feat(ingress): autodetect ingress controllers EE-673 (#7712)

api/database/models/ingress.go

@@ -12,6 +12,7 @@ type (
 		Type         string `json:"Type"`
 		Availability bool   `json:"Availability"`
 		New          bool   `json:"New"`
+		Used         bool   `json:"Used"`
 	}
 
 	K8sIngressControllers []K8sIngressController

api/database/models/namespaces.go

@@ -2,11 +2,11 @@ package models
 
 import "net/http"
 
-type K8sNamespaceInfo struct {
+type K8sNamespaceDetails struct {
 	Name        string            `json:"Name"`
 	Annotations map[string]string `json:"Annotations"`
 }
 
-func (r *K8sNamespaceInfo) Validate(request *http.Request) error {
+func (r *K8sNamespaceDetails) Validate(request *http.Request) error {
 	return nil
 }

api/datastore/migrator/migrate_dbversion70.go

@@ -6,7 +6,11 @@ import (
 )
 
 func (m *Migrator) migrateDBVersionToDB70() error {
-	// foreach endpoint
+	log.Info().Msg("- add IngressAvailabilityPerNamespace field")
+	if err := m.addIngressAvailabilityPerNamespaceFieldDB70(); err != nil {
+		return err
+	}
+
 	endpoints, err := m.endpointService.Endpoints()
 	if err != nil {
 		return err
@@ -45,3 +49,20 @@ func (m *Migrator) migrateDBVersionToDB70() error {
 
 	return nil
 }
+
+func (m *Migrator) addIngressAvailabilityPerNamespaceFieldDB70() error {
+	endpoints, err := m.endpointService.Endpoints()
+	if err != nil {
+		return err
+	}
+
+	for _, endpoint := range endpoints {
+		endpoint.Kubernetes.Configuration.IngressAvailabilityPerNamespace = true
+
+		err = m.endpointService.UpdateEndpoint(endpoint.ID, &endpoint)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}

api/datastore/test_data/output_24_to_latest.json

@@ -53,6 +53,7 @@
       "Kubernetes": {
         "Configuration": {
           "EnableResourceOverCommit": false,
+          "IngressAvailabilityPerNamespace": true,
           "IngressClasses": null,
           "ResourceOverCommitPercentage": 0,
           "RestrictDefaultNamespace": false,

api/http/handler/kubernetes/configmaps_and_secrets.go

@@ -13,20 +13,18 @@ func (handler *Handler) getKubernetesConfigMaps(w http.ResponseWriter, r *http.R
 
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	configmaps, err := cli.GetConfigMapsAndSecrets(namespace)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
 
 	return response.JSON(w, configmaps)

api/http/handler/kubernetes/handler.go

@@ -24,10 +24,10 @@ type Handler struct {
 	*mux.Router
 	authorizationService     *authorization.Service
 	dataStore                dataservices.DataStore
-	jwtService               dataservices.JWTService
-	kubernetesClientFactory  *cli.ClientFactory
-	kubeClusterAccessService kubernetes.KubeClusterAccessService
 	KubernetesClient         portainer.KubeClient
+	kubernetesClientFactory  *cli.ClientFactory
+	jwtService               dataservices.JWTService
+	kubeClusterAccessService kubernetes.KubeClusterAccessService
 }
 
 // NewHandler creates a handler to process pre-proxied requests to external APIs.

api/http/handler/kubernetes/ingresses.go

@@ -1,7 +1,6 @@
 package kubernetes
 
 import (
-	"fmt"
 	"net/http"
 
 	httperror "github.com/portainer/libhttp/error"
@@ -15,35 +14,39 @@ import (
 func (handler *Handler) getKubernetesIngressControllers(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	endpointID, err := request.RetrieveNumericRouteVariableValue(r, "id")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid environment identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid environment identifier route variable",
+			err,
+		)
 	}
 
