Transportserver resource breaks with a long FQDN host value. #1697
Description
NGINX Ingress controller version: 1.11.3
Kubernetes version: v1.19
- Cloud provider: Azure
- OS: Ubuntu 16.04.7 LTS (Xenial Xerus)
- Kernel: 4.15.0-143-generic
- Install tools: Kubernetes manifests
Description
When adding a transportserver resource with a long FQDN (in our case 57 characters) we get the below error repeated in the logs and nginx-ingress controller takes a very long time to startup affecting other ingress resources:
stderr: "2021/06/24 14:33:38 [emerg] 21#21: could not build map_hash, you should increase map_hash_bucket_size: 64\nnginx: [emerg] could not build map_hash, you should increase map_hash_bucket_size: 64\n"
To Reproduce
Steps to reproduce the behavior:
Install the ingress controller
$ git clone https://github.com/nginxinc/kubernetes-ingress/
$ cd kubernetes-ingress/deployments/common/crds
$ kubectl apply \
-f k8s.nginx.org_policies.yaml \
-f k8s.nginx.org_transportservers.yaml \
-f k8s.nginx.org_virtualserverroutes.yaml \
-f k8s.nginx.org_virtualservers.yaml
$ cd ..
$ kubectl apply \
-f ns-and-sa.yaml \
-f default-server-secret.yaml \
-f ingress-class.yaml \
-f nginx-config.yaml \
$ cd ../rbac/
$ kubectl apply -f rbac.yaml
$ cd ../deployment/
Add the following to args: in nginx-ingress.yaml spec:
- -report-ingress-status
- -external-service=nginx-ingress
- -ingress-class=nginx
- -enable-tls-passthrough
- -enable-custom-resources=true
Apply deployment manifest:
$ kubectl apply -f nginx-ingress.yaml
Install an application that will act as a backend (is just an echo app)
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/docs/examples/http-svc.yaml
Create an transportserver resource:
echo "
apiVersion: k8s.nginx.org/v1alpha1
kind: TransportServer
metadata:
name: http-svc
namespace: nginx-ingress
spec:
ingressClassName: nginx
listener:
name: tls-passthrough
protocol: TLS_PASSTHROUGH
host: foo.bar.example.with.a.long.fullyqulaifieddomainname.com
upstreams:
- name: http-svc
service: http-svc
port: 80
action:
pass: http-svc
" | kubectl apply -f -
Expected behavior
Nginx-ingress controller to start without errors.
Is there a way to set map_hash_bucket_size in the configmap? I've not been able to find a way.
Is server-name-hash-bucket-size related? I have tried setting the below but these don't change the behaviour:
#server-name-hash-bucket-size: "256"
#server-name-hash-max-size: "1024"
server-names-hash-bucket-size: "256"
server-names-hash-max-size: "1024"
Note: When the host value in the transportserver resource has less characters the error goes away.