Maximum Body Size

You can configure maximum allowed request body size in bytes using ingress.appscode.com/proxy-body-size annotation. It will applied globally for all frontends. If request body size exceeds the specified size then it will through error with code 400.

Ingress Example

apiVersion: voyager.appscode.com/v1beta1
kind: Ingress
metadata:
  name: test-ingress
  namespace: default
  annotations:
    ingress.appscode.com/proxy-body-size: "8"
spec:
  rules:
  - host: voyager.appscode.test
    http:
      paths:
      - path: /foo
        backend:
          serviceName: test-server
          servicePort: 80

It will add following to all frontends in generated haproxy.cfg:

http-request deny deny_status 400 if { req.body_size gt 8 }

Generated haproxy.cfg:

# HAProxy configuration generated by https://github.com/appscode/voyager
# DO NOT EDIT!
global
	daemon
	stats socket /tmp/haproxy
	server-state-file global
	server-state-base /var/state/haproxy/
	# log using a syslog socket
	log /dev/log local0 info
	log /dev/log local0 notice
	tune.ssl.default-dh-param 2048
	ssl-default-bind-ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
defaults
	log global
	# https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.2-option%20abortonclose
	# https://github.com/appscode/voyager/pull/403
	option dontlognull
	option http-server-close
	# Timeout values
	timeout client 50s
	timeout client-fin 50s
	timeout connect 50s
	timeout server 50s
	timeout tunnel 50s
	# Configure error files
	# default traffic mode is http
	# mode is overwritten in case of tcp services
	mode http
frontend http-0_0_0_0-80
	bind *:80 
	mode http
	option httplog
	option forwardfor
	http-request deny deny_status 400 if { req.body_size gt 8 }
	acl is_proxy_https hdr(X-Forwarded-Proto) https
	acl acl_voyager.appscode.test hdr(host) -i voyager.appscode.test
	acl acl_voyager.appscode.test hdr(host) -i voyager.appscode.test:80
	acl acl_voyager.appscode.test:foo path_beg /foo
	use_backend test-server.default:80 if acl_voyager.appscode.test acl_voyager.appscode.test:foo
backend test-server.default:80
	server pod-test-server-68ddc845cd-x5c78 172.17.0.4:8080

Get url for ingress service:

$ minikube service --url voyager-test-ingress
http://192.168.99.100:31996

Send request with content-length smaller than allowed size:

$ curl -X POST -v -H 'Host: voyager.appscode.test' --data "hello" 192.168.99.100:31996/foo
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 192.168.99.100...
* Connected to 192.168.99.100 (192.168.99.100) port 31996 (#0)
> POST /foo HTTP/1.1
> Host: voyager.appscode.test
> User-Agent: curl/7.47.0
> Accept: */*
> Content-Length: 5
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 5 out of 5 bytes
< HTTP/1.1 200 OK
< Date: Fri, 16 Feb 2018 12:15:45 GMT
< Content-Type: text/plain
< Transfer-Encoding: chunked
< Server: echoserver
< 


Hostname: test-server-68ddc845cd-x5c78

Pod Information:
	-no pod information available-

Server values:
	server_version=nginx: 1.13.3 - lua: 10008

Request Information:
	client_address=172.17.0.5
	method=POST
	real path=/foo
	query=
	request_version=1.1
	request_uri=http://voyager.appscode.test:8080/foo

Request Headers:
	accept=*/*
	connection=close
	content-length=5
	content-type=application/x-www-form-urlencoded
	host=voyager.appscode.test
	user-agent=curl/7.47.0
	x-forwarded-for=172.17.0.1

Request Body:
hello

* Connection #0 to host 192.168.99.100 left intact

Send another request with content-length larger than allowed size:

$ curl -X POST -v -H 'Host: voyager.appscode.test' --data "this is raw data" 192.168.99.100:31996/foo
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 192.168.99.100...
* Connected to 192.168.99.100 (192.168.99.100) port 31996 (#0)
> POST /foo HTTP/1.1
> Host: voyager.appscode.test
> User-Agent: curl/7.47.0
> Accept: */*
> Content-Length: 16
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 16 out of 16 bytes
* HTTP 1.0, assume close after body
< HTTP/1.0 400 Bad request
< Cache-Control: no-cache
< Connection: close
< Content-Type: text/html
< 
<html><body><h1>400 Bad request</h1>
Your browser sent an invalid request.
</body></html>
* Closing connection 0

Take your team where it needs to go.

Create your cluster in minutes. Our team is here to help and would be happy to chat with you.