NGINX: 0.26.0
Image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.0
New Features:
-
Add support for NGINX proxy_ssl_* directives
-
Add support for FastCGI backends
-
Add support for multiple alias and remove duplication of SSL certificates
-
Support configuring basic auth credentials as a map of user/password hashes
-
Caching support for external authentication annotation with new annotations auth-cache-key and auth-cache-duration
-
Allow Requests to be Mirrored to different backends #4379
-
Improve connection draining when ingress controller pod is deleted using a lifecycle hook:
With this new hook, we increased the default
terminationGracePeriodSeconds
from 30 seconds to 300, allowing the draining of connections up to five minutes.If the active connections end before that, the pod will terminate gracefully at that time.
To efectively take advantage of this feature, the Configmap feature worker-shutdown-timeout new value is
240s
instead of10s
.IMPORTANT: this value has a side effect during reloads, consuming more memory until the old NGINX workers are replaced.
lifecycle: preStop: exec: command: - /wait-shutdown
-
mimalloc as a drop-in replacement for malloc.
This feature can be enabled using the LD_PRELOAD environment variable in the ingress controller deployment
Example:
env: - name: LD_PRELOAD value: /usr/local/lib/libmimalloc.so
Please check the additional options it provides.
Breaking Changes:
-
The variable $the_real_ip variable was removed from template and default
log_format
. -
The default value of configmap setting proxy-add-original-uri-header is now
"false"
.When the setting
proxy-add-original-uri-header
is"true"
, the ingress controller adds a new headerX-Original-Uri
with the value of NGINX variable$request_uri
.In most of the cases this is not an issue but with request with long URLs it could lead to unexpected errors in the application defined in the Ingress serviceName,
like issue 4593 - 431 Request Header Fields Too Large
Non-functional improvements:
-
Automation of NGINX image using terraform scripts
-
Removal of Go profiling on port
:10254
to uselocalhost:10255
To profile the ingress controller Go binary, use:
INGRESS_PODS=($(kubectl get pods -n ingress-nginx -l app.kubernetes.io/name=ingress-nginx -o 'jsonpath={..metadata.name}')) kubectl port-forward -n ingress-nginx pod/${INGRESS_PODS[0]} 10255
Complete changelog here