Update secret type of default secret to TLS

[pleshakov]

Proposed changes

Update secret type of default secret to TLS

Upgrade nodes

the following upgrade notes will need to be added to the CHANGELOG/release notes.

To upgrade the NGINX Ingress Controller from versions 1.9.* to 1.10.0, perform the following prerequisite steps. The steps are necessary, as version 1.10.0 requires TLS secrets to be of the type kubernetes.io/tls.

1. If the existing NginxIngressController resource does not set defaultSecret field:
   1. Remove the generated default secret from the namespace of the NginxIngressController resource. The secret has the same name as the NginxIngressController resource. For example:

      $ kubectl delete secret -n my-nginx-ingress my-nginx-ingress-controller
      

   2. Wait until the operator regenerates the secret. The old secret was of the type Opaque. The new secret is of the type kubernetes.io/tls.
2. Alternatively, if the defaultSecret is set to some secret, make sure it is of the type kubernetes.io/tls. If not, recreate the secret with the type kubernetes.io/tls.
3. If the wildcardTLS is set to some secret, make sure it is of the type kubernetes.io/tls. If not, recreate the secret with the type kubernetes.io/tls.
4. Ensure that the TLS secrets referenced by Ingress and VirtualServer resources are of the type kubernetes.io/tls, JWT secrets are of the type nginx.org/jwt and CA secrets are of the type nginx.org/ca. To avoid potential disruption of client traffic, instead of recreating the secrets, create new secrets with the correct type and update the Ingress/VirtualServer resources to use the new secrets.

After performing the steps above, upgrade the Ingress Controller to version 1.10.0.