Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-1413

MicroShift support for Ingress Controller customization

XMLWordPrintable

    • Strategic Product Work
    • False
    • Hide

      None

      Show
      None
    • False
    • OCPSTRAT-1131MicroShift Enhancements 2024 for Industrial, Retail and Public Sector edge customers
    • 0% To Do, 100% In Progress, 0% Done
    • M
    • 0
    • Customers need to configure ingress

      Feature Overview (aka. Goal Summary)

      Although MicroShift Ingress Controller default values covers a good amount of use cases, there are some corner cases that we may need to enforce TLS v1.3, change buffer sizes (ROUTER_BUF_SIZE, ROUTER_MAX_REWRITE_SIZE) or fine tune the amount of threads (ROUTER_THREADS).

      Goals (aka. expected user outcomes)

      • Expose configuration options for better control on ingress controller (see requirements)

      Requirements (aka. Acceptance Criteria):

      1. provide same control over Ingress Controller configuration paremeters as OpenShift does. See https://docs.openshift.com/container-platform/4.15/networking/ingress-operator.html#nw-installation-ingress-config-asset_configuring-ingress for a full list of openshift supported parameters. The following parameters do make sense to be configurable with MicroShift:
        1. defaultCertificate
        2. tlsSecurityProfile (see also linked feature for tls cipher config)
        3. clientTLS
        4. routeAdmission (see linked feature on router namespace ownership)
        5. IngressControllerLogging
        6. httpHeaders
        7. httpCompression
        8. httpErrorCodePages
        9. httpCaptureCookies
        10. httpCaptureHeaders
        11. tuningOptions
        12. logEmptyRequests
        13. HTTPEmptyRequestsPolicy
      2. Enable/disable HTTP/2 connectivity (see https://docs.openshift.com/container-platform/4.15/networking/ingress-operator.html#nw-http2-haproxy_configuring-ingress) 

      Out of Scope

      n/a

       

      Background

      1. https://issues.redhat.com/browse/USHIFT-639
      2. https://issues.redhat.com/browse/USHIFT-1806 
      3. https://docs.google.com/document/d/1sXjyK-DTE6UzTDJ9ldQze8FIU5Q4Alnk3AQaESODsVQ/edit?usp=sharing
      4. https://issues.redhat.com/browse/OCPBUGS-25391 

      n/a

      Customer Considerations

      Requested by multiple EAP customers

       

      Documentation Considerations

      • Maybe we want a "Configure the router" in the "networking" book

      Interoperability Considerations

      None

       

              dfroehli42rh Daniel Fröhlich
              dfroehli42rh Daniel Fröhlich
              Pablo Acevedo Montserrat Pablo Acevedo Montserrat
              Shudi Li Shudi Li
              Shauna Diaz Shauna Diaz
              Jeremy Peterson Jeremy Peterson
              Evgeny Slutsky Evgeny Slutsky
              Daniel Fröhlich Daniel Fröhlich
              Jon Thomas Jon Thomas
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: