DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1893 commits 5 branches 219 tags 137 MiB
Commit graph

910 commits

Author SHA1 Message Date
Giancarlo Rubio
a2edde35fc fix some broken links 
upgrade all nginx examples to latest version
moved some examples from contrib to this repo
 2017-03-08 22:22:31 +01:00
Tony Li
62fcc400b8 add debug info and fix spelling 2017-03-08 12:55:33 -05:00
Gorka Lerchundi Osa
e1c1dfadc7 allow specifying custom dh param 
fixes #162
 2017-03-08 15:32:32 +01:00
Giancarlo Rubio
63b5f2f1c5 add configuration to disable listening on ipv6 2017-03-08 13:29:02 +01:00
Manuel Alejandro de Brito Fontes
f1062e07bc Merge pull request #369 from xialonglee/patch-1 
Minor text fix for "ApiServer"
 2017-03-08 07:09:32 -03:00
Nick Sardo
31eab3880b Merge pull request #384 from timstclair/busybox 
Rebase GLBC on alpine:3.5
 2017-03-07 17:19:17 -08:00
Manuel Alejandro de Brito Fontes
d6620ead2c Merge pull request #397 from aledbf/fix-external-auth 
Fix external auth
 2017-03-07 21:36:53 -03:00
Nick Sardo
61a03033f7 Merge pull request #386 from itamaro/patch-1 
Fix glbc usage string
 2017-03-07 15:08:17 -08:00
Tony Li
7000924dc5 GCE pre-shared cert fixes (#395) 
* pick up changes to the external cert referenced by lb

* less prone way to check if cert should be deleted
 2017-03-07 15:05:21 -08:00
Manuel de Brito Fontes
bebd596b3f Listen customization must be done just in one place 2017-03-07 19:50:24 -03:00
Tim St. Clair
1023056c3b
Rebase GLBC on busybox 2017-03-07 13:49:43 -08:00
Tony Li
e1d1445370 GCE/GKE "pre-shared" TLS cert (#291) 
* add allow-named-tls annotation

* works for setting tls

* fix logs (mostly)