 	endpoint, err := handler.dataStore.Endpoint().Endpoint(portainer.EndpointID(endpointID))
 	if err == portainerDsErrors.ErrObjectNotFound {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusNotFound,
-			Message:    "Unable to find an environment with the specified identifier inside the database",
-			Err:        err,
-		}
+		return httperror.NotFound(
+			"Unable to find an environment with the specified identifier inside the database",
+			err,
+		)
 	} else if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to find an environment with the specified identifier inside the database",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to find an environment with the specified identifier inside the database",
+			err,
+		)
+	}
+
+	allowedOnly, err := request.RetrieveBooleanQueryParameter(r, "allowedOnly", true)
+	if err != nil {
+		return httperror.BadRequest(
+			"Invalid allowedOnly boolean query parameter",
+			err,
+		)
 	}
 
 	cli, err := handler.kubernetesClientFactory.GetKubeClient(endpoint)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to create Kubernetes client",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to create Kubernetes client",
+			err,
+		)
 	}
 
 	controllers := cli.GetIngressControllers()
@@ -66,11 +69,44 @@ func (handler *Handler) getKubernetesIngressControllers(w http.ResponseWriter, r
 			}
 
 			if controllers[i].ClassName == a.Name {
-				controllers[i].Availability = !a.Blocked
+				controllers[i].Availability = !a.GloballyBlocked
 			}
 		}
-		// TODO: Update existingClasses to take care of New and remove no longer
-		// existing classes.
+	}
+
+	// Update the database to match the list of found + modified controllers.
+	// This includes pruning out controllers which no longer exist.
+	var newClasses []portainer.KubernetesIngressClassConfig
+	for _, controller := range controllers {
+		var class portainer.KubernetesIngressClassConfig
+		class.Name = controller.ClassName
+		class.Type = controller.Type
+		class.GloballyBlocked = !controller.Availability
+		class.BlockedNamespaces = []string{}
+		newClasses = append(newClasses, class)
+	}
+	endpoint.Kubernetes.Configuration.IngressClasses = newClasses
+	err = handler.dataStore.Endpoint().UpdateEndpoint(
+		portainer.EndpointID(endpointID),
+		endpoint,
+	)
+	if err != nil {
+		return httperror.InternalServerError(
+			"Unable to store found IngressClasses inside the database",
+			err,
+		)
+	}
+
+	// If the allowedOnly query parameter was set. We need to prune out
+	// disallowed controllers from the response.
+	if allowedOnly {
+		var allowedControllers models.K8sIngressControllers
+		for _, controller := range controllers {
+			if controller.Availability {
+				allowedControllers = append(allowedControllers, controller)
+			}
+		}
+		controllers = allowedControllers
 	}
 	return response.JSON(w, controllers)
 }
@@ -78,80 +114,84 @@ func (handler *Handler) getKubernetesIngressControllers(w http.ResponseWriter, r
 func (handler *Handler) getKubernetesIngressControllersByNamespace(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	endpointID, err := request.RetrieveNumericRouteVariableValue(r, "id")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid environment identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid environment identifier route variable",
+			err,
+		)
 	}
 
 	endpoint, err := handler.dataStore.Endpoint().Endpoint(portainer.EndpointID(endpointID))
 	if err == portainerDsErrors.ErrObjectNotFound {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusNotFound,
-			Message:    "Unable to find an environment with the specified identifier inside the database",
-			Err:        err,
-		}
+		return httperror.NotFound(
+			"Unable to find an environment with the specified identifier inside the database",
+			err,
+		)
 	} else if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to find an environment with the specified identifier inside the database",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to find an environment with the specified identifier inside the database",
+			err,
+		)
 	}
 
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
-	cli, err := handler.kubernetesClientFactory.GetKubeClient(endpoint)
-	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to create Kubernetes client",
-			Err:        err,
-		}
-	}
-
-	controllers := cli.GetIngressControllers()
+	cli := handler.KubernetesClient
+	currentControllers := cli.GetIngressControllers()
 	existingClasses := endpoint.Kubernetes.Configuration.IngressClasses
-	for i := range controllers {
-		controllers[i].Availability = true
-		controllers[i].New = true
+	var updatedClasses []portainer.KubernetesIngressClassConfig
+	var controllers models.K8sIngressControllers
+	for i := range currentControllers {
+		var globallyblocked bool
+		currentControllers[i].Availability = true
+		currentControllers[i].New = true
+
+		var updatedClass portainer.KubernetesIngressClassConfig
+		updatedClass.Name = currentControllers[i].ClassName
+		updatedClass.Type = currentControllers[i].Type
 
