mirror of https://github.com/status-im/consul.git
Document HTTP Header manipulation options added in #10613
This commit is contained in:
parent
581357c32a
commit
fe92cf7cb6
|
@ -400,6 +400,10 @@ spec:
|
||||||
Set up a HTTP listener on an ingress gateway named "us-east-ingress" to proxy
|
Set up a HTTP listener on an ingress gateway named "us-east-ingress" to proxy
|
||||||
traffic to a virtual service named "api".
|
traffic to a virtual service named "api".
|
||||||
|
|
||||||
|
Additionally, ensure internal-only debug headers are stripped before responding
|
||||||
|
to external clients, and that requests to internal services are labelled to
|
||||||
|
indicate which gateway they came through.
|
||||||
|
|
||||||
<CodeTabs tabs={[ "HCL", "Kubernetes YAML", "JSON" ]}>
|
<CodeTabs tabs={[ "HCL", "Kubernetes YAML", "JSON" ]}>
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
|
@ -413,6 +417,14 @@ Listeners = [
|
||||||
Services = [
|
Services = [
|
||||||
{
|
{
|
||||||
Name = "api"
|
Name = "api"
|
||||||
|
RequestHeaders {
|
||||||
|
Add {
|
||||||
|
"x-gateway" = "us-east-ingress"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ResponseHeaders {
|
||||||
|
Remove = ["x-debug"]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -430,6 +442,7 @@ spec:
|
||||||
protocol: http
|
protocol: http
|
||||||
services:
|
services:
|
||||||
- name: api
|
- name: api
|
||||||
|
# HTTP Header manipulation is not yet supported in Kubernetes CRD
|
||||||
```
|
```
|
||||||
|
|
||||||
```json
|
```json
|
||||||
|
@ -442,7 +455,15 @@ spec:
|
||||||
"Protocol": "http",
|
"Protocol": "http",
|
||||||
"Services": [
|
"Services": [
|
||||||
{
|
{
|
||||||
"Name": "api"
|
"Name": "api",
|
||||||
|
"RequestHeaders": {
|
||||||
|
"Add": {
|
||||||
|
"x-gateway": "us-east-ingress"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"ResponseHeaders": {
|
||||||
|
"Remove": ["x-debug"]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -458,6 +479,10 @@ spec:
|
||||||
Set up a HTTP listener on an ingress gateway named "us-east-ingress" in the
|
Set up a HTTP listener on an ingress gateway named "us-east-ingress" in the
|
||||||
default namespace to proxy traffic to a virtual service named "api".
|
default namespace to proxy traffic to a virtual service named "api".
|
||||||
|
|
||||||
|
Additionally, ensure internal-only debug headers are stripped before responding
|
||||||
|
to external clients, and that requests to internal services are labelled to
|
||||||
|
indicate which gateway they came through.
|
||||||
|
|
||||||
<CodeTabs tabs={[ "HCL", "Kubernetes YAML", "JSON" ]}>
|
<CodeTabs tabs={[ "HCL", "Kubernetes YAML", "JSON" ]}>
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
|
@ -473,6 +498,14 @@ Listeners = [
|
||||||
{
|
{
|
||||||
Name = "api"
|
Name = "api"
|
||||||
Namespace = "frontend"
|
Namespace = "frontend"
|
||||||
|
RequestHeaders {
|
||||||
|
Add {
|
||||||
|
"x-gateway" = "us-east-ingress"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
ResponseHeaders {
|
||||||
|
Remove = ["x-debug"]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -492,6 +525,7 @@ spec:
|
||||||
services:
|
services:
|
||||||
- name: api
|
- name: api
|
||||||
namespace: frontend
|
namespace: frontend
|
||||||
|
# HTTP Header manipulation is not yet supported in Kubernetes CRD
|
||||||
```
|
```
|
||||||
|
|
||||||
```json
|
```json
|
||||||
|
@ -506,7 +540,15 @@ spec:
|
||||||
"Services": [
|
"Services": [
|
||||||
{
|
{
|
||||||
"Name": "api",
|
"Name": "api",
|
||||||
"Namespace": "frontend"
|
"Namespace": "frontend",
|
||||||
|
"RequestHeaders": {
|
||||||
|
"Add": {
|
||||||
|
"x-gateway": "us-east-ingress"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"ResponseHeaders": {
|
||||||
|
"Remove": ["x-debug"]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
@ -838,6 +880,22 @@ spec:
|
||||||
records. For example, \`*.example.com\` is valid, while \`example.*\` and
|
records. For example, \`*.example.com\` is valid, while \`example.*\` and
|
||||||
\`*-suffix.example.com\` are not.`,
|
\`*-suffix.example.com\` are not.`,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'RequestHeaders',
|
||||||
|
type: 'HTTPHeaderModifiers: <optional>',
|
||||||
|
description: `A set of [HTTP-specific header modification rules](/docs/connect/config-entries/service-router#httpheadermodifiers)
|
||||||
|
that will be applied to requests routed to this service.
