinity string `json:"worker-cpu-affinity,omitempty"`
 	// ErrorLogPath sets the path of the error logs
 	// http://nginx.org/en/docs/ngx_core_module.html#error_log
 	// By default error logs go to /var/log/nginx/error.log
@ -347,6 +347,10 @@ type Configuration struct {
 	// http://nginx.org/en/docs/http/ngx_http_geoip_module.html
 	UseGeoIP bool `json:"use-geoip,omitempty"`

+	// UseGeoIP2 enables the geoip2 module for NGINX
+	// By default this is disabled
+	UseGeoIP2 bool `json:"use-geoip2,omitempty"`
+
 	// Enables or disables the use of the NGINX Brotli Module for compression
 	// https://github.com/google/ngx_brotli
 	EnableBrotli bool `json:"enable-brotli,omitempty"`
@ -438,11 +442,11 @@ type Configuration struct {

 	// If the request does not have a request-id, should we generate a random value?
 	// Default: true
-	GenerateRequestId bool `json:"generate-request-id,omitempty"`
+	GenerateRequestID bool `json:"generate-request-id,omitempty"`

 	// Adds an X-Original-Uri header with the original request URI to the backend request
 	// Default: true
-	ProxyAddOriginalUriHeader bool `json:"proxy-add-original-uri-header"`
+	ProxyAddOriginalURIHeader bool `json:"proxy-add-original-uri-header"`

 	// EnableOpentracing enables the nginx Opentracing extension
 	// https://github.com/opentracing-contrib/nginx-opentracing
@ -570,7 +574,7 @@ func NewDefault() Configuration {
 	cfg := Configuration{
 		AllowBackendServerHeader:   false,
 		AccessLogPath:              "/var/log/nginx/access.log",
-		WorkerCpuAffinity:          "",
+		WorkerCPUAffinity:          "",
 		ErrorLogPath:               "/var/log/nginx/error.log",
 		BlockCIDRs:                 defBlockEntity,
 		BlockUserAgents:            defBlockEntity,
@ -587,8 +591,8 @@ func NewDefault() Configuration {
 		UseForwardedHeaders:        true,
 		ForwardedForHeader:         "X-Forwarded-For",
 		ComputeFullForwardedFor:    false,
-		ProxyAddOriginalUriHeader:  true,
-		GenerateRequestId:          true,
+		ProxyAddOriginalURIHeader:  true,
+		GenerateRequestID:          true,
 		HTTP2MaxFieldSize:          "4k",
 		HTTP2MaxHeaderSize:         "16k",
 		HTTP2MaxRequests:           1000,
@ -630,6 +634,7 @@ func NewDefault() Configuration {
 		EnableBrotli:               false,
 		UseGzip:                    true,
 		UseGeoIP:                   true,
+		UseGeoIP2:                  false,
 		WorkerProcesses:            strconv.Itoa(runtime.NumCPU()),
 		WorkerShutdownTimeout:      "10s",
 		LoadBalanceAlgorithm:       defaultLoadBalancerAlgorithm,
--- a/internal/ingress/controller/controller.go
+++ b/internal/ingress/controller/controller.go
@ -61,6 +61,7 @@ type Configuration struct {
 	ForceNamespaceIsolation bool

 	DefaultHealthzURL     string
+	HealthCheckTimeout    time.Duration
 	DefaultSSLCertificate string

 	// +optional
--- a/internal/ingress/controller/nginx.go
+++ b/internal/ingress/controller/nginx.go
@ -18,7 +18,6 @@ package controller

 import (
 	"bytes"
-	"context"
 	"encoding/json"
 	"errors"
 	"fmt"
@ -257,7 +256,7 @@ func (n *NGINXController) Start() {
 	n.store.Run(n.stopCh)

 	if n.syncStatus != nil {
-		go n.syncStatus.Run(context.Background())
+		go n.syncStatus.Run()
 	}

 	cmd := nginxExecCommand()
@ -812,12 +811,7 @@ func configureCertificates(pcfg *ingress.Configuration, port int) error {
 	}

 	url := fmt.Sprintf("http://localhost:%d/configuration/servers", port)
-	err := post(url, servers)
-	if err != nil {
-		return err
-	}
-
-	return nil
+	return post(url, servers)
 }

 func post(url string, data interface{}) error {
--- a/internal/ingress/controller/template/configmap_test.go
+++ b/internal/ingress/controller/template/configmap_test.go
@ -90,7 +90,7 @@ func TestMergeConfigMapToStruct(t *testing.T) {
 	def.WorkerShutdownTimeout = "99s"
 	def.NginxStatusIpv4Whitelist = []string{"127.0.0.1", "10.0.0.0/24"}
 	def.NginxStatusIpv6Whitelist = []string{"::1", "2001::/16"}
-	def.ProxyAddOriginalUriHeader = false
+	def.ProxyAddOriginalURIHeader = false

 	hash, err := hashstructure.Hash(def, &hashstructure.HashOptions{
 		TagName: "json",
--- a/internal/ingress/controller/template/template.go
+++ b/internal/ingress/controller/template/template.go
@ -209,8 +209,6 @@ func buildLuaSharedDictionaries(s interface{}, disableLuaRestyWAF bool) string {
 		"lua_shared_dict configuration_data 5M",
 		"lua_shared_dict certificate_data 16M",
 		"lua_shared_dict locks 512k",
-		"lua_shared_dict balancer_ewma 1M",
-		"lua_shared_dict balancer_ewma_last_touched_at 1M",
 		"lua_shared_dict sticky_sessions 1M",
 	}

@ -724,19 +722,6 @@ func buildUpstreamName(loc interface{}) string {
 	return upstreamName
 }

-// TODO: Needs Unit Tests
-func isSticky(host string, loc *ingress.Location, stickyLocations map[string][]string) bool {
-	if _, ok := stickyLocations[host]; ok {
-		for _, sl := range stickyLocations[host] {
-			if sl == loc.Path {
-				return true
-			}
-		}
-	}
-
-	return false
-}
-
 func buildNextUpstream(i, r interface{}) string {
 	nextUpstream, ok := i.(string)
 	if !ok {