Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set host header to the FQDN of the backend service in a multi-backend HTTPRoute #6369

Open
2 of 5 tasks
CharlieC3 opened this issue Aug 2, 2024 · 0 comments
Open
2 of 5 tasks

Set host header to the FQDN of the backend service in a multi-backend HTTPRoute #6369

CharlieC3 opened this issue Aug 2, 2024 · 0 comments

Comments

@CharlieC3
Copy link

CharlieC3 commented Aug 2, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Does this enhancement require public documentation?

  • I have added an Acceptance Criteria item for adding and/or adjusting public documentation (if applicable)

Problem Statement

When using an HTTPRoute with multiple weighted backends, there is no way to set the Host header to the FQDN of each individual service. I need to be able to do this to utilize the Istio mesh's routing rules.

I've been trying to accomplish this through the konghq.com/preserve-host annotation set to false on the HTTPRoute, and konghq.com/host-header set to the FQDN of the service on the K8s Service resource, but I get the following error message from the KIC when attempting to do this:

Service has inconsistent konghq.com/host-header annotation and is used in multi-Service backend httproute.my-namespace.my-kong-httproute.foo.bar.com.0. This annotation must have the same value across all Services in the backend.

And If I set konghq.com/preserve-host to false in the HTTPRoute and omit setting konghq.com/host-header on the backend services, the host header appears to be set to the downstream IP address, which isn't helpful in this case.

Proposed Solution

Ideally I would either be able to:

  1. Set distinct host headers for each backend service referenced in a multi-backend, weighted HTTPRoute
  2. Configure KIC to set the host header to the backend FQDN instead of the downstream IP by default when konghq.com/preserve-host is set to false. This option could be enabled via a CLI flag.

Ideally both proposed solutions would be implemented since (1) would allow for greater flexibility in the HTTPRoute support, and (2) would allow users to leverage convention over configuration better since they wouldn't need to add a konghq.com/host-header annotation to each backend Service resource if they wished to enable this throughout their cluster.

Additional information

Example manifests which demonstrate this problem are as follows:

Kong HTTPRoute 

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  annotations:
    konghq.com/preserve-host: "false"
  name: my-kong-httproute
  namespace: my-namespace
spec:
  hostnames:
  - foo.bar.com
  parentRefs:
  - group: gateway.networking.k8s.io
    kind: Gateway
    name: kong
    namespace: ingress
  rules:
  - backendRefs:
    - group: ""
      kind: Service
      name: my-service-a
      port: 8080
      weight: 50
    - group: ""
      kind: Service
      name: my-service-b
      port: 8080
      weight: 50
    matches:
    - path:
        type: PathPrefix
        value: /

Mesh HTTPRoute - Service A 

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: my-mesh-httproute-service-a
  namespace: my-namespace
spec:
  hostnames:
    - my-service-a.my-namespace.svc.cluster.local
  parentRefs:
    - group: ""
      kind: Service
      name: my-service-a
  rules:
    # Add header to all responses from Service A
    - filters:
        - type: ResponseHeaderModifier
          responseHeaderModifier:
            add:
              - name: x-my-header
                value: service-a
      backendRefs:
        - name: my-service-a
          kind: Service
          port: 8080

Mesh HTTPRoute - Service B 

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: my-mesh-httproute-service-b
  namespace: my-namespace
spec:
  hostnames:
    - my-service-b.my-namespace.svc.cluster.local
  parentRefs:
    - group: ""
      kind: Service
      name: my-service-b
  rules:
    # Add header to all responses from Service B
    - filters:
        - type: ResponseHeaderModifier
          responseHeaderModifier:
            add:
              - name: x-my-header
                value: service-b
      backendRefs:
        - name: my-service-b
          kind: Service
          port: 8080

Service A 

apiVersion: v1
kind: Service
metadata:
  annotations:
    konghq.com/host-header: my-service-a.my-namespace.svc.cluster.local
  name: my-service-a
  namespace: my-namespace
spec:
  internalTrafficPolicy: Cluster
  ports:
  - name: http
    port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    app.kubernetes.io/instance: my-service-a
  sessionAffinity: None
  type: ClusterIP

Service B 

apiVersion: v1
kind: Service
metadata:
  annotations:
    konghq.com/host-header: my-service-b.my-namespace.svc.cluster.local
  name: my-service-b
  namespace: my-namespace
spec:
  internalTrafficPolicy: Cluster
  ports:
  - name: http
    port: 8080
    protocol: TCP
    targetPort: 8080
  selector:
    app.kubernetes.io/instance: my-service-b
  sessionAffinity: None
  type: ClusterIP

Acceptance Criteria

  • As a user, I can configure a HTTPRoute with a multi-Service backend to set a distinct host header for each backend Service
  • As a user, I can configure the KIC to automatically set the host header to the backend Service FQDN if konghq.com/preserve-host is set to false instead of the downstream IP address (nice to have)
  • New settings are appropriately documented
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CharlieC3