Skip to content
This repository has been archived by the owner on Apr 17, 2019. It is now read-only.

SSL-enabled Nginx Ingress Controller integrated Hashicorp Vault #2060

Closed
wants to merge 76 commits into from
Closed

SSL-enabled Nginx Ingress Controller integrated Hashicorp Vault #2060

wants to merge 76 commits into from

Conversation

devlinmr
Copy link

@devlinmr devlinmr commented Nov 18, 2016
edited by thockin
Loading

Based on the nginx-alpha controller, this adds functionality to configure SSL nginx servers for ingresses requiring it, pulling in certificates from Vault.

This is the controller demonstrated at KubeCon 2016 by Michael Ward (devoperandi.com) of Pearson.

See README.md.

This change is Reviewable

Martin Devlin added 30 commits March 9, 2016 13:01
Vault-enabled SSL ingress controller based on nginx-alpha
bbdf66e
Readme
915ad3c
Retouch README
e54c0e8
Add RC example, remove Makefile
6b6218f
Godeps
2e22f4d
Godeps
076d059
Mofify Godeps again
1d3cdad
More Gedeps
a0c835f
Godeps again
f662e78
Fix issue with restarts under load and logging to stdout with -s reload
7206437
Merge branch 'master' of github.com:devlinmr/contrib
d192f1b
Add default http block
0884a63
Add switches to enable Vault and handle ingresses without hosts
355f0b6
Vault-enabled SSL ingress controller based on nginx-alpha
148f1d0
Readme
201ac59
Retouch README
fd4d62e
Add RC example, remove Makefile
904704d
Godeps
23e96f5
Godeps
1133c46
Mofify Godeps again
9912089
More Gedeps
21fdbaa
Godeps again
136e640
Fix issue with restarts under load and logging to stdout with -s reload
a81d143
Add default http block
07102d9
Add switches to enable Vault and handle ingresses without hosts
17e8ec6
Vault-enabled SSL ingress controller based on nginx-alpha
e8f0c41
Readme
167df10
Add RC example, remove Makefile
098c547
Godeps
9ba0d17
Godeps
9097c9b
@bprashanth
Copy link

@devlinmr we're moving ingress out of contrib, can you integrate this either:

  1. as a backend to the freshly baked generic controller (Split implementations from generic code kubernetes/ingress-nginx#15)
  2. as a cmdline option to the actual nginx ingress controller (https://github.com/kubernetes/ingress/tree/master/controllers/nginx)

?

@bprashanth
Copy link

@aledbf

@devlinmr
Copy link
Author

Sure, it's an nginx-based controller that retrieves certs from Hashicorp Vault, so it's got a lot of Vault-specific functionality.

Which of 1 or 2 would you prefer with that in mind?

@k8s-ci-robot
Copy link
Contributor

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA.

Once you've signed, please reply here (e.g. "I signed it!") and we'll verify. Thanks.

If you have questions or suggestions related to this bot's behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. label Nov 22, 2016
@k8s-github-robot
Copy link

[APPROVALNOTIFIER] Needs approval from an approver in each of these OWNERS Files:

We suggest the following people:
cc @bprashanth
You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@k8s-github-robot
Copy link

@devlinmr PR needs rebase

@k8s-github-robot k8s-github-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 7, 2017
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

Prevent issues from auto-closing with an /lifecycle frozen comment.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or @fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Dec 21, 2017
@fejta-bot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or @fejta.
/lifecycle rotten
/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Jan 20, 2018
@devlinmr devlinmr closed this Feb 1, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
cncf-cla: no Indicates the PR's author has not signed the CNCF CLA. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@devlinmr @bprashanth @k8s-ci-robot @k8s-github-robot @fejta-bot @googlebot @yiwei-C