Closed
Description
Describe the bug
A large number of match conditions for a single hostname/path can cause an error like the following in nginx:
too long parameter "[{\"method..." started in /etc/nginx/conf.d/http.conf:88
This prevents nginx from reloading.
This is because the http_matches variable we set exceeds 4096 characters.
To Reproduce
Steps to reproduce the behavior:
- Deploy NFG
- Apply the following manifest:
apiVersion: gateway.networking.k8s.io/v1beta1
kind: Gateway
metadata:
name: gateway
spec:
gatewayClassName: nginx
listeners:
- name: listener
port: 80
protocol: HTTP
---
apiVersion: v1
kind: ConfigMap
metadata:
name: backend
data:
nginx.conf: |-
events {}
http {
server {
listen 8080;
location / {
return 200 "backend\n";
}
}
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
spec:
replicas: 1
selector:
matchLabels:
app: backend
template:
metadata:
labels:
app: backend
spec:
containers:
- name: nginx
image: nginx
ports:
- containerPort: 8080
volumeMounts:
- mountPath: /etc/nginx
name: nginx-config
volumes:
- name: nginx-config
configMap:
name: backend
---
apiVersion: v1
kind: Service
metadata:
name: backend
spec:
ports:
- port: 80
targetPort: 8080
protocol: TCP
name: http
selector:
app: backend
---
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: route
spec:
parentRefs:
- name: gateway
sectionName: listener
hostnames:
- "cafe.example.com"
rules:
- matches: # Max of 8 matches per rule
- path:
type: PathPrefix
value: /
headers:
- name: header-1
value: header-1-val
- name: header-2
value: header-2-val
- name: header-3
value: header-3-val
- name: header-4
value: header-4-val
- name: header-5
value: header-5-val
- name: header-6
value: header-6-val
- name: header-7
value: header-7-val
- name: header-8
value: header-8-val
- name: header-9
value: header-9-val
- name: header-10
value: header-10-val
- name: header-11
value: header-11-val
- name: header-12
value: header-12-val
- name: header-13
value: header-13-val
- name: header-14
value: header-14-val
- name: header-15
value: header-15-val
- name: header-16
value: header-16-val
method: GET
queryParams:
- name: param-1
value: param-1-val
- name: param-2
value: param-2-val
- name: param-3
value: param-3-val
- name: param-4
value: param-4-val
- name: param-5
value: param-5-val
- name: param-6
value: param-6-val
- name: param-7
value: param-7-val
- name: param-8
value: param-8-val
- name: param-9
value: param-9-val
- name: param-10
value: param-10-val
- name: param-11
value: param-11-val
- name: param-12
value: param-12-val
- name: param-13
value: param-13-val
- name: param-14
value: param-14-val
- name: param-15
value: param-15-val
- name: param-16
value: param-16-val
- path:
type: PathPrefix
value: /
headers:
- name: header-1
value: header-1-val
- name: header-2
value: header-2-val
- name: header-3
value: header-3-val
- name: header-4
value: header-4-val
- name: header-5
value: header-5-val
- name: header-6
value: header-6-val
- name: header-7
value: header-7-val
- name: header-8
value: header-8-val
- name: header-9
value: header-9-val
- name: header-10
value: header-10-val
- name: header-11
value: header-11-val
- name: header-12
value: header-12-val
- name: header-13
value: header-13-val
- name: header-14
value: header-14-val
- name: header-15
value: header-15-val
- name: header-16
value: header-16-val
method: POST
queryParams:
- name: param-1
value: param-1-val
- name: param-2
value: param-2-val
- name: param-3
value: param-3-val
- name: param-4
value: param-4-val
- name: param-5
value: param-5-val
- name: param-6
value: param-6-val
- name: param-7
value: param-7-val
- name: param-8
value: param-8-val
- name: param-9
value: param-9-val
- name: param-10
value: param-10-val
- name: param-11
value: param-11-val