 		// Check if the controller is blocked globally or in the current
 		// namespace.
-		for _, a := range existingClasses {
-			if controllers[i].ClassName != a.Name {
+		for _, existingClass := range existingClasses {
+			if currentControllers[i].ClassName != existingClass.Name {
 				continue
 			}
-			controllers[i].New = false
+			currentControllers[i].New = false
+			updatedClass.GloballyBlocked = existingClass.GloballyBlocked
+			updatedClass.BlockedNamespaces = existingClass.BlockedNamespaces
 
-			// If it's not blocked we're all done!
-			if !a.Blocked {
-				continue
-			}
+			globallyblocked = existingClass.GloballyBlocked
 
-			// Global blocks.
-			if len(a.BlockedNamespaces) == 0 {
-				controllers[i].Availability = false
-				continue
-			}
-
-			// Also check the current namespace.
-			for _, ns := range a.BlockedNamespaces {
+			// Check if the current namespace is blocked.
+			for _, ns := range existingClass.BlockedNamespaces {
 				if namespace == ns {
-					controllers[i].Availability = false
+					currentControllers[i].Availability = false
 				}
 			}
 		}
-		// TODO: Update existingClasses to take care of New and remove no longer
-		// existing classes.
+		if !globallyblocked {
+			controllers = append(controllers, currentControllers[i])
+		}
+		updatedClasses = append(updatedClasses, updatedClass)
+	}
+
+	// Update the database to match the list of found controllers.
+	// This includes pruning out controllers which no longer exist.
+	endpoint.Kubernetes.Configuration.IngressClasses = updatedClasses
+	err = handler.dataStore.Endpoint().UpdateEndpoint(
+		portainer.EndpointID(endpointID),
+		endpoint,
+	)
+	if err != nil {
+		return httperror.InternalServerError(
+			"Unable to store found IngressClasses inside the database",
+			err,
+		)
 	}
 	return response.JSON(w, controllers)
 }
@@ -159,167 +199,205 @@ func (handler *Handler) getKubernetesIngressControllersByNamespace(w http.Respon
 func (handler *Handler) updateKubernetesIngressControllers(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	endpointID, err := request.RetrieveNumericRouteVariableValue(r, "id")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid environment identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid environment identifier route variable",
+			err,
+		)
 	}
 
 	endpoint, err := handler.dataStore.Endpoint().Endpoint(portainer.EndpointID(endpointID))
 	if err == portainerDsErrors.ErrObjectNotFound {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusNotFound,
-			Message:    "Unable to find an environment with the specified identifier inside the database",
-			Err:        err,
-		}
+		return httperror.NotFound(
+			"Unable to find an environment with the specified identifier inside the database",
+			err,
+		)
 	} else if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to find an environment with the specified identifier inside the database",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to find an environment with the specified identifier inside the database",
+			err,
+		)
 	}
 
 	var payload models.K8sIngressControllers
 	err = request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid request payload",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid request payload",
+			err,
+		)
 	}
 
