2020 archive

1.9.1

23 November 2020

Dependencies

  • Update the base ubi images to 8.3.

Features

  • Fix deployment of ingressclass resource via helm on some versions of Kubernetes.
  • Renew CA cert for egress-mtls example.
  • Add imagePullSecretName support to helm chart.

Upgrade

  • For NGINX, use the 1.9.1 image from our DockerHub: nginx/nginx-ingress:1.9.1, nginx/nginx-ingress:1.9.1-alpine or nginx/nginx-ingress:1.9.1-ubi
  • For NGINX Plus, please build your own image using the 1.9.1 source code.
  • For Helm, use version 0.7.1 of the chart.

1.9.0

20 October 2020

Overview

Release 1.9.0 includes:

  • Support for new Prometheus metrics and enhancements of the existing ones, including configuration reload reason, NGINX worker processes count, upstream latency, and more.
  • Support for rate limiting, JWT authentication, ingress(client) and egress(upstream) mutual TLS via the Policy resource.
  • Support for the latest Ingress resource features and the IngressClass resource.
  • Support for NGINX Service Mesh.

You will find the complete changelog for release 1.9.0, including bug fixes, improvements, and changes below.

Features

  • 1180 Add support for EgressMTLS.
  • 1166 Add IngressMTLS policy support.
  • 1154 Add JWT policy support.
  • 1120 Add RateLimit policy support.
  • 1058 Support policies in VS routes and VSR subroutes.
  • 1147 Add option to specify other log destinations in AppProtect.
  • 1131 Update packages and CRDs to AppProtect 2.0. This update includes features such as JSON Schema Validation and User-defined URLs and parameters. See the release notes for a complete feature list.
  • 1100 Add external references to AppProtect.
  • 1085 Add installation of threat campaigns package.
  • 1133 Add support for IngressClass resources.
  • 1130 Add prometheus latency collector.
  • 1076 Add prometheus worker process metrics.
  • 1075 Add support for NGINX Service Mesh internal routes.
  • 1178 Resolve host collisions in VirtualServer and Ingresses.
  • 1158 Support variables in action proxy headers.
  • 1137 Add pod_owner label to metrics when -spire-agent-address is set.
  • 1107 Extend Upstream Servers with pod_name label.
  • 1099 Add reason label to total_reload metrics.
  • 1088 Extend Upstream Servers and Server Zones metrics, thanks to Raúl.
  • 1080 Support pathType field in the Ingress resource.
  • 1078 Remove trailing blank lines in vs/vsr snippets.
  • Documentation improvements: 1083, 1092, 1089, 1174, 1175, 1171.

Fixes

  • 1179 Fix TransportServers in debian AppProtect image.
  • 1129 Support real-ip in default server.
  • 1110 Add missing threat campaigns key to AppProtect CRD.

Helm Chart

  • 1105 Fix GlobalConfiguration support in helm chart.
  • Add new parameters to the Chart: controller.setAsDefaultIngress, controller.enableLatencyMetrics. Added in 1133 and 1148.

Dependencies

  • 1182 Update NGINX version to 1.19.3.

Upgrade

  • For NGINX, use the 1.9.0 image from our DockerHub: nginx/nginx-ingress:1.9.0, nginx/nginx-ingress:1.9.0-alpine or nginx-ingress:1.9.0-ubi
  • For NGINX Plus, please build your own image using the 1.9.0 source code.
  • For Helm, use version 0.7.0 of the chart.

For Kubernetes >= 1.18, when upgrading using Manifests, make sure to update the ClusterRole and create the IngressClass resource, which is required for Kubernetes >= 1.18. Otherwise, the Ingress Controller will fail to start. If you run multiple NGINX Ingress Controllers in the cluster, each Ingress Controller must have its own IngressClass resource. As the -use-ingress-class-only argument is now ignored (see NOTES), make sure your Ingress resources have the ingressClassName field or the kubernetes.io/ingress.class annotation set to the name of the IngressClass resource. Otherwise, the Ingress Controller will ignore them.

Helm Upgrade

  • If you’re using custom resources like VirtualServer and TransportServer (controller.enableCustomResources is set to true), after you run the helm upgrade command, the CRDs will not be upgraded. After running the helm upgrade command, run kubectl apply -f deployments/helm-chart/crds to upgrade the CRDs.
  • For Kubernetes >= 1.18, a dedicated IngressClass resource, which is configured by controller.ingressClass, is required per helm release. Ensure controller.ingressClass is not set to the name of the IngressClass of other releases or Ingress Controllers. As the controller.useIngressClassOnly parameter is now ignored (see NOTES), make sure your Ingress resources have the ingressClassName field or the kubernetes.io/ingress.class annotation set to the value of controller.ingressClass. Otherwise, the Ingress Controller will ignore them.

Notes

  • When using Kubernetes >= 1.18, the -use-ingress-class-only command-line argument is now ignored, and the Ingress Controller will only process resources that belong to its class. See IngressClass doc for more details.
  • For Kubernetes >= 1.18, a dedicated IngressClass resource, which is configured by controller.ingressClass, is required per helm release. When upgrading or installing releases, ensure controller.ingressClass is not set to the name of the IngressClass of other releases or Ingress Controllers.

1.8.1

14 August 2020

Dependencies

  • Update NGINX version to 1.19.2.

Upgrade

  • For NGINX, use the 1.8.1 image from our DockerHub: nginx/nginx-ingress:1.8.1, nginx/nginx-ingress:1.8.1-alpine or nginx/nginx-ingress:1.8.1-ubi
  • For NGINX Plus, please build your own image using the 1.8.1 source code.
  • For Helm, use version 0.6.1 of the chart.

1.8.0

22 July 2020

Overview

Release 1.8.0 includes:

  • Support for NGINX App Protect Web Application Firewall.
  • Support for configuration snippets and custom template for VirtualServer and VirtualServerRoute resources.
  • Support for request/response header manipulation and request URI rewriting for VirtualServer/VirtualServerRoute.
  • Introducing a new configuration resource - Policy - with the first policy for IP-based access control.

You will find the complete changelog for release 1.8.0, including bug fixes, improvements, and changes below.

FEATURES FOR VIRTUALSERVER AND VIRTUALSERVERROUTE RESOURCES:

  • 1036: Add VirtualServer custom template support.
  • 1028: Add access control policy.
  • 1019: Add VirtualServer/VirtualServerRoute snippets support.
  • 1006: Add request/response modifiers to VS and VSR.
  • 994: Support Class Field in VS/VSR.
  • 973: Add status to VirtualServer and VirtualServerRoute.

Features

  • 1035: Support for App Protect module.
  • 1029: Add readiness endpoint.
  • 995: Emit event for orphaned VirtualServerRoutes.
  • 1029: Add readiness endpoint. The Ingress Controller now exposes a readiness endpoint on port 8081 and the path /nginx-ready. The endpoint returns a 200 response after the Ingress Controller finishes the initial configuration of NGINX at the start. The pod template was updated to use that endpoint in a readiness probe.
  • 980: Enable leader election by default.
  • Documentation improvements: 946 thanks to 谭九鼎, 948, 972, 965.

Fixes

  • 1030: Fix port range validation in cli arguments.
  • 953: Fix error logging of master/minion ingresses.

Helm Chart

  • Add new parameters to the Chart: controller.appprotect.enable, controller.globalConfiguration.create, controller.globalConfiguration.spec, controller.readyStatus.enable, controller.readyStatus.port, controller.config.annotations, controller.reportIngressStatus.annotations. Added in 1035, 1034, 1029, 1003 thanks to RubyLangdon.
  • 1047 and 1009: Change how Helm manages the custom resource definitions (CRDs) to support installing multiple Ingress Controller releases. Note: If you’re using the custom resources (controller.enableCustomResources is set to true), this is a breaking change. See the HELM UPGRADE section below for the upgrade instructions.

Dependencies

  • Update NGINX version to 1.19.1.
  • Update NGINX Plus to R22.

Upgrade

  • For NGINX, use the 1.8.0 image from our DockerHub: nginx/nginx-ingress:1.8.0, nginx/nginx-ingress:1.8.0-alpine or nginx-ingress:1.8.0-ubi
  • For NGINX Plus, please build your own image using the 1.8.0 source code.
  • For Helm, use version 0.6.0 of the chart.

Helm Upgrade

If you’re using custom resources like VirtualServer and TransportServer (controller.enableCustomResources is set to true), after you run the helm upgrade command, the CRDs and the corresponding custom resources will be removed from the cluster. Before upgrading, make sure to back up the custom resources. After running the helm upgrade command, run kubectl apply -f deployments/helm-chart/crds to re-install the CRDs and then restore the custom resources.

Notes

  • As part of installing a release, Helm will install the CRDs unless that step is disabled (see the corresponding doc. The installed CRDs include the CRDs for all Ingress Controller features, including the ones disabled by default (like App Protect with aplogconfs.appprotect.f5.com and appolicies.appprotect.f5.com CRDs).

1.7.2

23 June 2020

Dependencies

  • Update NGINX Plus version to R22.

Upgrade

  • For NGINX, use the 1.7.2 image from our DockerHub: nginx/nginx-ingress:1.7.2, nginx/nginx-ingress:1.7.2-alpine or nginx/nginx-ingress:1.7.2-ubi
  • For NGINX Plus, please build your own image using the 1.7.2 source code.
  • For Helm, use version 0.5.2 of the chart.

1.7.1

4 June 2020

Dependencies

  • Update NGINX version to 1.19.0.

