Support for TCP/UDP load balancing via stream-snippets configmap key

examples/customization/README.md

@@ -67,6 +67,8 @@ The table below summarizes all of the options. For some of them, there are examp
 | `nginx.com/health-checks-mandatory-queue` | N/A | When active health checks are mandatory, configures a queue for temporary storing incoming requests during the time when NGINX Plus is checking the health of the endpoints after a configuration reload. | `0` | [Support for Active Health Checks](../health-checks). |
 | `nginx.com/slow-start` | N/A | Sets the upstream server [slow-start period](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#server-slow-start). By default, slow-start is activated after a server becomes [available](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks) or [healthy](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#active-health-checks). To enable slow-start for newly added servers, configure [mandatory active health checks](../health-checks). | `"0s"` | |
 | N/A | `external-status-address` | Sets the address to be reported in the status of Ingress resources. Requires the `-report-status` command-line argument. Overrides the `-external-service` argument. | N/A | [Report Ingress Status](../../docs/report-ingress-status.md). |
+| N/A | `stream-snippets` | Sets a custom snippet in stream context. | N/A | |
+| N/A | `stream-log-format` | Sets the custom [log format](http://nginx.org/en/docs/stream/ngx_stream_log_module.html#log_format) for TCP/UDP load balancing.  | See the [template file](../../nginx-controller/nginx/nginx.conf.tmpl). | |
 
 ## Using ConfigMaps
 

examples/customization/nginx-config.yaml

@@ -57,3 +57,12 @@ data:
   keepalive: "32" # default is 0. When > 0, sets the value of the keepalive directive and adds 'proxy_set_header Connection "";' to a location block. See http://nginx.org/en/docs/http/ngx_http_upstream_module.html#keepalive
   max-fails: "0" # default is 1. Sets the value of the max_fails parameter of the `server` directive. See https://nginx.org/en/docs/http/ngx_http_upstream_module.html#max_fails
   fail-timeout: "5s" # default is 10s. Sets the value of the fail_timeout parameter of the `server` directive. See https://nginx.org/en/docs/http/ngx_http_upstream_module.html#fail_timeout
+  stream-log-format: "$remote_addr $protocol" # stream-log-format default is set in the nginx.conf.tmpl file. Also see http://nginx.org/en/docs/stream/ngx_stream_log_module.html#log_format 
+  stream-snippets: |
+    upstream tcp-coffee {
+      server tcp-coffee-svc.default.svc.cluster.local:9944;
+    }
+    server {
+      listen 4456;
+      proxy_pass tcp-coffee;
+    }

nginx-controller/Dockerfile

@@ -3,6 +3,7 @@ FROM nginx:1.15.2
 # forward nginx access and error logs to stdout and stderr of the ingress
 # controller process
 RUN ln -sf /proc/1/fd/1 /var/log/nginx/access.log \
+	&& ln -sf /proc/1/fd/1 /var/log/nginx/stream-access.log \
 	&& ln -sf /proc/1/fd/2 /var/log/nginx/error.log
 
 COPY nginx-ingress nginx/templates/nginx.ingress.tmpl nginx/templates/nginx.tmpl /

nginx-controller/DockerfileForAlpine

@@ -3,6 +3,7 @@ FROM nginx:1.15.2-alpine
 # forward nginx access and error logs to stdout and stderr of the ingress
 # controller process
 RUN ln -sf /proc/1/fd/1 /var/log/nginx/access.log \
+	&& ln -sf /proc/1/fd/1 /var/log/nginx/stream-access.log \
 	&& ln -sf /proc/1/fd/2 /var/log/nginx/error.log
 
 COPY nginx-ingress nginx/templates/nginx.ingress.tmpl nginx/templates/nginx.tmpl /

nginx-controller/DockerfileForPlus

@@ -44,6 +44,7 @@ RUN set -x \
 # forward nginx access and error logs to stdout and stderr of the ingress
 # controller process
 RUN ln -sf /proc/1/fd/1 /var/log/nginx/access.log \
+	&& ln -sf /proc/1/fd/1 /var/log/nginx/stream-access.log \
 	&& ln -sf /proc/1/fd/2 /var/log/nginx/error.log
 