-	classes := endpoint.Kubernetes.Configuration.IngressClasses
-	for _, p := range payload {
-		for i := range classes {
-			if p.ClassName == classes[i].Name {
-				classes[i].Blocked = !p.Availability
+	cli, err := handler.kubernetesClientFactory.GetKubeClient(endpoint)
+	if err != nil {
+		return httperror.InternalServerError(
+			"Unable to create Kubernetes client",
+			err,
+		)
+	}
+
+	existingClasses := endpoint.Kubernetes.Configuration.IngressClasses
+	controllers := cli.GetIngressControllers()
+	for i := range controllers {
+		// Set existing class data. So that we don't accidentally overwrite it
+		// with blank data that isn't in the payload.
+		for ii := range existingClasses {
+			if controllers[i].ClassName == existingClasses[ii].Name {
+				controllers[i].Availability = !existingClasses[ii].GloballyBlocked
 			}
 		}
 	}
-	endpoint.Kubernetes.Configuration.IngressClasses = classes
-	fmt.Printf("%#v\n", endpoint.Kubernetes.Configuration.IngressClasses)
+
+	for _, p := range payload {
+		for i := range controllers {
+			// Now set new payload data
+			if p.ClassName == controllers[i].ClassName {
+				controllers[i].Availability = p.Availability
+			}
+		}
+	}
+
+	// Update the database to match the list of found + modified controllers.
+	// This includes pruning out controllers which no longer exist.
+	var newClasses []portainer.KubernetesIngressClassConfig
+	for _, controller := range controllers {
+		var class portainer.KubernetesIngressClassConfig
+		class.Name = controller.ClassName
+		class.Type = controller.Type
+		class.GloballyBlocked = !controller.Availability
+		class.BlockedNamespaces = []string{}
+		newClasses = append(newClasses, class)
+	}
+
+	endpoint.Kubernetes.Configuration.IngressClasses = newClasses
 	err = handler.dataStore.Endpoint().UpdateEndpoint(
 		portainer.EndpointID(endpointID),
 		endpoint,
 	)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to update the BlockedIngressClasses inside the database",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to update the BlockedIngressClasses inside the database",
+			err,
+		)
 	}
-	return nil
+	return response.Empty(w)
 }
 
 func (handler *Handler) updateKubernetesIngressControllersByNamespace(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	endpointID, err := request.RetrieveNumericRouteVariableValue(r, "id")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid environment identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid environment identifier route variable",
+			err,
+		)
 	}
 
 	endpoint, err := handler.dataStore.Endpoint().Endpoint(portainer.EndpointID(endpointID))
 	if err == portainerDsErrors.ErrObjectNotFound {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusNotFound,
-			Message:    "Unable to find an environment with the specified identifier inside the database",
-			Err:        err,
-		}
+		return httperror.NotFound(
+			"Unable to find an environment with the specified identifier inside the database",
+			err,
+		)
 	} else if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to find an environment with the specified identifier inside the database",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to find an environment with the specified identifier inside the database",
+			err,
+		)
 	}
 
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	var payload models.K8sIngressControllers
 	err = request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid request payload",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid request payload",
+			err,
+		)
 	}
 
-	classes := endpoint.Kubernetes.Configuration.IngressClasses
+	existingClasses := endpoint.Kubernetes.Configuration.IngressClasses
+	var updatedClasses []portainer.KubernetesIngressClassConfig
 PayloadLoop:
 	for _, p := range payload {
-		for i := range classes {
-			if p.ClassName == classes[i].Name {
-				if p.Availability == true {
-					classes[i].Blocked = false
-					classes[i].BlockedNamespaces = []string{}
-					continue PayloadLoop
-				}
+		for _, existingClass := range existingClasses {
+			if p.ClassName != existingClass.Name {
+				updatedClasses = append(updatedClasses, existingClass)
+				continue
+			}
+			var updatedClass portainer.KubernetesIngressClassConfig
+			updatedClass.Name = existingClass.Name
+			updatedClass.Type = existingClass.Type
+			updatedClass.GloballyBlocked = existingClass.GloballyBlocked
 
-				// If it's meant to be blocked we need to add the current
-				// namespace. First, check if it's already in the
-				// BlockedNamespaces and if not we append it.
-				classes[i].Blocked = true
-				for _, ns := range classes[i].BlockedNamespaces {
-					if namespace == ns {
-						continue PayloadLoop
+			// Handle "allow"
+			if p.Availability == true {
+				// remove the namespace from the list of blocked namespaces
+				// in the existingClass.
+				for _, blockedNS := range existingClass.BlockedNamespaces {
+					if blockedNS != namespace {
+						updatedClass.BlockedNamespaces = append(updatedClass.BlockedNamespaces, blockedNS)
 					}
 				}
-				classes[i].BlockedNamespaces = append(
-					classes[i].BlockedNamespaces,
-					namespace,
-				)
+
+				updatedClasses = append(updatedClasses, existingClass)
+				continue PayloadLoop
 			}
+
+			// Handle "disallow"
+			// If it's meant to be blocked we need to add the current
+			// namespace. First, check if it's already in the
+			// BlockedNamespaces and if not we append it.
+			updatedClass.BlockedNamespaces = existingClass.BlockedNamespaces
+			for _, ns := range updatedClass.BlockedNamespaces {
+				if namespace == ns {
+					updatedClasses = append(updatedClasses, existingClass)
+					continue PayloadLoop
+				}
+			}
+			updatedClass.BlockedNamespaces = append(
+				updatedClass.BlockedNamespaces,
+				namespace,
+			)
+			updatedClasses = append(updatedClasses, updatedClass)
 		}
 	}
-	endpoint.Kubernetes.Configuration.IngressClasses = classes
-	fmt.Printf("%#v\n", endpoint.Kubernetes.Configuration.IngressClasses)
+
+	endpoint.Kubernetes.Configuration.IngressClasses = updatedClasses
 	err = handler.dataStore.Endpoint().UpdateEndpoint(
 		portainer.EndpointID(endpointID),
 		endpoint,
 	)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to update the BlockedIngressClasses inside the database",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to update the BlockedIngressClasses inside the database",
+			err,
+		)
 	}
-	return nil
+	return response.Empty(w)
 }
 
 func (handler *Handler) getKubernetesIngresses(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	cli := handler.KubernetesClient
 	ingresses, err := cli.GetIngresses(namespace)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
 
 	return response.JSON(w, ingresses)
@@ -328,33 +406,30 @@ func (handler *Handler) getKubernetesIngresses(w http.ResponseWriter, r *http.Re
 func (handler *Handler) createKubernetesIngress(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	var payload models.K8sIngressInfo
 	err = request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid request payload",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid request payload",
+			err,
+		)
 	}
 
 	cli := handler.KubernetesClient
 	err = cli.CreateIngress(namespace, payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
-	return nil
+	return response.Empty(w)
 }
 
 func (handler *Handler) deleteKubernetesIngresses(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
@@ -368,43 +443,39 @@ func (handler *Handler) deleteKubernetesIngresses(w http.ResponseWriter, r *http
 
 	err = cli.DeleteIngresses(payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
-	return nil
+	return response.Empty(w)
 }
 
 func (handler *Handler) updateKubernetesIngress(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	var payload models.K8sIngressInfo
 	err = request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid request payload",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid request payload",
+			err,
+		)
 	}
 
 	cli := handler.KubernetesClient
 	err = cli.UpdateIngress(namespace, payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
-	return nil
+	return response.Empty(w)
 }

api/http/handler/kubernetes/namespaces.go

@@ -14,11 +14,10 @@ func (handler *Handler) getKubernetesNamespaces(w http.ResponseWriter, r *http.R
 
 	namespaces, err := cli.GetNamespaces()
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
 
 	return response.JSON(w, namespaces)
@@ -27,23 +26,21 @@ func (handler *Handler) getKubernetesNamespaces(w http.ResponseWriter, r *http.R
 func (handler *Handler) createKubernetesNamespace(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	cli := handler.KubernetesClient
 
-	var payload models.K8sNamespaceInfo
+	var payload models.K8sNamespaceDetails
 	err := request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid request payload",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid request payload",
+			err,
+		)
 	}
 
 	err = cli.CreateNamespace(payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
 	return nil
 }
@@ -53,20 +50,18 @@ func (handler *Handler) deleteKubernetesNamespaces(w http.ResponseWriter, r *htt
 
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	err = cli.DeleteNamespace(namespace)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
 
 	return nil
@@ -75,7 +70,7 @@ func (handler *Handler) deleteKubernetesNamespaces(w http.ResponseWriter, r *htt
 func (handler *Handler) updateKubernetesNamespace(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	cli := handler.KubernetesClient
 
-	var payload models.K8sNamespaceInfo
+	var payload models.K8sNamespaceDetails
 	err := request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
 		return &httperror.HandlerError{

api/http/handler/kubernetes/services.go

@@ -12,21 +12,19 @@ import (
 func (handler *Handler) getKubernetesServices(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	cli := handler.KubernetesClient
 	services, err := cli.GetServices(namespace)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve services",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve services",
+			err,
+		)
 	}
 
 	return response.JSON(w, services)
@@ -35,31 +33,28 @@ func (handler *Handler) getKubernetesServices(w http.ResponseWriter, r *http.Req
 func (handler *Handler) createKubernetesService(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	var payload models.K8sServiceInfo
 	err = request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid request payload",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid request payload",
+			err,
+		)
 	}
 
 	cli := handler.KubernetesClient
 	err = cli.CreateService(namespace, payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
 	return nil
 }
@@ -70,20 +65,18 @@ func (handler *Handler) deleteKubernetesServices(w http.ResponseWriter, r *http.
 	var payload models.K8sServiceDeleteRequests
 	err := request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid request payload",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid request payload",
+			err,
+		)
 	}
 
 	err = cli.DeleteServices(payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
 	return nil
 }
@@ -91,31 +84,28 @@ func (handler *Handler) deleteKubernetesServices(w http.ResponseWriter, r *http.
 func (handler *Handler) updateKubernetesService(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
 	namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid namespace identifier route variable",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid namespace identifier route variable",
+			err,
+		)
 	}
 
 	var payload models.K8sServiceInfo
 	err = request.DecodeAndValidateJSONPayload(r, &payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusBadRequest,
-			Message:    "Invalid request payload",
-			Err:        err,
-		}
+		return httperror.BadRequest(
+			"Invalid request payload",
+			err,
+		)
 	}
 
 	cli := handler.KubernetesClient
 	err = cli.UpdateService(namespace, payload)
 	if err != nil {
-		return &httperror.HandlerError{
-			StatusCode: http.StatusInternalServerError,
-			Message:    "Unable to retrieve nodes limits",
-			Err:        err,
-		}
+		return httperror.InternalServerError(
+			"Unable to retrieve nodes limits",
+			err,
+		)
 	}
 	return nil
 }

api/kubernetes/cli/ingress.go

@@ -20,10 +20,34 @@ func (kcl *KubeClient) GetIngressControllers() models.K8sIngressControllers {
 		return nil
 	}
 
+	// We want to know which of these controllers is in use.
+	var ingresses []models.K8sIngressInfo
+	namespaces, err := kcl.GetNamespaces()
+	if err != nil {
+		return nil
+	}
+	for namespace := range namespaces {
+		t, err := kcl.GetIngresses(namespace)
+		if err != nil {
+			return nil
+		}
+		ingresses = append(ingresses, t...)
+	}
+	usedClasses := make(map[string]struct{})
+	for _, ingress := range ingresses {
+		usedClasses[ingress.ClassName] = struct{}{}
+	}
+
 	for _, class := range classList.Items {
 		var controller models.K8sIngressController
 		controller.Name = class.Spec.Controller
 		controller.ClassName = class.Name
+
+		// If the class is used mark it as such.
+		if _, ok := usedClasses[class.Name]; ok {
+			controller.Used = true
+		}
+
 		switch {
 		case strings.Contains(controller.Name, "nginx"):
 			controller.Type = "nginx"

api/kubernetes/cli/namespace.go

@@ -45,7 +45,7 @@ func (kcl *KubeClient) GetNamespaces() (map[string]portainer.K8sNamespaceInfo, e
 }
 
 // CreateIngress creates a new ingress in a given namespace in a k8s endpoint.
-func (kcl *KubeClient) CreateNamespace(info models.K8sNamespaceInfo) error {
+func (kcl *KubeClient) CreateNamespace(info models.K8sNamespaceDetails) error {
 	client := kcl.cli.CoreV1().Namespaces()
 
 	var ns v1.Namespace
@@ -108,7 +108,7 @@ func (kcl *KubeClient) ToggleSystemState(namespaceName string, isSystem bool) er
 }
 
 // UpdateIngress updates an ingress in a given namespace in a k8s endpoint.
-func (kcl *KubeClient) UpdateNamespace(info models.K8sNamespaceInfo) error {
+func (kcl *KubeClient) UpdateNamespace(info models.K8sNamespaceDetails) error {
 	client := kcl.cli.CoreV1().Namespaces()
 
 	var ns v1.Namespace

api/portainer.go

@@ -546,13 +546,14 @@ type (
 
 	// KubernetesConfiguration represents the configuration of a Kubernetes environment(endpoint)
 	KubernetesConfiguration struct {
-		UseLoadBalancer              bool                           `json:"UseLoadBalancer"`
-		UseServerMetrics             bool                           `json:"UseServerMetrics"`
-		EnableResourceOverCommit     bool                           `json:"EnableResourceOverCommit"`
-		ResourceOverCommitPercentage int                            `json:"ResourceOverCommitPercentage"`
-		StorageClasses               []KubernetesStorageClassConfig `json:"StorageClasses"`
-		IngressClasses               []KubernetesIngressClassConfig `json:"IngressClasses"`
-		RestrictDefaultNamespace     bool                           `json:"RestrictDefaultNamespace"`
+		UseLoadBalancer                 bool                           `json:"UseLoadBalancer"`
+		UseServerMetrics                bool                           `json:"UseServerMetrics"`
+		EnableResourceOverCommit        bool                           `json:"EnableResourceOverCommit"`
+		ResourceOverCommitPercentage    int                            `json:"ResourceOverCommitPercentage"`
+		StorageClasses                  []KubernetesStorageClassConfig `json:"StorageClasses"`
+		IngressClasses                  []KubernetesIngressClassConfig `json:"IngressClasses"`
+		RestrictDefaultNamespace        bool                           `json:"RestrictDefaultNamespace"`
+		IngressAvailabilityPerNamespace bool                           `json:"IngressAvailabilityPerNamespace"`
 	}
 
 	// KubernetesStorageClassConfig represents a Kubernetes Storage Class configuration
@@ -567,7 +568,7 @@ type (
 	KubernetesIngressClassConfig struct {
 		Name              string   `json:"Name"`
 		Type              string   `json:"Type"`
-		Blocked           bool     `json:"Blocked"`
+		GloballyBlocked   bool     `json:"Blocked"`
 		BlockedNamespaces []string `json:"BlockedNamespaces"`
 	}
 
@@ -1349,11 +1350,14 @@ type (
 		CreateUserShellPod(ctx context.Context, serviceAccountName, shellPodImage string) (*KubernetesShellPod, error)
 		StartExecProcess(token string, useAdminToken bool, namespace, podName, containerName string, command []string, stdin io.Reader, stdout io.Writer, errChan chan error)
 
-		CreateNamespace(info models.K8sNamespaceInfo) error
-		UpdateNamespace(info models.K8sNamespaceInfo) error
+		HasStackName(namespace string, stackName string) (bool, error)
+		NamespaceAccessPoliciesDeleteNamespace(namespace string) error
+		CreateNamespace(info models.K8sNamespaceDetails) error
+		UpdateNamespace(info models.K8sNamespaceDetails) error
 		GetNamespaces() (map[string]K8sNamespaceInfo, error)
 		DeleteNamespace(namespace string) error
 		GetConfigMapsAndSecrets(namespace string) ([]models.K8sConfigMapOrSecret, error)
+		GetIngressControllers() models.K8sIngressControllers
 		CreateIngress(namespace string, info models.K8sIngressInfo) error
 		UpdateIngress(namespace string, info models.K8sIngressInfo) error
 		GetIngresses(namespace string) ([]models.K8sIngressInfo, error)
@@ -1362,10 +1366,6 @@ type (
 		UpdateService(namespace string, service models.K8sServiceInfo) error
 		GetServices(namespace string) ([]models.K8sServiceInfo, error)
 		DeleteServices(reqs models.K8sServiceDeleteRequests) error
-		GetIngressControllers() models.K8sIngressControllers
-
-		HasStackName(namespace string, stackName string) (bool, error)
-		NamespaceAccessPoliciesDeleteNamespace(namespace string) error
 		GetNodesLimits() (K8sNodesLimits, error)
 		GetNamespaceAccessPolicies() (map[string]K8sNamespaceAccessPolicy, error)
 		UpdateNamespaceAccessPolicies(accessPolicies map[string]K8sNamespaceAccessPolicy) error