* add ssl cert annotation

* return an error when cert not found

* use annotation if specified, otherwise use spec

* add TODO on naming

* use the annotation key from k8s

* add unit test for HTTPS LB w/ cert annotation

* refactor logic and check for error

* move annotation to controller package

* remove todo for function naming
 2017-03-07 13:42:41 -08:00
craigmonson
6e6aae6c29 Update README.md 
fix broken link to config maps
 2017-03-07 15:09:50 -05:00
Manuel de Brito Fontes
484bd43111 Fix http2 header size 2017-03-07 14:42:59 -03:00
Victor Unegbu
dfdcdfde0b remove tmp nginx-diff files 2017-03-07 09:59:10 -06:00
Itamar Ostricher
6f3139a79e Fix glbc usage string 
1. Typo in `glbc` binary name
2. Typo in `running-in-cluster` flag
3. Remove non-existing flag `--default-backend-node-port`
 2017-03-07 12:09:12 +02:00
chentao1596
1417a3a818 add copyright 2017-03-07 15:34:31 +08:00
Nick Sardo
a6e38221ee Merge pull request #278 from csbell/fw-name 
Extend ConfigMap to store fwrule names
 2017-03-06 10:37:20 -08:00
Manuel de Brito Fontes
f0c758eed2 Fix custom log format 2017-03-06 12:33:51 -03:00
Manuel Alejandro de Brito Fontes
de8b9b8df2 Merge pull request #370 from foxylion/force-ssl-redirect-documentation 
Add documentation for ingress.kubernetes.io/force-ssl-redirect
 2017-03-05 22:11:05 -03:00
Manuel de Brito Fontes
cd924f5522 Avoid duplication of ReadConfig function 2017-03-04 18:35:33 -03:00
Manuel de Brito Fontes
1473f64fb0 Remove SPDY reference 2017-03-04 18:35:33 -03:00
Manuel de Brito Fontes
3c0fb01ba2 Add warning when the ingress controller uses a custom class 2017-03-04 18:35:33 -03:00
Manuel de Brito Fontes
2399be867e Cleanup custom log format configuration 2017-03-04 18:35:33 -03:00
Jakob Jarosch
74d57c9502 Add documentation for ingress.kubernetes.io/force-ssl-redirect 
refs #314 #365
 2017-03-03 20:29:43 +01:00
Peter Lee
0b6f4d2770 Minor text fix for "ApiServer" 
It looks a little weird to apply camel case style for the noun "apiserver", i didn't see somewhere else spelling it in that way.
 2017-03-04 00:40:07 +08:00
Manuel Alejandro de Brito Fontes
75124bc9f1 Merge pull request #356 from gianrubio/patch-1 
Disable listen only on ipv6 and fix proxy_protocol
 2017-03-03 09:50:43 -03:00
Manuel Alejandro de Brito Fontes
6cd21f7dea Merge pull request #362 from gianrubio/fix-ingress-class 
Fix ingress class
 2017-03-03 09:49:59 -03:00
Manuel Alejandro de Brito Fontes
3b2f668f39 Merge pull request #367 from gianrubio/customize-logformat 
BuildLogFormatUpstream was always using the default log-format
 2017-03-03 09:43:48 -03:00
Manuel Alejandro de Brito Fontes
9f39abc019 Merge pull request #365 from pwillie/forcesslredirect 
add ForceSSLRedirect ingress annotation
 2017-03-03 09:05:02 -03:00
Giancarlo Rubio
1e5081baf2 BuildLogFormatUpstream function was always using the default log-format-upstream, 2017-03-03 13:03:49 +01:00
caiyixiang
482293b99d add_judgment 2017-03-03 15:17:32 +08:00
Peter Wilson
1a72b3f775 add ForceSSLRedirect ingress annotation 2017-03-03 16:44:29 +11:00
Aaron Roydhouse
336f3cb108 Fix error caused by increasing proxy_buffer_size (#363) 
This fixes the bug raised in #363, by increasing the size of the proxy_buffers (memory allocation) to match the size of the proxy buffer. This leaves the default values (with no ingress setting) unchanged:
```
proxy_buffer_size      4k
proxy_buffers            4 4k
```
If 'proxy-buffer-size' is set, then now both the buffer size and the memory allocation size is increased:
```
proxy_buffer_size     "{{ $location.Proxy.BufferSize }}";
proxy_buffers           4 "{{ $location.Proxy.BufferSize }}";
```
I have been using this patch with 0.8.3 and 0.9.0-beta.2.
 2017-03-02 16:11:27 -05:00
rsafronov
05526e4a66 Merge remote-tracking branch 'upstream/master' into nginx/extauth_headers 
# Conflicts:
#	controllers/nginx/pkg/template/template.go
 2017-03-02 14:46:18 -05:00
Christian Bell
68097e96dc Better logging and address review comments 2017-03-02 10:54:32 -08:00
Giancarlo Rubio
2ddba72baa Fix ingress class 2017-03-02 16:50:31 +01:00
Giancarlo Rubio
0ca3aef0f5 Add ability to customize upstream and stream log format 2017-03-01 18:47:11 +01:00
Giancarlo Rubio
90fdea751b Disable listen only on ipv6 and fix proxy_protocol 
- Always listen on ipv4 address for port 443
- Rollback previous PR #227 that broke the proxy_protocol when passthroughBackends is disabled
 2017-03-01 15:31:00 +01:00
Christian Bell
b259c9b349 First stab at extending the "uid" configmap to store firewall 
rule information.
 2017-02-28 10:49:31 -08:00
rsafronov
d3b952552a minor: formatting 2017-02-27 16:34:42 -05:00
electroma
c8eda8f17f Merge branch 'master' into nginx/extauth_headers 2017-02-27 16:28:11 -05:00
Manuel de Brito Fontes
02d44ccbaa Fix client source IP address 2017-02-26 19:01:07 -03:00
Manuel Alejandro de Brito Fontes
0aabfba848 Merge pull request #235 from rikatz/ingress-ssl-auth 
Adds correct support for TLS Muthual autentication
 2017-02-25 20:34:28 -03:00
Piotr Szczesniak
fd7990de67 Expose Prometheus metrics in glbc controller 2017-02-25 18:30:00 +01:00
Manuel Alejandro de Brito Fontes
8f23451c24 Merge pull request #221 from tonglil/typos 
Typo: unittesting -> unit testing
 2017-02-25 08:12:53 -03:00
Manuel Alejandro de Brito Fontes
712b60f197 Merge pull request #222 from tonglil/fix-log-message 
Change arg ordering in log message
 2017-02-25 08:12:41 -03:00
Manuel Alejandro de Brito Fontes
3f2592128c Merge pull request #224 from tonglil/check-error 
Check for error getting cert
 2017-02-25 08:12:25 -03:00
Ricardo Pchevuzinske Katz
a342c0bce3 Adds correct support for TLS Muthual autentication and depth verification 
modified:   controllers/nginx/configuration.md
	modified:   controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
	modified:   core/pkg/ingress/annotations/authtls/main.go
	modified:   core/pkg/ingress/controller/backend_ssl.go
	modified:   core/pkg/ingress/controller/controller.go
	modified:   core/pkg/ingress/controller/util_test.go
	modified:   core/pkg/ingress/resolver/main.go
	modified:   core/pkg/ingress/types.go
	modified:   core/pkg/net/ssl/ssl.go
	modified:   examples/PREREQUISITES.md
	new file:   examples/auth/client-certs/nginx/README.md
	new file:   examples/auth/client-certs/nginx/nginx-tls-auth.yaml
 2017-02-24 22:49:01 -03:00
Manuel de Brito Fontes
84324af140 Refactoring of TCP and UDP services 2017-02-24 20:14:43 -03:00