Release NGINX: 0.26.0 · kubernetes/ingress-nginx

Image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.0

New Features:

Add support for NGINX proxy_ssl_* directives
Add support for FastCGI backends
Only support SSL dynamic mode
Add nginx ssl_early_data option support
Add support for multiple alias and remove duplication of SSL certificates
Support configuring basic auth credentials as a map of user/password hashes
Caching support for external authentication annotation with new annotations auth-cache-key and auth-cache-duration
Allow Requests to be Mirrored to different backends #4379
Improve connection draining when ingress controller pod is deleted using a lifecycle hook:

With this new hook, we increased the default terminationGracePeriodSeconds from 30 seconds to 300, allowing the draining of connections up to five minutes.

If the active connections end before that, the pod will terminate gracefully at that time.

To efectively take advantage of this feature, the Configmap feature worker-shutdown-timeout new value is 240s instead of 10s.

IMPORTANT: this value has a side effect during reloads, consuming more memory until the old NGINX workers are replaced.
```
lifecycle:
  preStop:
    exec:
      command:
        - /wait-shutdown
```
mimalloc as a drop-in replacement for malloc.

This feature can be enabled using the LD_PRELOAD environment variable in the ingress controller deployment

Example:
```
env:
- name: LD_PRELOAD
  value: /usr/local/lib/libmimalloc.so
```
Please check the additional options it provides.

Breaking Changes:

The variable $the_real_ip variable was removed from template and default log_format.
The default value of configmap setting proxy-add-original-uri-header is now "false".

When the setting proxy-add-original-uri-header is "true", the ingress controller adds a new header X-Original-Uri with the value of NGINX variable $request_uri.

In most of the cases this is not an issue but with request with long URLs it could lead to unexpected errors in the application defined in the Ingress serviceName,
like issue 4593 - 431 Request Header Fields Too Large

Non-functional improvements:

Removal of internal NGINX unix sockets
Automation of NGINX image using terraform scripts

Removal of Go profiling on port :10254 to use localhost:10255

To profile the ingress controller Go binary, use:

INGRESS_PODS=($(kubectl get pods -n ingress-nginx -l app.kubernetes.io/name=ingress-nginx -o 'jsonpath={..metadata.name}'))
kubectl port-forward -n ingress-nginx pod/${INGRESS_PODS[0]} 10255

Complete changelog here

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

NGINX: 0.26.0