Upgrade

  • For NGINX, use the 1.7.1 image from our DockerHub: nginx/nginx-ingress:1.7.1, nginx/nginx-ingress:1.7.1-alpine or nginx/nginx-ingress:1.7.1-ubi
  • For NGINX Plus, please build your own image using the 1.7.1 source code.
  • For Helm, use version 0.5.1 of the chart.

1.7.0

30 April 2020

Overview

Release 1.7.0 includes:

  • Support for TCP, UDP, and TLS Passthrough load balancing with the new configuration resources: TransportServer and GlobalConfiguration. The resources allow users to deliver complex, non-HTTP-based applications from Kubernetes using NGINX Ingress Controller.
  • Support for error pages in VirtualServer and VirtualServerRoute resources. A user can now specify custom error responses for errors returned by backend applications or generated by NGINX, such as a 502 response.
  • Improved validation of VirtualServer and VirtualServerRoute resources. kubectl and the Kubernetes API server can now detect violations of the structure of VirtualServer/VirtualServerRoute resources and return an error.
  • Support for an operator which manages the lifecycle of the Ingress Controller on Kubernetes or OpenShift. See the NGINX Ingress Operator GitHub repo.

See the 1.7.0 release announcement blog post, which includes an overview of each feature.

You will find the complete changelog for release 1.7.0, including bug fixes, improvements, and changes below.

FEATURES FOR VIRTUALSERVER AND VIRTUALSERVERROUTE RESOURCES:

  • 868: Add OpenAPI CRD schema validation.
  • 847: Add support for error pages for VS/VSR.

Features

  • 902: Add TransportServer and GlobalConfiguration Resources.
  • 894: Add Dockerfile for NGINX Open Source for Openshift.
  • 857: Add Openshift Dockerfile for NGINX Plus.
  • 852: Add default-server-access-log-off to configmap.
  • 845: Add log-format-escaping and stream-log-format-escaping configmap keys. Thanks to Alexey Maslov.
  • 827: Add ingress class label to all Prometheus metrics.
  • 850: Extend redirect URI validation with protocol check in VS/VSR.
  • 832: Update the examples to run the nginxdemos/nginx-hello:plain-text image, that doesn’t require root user.
  • 825: Add multi-stage docker builds.
  • 852: Add default-server-access-log-off to configmap. The access logs for the default server are now enabled by default.
  • 847: Add support for error pages for VS/VSR. The PR affects how the Ingress Controller generates configuration for VirtualServer and VirtualServerRoutes. See this comment for more details.
  • 827: Add ingress class label to all Prometheus metrics. Every Prometheus metric exposed by the Ingress Controller now includes the label class with the value of the Ingress Controller class (by default nginx),
  • 825: Add multi-stage docker builds. When building the Ingress Controller image in Docker, we now use a multi-stage docker build.

Fixes

  • 828: Fix error messages for actions of the type return.

Helm Chart

  • Add new parameters to the Chart: controller.enableTLSPassthrough, controller.volumes, controller.volumeMounts, controller.priorityClassName. Added in 921, 878, 807 thanks to Greg Snow.

Dependencies

  • Update NGINX version to 1.17.10.
  • Update NGINX Plus to R21.
  • 854: Update the Debian base images for NGINX Plus to debian:buster-slim.

Upgrade

  • For NGINX, use the 1.7.0 image from our DockerHub: nginx/nginx-ingress:1.7.0, nginx/nginx-ingress:1.7.0-alpine or nginx-ingress:1.7.0-ubi
  • For NGINX Plus, please build your own image using the 1.7.0 source code.
  • For Helm, use version 0.5.0 of the chart.

When upgrading using the manifests, make sure to deploy the new TransportServer CRD (common/ts-definition.yaml), as it is required by the Ingress Controller. Otherwise, you will get error messages in the Ingress Controller logs.

1.6.3

6 March 2020

Dependencies

  • Update NGINX version to 1.17.9.

Upgrade

  • For NGINX, use the 1.6.3 image from our DockerHub: nginx/nginx-ingress:1.6.3 or nginx/nginx-ingress:1.6.3-alpine
  • For NGINX Plus, please build your own image using the 1.6.3 source code.
  • For Helm, use version 0.4.3 of the chart.

1.6.2

6 February 2020

Dependencies

  • Update NGINX version to 1.17.8.

Upgrade

  • For NGINX, use the 1.6.2 image from our DockerHub: nginx/nginx-ingress:1.6.2 or nginx/nginx-ingress:1.6.2-alpine
  • For NGINX Plus, please build your own image using the 1.6.2 source code.
  • For Helm, use version 0.4.2 of the chart.

1.6.1

14 January 2020

Dependencies

  • Update NGINX version to 1.17.7.

Upgrade

  • For NGINX, use the 1.6.1 image from our DockerHub: nginx/nginx-ingress:1.6.1 or nginx/nginx-ingress:1.6.1-alpine
  • For NGINX Plus, please build your own image using the 1.6.1 source code.
  • For Helm, use version 0.4.1 of the chart.
View source
Edit this page
Create a new issue