- name: param-12
value: param-12-val
- name: param-13
value: param-13-val
- name: param-14
value: param-14-val
- name: param-15
value: param-15-val
- name: param-16
value: param-16-val
- path:
type: PathPrefix
value: /
headers:
- name: header-1
value: header-1-val
- name: header-2
value: header-2-val
- name: header-3
value: header-3-val
- name: header-4
value: header-4-val
- name: header-5
value: header-5-val
- name: header-6
value: header-6-val
- name: header-7
value: header-7-val
- name: header-8
value: header-8-val
- name: header-9
value: header-9-val
- name: header-10
value: header-10-val
- name: header-11
value: header-11-val
- name: header-12
value: header-12-val
- name: header-13
value: header-13-val
- name: header-14
value: header-14-val
- name: header-15
value: header-15-val
- name: header-16
value: header-16-val
method: PATCH
queryParams:
- name: param-1
value: param-1-val
- name: param-2
value: param-2-val
- name: param-3
value: param-3-val
- name: param-4
value: param-4-val
- name: param-5
value: param-5-val
- name: param-6
value: param-6-val
- name: param-7
value: param-7-val
- name: param-8
value: param-8-val
- name: param-9
value: param-9-val
- name: param-10
value: param-10-val
- name: param-11
value: param-11-val
- name: param-12
value: param-12-val
- name: param-13
value: param-13-val
- name: param-14
value: param-14-val
- name: param-15
value: param-15-val
- name: param-16
value: param-16-val
- path:
type: PathPrefix
value: /
headers:
- name: header-1
value: header-1-val
- name: header-2
value: header-2-val
- name: header-3
value: header-3-val
- name: header-4
value: header-4-val
- name: header-5
value: header-5-val
- name: header-6
value: header-6-val
- name: header-7
value: header-7-val
- name: header-8
value: header-8-val
- name: header-9
value: header-9-val
- name: header-10
value: header-10-val
- name: header-11
value: header-11-val
- name: header-12
value: header-12-val
- name: header-13
value: header-13-val
- name: header-14
value: header-14-val
- name: header-15
value: header-15-val
- name: header-16
value: header-16-val
method: PUT
queryParams:
- name: param-1
value: param-1-val
- name: param-2
value: param-2-val
- name: param-3
value: param-3-val
- name: param-4
value: param-4-val
- name: param-5
value: param-5-val
- name: param-6
value: param-6-val
- name: param-7
value: param-7-val
- name: param-8
value: param-8-val
- name: param-9
value: param-9-val
- name: param-10
value: param-10-val
- name: param-11
value: param-11-val
- name: param-12
value: param-12-val
- name: param-13
value: param-13-val
- name: param-14
value: param-14-val
- name: param-15
value: param-15-val
- name: param-16
value: param-16-val
- path:
type: PathPrefix
value: /
headers:
- name: header-1
value: header-1-val
- name: header-2
value: header-2-val
- name: header-3
value: header-3-val
- name: header-4
value: header-4-val
- name: header-5
value: header-5-val
- name: header-6
value: header-6-val
- name: header-7
value: header-7-val
- name: header-8
value: header-8-val
- name: header-9
value: header-9-val
- name: header-10
value: header-10-val
- name: header-11
value: header-11-val
- name: header-12
value: header-12-val
- name: header-13
value: header-13-val
- name: header-14
value: heade
method: HEAD
backendRefs:
- name: backend
port: 80
NGF will generate an http_matches string that is 4097 characters long and nginx will fail to reload.
3. View logs on nginx container
4. See error
Expected behavior
NGF should be able to handle large number of match conditions without nginx failing to reload.
Your environment
- Version of the NGINX Gateway Fabric - edge-72b6c6ef8915c697626eeab88fdb6a3ce15b8da0
- Version of Kubernetes - 1.27
- Kubernetes platform (e.g. Mini-kube or GCP) - GKE