Merge pull request #335 from zlabjp/internal-default-backend

Enable internal-default-backend by default
zlabjp · Apr 5, 2024 · 97e82eb · 97e82eb
2 parents e943f65 + fcb7b4a
commit 97e82eb
Show file tree

Hide file tree

Showing 9 changed files with 8 additions and 129 deletions.
diff --git a/README.md b/README.md
@@ -16,24 +16,17 @@ Hub](https://hub.docker.com/r/zlabjp/nghttpx-ingress-controller/).
 
 ## Requirements
 
+If `--internal-default-backend` flag is given to false, the default
+backend service is necessary:
+
 - default backend [404-server](examples/default-backend.yaml)
 
 Actually, any backend web server will suffice as long as it returns
 some kind of error code for any requests.
 
-If `--internal-default-backend` flag is given, the default backend
-service is not necessary.  The controller configures nghttpx to act as
-a default backend.
 
 ## Deploy the Ingress controller
 
-Before the deploy of the Ingress controller we need a default backend:
-
-```
-$ kubectl create -f examples/default-backend.yaml
-$ kubectl expose deployment default-http-backend --port=80 --target-port=8080 --name=default-http-backend
-```
-
 Load balancers are created via a Deployment or DaemonSet:
 
 ```
@@ -304,14 +297,14 @@ kubctl apply -f examples/proxyproto/
 The default backend is used when the request does not match any given
 rules.  The default backend must be set in command-line flag of
 nghttpx Ingress controller unless `--internal-default-backend` flag is
-given, see below.  It can be overridden by specifying
+given to false, see below.  It can be overridden by specifying
 Ingress.Spec.Backend.  If multiple Ingress resources have
 .Spec.Backend, one of them is used, but it is undefined which one is
 used.  The default backend always does not require TLS.
 
-If `--internal-default-backend` is used, the controller configures
-nghttpx to act as a default backend.  In this case, the default
-backend service is not necessary.
+If `--internal-default-backend` is given to true, which is the
+default, the controller configures nghttpx to act as a default
+backend.  In this case, the default backend service is not necessary.
 
 ## Services without selectors
 

diff --git a/cmd/nghttpx-ingress-controller/main.go b/cmd/nghttpx-ingress-controller/main.go
@@ -88,7 +88,7 @@ var (
 	noDefaultBackendOverride = false
 	deferredShutdownPeriod   time.Duration
 	configOverrides          clientcmd.ConfigOverrides
-	internalDefaultBackend   = false
+	internalDefaultBackend   = true
 	http3                    = false
 	nghttpxSecret            = "nghttpx-km"
 	shareTLSTicketKey        = false

diff --git a/examples/custom-configuration/rc-custom-configuration.yaml b/examples/custom-configuration/rc-custom-configuration.yaml
@@ -47,6 +47,5 @@ spec:
           hostPort: 443
         args:
         - /nghttpx-ingress-controller
-        - --default-backend-service=$(POD_NAMESPACE)/default-http-backend
         - --nghttpx-configmap=default/nghttpx-ingress-lb
         - --healthz-port=11249
diff --git a/examples/daemonset/as-daemonset.yaml b/examples/daemonset/as-daemonset.yaml
@@ -47,5 +47,4 @@ spec:
           hostPort: 443
         args:
         - /nghttpx-ingress-controller
-        - --default-backend-service=$(POD_NAMESPACE)/default-http-backend
         - --healthz-port=11249
diff --git a/examples/default/rc-default.yaml b/examples/default/rc-default.yaml
@@ -47,5 +47,4 @@ spec:
           hostPort: 443
         args:
         - /nghttpx-ingress-controller
-        - --default-backend-service=$(POD_NAMESPACE)/default-http-backend
         - --healthz-port=11249
diff --git a/examples/proxyproto/01-default-backend.yaml b/examples/proxyproto/01-default-backend.yaml
diff --git a/examples/proxyproto/02-nghttpx-rbac.yaml → examples/proxyproto/01-nghttpx-rbac.yaml b/examples/proxyproto/02-nghttpx-rbac.yaml → examples/proxyproto/01-nghttpx-rbac.yaml
diff --git a/examples/proxyproto/03-nghttpx.yaml → examples/proxyproto/02-nghttpx.yaml b/examples/proxyproto/03-nghttpx.yaml → examples/proxyproto/02-nghttpx.yaml
@@ -59,7 +59,6 @@ spec:
           hostPort: 443
         args:
         - /nghttpx-ingress-controller
-        - --default-backend-service=$(POD_NAMESPACE)/default-http-backend
         - --nghttpx-configmap=$(POD_NAMESPACE)/nghttpx-ingress-lb-config
         - --healthz-port=11249
         - --proxy-proto=true
diff --git a/rc.yaml b/rc.yaml
@@ -1,60 +1,4 @@
 apiVersion: v1
-kind: Service
-metadata:
-  name: default-http-backend
-  namespace: kube-system
-  labels:
-    k8s-app: default-http-backend
-spec:
-  ports:
-  - port: 80
-    targetPort: 8080
-    protocol: TCP
-    name: http
-  selector:
-    k8s-app: default-http-backend
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: default-http-backend
-  namespace: kube-system
-  labels:
-    k8s-app: default-http-backend
-spec:
-  selector:
-    matchLabels:
-      k8s-app: default-http-backend
-  template:
-    metadata:
-      labels:
-        k8s-app: default-http-backend
-    spec:
-      terminationGracePeriodSeconds: 60
-      containers:
-      - name: default-http-backend
-        # Any image is permissible as long as:
-        # 1. It serves a 404 page at /
-        # 2. It serves 200 on a /healthz endpoint
-        image: registry.k8s.io/defaultbackend-amd64:1.5
-        livenessProbe:
-          httpGet:
-            path: /healthz
-            port: 8080
-            scheme: HTTP
-          initialDelaySeconds: 30
-          timeoutSeconds: 5
-        ports:
-        - containerPort: 8080
-        resources:
-          limits:
-            cpu: 10m
-            memory: 20Mi
-          requests:
-            cpu: 10m
-            memory: 20Mi
----
-apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: ingress
@@ -168,7 +112,6 @@ spec:
           hostPort: 443
         args:
         - /nghttpx-ingress-controller
-        - --default-backend-service=default/default-http-backend
         - --healthz-port=11249
         securityContext:
           # These capabilities are required to load eBPF program which is used by HTTP/3.