Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Large number of match conditions can cause reload errors #1107

Closed
kate-osborn opened this issue Oct 2, 2023 · 0 comments · Fixed by #1829
Closed

Large number of match conditions can cause reload errors #1107

kate-osborn opened this issue Oct 2, 2023 · 0 comments · Fixed by #1829
Assignees
Labels
bug Something isn't working good first issue Good for newcomers refined Requirements are refined and the issue is ready to be implemented. size/large Estimated to be completed within two weeks
Milestone

Comments

@kate-osborn
Copy link
Contributor

Describe the bug
A large number of match conditions for a single hostname/path can cause an error like the following in nginx:

too long parameter "[{\"method..." started in /etc/nginx/conf.d/http.conf:88

This prevents nginx from reloading.

This is because the http_matches variable we set exceeds 4096 characters.

To Reproduce
Steps to reproduce the behavior:

  1. Deploy NFG
  2. Apply the following manifest:
apiVersion: gateway.networking.k8s.io/v1beta1
kind: Gateway
metadata:
  name: gateway
spec:
  gatewayClassName: nginx
  listeners:
  - name: listener
    port: 80
    protocol: HTTP
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: backend
data:
  nginx.conf: |-
    events {}
    http {
      server {
        listen 8080;
        location / {
          return 200 "backend\n";
        }
      }
    }
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: backend
spec:
  replicas: 1
  selector:
    matchLabels:
      app: backend
  template:
    metadata:
      labels:
        app: backend
    spec:
      containers:
      - name: nginx
        image: nginx
        ports:
        - containerPort: 8080
        volumeMounts:
        - mountPath: /etc/nginx
          name: nginx-config
      volumes:
      - name: nginx-config
        configMap:
          name: backend
---
apiVersion: v1
kind: Service
metadata:
  name: backend
spec:
  ports:
  - port: 80
    targetPort: 8080
    protocol: TCP
    name: http
  selector:
    app: backend
---
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
  name: route
spec:
  parentRefs:
  - name: gateway
    sectionName: listener
  hostnames:
  - "cafe.example.com"
  rules:
  - matches: # Max of 8 matches per rule
    - path:
        type: PathPrefix
        value: /
      headers:
        - name: header-1
          value: header-1-val
        - name: header-2
          value: header-2-val
        - name: header-3
          value: header-3-val
        - name: header-4
          value: header-4-val
        - name: header-5
          value: header-5-val
        - name: header-6
          value: header-6-val
        - name: header-7
          value: header-7-val
        - name: header-8
          value: header-8-val
        - name: header-9
          value: header-9-val
        - name: header-10
          value: header-10-val
        - name: header-11
          value: header-11-val
        - name: header-12
          value: header-12-val
        - name: header-13
          value: header-13-val
        - name: header-14
          value: header-14-val
        - name: header-15
          value: header-15-val
        - name: header-16
          value: header-16-val
      method: GET
      queryParams:
        - name: param-1
          value: param-1-val
        - name: param-2
          value: param-2-val
        - name: param-3
          value: param-3-val
        - name: param-4
          value: param-4-val
        - name: param-5
          value: param-5-val
        - name: param-6
          value: param-6-val
        - name: param-7
          value: param-7-val
        - name: param-8
          value: param-8-val
        - name: param-9
          value: param-9-val
        - name: param-10
          value: param-10-val
        - name: param-11
          value: param-11-val
        - name: param-12
          value: param-12-val
        - name: param-13
          value: param-13-val
        - name: param-14
          value: param-14-val
        - name: param-15
          value: param-15-val
        - name: param-16
          value: param-16-val
    - path:
        type: PathPrefix
        value: /
      headers:
      - name: header-1
        value: header-1-val
      - name: header-2
        value: header-2-val
      - name: header-3
        value: header-3-val
      - name: header-4
        value: header-4-val
      - name: header-5
        value: header-5-val
      - name: header-6
        value: header-6-val
      - name: header-7
        value: header-7-val
      - name: header-8
        value: header-8-val
      - name: header-9
        value: header-9-val
      - name: header-10
        value: header-10-val
      - name: header-11
        value: header-11-val
      - name: header-12
        value: header-12-val
      - name: header-13
        value: header-13-val
      - name: header-14
        value: header-14-val
      - name: header-15
        value: header-15-val
      - name: header-16
        value: header-16-val
      method: POST
      queryParams:
      - name: param-1
        value: param-1-val
      - name: param-2
        value: param-2-val
      - name: param-3
        value: param-3-val
      - name: param-4
        value: param-4-val
      - name: param-5
        value: param-5-val
      - name: param-6
        value: param-6-val
      - name: param-7
        value: param-7-val
      - name: param-8
        value: param-8-val
      - name: param-9
        value: param-9-val
      - name: param-10
        value: param-10-val
      - name: param-11
        value: param-11-val
      - name: param-12
        value: param-12-val
      - name: param-13
        value: param-13-val
      - name: param-14
        value: param-14-val
      - name: param-15
        value: param-15-val
      - name: param-16
        value: param-16-val
    - path:
        type: PathPrefix
        value: /
      headers:
      - name: header-1
        value: header-1-val
      - name: header-2
        value: header-2-val
      - name: header-3
        value: header-3-val
      - name: header-4
        value: header-4-val
      - name: header-5
        value: header-5-val
      - name: header-6
        value: header-6-val
      - name: header-7
        value: header-7-val
      - name: header-8
        value: header-8-val
      - name: header-9
        value: header-9-val
      - name: header-10
        value: header-10-val
      - name: header-11
        value: header-11-val
      - name: header-12
        value: header-12-val
      - name: header-13
        value: header-13-val
      - name: header-14
        value: header-14-val
      - name: header-15
        value: header-15-val
      - name: header-16
        value: header-16-val
      method: PATCH
      queryParams:
      - name: param-1
        value: param-1-val
      - name: param-2
        value: param-2-val
      - name: param-3
        value: param-3-val
      - name: param-4
        value: param-4-val
      - name: param-5
        value: param-5-val
      - name: param-6
        value: param-6-val
      - name: param-7
        value: param-7-val
      - name: param-8
        value: param-8-val
      - name: param-9
        value: param-9-val
      - name: param-10
        value: param-10-val
      - name: param-11
        value: param-11-val
      - name: param-12
        value: param-12-val
      - name: param-13
        value: param-13-val
      - name: param-14
        value: param-14-val
      - name: param-15
        value: param-15-val
      - name: param-16
        value: param-16-val
    - path:
        type: PathPrefix
        value: /
      headers:
      - name: header-1
        value: header-1-val
      - name: header-2
        value: header-2-val
      - name: header-3
        value: header-3-val
      - name: header-4
        value: header-4-val
      - name: header-5
        value: header-5-val
      - name: header-6
        value: header-6-val
      - name: header-7
        value: header-7-val
      - name: header-8
        value: header-8-val
      - name: header-9
        value: header-9-val
      - name: header-10
        value: header-10-val
      - name: header-11
        value: header-11-val
      - name: header-12
        value: header-12-val
      - name: header-13
        value: header-13-val
      - name: header-14
        value: header-14-val
      - name: header-15
        value: header-15-val
      - name: header-16
        value: header-16-val
      method: PUT
      queryParams:
      - name: param-1
        value: param-1-val
      - name: param-2
        value: param-2-val
      - name: param-3
        value: param-3-val
      - name: param-4
        value: param-4-val
      - name: param-5
        value: param-5-val
      - name: param-6
        value: param-6-val
      - name: param-7
        value: param-7-val
      - name: param-8
        value: param-8-val
      - name: param-9
        value: param-9-val
      - name: param-10
        value: param-10-val
      - name: param-11
        value: param-11-val
      - name: param-12
        value: param-12-val
      - name: param-13
        value: param-13-val
      - name: param-14
        value: param-14-val
      - name: param-15
        value: param-15-val
      - name: param-16
        value: param-16-val
    - path:
        type: PathPrefix
        value: /
      headers:
      - name: header-1
        value: header-1-val
      - name: header-2
        value: header-2-val
      - name: header-3
        value: header-3-val
      - name: header-4
        value: header-4-val
      - name: header-5
        value: header-5-val
      - name: header-6
        value: header-6-val
      - name: header-7
        value: header-7-val
      - name: header-8
        value: header-8-val
      - name: header-9
        value: header-9-val
      - name: header-10
        value: header-10-val
      - name: header-11
        value: header-11-val
      - name: header-12
        value: header-12-val
      - name: header-13
        value: header-13-val
      - name: header-14
        value: heade 
      method: HEAD
    backendRefs:
    - name: backend
      port: 80

NGF will generate an http_matches string that is 4097 characters long and nginx will fail to reload.
3. View logs on nginx container
4. See error

Expected behavior
NGF should be able to handle large number of match conditions without nginx failing to reload.

Your environment

  • Version of the NGINX Gateway Fabric - edge-72b6c6ef8915c697626eeab88fdb6a3ce15b8da0
  • Version of Kubernetes - 1.27
  • Kubernetes platform (e.g. Mini-kube or GCP) - GKE
@mpstefan mpstefan added the bug Something isn't working label Oct 4, 2023
@mpstefan mpstefan added this to the v1.2.0 milestone Oct 4, 2023
@kate-osborn kate-osborn added temp good first issue Good for newcomers and removed temp labels Dec 18, 2023
@mpstefan mpstefan modified the milestones: v1.2.0, v2.0.0 Feb 5, 2024
@mpstefan mpstefan added size/large Estimated to be completed within two weeks refined Requirements are refined and the issue is ready to be implemented. labels Feb 5, 2024
@salonichf5 salonichf5 self-assigned this Mar 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working good first issue Good for newcomers refined Requirements are refined and the issue is ready to be implemented. size/large Estimated to be completed within two weeks
Projects
None yet
3 participants