Skip to content

Commit b60bcaa

Browse files
committed
Add baseHTTPConfig to NginxProxy to allow disabling HTTP2
1 parent bc01fdf commit b60bcaa

21 files changed

+315
-62
lines changed

apis/v1alpha1/nginxproxy_types.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,10 @@ type NginxProxySpec struct {
3232
//
3333
// +optional
3434
Telemetry *Telemetry `json:"telemetry,omitempty"`
35+
// BaseHTTPConfig specifies the base http context configuration.
36+
//
37+
// +optional
38+
BaseHTTPConfig *BaseHTTPConfig `json:"baseHTTPConfig,omitempty"`
3539
}
3640

3741
// Telemetry specifies the OpenTelemetry configuration.
@@ -88,3 +92,12 @@ type TelemetryExporter struct {
8892
// +kubebuilder:validation:Pattern=`^(?:http?:\/\/)?[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?(?:\.[a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?)*(?::\d{1,5})?$`
8993
Endpoint string `json:"endpoint"`
9094
}
95+
96+
// BaseHTTPConfig defines the http context level settings that should be applied across all servers.
97+
type BaseHTTPConfig struct {
98+
// DisableHTTP2 defines if http2 should be disabled for all servers.
99+
// Default is false, meaning http2 will be enabled for all servers.
100+
//
101+
// +optional
102+
DisableHTTP2 bool `json:"disableHTTP2"`
103+
}

apis/v1alpha1/zz_generated.deepcopy.go

Lines changed: 20 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

charts/nginx-gateway-fabric/values.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,8 @@ nginx:
7272

7373
## The configuration for the data plane that is contained in the NginxProxy resource.
7474
config: {}
75+
# baseHTTPConfig:
76+
# disableHTTP2: false
7577
# telemetry:
7678
# exporter:
7779
# endpoint: otel-collector.default.svc:4317

config/crd/bases/gateway.nginx.org_nginxproxies.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,15 @@ spec:
4747
spec:
4848
description: Spec defines the desired state of the NginxProxy.
4949
properties:
50+
baseHTTPConfig:
51+
description: BaseHTTPConfig specifies the base http context configuration.
52+
properties:
53+
disableHTTP2:
54+
description: |-
55+
DisableHTTP2 defines if http2 should be disabled for all servers.
56+
Default is false, meaning http2 will be enabled for all servers.
57+
type: boolean
58+
type: object
5059
telemetry:
5160
description: Telemetry specifies the OpenTelemetry configuration.
5261
properties:

deploy/crds.yaml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -700,6 +700,15 @@ spec:
700700
spec:
701701
description: Spec defines the desired state of the NginxProxy.
702702
properties:
703+
baseHTTPConfig:
704+
description: BaseHTTPConfig specifies the base http context configuration.
705+
properties:
706+
disableHTTP2:
707+
description: |-
708+
DisableHTTP2 defines if http2 should be disabled for all servers.
709+
Default is false, meaning http2 will be enabled for all servers.
710+
type: boolean
711+
type: object
703712
telemetry:
704713
description: Telemetry specifies the OpenTelemetry configuration.
705714
properties:

internal/mode/static/nginx/conf/nginx-plus.conf

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,6 @@ http {
2727
sendfile on;
2828
tcp_nopush on;
2929

30-
http2 on;
31-
3230
server {
3331
listen 127.0.0.1:8765;
3432
root /usr/share/nginx/html;

internal/mode/static/nginx/conf/nginx.conf

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,6 @@ http {
2727
sendfile on;
2828
tcp_nopush on;
2929

30-
http2 on;
31-
3230
server {
3331
listen unix:/var/run/nginx/nginx-status.sock;
3432
access_log off;
Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
package config
2+
3+
import (
4+
gotemplate "text/template"
5+
6+
"github.com/nginxinc/nginx-gateway-fabric/internal/mode/static/state/dataplane"
7+
)
8+
9+
var baseHTTPTemplate = gotemplate.Must(gotemplate.New("baseHttp").Parse(baseHTTPTemplateText))
10+
11+
func executeBaseHTTPConfig(conf dataplane.Configuration) []executeResult {
12+
result := executeResult{
13+
dest: httpConfigFile,
14+
data: execute(baseHTTPTemplate, conf.BaseHTTPConfig),
15+
}
16+
17+
return []executeResult{result}
18+
}
Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
package config
2+
3+
const baseHTTPTemplateText = `
4+
{{- if .HTTP2 }}http2 on;{{- end }}
5+
`
Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
package config
2+
3+
import (
4+
"strings"
5+
"testing"
6+
7+
. "github.com/onsi/gomega"
8+
9+
"github.com/nginxinc/nginx-gateway-fabric/internal/mode/static/state/dataplane"
10+
)
11+
12+
func TestExecuteBaseHttp(t *testing.T) {
13+
conf := dataplane.Configuration{
14+
BaseHTTPConfig: dataplane.BaseHTTPConfig{
15+
HTTP2: true,
16+
},
17+
}
18+
19+
g := NewWithT(t)
20+
expSubStrings := map[string]int{
21+
"http2 on;": 1,
22+
}
23+
24+
for expSubStr, expCount := range expSubStrings {
25+
res := executeBaseHTTPConfig(conf)
26+
g.Expect(res).To(HaveLen(1))
27+
g.Expect(expCount).To(Equal(strings.Count(string(res[0].data), expSubStr)))
28+
}
29+
}
30+
31+
func TestExecuteBaseHttpEmpty(t *testing.T) {
32+
conf := dataplane.Configuration{
33+
BaseHTTPConfig: dataplane.BaseHTTPConfig{
34+
HTTP2: false,
35+
},
36+
}
37+
38+
g := NewWithT(t)
39+
expSubStrings := map[string]int{
40+
"http2 on;": 0,
41+
}
42+
43+
for expSubStr, expCount := range expSubStrings {
44+
res := executeBaseHTTPConfig(conf)
45+
g.Expect(res).To(HaveLen(1))
46+
g.Expect(expCount).To(Equal(strings.Count(string(res[0].data), expSubStr)))
47+
}
48+
}

internal/mode/static/nginx/config/generator.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -147,6 +147,7 @@ func (g GeneratorImpl) generateHTTPConfig(conf dataplane.Configuration) []file.F
147147

148148
func (g GeneratorImpl) getExecuteFuncs() []executeFunc {
149149
return []executeFunc{
150+
executeBaseHTTPConfig,
150151
executeServers,
151152
g.executeUpstreams,
152153
executeSplitClients,

internal/mode/static/nginx/config/generator_test.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,6 +70,9 @@ func TestGenerate(t *testing.T) {
7070
BatchSize: 512,
7171
BatchCount: 4,
7272
},
73+
BaseHTTPConfig: dataplane.BaseHTTPConfig{
74+
HTTP2: true,
75+
},
7376
}
7477
g := NewWithT(t)
7578

@@ -104,6 +107,7 @@ func TestGenerate(t *testing.T) {
104107
g.Expect(httpCfg).To(ContainSubstring("batch_size 512;"))
105108
g.Expect(httpCfg).To(ContainSubstring("batch_count 4;"))
106109
g.Expect(httpCfg).To(ContainSubstring("otel_service_name ngf:gw-ns:gw-name:my-name;"))
110+
g.Expect(httpCfg).To(ContainSubstring("http2 on;"))
107111

108112
g.Expect(files[2].Path).To(Equal("/etc/nginx/conf.d/matches.json"))
109113

internal/mode/static/state/conditions/conditions.go

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,10 @@ const (
4444
// Used with Accepted (false).
4545
RouteReasonGatewayNotProgrammed v1.RouteConditionReason = "GatewayNotProgrammed"
4646

47+
// RouteReasonUnsupportedConfiguration is used when the associated Gateway does not support the Route.
48+
// Used with Accepted (false).
49+
RouteReasonUnsupportedConfiguration v1.RouteConditionReason = "UnsupportedConfiguration"
50+
4751
// GatewayReasonGatewayConflict indicates there are multiple Gateway resources to choose from,
4852
// and we ignored the resource in question and picked another Gateway as the winner.
4953
// This reason is used with GatewayConditionAccepted (false).
@@ -241,6 +245,17 @@ func NewRouteNoMatchingParent() conditions.Condition {
241245
}
242246
}
243247

248+
// NewRouteUnsupportedConfiguration returns a Condition that indicates that the Route is not Accepted because
249+
// it is incompatible with the Gateway's configuration.
250+
func NewRouteUnsupportedConfiguration(msg string) conditions.Condition {
251+
return conditions.Condition{
252+
Type: string(v1.RouteConditionAccepted),
253+
Status: metav1.ConditionFalse,
254+
Reason: string(RouteReasonUnsupportedConfiguration),
255+
Message: msg,
256+
}
257+
}
258+
244259
// NewRouteGatewayNotProgrammed returns a Condition that indicates that the Gateway it references is not programmed,
245260
// which does not guarantee that the Route has been configured.
246261
func NewRouteGatewayNotProgrammed(msg string) conditions.Condition {

internal/mode/static/state/dataplane/configuration.go

Lines changed: 27 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -44,16 +44,18 @@ func BuildConfiguration(
4444
keyPairs := buildSSLKeyPairs(g.ReferencedSecrets, g.Gateway.Listeners)
4545
certBundles := buildCertBundles(g.ReferencedCaCertConfigMaps, backendGroups)
4646
telemetry := buildTelemetry(g)
47+
baseHTTPConfig := buildBaseHTTPConfig(g)
4748

4849
config := Configuration{
49-
HTTPServers: httpServers,
50-
SSLServers: sslServers,
51-
Upstreams: upstreams,
52-
BackendGroups: backendGroups,
53-
SSLKeyPairs: keyPairs,
54-
Version: configVersion,
55-
CertBundles: certBundles,
56-
Telemetry: telemetry,
50+
HTTPServers: httpServers,
51+
SSLServers: sslServers,
52+
Upstreams: upstreams,
53+
BackendGroups: backendGroups,
54+
SSLKeyPairs: keyPairs,
55+
Version: configVersion,
56+
CertBundles: certBundles,
57+
Telemetry: telemetry,
58+
BaseHTTPConfig: baseHTTPConfig,
5759
}
5860

5961
return config
@@ -619,3 +621,20 @@ func buildTelemetry(g *graph.Graph) Telemetry {
619621

620622
return tel
621623
}
624+
625+
// buildBaseHTTPConfig generates the base http context config that should be applied to all servers.
626+
func buildBaseHTTPConfig(g *graph.Graph) BaseHTTPConfig {
627+
baseConfig := BaseHTTPConfig{
628+
// HTTP2 should be enabled by default
629+
HTTP2: true,
630+
}
631+
if g.NginxProxy == nil || g.NginxProxy.Spec.BaseHTTPConfig == nil {
632+
return baseConfig
633+
}
634+
635+
if g.NginxProxy.Spec.BaseHTTPConfig.DisableHTTP2 {
636+
baseConfig.HTTP2 = false
637+
}
638+
639+
return baseConfig
640+
}

0 commit comments

Comments
 (0)