Add nginx status page listen address to parameters

[lkirill]

In PR #1212 (d2546d0#diff-b7803798d356c6c17a90d93cc58bdbaaL353) port binding was replaced with 127.0.0.1:{{ $all.ListenPorts.Status }} in nginx.tmpl. We've used it to monitor Ingress Controller from outside of the container using http://node_hostname:18080/nginx_status.

Maybe add this address to parameters in ConfigMap or something?

[arjanschaaf]

@danielqsj @aledbf I was really surprised to hit this issue when testing a upgrade from beta.11 to beta.12.
We deploy a NGINX Ingress Controller as a pod in a Kubernetes cluster and expose the status page (with enable-vts-status:true) in the Kubernetes service. That status port on the service is then used by another service that needs the status data from the NGINX Ingress Controller.
I noticed the ongoing discussion in #1212 (comment) and have a hard time understanding why a change was released that prevents a problem in a complex setup with multiple ingress controllers & host networking but breaks simple setups that expose status information of the ingress controller... Am I missing something obvious and can I easily expose 18080 in my service somehow or is having the status port only listening on 127.0.0.1 in a pod just a bad idea all together?

[aledbf]

@arjanschaaf @lkirill I will change the IP address binding.

Am I missing something obvious and can I easily expose 18080 in my service somehow or is having the status port only listening on 127.0.0.1 in a pod just a bad idea all together?

If you are running with hostNetwork: true then you are exposing the stats without any restriction.