Support Ingress and IngressClass v1

.github/workflows/nightly.yml

@@ -121,7 +121,7 @@ jobs:
     needs: [build, binary, unit-tests]
     strategy:
       matrix:
-        k8s: [1.21.1, 1.20.7, 1.19.11, 1.18.19, 1.17.17, 1.16.15]
+        k8s: [1.21.1, 1.20.7, 1.19.11]
     steps:
       - name: Checkout Repository
         uses: actions/checkout@v2

cmd/nginx-ingress/main.go

@@ -307,7 +307,7 @@ func main() {
 		*useIngressClassOnly = true
 		glog.Warningln("The '-use-ingress-class-only' flag will be deprecated and has no effect on versions of kubernetes >= 1.18.0. Processing ONLY resources that have the 'ingressClassName' field in Ingress equal to the class.")
 
-		ingressClassRes, err := kubeClient.NetworkingV1beta1().IngressClasses().Get(context.TODO(), *ingressClass, meta_v1.GetOptions{})
+		ingressClassRes, err := kubeClient.NetworkingV1().IngressClasses().Get(context.TODO(), *ingressClass, meta_v1.GetOptions{})
 		if err != nil {
 			glog.Fatalf("Error when getting IngressClass %v: %v", *ingressClass, err)
 		}

internal/configs/configurator.go

@@ -19,7 +19,7 @@ import (
 
 	"github.com/golang/glog"
 	api_v1 "k8s.io/api/core/v1"
-	networking "k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
 	"github.com/nginxinc/kubernetes-ingress/internal/configs/version1"
@@ -962,13 +962,13 @@ func (cnf *Configurator) updatePlusEndpoints(ingEx *IngressEx) error {
 		SlowStart:   ingCfg.SlowStart,
 	}
 
-	if ingEx.Ingress.Spec.Backend != nil {
-		endps, exists := ingEx.Endpoints[ingEx.Ingress.Spec.Backend.ServiceName+ingEx.Ingress.Spec.Backend.ServicePort.String()]
+	if ingEx.Ingress.Spec.DefaultBackend != nil {
+		endps, exists := ingEx.Endpoints[ingEx.Ingress.Spec.DefaultBackend.Service.Name+GetBackendPortAsString(ingEx.Ingress.Spec.DefaultBackend.Service.Port)]
 		if exists {
-			if _, isExternalName := ingEx.ExternalNameSvcs[ingEx.Ingress.Spec.Backend.ServiceName]; isExternalName {
-				glog.V(3).Infof("Service %s is Type ExternalName, skipping NGINX Plus endpoints update via API", ingEx.Ingress.Spec.Backend.ServiceName)
+			if _, isExternalName := ingEx.ExternalNameSvcs[ingEx.Ingress.Spec.DefaultBackend.Service.Name]; isExternalName {
+				glog.V(3).Infof("Service %s is Type ExternalName, skipping NGINX Plus endpoints update via API", ingEx.Ingress.Spec.DefaultBackend.Service.Name)
 			} else {
-				name := getNameForUpstream(ingEx.Ingress, emptyHost, ingEx.Ingress.Spec.Backend)
+				name := getNameForUpstream(ingEx.Ingress, emptyHost, ingEx.Ingress.Spec.DefaultBackend)
 				err := cnf.updateServersInPlus(name, endps, cfg)
 				if err != nil {
 					return fmt.Errorf("Couldn't update the endpoints for %v: %w", name, err)
@@ -983,10 +983,10 @@ func (cnf *Configurator) updatePlusEndpoints(ingEx *IngressEx) error {
 		}
 
 		for _, path := range rule.HTTP.Paths {
-			endps, exists := ingEx.Endpoints[path.Backend.ServiceName+path.Backend.ServicePort.String()]
+			endps, exists := ingEx.Endpoints[path.Backend.Service.Name+GetBackendPortAsString(path.Backend.Service.Port)]
 			if exists {
-				if _, isExternalName := ingEx.ExternalNameSvcs[path.Backend.ServiceName]; isExternalName {
-					glog.V(3).Infof("Service %s is Type ExternalName, skipping NGINX Plus endpoints update via API", path.Backend.ServiceName)
+				if _, isExternalName := ingEx.ExternalNameSvcs[path.Backend.Service.Name]; isExternalName {
+					glog.V(3).Infof("Service %s is Type ExternalName, skipping NGINX Plus endpoints update via API", path.Backend.Service.Name)
 					continue
 				}
 

internal/configs/configurator_test.go

@@ -6,7 +6,7 @@ import (
 	"testing"
 
 	"github.com/prometheus/client_golang/prometheus"
-	networking "k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 

internal/configs/ingress.go

@@ -3,12 +3,13 @@ package configs
 import (
 	"fmt"
 	"sort"
+	"strconv"
 	"strings"
 
 	"github.com/golang/glog"
 	"github.com/nginxinc/kubernetes-ingress/internal/k8s/secrets"
 	api_v1 "k8s.io/api/core/v1"
-	networking "k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@@ -84,14 +85,14 @@ func generateNginxCfg(ingEx *IngressEx, apResources AppProtectResources, isMinio
 		grpcServices = make(map[string]bool)
 	}
 
-	if ingEx.Ingress.Spec.Backend != nil {
-		name := getNameForUpstream(ingEx.Ingress, emptyHost, ingEx.Ingress.Spec.Backend)
-		upstream := createUpstream(ingEx, name, ingEx.Ingress.Spec.Backend, spServices[ingEx.Ingress.Spec.Backend.ServiceName], &cfgParams,
+	if ingEx.Ingress.Spec.DefaultBackend != nil {
+		name := getNameForUpstream(ingEx.Ingress, emptyHost, ingEx.Ingress.Spec.DefaultBackend)
+		upstream := createUpstream(ingEx, name, ingEx.Ingress.Spec.DefaultBackend, spServices[ingEx.Ingress.Spec.DefaultBackend.Service.Name], &cfgParams,
 			isPlus, isResolverConfigured, staticParams.EnableLatencyMetrics)
 		upstreams[name] = upstream
 
 		if cfgParams.HealthCheckEnabled {
-			if hc, exists := ingEx.HealthChecks[ingEx.Ingress.Spec.Backend.ServiceName+ingEx.Ingress.Spec.Backend.ServicePort.String()]; exists {
+			if hc, exists := ingEx.HealthChecks[ingEx.Ingress.Spec.DefaultBackend.Service.Name+GetBackendPortAsString(ingEx.Ingress.Spec.DefaultBackend.Service.Port)]; exists {
 				healthChecks[name] = createHealthCheck(hc, name, &cfgParams)
 			}
 		}
@@ -169,7 +170,7 @@ func generateNginxCfg(ingEx *IngressEx, apResources AppProtectResources, isMinio
 		grpcOnly := true
 		if len(grpcServices) > 0 {
 			for _, path := range httpIngressRuleValue.Paths {
-				if _, exists := grpcServices[path.Backend.ServiceName]; !exists {
+				if _, exists := grpcServices[path.Backend.Service.Name]; !exists {
 					grpcOnly = false
 					break
 				}
@@ -187,20 +188,20 @@ func generateNginxCfg(ingEx *IngressEx, apResources AppProtectResources, isMinio
 			upsName := getNameForUpstream(ingEx.Ingress, rule.Host, &path.Backend)
 
 			if cfgParams.HealthCheckEnabled {
-				if hc, exists := ingEx.HealthChecks[path.Backend.ServiceName+path.Backend.ServicePort.String()]; exists {
+				if hc, exists := ingEx.HealthChecks[path.Backend.Service.Name+GetBackendPortAsString(path.Backend.Service.Port)]; exists {
 					healthChecks[upsName] = createHealthCheck(hc, upsName, &cfgParams)
 				}
 			}
 
 			if _, exists := upstreams[upsName]; !exists {
-				upstream := createUpstream(ingEx, upsName, &path.Backend, spServices[path.Backend.ServiceName], &cfgParams, isPlus, isResolverConfigured, staticParams.EnableLatencyMetrics)
+				upstream := createUpstream(ingEx, upsName, &path.Backend, spServices[path.Backend.Service.Name], &cfgParams, isPlus, isResolverConfigured, staticParams.EnableLatencyMetrics)
 				upstreams[upsName] = upstream
 			}
 
-			ssl := isSSLEnabled(sslServices[path.Backend.ServiceName], cfgParams, staticParams)
-			proxySSLName := generateProxySSLName(path.Backend.ServiceName, ingEx.Ingress.Namespace)
-			loc := createLocation(pathOrDefault(path.Path), upstreams[upsName], &cfgParams, wsServices[path.Backend.ServiceName], rewrites[path.Backend.ServiceName],
-				ssl, grpcServices[path.Backend.ServiceName], proxySSLName, path.PathType, path.Backend.ServiceName)
+			ssl := isSSLEnabled(sslServices[path.Backend.Service.Name], cfgParams, staticParams)
+			proxySSLName := generateProxySSLName(path.Backend.Service.Name, ingEx.Ingress.Namespace)
+			loc := createLocation(pathOrDefault(path.Path), upstreams[upsName], &cfgParams, wsServices[path.Backend.Service.Name], rewrites[path.Backend.Service.Name],
+				ssl, grpcServices[path.Backend.Service.Name], proxySSLName, path.PathType, path.Backend.Service.Name)
 
 			if isMinion && cfgParams.JWTKey != "" {
 				jwtAuth, redirectLoc, warnings := generateJWTConfig(ingEx.Ingress, ingEx.SecretRefs, &cfgParams, getNameForRedirectLocation(ingEx.Ingress))
@@ -218,23 +219,23 @@ func generateNginxCfg(ingEx *IngressEx, apResources AppProtectResources, isMinio
 			}
 		}
 
-		if !rootLocation && ingEx.Ingress.Spec.Backend != nil {
-			upsName := getNameForUpstream(ingEx.Ingress, emptyHost, ingEx.Ingress.Spec.Backend)
-			ssl := isSSLEnabled(sslServices[ingEx.Ingress.Spec.Backend.ServiceName], cfgParams, staticParams)
-			proxySSLName := generateProxySSLName(ingEx.Ingress.Spec.Backend.ServiceName, ingEx.Ingress.Namespace)
+		if !rootLocation && ingEx.Ingress.Spec.DefaultBackend != nil {
+			upsName := getNameForUpstream(ingEx.Ingress, emptyHost, ingEx.Ingress.Spec.DefaultBackend)
+			ssl := isSSLEnabled(sslServices[ingEx.Ingress.Spec.DefaultBackend.Service.Name], cfgParams, staticParams)
+			proxySSLName := generateProxySSLName(ingEx.Ingress.Spec.DefaultBackend.Service.Name, ingEx.Ingress.Namespace)
 			pathtype := networking.PathTypePrefix
 
-			loc := createLocation(pathOrDefault("/"), upstreams[upsName], &cfgParams, wsServices[ingEx.Ingress.Spec.Backend.ServiceName], rewrites[ingEx.Ingress.Spec.Backend.ServiceName],
-				ssl, grpcServices[ingEx.Ingress.Spec.Backend.ServiceName], proxySSLName, &pathtype, ingEx.Ingress.Spec.Backend.ServiceName)
+			loc := createLocation(pathOrDefault("/"), upstreams[upsName], &cfgParams, wsServices[ingEx.Ingress.Spec.DefaultBackend.Service.Name], rewrites[ingEx.Ingress.Spec.DefaultBackend.Service.Name],
+				ssl, grpcServices[ingEx.Ingress.Spec.DefaultBackend.Service.Name], proxySSLName, &pathtype, ingEx.Ingress.Spec.DefaultBackend.Service.Name)
 			locations = append(locations, loc)
 
 			if cfgParams.HealthCheckEnabled {
-				if hc, exists := ingEx.HealthChecks[ingEx.Ingress.Spec.Backend.ServiceName+ingEx.Ingress.Spec.Backend.ServicePort.String()]; exists {
+				if hc, exists := ingEx.HealthChecks[ingEx.Ingress.Spec.DefaultBackend.Service.Name+GetBackendPortAsString(ingEx.Ingress.Spec.DefaultBackend.Service.Port)]; exists {
 					healthChecks[upsName] = createHealthCheck(hc, upsName, &cfgParams)
 				}
 			}
 
-			if _, exists := grpcServices[ingEx.Ingress.Spec.Backend.ServiceName]; !exists {
+			if _, exists := grpcServices[ingEx.Ingress.Spec.DefaultBackend.Service.Name]; !exists {
 				grpcOnly = false
 			}
 		}
@@ -405,13 +406,13 @@ func createUpstream(ingEx *IngressEx, name string, backend *networking.IngressBa
 	isPlus bool, isResolverConfigured bool, isLatencyMetricsEnabled bool) version1.Upstream {
 	var ups version1.Upstream
 	labels := version1.UpstreamLabels{
-		Service:           backend.ServiceName,
+		Service:           backend.Service.Name,
 		ResourceType:      "ingress",
 		ResourceName:      ingEx.Ingress.Name,
 		ResourceNamespace: ingEx.Ingress.Namespace,
 	}
 	if isPlus {
-		queue, timeout := upstreamRequiresQueue(backend.ServiceName+backend.ServicePort.String(), ingEx, cfg)
+		queue, timeout := upstreamRequiresQueue(backend.Service.Name+GetBackendPortAsString(backend.Service.Port), ingEx, cfg)
 		ups = version1.Upstream{Name: name, StickyCookie: stickyCookie, Queue: queue, QueueTimeout: timeout, UpstreamLabels: labels}
 	} else {
 		ups = version1.NewUpstreamWithDefaultServer(name)
@@ -420,13 +421,13 @@ func createUpstream(ingEx *IngressEx, name string, backend *networking.IngressBa
 		}
 	}
 
-	endps, exists := ingEx.Endpoints[backend.ServiceName+backend.ServicePort.String()]
+	endps, exists := ingEx.Endpoints[backend.Service.Name+GetBackendPortAsString(backend.Service.Port)]
 	if exists {
 		var upsServers []version1.UpstreamServer
 		// Always false for NGINX OSS
-		_, isExternalNameSvc := ingEx.ExternalNameSvcs[backend.ServiceName]
+		_, isExternalNameSvc := ingEx.ExternalNameSvcs[backend.Service.Name]
 		if isExternalNameSvc && !isResolverConfigured {
-			glog.Warningf("A resolver must be configured for Type ExternalName service %s, no upstream servers will be created", backend.ServiceName)
+			glog.Warningf("A resolver must be configured for Type ExternalName service %s, no upstream servers will be created", backend.Service.Name)
 			endps = []string{}
 		}
 
@@ -482,7 +483,7 @@ func pathOrDefault(path string) string {
 }
 
 func getNameForUpstream(ing *networking.Ingress, host string, backend *networking.IngressBackend) string {
-	return fmt.Sprintf("%v-%v-%v-%v-%v", ing.Namespace, ing.Name, host, backend.ServiceName, backend.ServicePort.String())
+	return fmt.Sprintf("%v-%v-%v-%v-%v", ing.Namespace, ing.Name, host, backend.Service.Name, GetBackendPortAsString(backend.Service.Port))
 }
 
 func getNameForRedirectLocation(ing *networking.Ingress) string {
@@ -555,7 +556,7 @@ func generateNginxCfgForMergeableIngresses(mergeableIngs *MergeableIngresses, ma
 		minion.Ingress = minion.Ingress.DeepCopy()
 
 		// Remove the default backend so that "/" will not be generated
-		minion.Ingress.Spec.Backend = nil
+		minion.Ingress.Spec.DefaultBackend = nil
 
 		// Add acceptable master annotations to minion
 		mergeMasterAnnotationsIntoMinion(minion.Ingress.Annotations, mergeableIngs.Master.Ingress.Annotations)
@@ -608,3 +609,11 @@ func generateNginxCfgForMergeableIngresses(mergeableIngs *MergeableIngresses, ma
 func isSSLEnabled(isSSLService bool, cfgParams ConfigParams, staticCfgParams *StaticConfigParams) bool {
 	return isSSLService || staticCfgParams.NginxServiceMesh && !cfgParams.SpiffeServerCerts
 }
+
+// GetBackendPortAsString returns the port of a ServiceBackend of an Ingress resource as a string.
+func GetBackendPortAsString(port networking.ServiceBackendPort) string {
+	if port.Name != "" {
+		return port.Name
+	}
+	return strconv.Itoa(int(port.Number))
+}

internal/configs/ingress_test.go

@@ -7,14 +7,12 @@ import (
 	"testing"
 
 	"github.com/google/go-cmp/cmp"
+	"github.com/nginxinc/kubernetes-ingress/internal/configs/version1"
 	"github.com/nginxinc/kubernetes-ingress/internal/k8s/secrets"
 	v1 "k8s.io/api/core/v1"
-	networking "k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
-	"k8s.io/apimachinery/pkg/util/intstr"
-
-	"github.com/nginxinc/kubernetes-ingress/internal/configs/version1"
 )
 
 func TestGenerateNginxCfg(t *testing.T) {
@@ -304,15 +302,23 @@ func createCafeIngressEx() IngressEx {
 								{
 									Path: "/coffee",
 									Backend: networking.IngressBackend{
-										ServiceName: "coffee-svc",
-										ServicePort: intstr.FromString("80"),
+										Service: &networking.IngressServiceBackend{
+											Name: "coffee-svc",
+											Port: networking.ServiceBackendPort{
+												Number: 80,
+											},
+										},
 									},
 								},
 								{
 									Path: "/tea",
 									Backend: networking.IngressBackend{
-										ServiceName: "tea-svc",
-										ServicePort: intstr.FromString("80"),
+										Service: &networking.IngressServiceBackend{
+											Name: "tea-svc",
+											Port: networking.ServiceBackendPort{
+												Number: 80,
+											},
+										},
 									},
 								},
 							},
@@ -508,8 +514,12 @@ func createMergeableCafeIngress() *MergeableIngresses {
 								{
 									Path: "/coffee",
 									Backend: networking.IngressBackend{
-										ServiceName: "coffee-svc",
-										ServicePort: intstr.FromString("80"),
+										Service: &networking.IngressServiceBackend{
+											Name: "coffee-svc",
+											Port: networking.ServiceBackendPort{
+												Number: 80,
+											},
+										},
 									},
 								},
 							},
@@ -539,8 +549,12 @@ func createMergeableCafeIngress() *MergeableIngresses {
 								{
 									Path: "/tea",
 									Backend: networking.IngressBackend{
-										ServiceName: "tea-svc",
-										ServicePort: intstr.FromString("80"),
+										Service: &networking.IngressServiceBackend{
+											Name: "tea-svc",
+											Port: networking.ServiceBackendPort{
+												Number: 80,
+											},
+										},
 									},
 								},
 							},
@@ -1403,3 +1417,30 @@ func TestGenerateNginxCfgForMergeableIngressesForAppProtect(t *testing.T) {
 		t.Errorf("generateNginxCfgForMergeableIngresses() returned warnings: %v", warnings)
 	}
 }
+
+func TestGetBackendPortAsString(t *testing.T) {
+	tests := []struct {
+		port     networking.ServiceBackendPort
+		expected string
+	}{
+		{
+			port: networking.ServiceBackendPort{
+				Name: "test",
+			},
+			expected: "test",
+		},
+		{
+			port: networking.ServiceBackendPort{
+				Number: 80,
+			},
+			expected: "80",
+		},
+	}
+
+	for _, test := range tests {
+		result := GetBackendPortAsString(test.port)
+		if result != test.expected {
+			t.Errorf("GetBackendPortAsString(%+v) returned %q but expected %q", test.port, result, test.expected)
+		}
+	}
+}

internal/configs/parsing_helpers_test.go

@@ -5,7 +5,7 @@ import (
 	"testing"
 
 	v1 "k8s.io/api/core/v1"
-	"k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
@@ -20,7 +20,7 @@ var configMap = v1.ConfigMap{
 	},
 }
 
-var ingress = v1beta1.Ingress{
+var ingress = networking.Ingress{
 	ObjectMeta: meta_v1.ObjectMeta{
 		Name:      "test",
 		Namespace: "kube-system",

internal/k8s/configuration.go

@@ -11,7 +11,7 @@ import (
 	conf_v1 "github.com/nginxinc/kubernetes-ingress/pkg/apis/configuration/v1"
 	conf_v1alpha1 "github.com/nginxinc/kubernetes-ingress/pkg/apis/configuration/v1alpha1"
 	"github.com/nginxinc/kubernetes-ingress/pkg/apis/configuration/validation"
-	networking "k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

internal/k8s/configuration_test.go

@@ -9,7 +9,7 @@ import (
 	conf_v1 "github.com/nginxinc/kubernetes-ingress/pkg/apis/configuration/v1"
 	conf_v1alpha1 "github.com/nginxinc/kubernetes-ingress/pkg/apis/configuration/v1alpha1"
 	"github.com/nginxinc/kubernetes-ingress/pkg/apis/configuration/validation"
-	networking "k8s.io/api/networking/v1beta1"
+	networking "k8s.io/api/networking/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )