Customize the ingresscontroller in OSD and ROSA
Environment
- Red Hat OpenShift Service on AWS (ROSA)
- 4
- Red Hat OpenShift Dedicated (OSD)
- 4
- Ingress Controller
- Custom Domains Operator (CDO)
Issue
- Is it possible to apply custom configurations to the
ingresscontrollerin OSD and ROSA? - Is it supported to create custom
ingresscontrollerin OSD and ROSA? - Can the Custom Domains Operator in OSD and ROSA be configured like the OpenShift Ingress Operator?
- In OSD and ROSA,
http2is enabled by default. Is it possible to disablehttp2/http/2in OSD and ROSA as in OCP 4 (Enabling HTTP/2 Ingress connectivity)? - Is it possible to maintain the
X-Forwarded-*andForwardedheaders using thespec.httpHeaders.forwardedHeaderPolicyfield from the Ingress Operator like in OCP 4 (Using X-Forwarded headers in OCP 4)? - Is it possible to enable the Ingress access logging in OSD and ROSA?
- Is it possible to configure Ingress Controller sharding/router sharding in OSD and ROSA?
Resolution
For OCP 4.14+ it is allowed the customization of the ingresscontroller in OSD and ROSA clusters by default.
See additional information in Creating fully customizable non-default IngressController for ROSA and and the section "Early Access/Opting Out" for enabling it in 4.13.
For 4.13 and older versions (other versions):
| Version | Procedure |
|---|---|
| OCP 4.14+ | It is allowed the customization of the ingresscontroller in OSD and ROSA clusters by default. |
| OCP 4.13 (with new feature enabled) | It is allowed the customization of the ingresscontroller. |
| OCP 4.13 (without new feature enabled) | It is not allowed the customization of the ingresscontroller. |
| Older versions | it is not allowed customization of the ingresscontroller. |
For 4.13 versions without the new feature enabled, and for older versions, the allowed configuration for the ingresscontroller created by the installation (default and apps2) is via OCM to made them either publicly accessible over the Internet or only privately accessible over a preexisting private connection.
Additional information at:
It is not supported:
- Make changes to the
ingresscontroller:defaultandapps2 - Manually create new
ingresscontrollerin OSD and ROSA.
Custom Domains Operator (CDO)
In OSD and ROSA, although with limited configurations, it is possible to create a custom ingresscontroller using the Custom Domains Operator.
Recent features in CDO:
- It is now possible to configure route sharding as explained in the CDO documentation.
Root Cause
It is currently possible to enable a feature for allowing the customization of the ingresscontroller in OSD and ROSA 4.13 clusters, and it will be the default behavior for 4.14 new installed clusters.
The configurations allowed in older releases are limited.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments