Uploaded image for project: 'OpenShift Container Platform (OCP) Strategy'
  1. OpenShift Container Platform (OCP) Strategy
  2. OCPSTRAT-1413

MicroShift support for Ingress Controller customization

XMLWordPrintable

    • BU Product Work
    • False
    • Hide

      None

      Show
      None
    • False
    • OCPSTRAT-1131MicroShift Enhancements 2024 for Industrial, Retail and Public Sector edge customers
    • 50% To Do, 50% In Progress, 0% Done
    • M
    • 0
    • Customers need to configure ingress

      Feature Overview (aka. Goal Summary)

      Although MicroShift Ingress Controller default values covers a good amount of use cases, there are some corner cases that we may need to enforce TLS v1.3, change buffer sizes (ROUTER_BUF_SIZE, ROUTER_MAX_REWRITE_SIZE) or fine tune the amount of threads (ROUTER_THREADS).

      Goals (aka. expected user outcomes)

      • Expose configuration options for better control on ingress controller (see requirements)

      Requirements (aka. Acceptance Criteria):

      1. provide same control over Ingress Controller configuration paremeters as OpenShift does. See https://docs.openshift.com/container-platform/4.15/networking/ingress-operator.html#nw-installation-ingress-config-asset_configuring-ingress for a full list of openshift supported parameters. The following parameters do make sense to be configurable with MicroShift:
        1. defaultCertificate
        2. tlsSecurityProfile (see also linked feature for tls cipher config)
        3. clientTLS
        4. routeAdmission (see linked feature on router namespace ownership)
        5. IngressControllerLogging
        6. httpHeaders
        7. httpCompression
        8. httpErrorCodePages
        9. httpCaptureCookies
        10. httpCaptureHeaders
        11. tuningOptions
        12. logEmptyRequests
        13. HTTPEmptyRequestsPolicy
      2. Enable/disable HTTP/2 connectivity (see https://docs.openshift.com/container-platform/4.15/networking/ingress-operator.html#nw-http2-haproxy_configuring-ingress) 

      Out of Scope

      n/a

       

      Background

      1. https://issues.redhat.com/browse/USHIFT-639
      2. https://issues.redhat.com/browse/USHIFT-1806 
      3. https://docs.google.com/document/d/1sXjyK-DTE6UzTDJ9ldQze8FIU5Q4Alnk3AQaESODsVQ/edit?usp=sharing
      4. https://issues.redhat.com/browse/OCPBUGS-25391 

      n/a

      Customer Considerations

      Requested by multiple EAP customers

       

      Documentation Considerations

      • Maybe we want a "Configure the router" in the "networking" book

      Interoperability Considerations

      None

       

            dfroehli42rh Daniel Fröhlich
            dfroehli42rh Daniel Fröhlich
            Pablo Acevedo Montserrat Pablo Acevedo Montserrat
            Shudi Li Shudi Li
            Shauna Diaz Shauna Diaz
            Jeremy Peterson Jeremy Peterson
            Evgeny Slutsky Evgeny Slutsky
            Daniel Fröhlich Daniel Fröhlich
            Jon Thomas Jon Thomas
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: