fix(gatewayapi): allow custom nginx.conf

There is no easy way to add `proxy_buffer_size` or similar parameters to Nginx via CRD. A feature for the same is being worked on and might be released early November per nginx/nginx-gateway-fabric#1398 (comment) As a workaround, this change includes the default nginx configuration as deployed in the current version of nginx gateway fabric. It will be made available to the nginx pod at `/etc/nginx/nginx.conf` by supplanting the nginx-gateway deployment with a kustomize patch that overrides `nginx.conf` via a mounted configMap volume containing said file. Several additional parameters, `proxy_buffer_size` and `proxy_buffers` are being included at this time, to account for some large header payloads being proxied from Gnocchi.
LukeRepko · Oct 11, 2024 · ba8f482 · ba8f482
1 parent 71a748f
commit ba8f482
Show file tree

Hide file tree

Showing 2 changed files with 69 additions and 0 deletions.
diff --git a/base-kustomize/gateway/base/configs/nginx.conf b/base-kustomize/gateway/base/configs/nginx.conf
@@ -0,0 +1,40 @@
+load_module /usr/lib/nginx/modules/ngx_http_js_module.so;
+include /etc/nginx/module-includes/*.conf;
+
+worker_processes auto;
+
+pid /var/run/nginx/nginx.pid;
+error_log stderr info;
+
+events {
+  worker_connections 1024;
+}
+
+http {
+  include /etc/nginx/conf.d/*.conf;
+  include /etc/nginx/mime.types;
+  js_import /usr/lib/nginx/modules/njs/httpmatches.js;
+
+  default_type application/octet-stream;
+
+  proxy_headers_hash_bucket_size 512;
+  proxy_headers_hash_max_size 1024;
+  proxy_buffer_size 16k;
+  proxy_buffers 4 16k;
+  server_names_hash_bucket_size 256;
+  server_names_hash_max_size 1024;
+  variables_hash_bucket_size 512;
+  variables_hash_max_size 1024;
+
+  sendfile on;
+  tcp_nopush on;
+
+  server {
+    listen unix:/var/run/nginx/nginx-status.sock;
+    access_log off;
+
+    location /stub_status {
+        stub_status;
+    }
+  }
+}
diff --git a/base-kustomize/gateway/base/kustomization.yaml b/base-kustomize/gateway/base/kustomization.yaml
@@ -0,0 +1,29 @@
+resources:
+- all.yaml
+patches:
+- patch: |
+    apiVersion: apps/v1
+    kind: Deployment
+    metadata:
+      name: nginx-gateway-fabric
+      namespace: nginx-gateway
+    spec:
+      template:
+        spec:
+          containers:
+            - name: nginx
+              volumeMounts:
+                - mountPath: /etc/nginx/nginx.conf
+                  name: nginx-conf-override
+                  subPath: nginx.conf
+          volumes:
+            - name: nginx-conf-override
+              configMap:
+                name: nginx-conf-override
+configMapGenerator:
+  - name: nginx-conf-override
+    namespace: nginx-gateway
+    options:
+      disableNameSuffixHash: true
+    files:
+      - configs/nginx.conf