Nginx custom configuration with Kong 0.9.x
2,134 views
Skip to first unread message
pba...@classy.org
Sep 8, 2016, 12:48:50 PM9/8/16
to Kong
Before version 0.9, both kong and nginx config were handled in the kong.yml file.
Now, if I understand correctly, Kong config is handled with the kong.conf file, where you can setup some of the nginx config file parameter.
Then, on first startup, the nginx conf file is generated and stored in /usr/local/kong/nginx.conf
Am I correct?
Now, I just want to add this parameter in the nginx config file: client_body_buffer_size 1m;
How do I do that before starting kong (because at that time, the nginx config file is not yet generated)?
I had a look at the documentation here => https://getkong.org/docs/0.9.x/configuration/#custom-nginx-configuration-amp-embedding-kong
but didn't quite understand.
What should "custom_nginx.template" file look like in my case? And where should it live?
Thanks for your support!
Thibault Charbonnier
Sep 8, 2016, 2:16:20 PM9/8/16
to Kong
Hi,
Short answer, this is the file you'd have to use, with the directive you asked for (notice the red line):
You would use it like so:
Long answer: since you want to modify one of the proxy server's property, we are here inlining the 2 server blocks defined by Kong in the main nginx configuration file (the content of the http{} block). Suggestions and improvements to that section of the documentation are more than welcome! I know it can be a bit confusing, would love to get some feedback on what part of it you didn't get.
Short answer, this is the file you'd have to use, with the directive you asked for (notice the red line):
worker_processes ${{NGINX_WORKER_PROCESSES}};daemon ${{NGINX_DAEMON}};
pid pids/nginx.pid;error_log logs/error.log ${{LOG_LEVEL}};
> if nginx_optimizations thenworker_rlimit_nofile ${{WORKER_RLIMIT}};> end
events {> if nginx_optimizations then worker_connections ${{WORKER_CONNECTIONS}}; multi_accept on;> end}
http { resolver ${{DNS_RESOLVER}} ipv6=off; charset UTF-8;
error_log logs/error.log ${{LOG_LEVEL}}; access_log logs/access.log;
> if anonymous_reports then ${{SYSLOG_REPORTS}}> end
> if nginx_optimizations then>-- send_timeout 60s; # default value>-- keepalive_timeout 75s; # default value>-- client_body_timeout 60s; # default value>-- client_header_timeout 60s; # default value>-- tcp_nopush on; # disabled until benchmarked>-- proxy_buffer_size 128k; # disabled until benchmarked>-- proxy_buffers 4 256k; # disabled until benchmarked>-- proxy_busy_buffers_size 256k; # disabled until benchmarked>-- reset_timedout_connection on; # disabled until benchmarked> end
client_max_body_size 0; client_body_buffer_size 1m; proxy_ssl_server_name on; underscores_in_headers on;
real_ip_header X-Forwarded-For; set_real_ip_from 0.0.0.0/0; real_ip_recursive on;
lua_package_path '${{LUA_PACKAGE_PATH}};;'; lua_package_cpath '${{LUA_PACKAGE_CPATH}};;'; lua_code_cache ${{LUA_CODE_CACHE}}; lua_max_running_timers 4096; lua_max_pending_timers 16384; lua_shared_dict cache ${{MEM_CACHE_SIZE}}; lua_shared_dict reports_locks 100k; lua_shared_dict cluster_locks 100k; lua_shared_dict cluster_autojoin_locks 100k; lua_shared_dict cache_locks 100k; lua_shared_dict cassandra 1m; lua_shared_dict cassandra_prepared 5m; lua_socket_log_errors off;> if lua_ssl_trusted_certificate then lua_ssl_trusted_certificate '${{LUA_SSL_TRUSTED_CERTIFICATE}}'; lua_ssl_verify_depth ${{LUA_SSL_VERIFY_DEPTH}};> end
init_by_lua_block { require 'resty.core' kong = require 'kong' kong.init() }
init_worker_by_lua_block { kong.init_worker() }
server { server_name kong; listen ${{PROXY_LISTEN}}; error_page 404 408 411 412 413 414 417 /kong_error_handler; error_page 500 502 503 504 /kong_error_handler;
> if ssl then listen ${{PROXY_LISTEN_SSL}} ssl; ssl_certificate ${{SSL_CERT}}; ssl_certificate_key ${{SSL_CERT_KEY}}; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_certificate_by_lua_block { kong.ssl_certificate() }> end
location / { set $upstream_host nil; set $upstream_url nil;
access_by_lua_block { kong.access() }
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $upstream_host; proxy_pass_header Server; proxy_pass $upstream_url;
header_filter_by_lua_block { kong.header_filter() }
body_filter_by_lua_block { kong.body_filter() }
log_by_lua_block { kong.log() } }
location = /kong_error_handler { internal; content_by_lua_block { require('kong.core.error_handlers')(ngx) } } }
server { server_name kong_admin; listen ${{ADMIN_LISTEN}};
client_max_body_size 10m; client_body_buffer_size 10m;
location / { default_type application/json; content_by_lua_block { ngx.header['Access-Control-Allow-Origin'] = '*' if ngx.req.get_method() == 'OPTIONS' then ngx.header['Access-Control-Allow-Methods'] = 'GET,HEAD,PUT,PATCH,POST,DELETE' ngx.header['Access-Control-Allow-Headers'] = 'Content-Type' ngx.exit(204) end
ngx.log(ngx.DEBUG, 'Loading Admin API endpoints') require('lapis').serve('kong.api') } }
location /nginx_status { internal; access_log off; stub_status; }
location /robots.txt { return 200 'User-agent: *\nDisallow: /'; } }}
You would use it like so:
$ kong start --nginx-conf=nginx_conf.templLong answer: since you want to modify one of the proxy server's property, we are here inlining the 2 server blocks defined by Kong in the main nginx configuration file (the content of the http{} block). Suggestions and improvements to that section of the documentation are more than welcome! I know it can be a bit confusing, would love to get some feedback on what part of it you didn't get.
Best,
Thibault
pba...@classy.org
Sep 12, 2016, 6:15:28 AM9/12/16
to Kong
Hi Thibault,
It's clearer to me now. Not sure why I hadn't understood the doc in the first place.
I'm installing Kong not from sources but from the ubuntu package. I believe what puzzled me is that in this case there is no nginx example template you can play with.
So my suggestion would be to have the default nginx template file being available at /etc/kong/nginx-kong.conf.templ.default, the same way there is /etc/kong/kong.conf.default when you install kong with the package.
Pierre
Reply all
Reply to author
Forward
0 new messages