|
||||||
|
This cannot be used with a \`tcp\` listener.`,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'ResponseHeaders',
|
||||||
|
type: 'HTTPHeaderModifiers: <optional>',
|
||||||
|
description: `A set of [HTTP-specific header modification rules](/docs/connect/config-entries/service-router#httpheadermodifiers)
|
||||||
|
that will be applied to responses from this service.
|
||||||
|
This cannot be used with a \`tcp\` listener.`,
|
||||||
|
},
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
|
|
|
@ -574,6 +574,69 @@ spec:
|
||||||
description:
|
description:
|
||||||
'A list of HTTP response status codes that are eligible for retry.',
|
'A list of HTTP response status codes that are eligible for retry.',
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'RequestHeaders',
|
||||||
|
type: 'HTTPHeaderModifiers: <optional>',
|
||||||
|
description: `A set of [HTTP-specific header modification rules](/docs/connect/config-entries/service-router#httpheadermodifiers)
|
||||||
|
that will be applied to requests routed to this service.
|
||||||
|
This cannot be used with a \`tcp\` listener.`,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'ResponseHeaders',
|
||||||
|
type: 'HTTPHeaderModifiers: <optional>',
|
||||||
|
description: `A set of [HTTP-specific header modification rules](/docs/connect/config-entries/service-router#httpheadermodifiers)
|
||||||
|
that will be applied to responses from this service.
|
||||||
|
This cannot be used with a \`tcp\` listener.`,
|
||||||
|
},
|
||||||
|
]}
|
||||||
|
/>
|
||||||
|
|
||||||
|
|
||||||
|
### `HTTPHeaderModifiers`
|
||||||
|
|
||||||
|
<ConfigEntryReference
|
||||||
|
topLevel={false}
|
||||||
|
yaml={false}
|
||||||
|
keys={[
|
||||||
|
{
|
||||||
|
hcl: false,
|
||||||
|
name: 'Unsupported',
|
||||||
|
type: '',
|
||||||
|
description: `HTTP Header modification is not yet supported in our Kubernetes CRDs.`,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'Add',
|
||||||
|
type: 'map<string|string>: optional',
|
||||||
|
description: `The set of header value keyed by header name to
|
||||||
|
add. If a header with the same (case-insensitive) name already
|
||||||
|
exists, the value set here will be appended and both will be present.
|
||||||
|
If Envoy is used as the proxy, the value may contain
|
||||||
|
[variable placeholders](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers#custom-request-response-headers) for example
|
||||||
|
\`%DOWNSTREAM_REMOTE_ADDRESS%\` to interpolate dynamic request
|
||||||
|
metadata into the value added.`,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'Set',
|
||||||
|
type: 'map<string|string>: optional',
|
||||||
|
description: `The set of header value keyed by header name to
|
||||||
|
add. If one or more header values with the same (case-insensitive) name already exist,
|
||||||
|
the value set here will replace them all.
|
||||||
|
If Envoy is used as the proxy, the value may contain
|
||||||
|
[variable placeholders](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers#custom-request-response-headers) for example
|
||||||
|
\`%DOWNSTREAM_REMOTE_ADDRESS%\` to interpolate dynamic request
|
||||||
|
metadata into the value added.`,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'Remove',
|
||||||
|
type: 'array<string>: optional',
|
||||||
|
description: `The set of header names to remove. Only headers
|
||||||
|
whose names are an <i>case-insensitive</i> exact match will be removed`,
|
||||||
|
},
|
||||||
]}
|
]}
|
||||||
/>
|
/>
|
||||||
|
|
||||||
|
|
|
@ -146,6 +146,68 @@ spec:
|
||||||
|
|
||||||
</CodeTabs>
|
</CodeTabs>
|
||||||
|
|
||||||
|
|
||||||
|
### Set HTTP Headers
|
||||||
|
|
||||||
|
Split traffic between two subsets with extra headers added so clients can tell
|
||||||
|
which version (not yet supported in Kubernetes CRD):
|
||||||
|
|
||||||
|
<CodeTabs tabs={[ "HCL", "JSON" ]}>
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
Kind = "service-splitter"
|
||||||
|
Name = "web"
|
||||||
|
Splits = [
|
||||||
|
{
|
||||||
|
Weight = 90
|
||||||
|
ServiceSubset = "v1"
|
||||||
|
ResponseHeaders {
|
||||||
|
Set {
|
||||||
|
"X-Web-Version": "v1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Weight = 10
|
||||||
|
ServiceSubset = "v2"
|
||||||
|
ResponseHeaders {
|
||||||
|
Set {
|
||||||
|
"X-Web-Version": "v2"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
]
|
||||||
|
```
|
||||||
|
|
||||||
|
```json
|
||||||
|
{
|
||||||
|
"Kind": "service-splitter",
|
||||||
|
"Name": "web",
|
||||||
|
"Splits": [
|
||||||
|
{
|
||||||
|
"Weight": 90,
|
||||||
|
"ServiceSubset": "v1",
|
||||||
|
"ResponseHeaders": {
|
||||||
|
"Set": {
|
||||||
|
"X-Web-Version": "v1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"Weight": 10,
|
||||||
|
"ServiceSubset": "v2",
|
||||||
|
"ResponseHeaders": {
|
||||||
|
"Set": {
|
||||||
|
"X-Web-Version": "v2"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
</CodeTabs>
|
||||||
|
|
||||||
## Available Fields
|
## Available Fields
|
||||||
|
|
||||||
<ConfigEntryReference
|
<ConfigEntryReference
|
||||||
|
@ -231,6 +293,22 @@ spec:
|
||||||
description:
|
description:
|
||||||
'The namespace to resolve the service from instead of the current namespace. If empty the current namespace is assumed.',
|
'The namespace to resolve the service from instead of the current namespace. If empty the current namespace is assumed.',
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'RequestHeaders',
|
||||||
|
type: 'HTTPHeaderModifiers: <optional>',
|
||||||
|
description: `A set of [HTTP-specific header modification rules](/docs/connect/config-entries/service-router#httpheadermodifiers)
|
||||||
|
that will be applied to requests routed to this split.
|
||||||
|
This cannot be used with a \`tcp\` listener.`,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
yaml: false,
|
||||||
|
name: 'ResponseHeaders',
|
||||||
|
type: 'HTTPHeaderModifiers: <optional>',
|
||||||
|
description: `A set of [HTTP-specific header modification rules](/docs/connect/config-entries/service-router#httpheadermodifiers)
|
||||||
|
that will be applied to responses from this split.
|
||||||
|
This cannot be used with a \`tcp\` listener.`,
|
||||||
|
},
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
]}
|
]}
|
||||||
|
|
Loading…
Reference in New Issue