diff --git a/internal/controller/nginx/config/base_http_config.go b/internal/controller/nginx/config/base_http_config.go index ece5a30999..bdbb1ee29b 100644 --- a/internal/controller/nginx/config/base_http_config.go +++ b/internal/controller/nginx/config/base_http_config.go @@ -12,8 +12,9 @@ var baseHTTPTemplate = gotemplate.Must(gotemplate.New("baseHttp").Parse(baseHTTP type httpConfig struct { Includes []shared.Include - HTTP2 bool NginxReadinessProbePort int32 + IPFamily shared.IPFamily + HTTP2 bool } func executeBaseHTTPConfig(conf dataplane.Configuration) []executeResult { @@ -23,6 +24,7 @@ func executeBaseHTTPConfig(conf dataplane.Configuration) []executeResult { HTTP2: conf.BaseHTTPConfig.HTTP2, Includes: includes, NginxReadinessProbePort: conf.BaseHTTPConfig.NginxReadinessProbePort, + IPFamily: getIPFamily(conf.BaseHTTPConfig), } results := make([]executeResult, 0, len(includes)+1) diff --git a/internal/controller/nginx/config/base_http_config_template.go b/internal/controller/nginx/config/base_http_config_template.go index 169b876a30..27adb7360e 100644 --- a/internal/controller/nginx/config/base_http_config_template.go +++ b/internal/controller/nginx/config/base_http_config_template.go @@ -26,7 +26,12 @@ map $request_uri $request_uri_path { # NGINX health check server block. server { + {{- if $.IPFamily.IPv4 }} listen {{ .NginxReadinessProbePort }}; + {{- end }} + {{- if $.IPFamily.IPv6 }} + listen [::]:{{ .NginxReadinessProbePort }}; + {{- end }} location = /readyz { access_log off; diff --git a/internal/controller/nginx/config/base_http_config_test.go b/internal/controller/nginx/config/base_http_config_test.go index c93d5628b3..deb58def53 100644 --- a/internal/controller/nginx/config/base_http_config_test.go +++ b/internal/controller/nginx/config/base_http_config_test.go @@ -117,17 +117,32 @@ func TestExecuteBaseHttp_NginxReadinessProbePort(t *testing.T) { }, } - customConfig := dataplane.Configuration{ + customPortConfig := dataplane.Configuration{ BaseHTTPConfig: dataplane.BaseHTTPConfig{ NginxReadinessProbePort: 9090, }, } + customIPv4Config := dataplane.Configuration{ + BaseHTTPConfig: dataplane.BaseHTTPConfig{ + NginxReadinessProbePort: dataplane.DefaultNginxReadinessProbePort, + IPFamily: dataplane.IPv4, + }, + } + + customIPv6Config := dataplane.Configuration{ + BaseHTTPConfig: dataplane.BaseHTTPConfig{ + NginxReadinessProbePort: dataplane.DefaultNginxReadinessProbePort, + IPFamily: dataplane.IPv6, + }, + } + tests := []struct { - name string - expectedPort string - expectedListen string - conf dataplane.Configuration + name string + expectedPort string + expectedListen string + expectedNoListen string + conf dataplane.Configuration }{ { name: "default nginx readiness probe port", @@ -135,12 +150,38 @@ func TestExecuteBaseHttp_NginxReadinessProbePort(t *testing.T) { expectedPort: "8081", expectedListen: "listen 8081;", }, + { + name: "default nginx readiness probe port on ipv6", + conf: defaultConfig, + expectedPort: "8081", + expectedListen: "listen [::]:8081;", + }, { name: "custom nginx readiness probe 9090", - conf: customConfig, + conf: customPortConfig, expectedPort: "9090", expectedListen: "listen 9090;", }, + { + name: "custom nginx readiness probe 9090 on ipv6", + conf: customPortConfig, + expectedPort: "9090", + expectedListen: "listen [::]:9090;", + }, + { + name: "custom ipv4 nginx readiness probe does not have ipv6 listen", + conf: customIPv4Config, + expectedPort: "8081", + expectedListen: "listen 8081;", + expectedNoListen: "listen [::]:8081;", + }, + { + name: "custom ipv6 nginx readiness probe does not have ipv4 listen", + conf: customIPv6Config, + expectedPort: "8081", + expectedListen: "listen [::]:8081;", + expectedNoListen: "listen 8081;", + }, } for _, test := range tests { @@ -156,6 +197,11 @@ func TestExecuteBaseHttp_NginxReadinessProbePort(t *testing.T) { // check that the listen directive contains the expected port g.Expect(httpConfig).To(ContainSubstring(test.expectedListen)) + // check that an additional listen directive is NOT set + if test.expectedNoListen != "" { + g.Expect(httpConfig).ToNot(ContainSubstring(test.expectedNoListen)) + } + // check that the health check server block is present g.Expect(httpConfig).To(ContainSubstring("server {")) g.Expect(httpConfig).To(ContainSubstring("access_log off;"))