AppsCode
  • KubeDB

    Run Production-Grade Databases on Kubernetes

    Stash

    Backup and Recovery Solution for Kubernetes

    KubeVault

    Run Production-Grade Vault on Kubernetes

    Voyager

    Secure Ingress Controller for Kubernetes

    ConfigSyncer

    Kubernetes Configuration Syncer

    Guard

    Kubernetes Authentication WebHook Server

    KubeDB

    KubeDB simplifies Provisioning, Upgrading, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud

    • check-boxLower administrative burden
    • check-boxNative Kubernetes Support
    • check-boxPerformance
    • check-boxAvailability and durability
    • check-boxManageability
    • check-boxCost-effectiveness
    • check-boxSecurity
    Stash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • check-boxDeclarative API
    • check-boxBackup Kubernetes Volumes
    • check-boxBackup Database
    • check-boxMultiple Storage Support
    • check-boxDeduplication
    • check-boxData Encryption
    • check-boxVolume Snapshot
    • check-boxPolicy Based Backup
    KubeVault

    KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.

    • check-boxVault Kubernetes Deployment
    • check-boxAuto Initialization & Unsealing
    • check-boxVault Backup & Restore
    • check-boxConsume KubeVault Secrets with CSI
    • check-boxManage DB Users Privileges
    • check-boxStorage Backend
    • check-boxAuthentication Method
    • check-boxDatabase Secret Engine
    Voyager

    Secure Ingress Controller for Kubernetes

    • check-boxHTTP & TCP
    • check-boxSSL
    • check-boxPlatform support
    • check-boxHAProxy
    • check-boxPrometheus
    • check-boxLet's Encrypt
    configsyncer

    Kubernetes Configuration Syncer

    • check-boxConfiguration Syncer
    Guard

    Kubernetes Authentication WebHook Server

    • check-boxIdentity Providers
    • check-boxCLI
    • check-boxRBAC
  • RESOURCES
  • Webinar New
CONTACT SALES
Voyager
github-icon twitterx-icon
TRY NOW FREE
  • Welcome
  • Concepts
  • Setup
  • Ingress
    Cert Manager
  • Voyager Operator
    Voyager CLI

New to Voyager? Please start here.

Maximum Body Size

You can configure maximum allowed request body size in bytes using ingress.appscode.com/proxy-body-size annotation. It will applied globally for all frontends. If request body size exceeds the specified size then it will through error with code 400.

Ingress Example

apiVersion: voyager.appscode.com/v1
kind: Ingress
metadata:
  name: test-ingress
  namespace: default
  annotations:
    ingress.appscode.com/proxy-body-size: "8"
spec:
  rules:
  - host: voyager.appscode.test
    http:
      paths:
      - path: /foo
        backend:
          service:
          	name: test-server
            port:
              number: 80

It will add following to all frontends in generated haproxy.cfg:

http-request deny deny_status 400 if { req.body_size gt 8 }

Generated haproxy.cfg:

# HAProxy configuration generated by https://github.com/appscode/voyager
# DO NOT EDIT!
global
	daemon
	stats socket /tmp/haproxy
	server-state-file global
	server-state-base /var/state/haproxy/
	# log using a syslog socket
	log /dev/log local0 info
	log /dev/log local0 notice
	tune.ssl.default-dh-param 2048
	ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
	hard-stop-after 30s
defaults
	log global
	# https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.2-option%20abortonclose
	# https://github.com/voyagermesh/gateway-docs/pull/403
	option dontlognull
	option http-server-close
	# Timeout values
	timeout client 50s
	timeout client-fin 50s
	timeout connect 5s
	timeout server 50s
	timeout tunnel 50s
	# Configure error files
	# default traffic mode is http
	# mode is overwritten in case of tcp services
	mode http
frontend http-0_0_0_0-80
	bind *:80 
	mode http
	option httplog
	option forwardfor
	http-request deny deny_status 400 if { req.body_size gt 8 }
	acl is_proxy_https hdr(X-Forwarded-Proto) https
	acl acl_voyager.appscode.test hdr(host) -i voyager.appscode.test
	acl acl_voyager.appscode.test hdr(host) -i voyager.appscode.test:80
	acl acl_voyager.appscode.test:foo path_beg /foo
	use_backend test-server.default:80 if acl_voyager.appscode.test acl_voyager.appscode.test:foo
backend test-server.default:80
	server pod-test-server-68ddc845cd-x5c78 172.17.0.4:8080

Get url for ingress service:

$ minikube service --url voyager-test-ingress
http://192.168.99.100:31996

Send request with content-length smaller than allowed size:

$ curl -X POST -v -H 'Host: voyager.appscode.test' --data "hello" 192.168.99.100:31996/foo
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 192.168.99.100...
* Connected to 192.168.99.100 (192.168.99.100) port 31996 (#0)
> POST /foo HTTP/1.1
> Host: voyager.appscode.test
> User-Agent: curl/7.47.0
> Accept: */*
> Content-Length: 5
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 5 out of 5 bytes
< HTTP/1.1 200 OK
< Date: Fri, 16 Feb 2018 12:15:45 GMT
< Content-Type: text/plain
< Transfer-Encoding: chunked
< Server: echoserver
< 


Hostname: test-server-68ddc845cd-x5c78

Pod Information:
	-no pod information available-

Server values:
	server_version=nginx: 1.13.3 - lua: 10008

Request Information:
	client_address=172.17.0.5
	method=POST
	real path=/foo
	query=
	request_version=1.1
	request_uri=http://voyager.appscode.test:8080/foo

Request Headers:
	accept=*/*
	connection=close
	content-length=5
	content-type=application/x-www-form-urlencoded
	host=voyager.appscode.test
	user-agent=curl/7.47.0
	x-forwarded-for=172.17.0.1

Request Body:
hello

* Connection #0 to host 192.168.99.100 left intact

Send another request with content-length larger than allowed size:

$ curl -X POST -v -H 'Host: voyager.appscode.test' --data "this is raw data" 192.168.99.100:31996/foo
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 192.168.99.100...
* Connected to 192.168.99.100 (192.168.99.100) port 31996 (#0)
> POST /foo HTTP/1.1
> Host: voyager.appscode.test
> User-Agent: curl/7.47.0
> Accept: */*
> Content-Length: 16
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 16 out of 16 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 400 Bad request
< Cache-Control: no-cache
< Connection: close
< Content-Type: text/html
< 
<html><body><h1>400 Bad request</h1>
Your browser sent an invalid request.
</body></html>
* Closing connection 0

What's on this Page

Search
Improve This Page