An automatically generated list of changes can be found on Github at: 0.5.0 Release
An automatically generated list of changes can be found on Github at: 0.4.0 Release
An automatically generated list of changes can be found on Github at: 0.3.0 Release
An automatically generated list of changes can be found on Github at: 0.2.0 Release
FEATURES:
- 56 Graduate Policies. Add enablePreviewPolicy flag support.
- 55 Add AppProtect User Defined Signatures support.
- 39 Update secret type of default secret to TLS.
FIXES:
- 71 Fix replicas and service to be optional fields.
- 70 Make enableCRDs optional.
- 66 Fix Service to be an optional field. Add support for updating ExtraLabels.
- 65 Fix SCC resource to only affect KIC pods.
DOCUMENTATION:
- 54 Update IC compatibility in changelog.
KNOWN ISSUES:
- The Operator doesn't automatically remove IngressClasses created by 29.
COMPATIBILITY:
- NGINX Ingress Controller 1.10.x
- Openshift 4.5 or newer.
UPGRADE INSTRUCTIONS:
- Remove the existing Policy CRD:
kubectl delete crd policies.k8s.nginx.orgPlease note that deletion of thepolicies.k8s.nginx.orgCRD will result in all instances of that CRD being deleted too. Ensure to back up any important Custom Resource instances first! - Delete the existing SCC:
kubectl delete scc nginx-ingress-scc - Upgrade the operator to version 0.1.0.
- If the defaultSecret field is not set in your
nginxingresscontrollers.k8s.nginx.orgresource (or resources):- Remove the generated default secret. For example:
kubectl delete secret -n my-nginx-ingress my-nginx-ingress-controller - Wait until the operator regenerates the secret. The old secret was of the type
Opaque. The new secret will be of the typekubernetes.io/tls.
- Remove the generated default secret. For example:
- Alternatively, if the defaultSecret is set to some secret, make sure it is of the type
kubernetes.io/tls. If not, recreate the secret with the typekubernetes.io/tls. - If the wildcardTLS is set to some secret, make sure it is of the type
kubernetes.io/tls. If not, recreate the secret with the typekubernetes.io/tls. - Ensure that the TLS secrets referenced by Ingress, VirtualServer and Policy resources are of the type
kubernetes.io/tls, JWT secrets are of the typenginx.org/jwtand CA secrets are of the typenginx.org/ca. To avoid potential disruption of client traffic, instead of recreating the secrets, create new secrets with the correct type and update the Ingress, VirtualServer and Policy resources to use the new secrets. - Update any existing instances of the
nginxingresscontrollers.k8s.nginx.orgCustom Resource to use an NGINX Ingress Controller 1.10.x image.
Note: Steps 4-8 are required because Version 1.10.0 of the Ingress Controller added a requirement for secrets to be one of the following types: kubernetes.io/tls for TLS secrets; nginx.org/jwk for JWK secrets; or nginx.org/ca for CA secrets. Please see the section UPDATING SECRETS in https://docs.nginx.com/nginx-ingress-controller/releases/#nginx-ingress-controller-1-10-0 for more details.
FEATURES:
- 29 Add IngressClass support.
- 26 Add mTLS policy support.
- 25 Add JWT policy support.
- 21 Add latency metrics support.
- 18 Add support for policies in VS routes and VSR subroutes. Add RateLimit policy support
FIXES:
- 31 Add Status update for VS/VSR to RBAC.
KNOWN ISSUES:
- The Operator doesn't automatically remove IngressClasses created by 29
COMPATIBILITY:
- NGINX Ingress Controller 1.9.x.
- Openshift 4.5 or newer.
FEATURES:
IMPROVEMENTS:
- 15 Downgrade operator-sdk to 0.17.
- 14 Add KIC supported versions to README.
- 12 Make operator install KIC CRDs from manifests.
- 10 Update operator-sdk to 0.18.
- 8 Update go to 1.14.
- 7 Update makefile to include all manifests.
COMPATIBILITY:
- NGINX Ingress Controller 1.8.x.
- Openshift 4.3 or newer.
FEATURES:
- 4 Add new CRDs for NGINX Ingress Controller 1.7.0
- 5 Make NGINX Ingress Operator RedHat certified. Learn more about certified operators for Openshift here.
COMPATIBILITY:
- NGINX Ingress Controller 1.7.x.
- Openshift 4.3 or newer.