From 59ea71c1261d2e41b5c59c71754849e0b48146ec Mon Sep 17 00:00:00 2001 From: Finn Evers Date: Mon, 26 Aug 2024 15:11:26 +0200 Subject: [PATCH 1/2] Add the possibility to configure the upstream protocol in the nginx for the cortex upstream Signed-off-by: Finn Evers --- README.md | 1 + templates/nginx/nginx-config.yaml | 30 +++++++++++++++--------------- values.yaml | 2 ++ 3 files changed, 18 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index c7d420cb..e58adbf4 100644 --- a/README.md +++ b/README.md @@ -439,6 +439,7 @@ Kubernetes: `^1.19.0-0` | nginx.​config.​mainSnippet | string | `""` | arbitrary snippet to inject in the top section of the nginx config | | nginx.​config.​serverSnippet | string | `""` | arbitrary snippet to inject in the server { } section of the nginx config | | nginx.​config.​setHeaders | object | `{}` | | +| nginx.​config.​upstream_protocol | string | `"http"` | protocol for the communication with the upstream | | nginx.​config.​verboseLogging | bool | `true` | Enables all access logs from nginx, otherwise ignores 2XX and 3XX status codes | | nginx.​containerSecurityContext.​enabled | bool | `true` | | | nginx.​containerSecurityContext.​readOnlyRootFilesystem | bool | `false` | | diff --git a/templates/nginx/nginx-config.yaml b/templates/nginx/nginx-config.yaml index 7db8b83a..830d3233 100644 --- a/templates/nginx/nginx-config.yaml +++ b/templates/nginx/nginx-config.yaml @@ -81,20 +81,20 @@ data: # Distributor Config location = /ring { - proxy_pass http://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; } location = /all_user_stats { - proxy_pass http://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; } location = /api/prom/push { - proxy_pass http://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; } ## New Remote write API. Ref: https://cortexmetrics.io/docs/api/#remote-write location = /api/v1/push { - proxy_pass http://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-distributor.{{ $rootDomain }}$request_uri; } {{- end }} @@ -103,19 +103,19 @@ data: # Alertmanager Config location ~ /api/prom/alertmanager/.* { - proxy_pass http://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; } location ~ /api/v1/alerts { - proxy_pass http://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; } location ~ /multitenant_alertmanager/status { - proxy_pass http://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}$request_uri; } location = /api/prom/api/v1/alerts { - proxy_pass http://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}/api/v1/alerts; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-alertmanager.{{ $rootDomain }}/api/v1/alerts; } {{- end }} @@ -124,15 +124,15 @@ data: # Ruler Config location ~ /api/v1/rules { - proxy_pass http://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; } location ~ /ruler/ring { - proxy_pass http://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; } location ~ /api/prom/rules { - proxy_pass http://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-ruler.{{ $rootDomain }}$request_uri; } {{- end }} @@ -141,16 +141,16 @@ data: # Query Config location ~ /api/prom/.* { - proxy_pass http://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; } ## New Query frontend APIs as per https://cortexmetrics.io/docs/api/#querier--query-frontend location ~ ^{{.Values.config.api.prometheus_http_prefix}}/api/v1/(read|metadata|labels|series|query_range|query) { - proxy_pass http://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; } location ~ {{.Values.config.api.prometheus_http_prefix}}/api/v1/label/.* { - proxy_pass http://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" . }}-query-frontend.{{ $rootDomain }}$request_uri; } {{- end }} @@ -160,7 +160,7 @@ data: {{- range $org := compact .Values.nginx.config.auth_orgs | uniq }} location = /api/v1/push/{{ $org }} { proxy_set_header X-Scope-OrgID {{ $org }}; - proxy_pass http://{{ template "cortex.fullname" $ }}-distributor.{{ $rootDomain }}/api/v1/push; + proxy_pass {{ .Values.nginx.config.upstream_protocol }}://{{ template "cortex.fullname" $ }}-distributor.{{ $rootDomain }}/api/v1/push; } {{- end }} {{- end }} diff --git a/values.yaml b/values.yaml index ea87bf5d..b10da422 100644 --- a/values.yaml +++ b/values.yaml @@ -1196,6 +1196,8 @@ nginx: mainSnippet: "" # -- arbitrary snippet to inject in the server { } section of the nginx config serverSnippet: "" + # -- protocol for the communication with the upstream + upstream_protocol: http setHeaders: {} # -- Optional list of [auth tenants](https://cortexmetrics.io/docs/guides/auth/) to set in the nginx config auth_orgs: [] From 5597ec48aaecf3e41c09047a6d2f07d512e51109 Mon Sep 17 00:00:00 2001 From: Finn Evers Date: Mon, 26 Aug 2024 15:49:26 +0200 Subject: [PATCH 2/2] update CHANGELOG.md Signed-off-by: Finn Evers --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 343cc599..e3634147 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ ## master / unreleased +* [ENHANCEMENT] Add `nginx.config.upstream_protocol` field to configure the upstream protocol in the nginx configuration #506 + ## 2.4.0 / 2024-07-18 * [CHANGE] Removed the default `livenessProbe` for store-gateway and compactor. You can still use a `livenessProbe` but we advise against it #502