Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Epic - Listener Customization - IP & IPFamily #5363

Open
brianehlert opened this issue Apr 8, 2024 Discussed in #3724 · 0 comments
Open

Epic - Listener Customization - IP & IPFamily #5363

brianehlert opened this issue Apr 8, 2024 Discussed in #3724 · 0 comments
Labels
backlog Pull requests/issues that are backlog items epic Issues that need to be broken into smaller issues ready for refinement An issue that was triaged and it is ready to be refined
Milestone
v3.7.0

Comments

@brianehlert
Copy link
Collaborator

Discussed in #3724

Originally posted by brianehlert April 4, 2023
Project users have asked for an easy way to deploy NIC with non-default and / or custom listeners for http (L7) as well as stream (L4). The stream use case is currently enabled through the GlobalConfiguration custom resource.

It is possible to modify the http listeners today, however the path for customers to do this is complicated and involves modifying the core listener template.

This has been requested for the use cases of:

  • customizing dual stack listener behavior (IPFamily)
  • binding a listener to a specific interface (IPAddress)

Project users should not have to modify the project code or templates to set non-default listeners.

Suggested modification to GlobalConfiguration to help visualize:
https://github.com/nginxinc/kubernetes-ingress/blob/main/examples/custom-resources/basic-tcp-udp/global-configuration.yaml

apiVersion: k8s.nginx.org/v1beta2
kind: GlobalConfiguration
metadata:
   name: nginx-configuration
   namespace: nginx-ingress
spec:
   listeners:
   - name: http
     port: 80
     protocol: HTTP
     ipfamily: both
   - name: https
     port: 443
     protocol: HTTP
     ssl: true
     ipfamily: both
   - name: http2-grpc
     port: 85
     protocol: HTTP
     ipfamily: both
     http2: true
  - name: dns-tcp
     port: 5353
     protocol: TCP
     ipfamily: both
  - name: port-range
     port: 1494-1496
     protocol: TCP
     ipfamily: ipv6
  - name: accelerated-nic
     port: 1433
     protocol: HTTP
     ipfamily: ipv4
     ip: 10.0.5.56
  - name: proxy
     port: 1434
     protocol: HTTP
     ipfamily: ipv4
     proxy_protocol: true
  - name: proxy
     port: 1434
     protocol: HTTP
     ipfamily: ipv4
     proxy_protocol: true
  - name: mqtt
     port: 1883
     protocol: MQTT
     ipfamily: ipv4
  - name: mqtt-ssl
     port: 8883
     protocol: MQTT
     ipfamily: ipv4
     ssl: true  (?)
  - name: http2-ssl
     port: 9993
     protocol: HTTP2
     ipfamily: ipv4
     ssl: true  (?)
  - name: http3-ssl
     port: 4567
     protocol: HTTP3
     ipfamily: ipv4
     ssl: true  (?)

The listener names would then be referenced following the current pattern in TransportServer
https://github.com/nginxinc/kubernetes-ingress/blob/main/examples/custom-resources/basic-tcp-udp/transport-server-tcp.yaml

This is necessary for many of these use cases because this all happens at the socket / session / listener level with NGINX.
@brianehlert brianehlert added backlog Pull requests/issues that are backlog items ready for refinement An issue that was triaged and it is ready to be refined labels Apr 8, 2024
@brianehlert brianehlert added this to the v3.7.0 milestone Apr 8, 2024
@brianehlert brianehlert added the epic Issues that need to be broken into smaller issues label Apr 22, 2024
@brianehlert brianehlert changed the title Listener Customization - IP & IPFamily Epic - Listener Customization - IP & IPFamily Apr 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backlog Pull requests/issues that are backlog items epic Issues that need to be broken into smaller issues ready for refinement An issue that was triaged and it is ready to be refined
Projects
NGINX Ingress Controller
Status: Prioritized Backlog
Milestone
v3.7.0
Development

No branches or pull requests
1 participant
@brianehlert