 

nginx-controller/nginx/config.go

@@ -21,9 +21,11 @@ type Config struct {
 	SSLRedirect                   bool
 	MainMainSnippets              []string
 	MainHTTPSnippets              []string
+	MainStreamSnippets            []string
 	MainServerNamesHashBucketSize string
 	MainServerNamesHashMaxSize    string
 	MainLogFormat                 string
+	MainStreamLogFormat           string
 	ProxyBuffering                bool
 	ProxyBuffers                  string
 	ProxyBufferSize               string
@@ -259,6 +261,9 @@ func ParseConfigMap(cfgm *api_v1.ConfigMap, nginxPlus bool) *Config {
 	if logFormat, exists := cfgm.Data["log-format"]; exists {
 		cfg.MainLogFormat = logFormat
 	}
+	if streamLogFormat, exists := cfgm.Data["stream-log-format"]; exists {
+		cfg.MainStreamLogFormat = streamLogFormat
+	}
 	if proxyBuffering, exists, err := GetMapKeyAsBool(cfgm.Data, "proxy-buffering", cfgm); exists {
 		if err != nil {
 			glog.Error(err)
@@ -346,5 +351,12 @@ func ParseConfigMap(cfgm *api_v1.ConfigMap, nginxPlus bool) *Config {
 	if ingressTemplate, exists := cfgm.Data["ingress-template"]; exists {
 		cfg.IngressTemplate = &ingressTemplate
 	}
+	if mainStreamSnippets, exists, err := GetMapKeyAsStringSlice(cfgm.Data, "stream-snippets", cfgm, "\n"); exists {
+		if err != nil {
+			glog.Error(err)
+		} else {
+			cfg.MainStreamSnippets = mainStreamSnippets
+		}
+	}
 	return cfg
 }

nginx-controller/nginx/configurator.go

@@ -1082,9 +1082,11 @@ func GenerateNginxMainConfig(config *Config) *NginxMainConfig {
 	nginxCfg := &NginxMainConfig{
 		MainSnippets:              config.MainMainSnippets,
 		HTTPSnippets:              config.MainHTTPSnippets,
+		StreamSnippets:            config.MainStreamSnippets,
 		ServerNamesHashBucketSize: config.MainServerNamesHashBucketSize,
 		ServerNamesHashMaxSize:    config.MainServerNamesHashMaxSize,
 		LogFormat:                 config.MainLogFormat,
+		StreamLogFormat:           config.MainStreamLogFormat,
 		SSLProtocols:              config.MainServerSSLProtocols,
 		SSLCiphers:                config.MainServerSSLCiphers,
 		SSLDHParam:                config.MainServerSSLDHParam,

nginx-controller/nginx/nginx.go

@@ -142,9 +142,11 @@ type NginxMainConfig struct {
 	ServerNamesHashBucketSize string
 	ServerNamesHashMaxSize    string
 	LogFormat                 string
+	StreamLogFormat           string
 	HealthStatus              bool
 	MainSnippets              []string
 	HTTPSnippets              []string
+	StreamSnippets            []string
 	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html
 	SSLProtocols           string
 	SSLPreferServerCiphers bool

nginx-controller/nginx/templates/nginx-plus.tmpl

@@ -108,3 +108,19 @@ http {
 
     include /etc/nginx/conf.d/*.conf;
 }
+
+stream {
+    {{if .StreamLogFormat -}}
+    log_format  stream-main  '{{.StreamLogFormat}}';
+    {{- else -}}
+    log_format  stream-main  '$remote_addr [$time_local] '
+                      '$protocol $status $bytes_sent $bytes_received '
+                      '$session_time';
+    {{- end }}
+
+    access_log  /var/log/nginx/stream-access.log  stream-main;
+
+    {{range $value := .StreamSnippets}}
+    {{$value}}
+    {{end}} 
+}

nginx-controller/nginx/templates/nginx.tmpl

@@ -84,3 +84,19 @@ http {
 
     include /etc/nginx/conf.d/*.conf;
 }
+
+stream {
+    {{if .StreamLogFormat -}}
+    log_format  stream-main  '{{.StreamLogFormat}}';
+    {{- else -}}
+    log_format  stream-main  '$remote_addr [$time_local] '
+                      '$protocol $status $bytes_sent $bytes_received '
+                      '$session_time';
+    {{- end }}
+
+    access_log  /var/log/nginx/stream-access.log  stream-main;
+
+    {{range $value := .StreamSnippets}}
+    {{$value}}
+    {{end}} 
+}

nginx-controller/nginx/templates/templates_test.go

@@ -88,6 +88,8 @@ var mainCfg = nginx.NginxMainConfig{
 	WorkerShutdownTimeout:  "1m",
 	WorkerConnections:      "1024",
 	WorkerRlimitNofile:     "65536",
+	StreamSnippets:         []string{"# comment"},
+	StreamLogFormat:        "$remote_addr",
 }
 
 func TestIngressForNGINXPlus(t *testing.T) {