Skip to content

support namespaced upstream service #8453

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 14 commits into
base: main
Choose a base branch
from
Open

support namespaced upstream service #8453

wants to merge 14 commits into from
+1,127 −62

Conversation

@haywoodsh
Copy link
Contributor

@haywoodsh haywoodsh commented Oct 21, 2025
edited
Loading

Proposed changes

Namespaced services can now be used as upstreams in both VirtualServer and VirtualServerRoute.
For example, VirtualServers with upstream services such as coffee/coffee-svc and tea/tea-svc are now supported.

apiVersion: k8s.nginx.org/v1
kind: VirtualServer
metadata:
  name: cafe
  namespace: cafe
spec:
  host: cafe.example.com
  tls:
    secret: cafe-secret
  routes:
  - path: /coffee
    action:
      pass: coffee
  - path: /tea
    action:
      pass: tea
  upstreams:
  - name: coffee
    service: coffee/coffee-svc
    port: 80
  - name: tea
    service: tea/tea-svc
    port: 80

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING doc
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that all unit tests pass after adding my changes
  • I have updated necessary documentation
  • I have rebased my branch onto main
  • I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

@haywoodsh
support namespaced upstream service
01217bd 
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>

Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
@github-actions github-actions bot added enhancement Pull requests for new features/feature enhancements go Pull requests that update Go code python Pull requests that update Python code labels Oct 21, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 21, 2025
View reviewed changes
@codecov
Copy link

codecov bot commented Oct 21, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 65.67164% with 23 lines in your changes missing coverage. Please review.
✅ Project coverage is 53.50%. Comparing base (7e4865f) to head (54bfd1c).
⚠️ Report is 14 commits behind head on main.

Files with missing lines Patch % Lines
internal/k8s/controller.go 0.00% 20 Missing ⚠️
pkg/apis/configuration/validation/virtualserver.go 90.47% 1 Missing and 1 partial ⚠️
internal/configs/virtualserver.go 96.15% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #8453      +/-   ##
==========================================
+ Coverage   53.41%   53.50%   +0.08%     
==========================================
  Files          91       91              
  Lines       18191    18226      +35     
==========================================
+ Hits         9717     9752      +35     
- Misses       7962     7963       +1     
+ Partials      512      511       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 21, 2025
edited
Loading

Package Report

gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx, 1.29.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-module-njs, 1.29.1+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-module-otel, 1.29.1+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-agent, 3.3.2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx, 1.29.1-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-module-njs, 1.29.1+0.9.1-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-module-otel, 1.29.1+0.1.2-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-agent, 3.3.2~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-agent, 3.3.2~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus, 35-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-njs, 35+0.9.1-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-otel, 35+0.1.2-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-fips-check, 35+0.1-1~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-agent, 3.3.2~bookworm, arm64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-appprotect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect-attack-signatures, 2025.10.29-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect-threat-campaigns, 2025.11.03-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-agent, 2.44.0~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-appprotect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect-module-plus, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect-plugin, 6.23.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-agent, 2.44.0~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-appprotectdos, 35+4.7.3-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect-dos, 35+4.7.3-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus, 35-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-njs, 35+0.9.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-otel, 35+0.1.2-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-fips-check, 35+0.1-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-appprotect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect, 35+5.527.0-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect-attack-signatures, 2025.10.29-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect-threat-campaigns, 2025.11.03-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-plus-module-appprotectdos, 35+4.7.3-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, app-protect-dos, 35+4.7.3-1~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d, nginx-agent, 2.44.0~bookworm, amd64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx, 1.29.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-module-njs, 1.29.1.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-module-otel, 1.29.1.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-agent, 3.3.2, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx, 1.29.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-module-njs, 1.29.1.0.9.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-module-otel, 1.29.1.0.1.2-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-agent, 3.3.2, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-plus, 35-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-plus-module-njs, 35.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-plus-module-otel, 35.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-plus-module-fips-check, 35.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-agent, 3.3.2, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-plus, 35-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-plus-module-njs, 35.0.9.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-plus-module-otel, 35.0.1.2-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-plus-module-fips-check, 35.0.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine, nginx-agent, 3.3.2, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus, 35-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-njs, 35.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-otel, 35.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-fips-check, 35.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-agent, 3.3.2, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus, 35-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-njs, 35.0.9.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-otel, 35.0.1.2-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-fips-check, 35.0.1-r1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-agent, 3.3.2, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus, 35-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-njs, 35.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-otel, 35.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-fips-check, 35.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-agent, 2.44.0, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-appprotect, 35.5.527.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, app-protect, 35.5.527.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, app-protect-attack-signatures, 2025.10.29-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, app-protect-threat-campaigns, 2025.11.03-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus, 35-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-njs, 35.0.9.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-otel, 35.0.1.2-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-fips-check, 35.0.1-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-agent, 2.44.0, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, nginx-plus-module-appprotect, 35.5.527.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, app-protect-module-plus, 35.5.527.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-alpine-fips, app-protect-plugin, 6.23.0-r1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx, 1.29.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-module-njs, 1.29.1+0.9.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-module-otel, 1.29.1+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-agent, 3.3.2-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx, 1.29.1-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-module-njs, 1.29.1+0.9.2-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-module-otel, 1.29.1+0.1.2-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-agent, 3.3.2-1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-agent, 3.3.2-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus, 35-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-agent, 3.3.2-1, aarch64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-appprotect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect-attack-signatures, 2025.10.29-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect-threat-campaigns, 2025.11.03-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-appprotect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect-module-plus, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect-plugin, 6.23.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus, 35-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus-module-njs, 35+0.9.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus-module-otel, 35+0.1.2-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus-module-fips-check, 35+0.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus-module-appprotect, 35+5.527.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, app-protect, 35+5.527.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, app-protect-attack-signatures, 2025.10.29-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, app-protect-threat-campaigns, 2025.11.03-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus, 35-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus-module-njs, 35+0.9.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus-module-otel, 35+0.1.2-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus-module-fips-check, 35+0.1-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, nginx-plus-module-appprotect, 35+5.527.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, app-protect-module-plus, 35+5.527.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-nap-v5/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi8, app-protect-plugin, 6.23.0-1.el8.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-appprotectdos, 35+4.7.3-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect-dos, 35+4.7.3-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus, 35-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-njs, 35+0.9.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-otel, 35+0.1.2-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-fips-check, 35+0.1-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-appprotect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-plus-module-appprotectdos, 35+4.7.3-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, nginx-agent, 2.44.0-1, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect, 35+5.527.0-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect-attack-signatures, 2025.10.29-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect-threat-campaigns, 2025.11.03-1.el9.ngx, x86_64
gcr.io/f5-gcs-7899-ptg-ingrss-ctlr/dev/nginx-ic-dos-nap/nginx-plus-ingress:t-0945701bf69ab604ce3401b96cd2fb7d-ubi, app-protect-dos, 35+4.7.3-1.el9.ngx, x86_64

haywoodsh and others added 5 commits October 23, 2025 11:54
@haywoodsh
add example and fix comments
b1b9514 
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>

Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
@pre-commit-ci
[pre-commit.ci] auto fixes from pre-commit.com hooks
f23f0a4 
for more information, see https://pre-commit.ci
@haywoodsh
update readme
0aa24da 
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>

Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
@haywoodsh
handle exception
836e03c 
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>

Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
@haywoodsh
Merge branch 'main' into feat/support-foreign-upstreams
3efca90
@haywoodsh haywoodsh marked this pull request as ready for review October 24, 2025 18:01
@haywoodsh haywoodsh requested a review from a team as a code owner October 24, 2025 18:01
Copilot AI review requested due to automatic review settings October 24, 2025 18:01
Copilot AI reviewed Oct 24, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds support for namespaced upstream services in VirtualServer and VirtualServerRoute resources, allowing services to be referenced across namespaces using the namespace/service-name format.

  • Introduces ParseServiceReference() function to handle both namespaced and non-namespaced service references
  • Updates validation to support the new namespace/service-name format
  • Adds comprehensive test coverage for the new functionality

Reviewed Changes

Copilot reviewed 19 out of 19 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
pkg/apis/configuration/validation/virtualserver.go Adds validation functions for namespaced service references including validateVirtualServerServiceName() and validateDNS1123Label()
pkg/apis/configuration/validation/virtualserver_test.go Adds test cases for validating namespaced service names, backup service cross-namespace rejection, and DNS1123 label validation
internal/configs/virtualserver.go Implements ParseServiceReference() function and updates all service reference handling to support namespaced services
internal/configs/virtualserver_test.go Adds tests for ParseServiceReference() and validates VirtualServer configuration generation with foreign namespace services
internal/k8s/controller.go Updates endpoint and service lookup logic to use parsed namespace and service name
tests/suite/utils/yaml_utils.py Adds get_upstream_namespace_from_vs_yaml() helper function to extract upstream namespaces from VS YAML files
tests/suite/test_virtual_server_foreign_upstream.py Comprehensive integration tests for foreign namespace upstreams in VS and VSR
tests/data/virtual-server-foreign-upstream/* Test YAML configurations for foreign namespace upstream scenarios
tests/data/common/app/simple-namespaced-upstream/* Test backend deployments and services for namespaced upstream testing
examples/custom-resources/foreign-namespace-upstreams/* Example configurations and documentation demonstrating the foreign namespace upstream feature

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@haywoodsh haywoodsh linked an issue Oct 28, 2025 that may be closed by this pull request
VirtualServer support for services/upstreams in foreign namespace #8288
Open
2 tasks
haywoodsh and others added 3 commits October 28, 2025 15:54
@haywoodsh
Remove the commented-out code
2c59b84 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
@haywoodsh
typo
d72e9b5 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
@haywoodsh
Merge branch 'main' into feat/support-foreign-upstreams
eeddabe
AlexFenlon
AlexFenlon previously approved these changes Oct 29, 2025
View reviewed changes
@haywoodsh
update docs
3c274c9 
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>

Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
AlexFenlon
AlexFenlon previously approved these changes Nov 3, 2025
View reviewed changes
@danielnginx danielnginx requested a review from Copilot November 3, 2025 14:49
Copilot AI reviewed Nov 3, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 25 out of 25 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

pdabelf5
pdabelf5 previously approved these changes Nov 4, 2025
View reviewed changes
vepatel
vepatel reviewed Nov 4, 2025
View reviewed changes
examples/custom-resources/foreign-namespace-upstreams/README.md
VirtualServerRoute](https://docs.nginx.com/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/)
resources to configure load balancing for the modified cafe application from the [Basic
Configuration](../basic-configuration/) example. We have put the load balancing configuration as well as the deployments
and services into multiple namespaces. Instead of one namespace, we now use three: `tea`, `coffee`, and `cafe`.
Copy link
Contributor

@vepatel vepatel Nov 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@haywoodsh does it makes sense to include a suggestion around including these ns in -watch-namespace flag if not already?

Copy link
Contributor Author

@haywoodsh haywoodsh Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated readme

@haywoodsh
Merge branch 'main' into feat/support-foreign-upstreams
54bfd1c
@haywoodsh
update readme to add reminder about -watch-namespace flag
b2c281b 
Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>

Signed-off-by: Haywood Shannon <5781935+haywoodsh@users.noreply.github.com>
@haywoodsh haywoodsh dismissed stale reviews from pdabelf5 and AlexFenlon via b2c281b November 5, 2025 21:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vepatel vepatel vepatel left review comments

Copilot code review Copilot Copilot left review comments

@AlexFenlon AlexFenlon AlexFenlon left review comments

@pdabelf5 pdabelf5 pdabelf5 left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

enhancement Pull requests for new features/feature enhancements go Pull requests that update Go code python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

VirtualServer support for services/upstreams in foreign namespace

5 participants

@haywoodsh @vepatel @AlexFenlon @pdabelf5