fix(gwapi): allow custom nginx.conf #463
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
LukeRepko
force-pushed
the
development
branch
2 times, most recently
from
3eaf352 to
ba8f482
Compare
There is no easy way to add `proxy_buffer_size` or similar parameters to Nginx via CRD. A feature for the same is being worked on and might be released early November per nginx/nginx-gateway-fabric#1398 (comment) As a workaround, this change includes the default nginx configuration as deployed in the current version of nginx gateway fabric. It will be made available to the nginx pod at `/etc/nginx/nginx.conf` by supplanting the nginx-gateway deployment with a kustomize patch that overrides `nginx.conf` via a mounted configMap volume containing said file. Several additional parameters, `proxy_buffer_size` and `proxy_buffers` are being included at this time, to account for some large header payloads being proxied from Gnocchi.
LukeRepko
force-pushed
the
development
branch
from
e645e9e to
50c8d59
Compare
|
Still testing this in the lab, it's working as expected so far, but there are a few other things I want to check before it's ready for review. |
|
Deployed this to our DFW staging environment by means of a helm upgrade - this worked as expected. |
|
Looks good to me. |
|
Hey @LukeRepko, was going through some old conversations and came across this. We did implement SnippetFilters where you would be able to specify this kind of configuration (or most other NGINX customizations) in YAML. If you get a chance, we'd love to know how well it works, or if it works, for you guys! |
|
Thank you for the heads up @mpstefan - that's great news! I've created an internal story for our team to test and implement the same if it works as expected. Considering what we have in our backlog it will likely take a bit to implement, but I've left a note to follow-up here to let you know how it works out. Jira: OSPC-990 |
LukeRepko
added a commit
to LukeRepko/genestack
that referenced
this pull request
Feb 7, 2025
Failure to do so will result in the custom overrides for Genestack that exist in base not to get applied. There exists a modification to proxy_buffers to account for large headers, which is common in our envioronment and ultimately results in Nginx throwing a 502 and logging an error like, "upstream sent too big header while reading response header from upstream". Starting in v1.5.0, the SnippetsFilterAPI was added which can be used in lieu of this configuration override, though it has to be enabled manually, and more testing is needed to implement the same. Jira: OSPC-990 PR: rackerlabs#463
LukeRepko
added a commit
to LukeRepko/genestack
that referenced
this pull request
Feb 7, 2025
There is a patch in the `base` overlay which modifies proxy_buffers to account for large headers which is common in our envioronment and ultimately results in Nginx throwing a 502 and logging an error like, "upstream sent too big header while reading response header from upstream". This update also includes the latest changes to the nginx.conf as obtained from a fresh install. Starting in v1.5.0, the SnippetsFilterAPI was added which can be used in lieu of this configuration override, though it has to be enabled manually, and more testing is needed to implement the same. Jira: OSPC-990 PR: rackerlabs#463
cloudnull
pushed a commit
that referenced
this pull request
Feb 7, 2025
There is a patch in the `base` overlay which modifies proxy_buffers to account for large headers which is common in our envioronment and ultimately results in Nginx throwing a 502 and logging an error like, "upstream sent too big header while reading response header from upstream". This update also includes the latest changes to the nginx.conf as obtained from a fresh install. Starting in v1.5.0, the SnippetsFilterAPI was added which can be used in lieu of this configuration override, though it has to be enabled manually, and more testing is needed to implement the same. Jira: OSPC-990 PR: #463
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There is no easy way to add
proxy_buffer_sizeor similar parameters to Nginx via CRD. A feature for the same is being worked on and might be released early November per nginxinc/nginx-gateway-fabric/#1398.As a workaround, this change includes the default nginx configuration as deployed in the current version of nginx gateway fabric. It will be made available to the nginx pod at
/etc/nginx/nginx.confby supplanting the nginx-gateway deployment with a kustomize patch that overridesnginx.confvia a mounted configMap volume containing said file.Several additional parameters,
proxy_buffer_sizeandproxy_buffersare being included at this time, to account for some large header payloads being proxied from Gnocchi.