Use an annotation to provide a route cookie

Route annotation: router.openshift.io/cookie_name can be used to set a cookie name for the route. Added ROUTER_COOKIE_NAME for setting cookie name for all routes. The cookie must pass regex filter "[a-zA-Z0-9_-]+" https://trello.com/c/dZpU26W9 (3) Allow routes to set the cookie names for session stickiness
openshift · Sep 20, 2017 · 3fda80b · 3fda80b
1 parent 3116aaa
commit 3fda80b
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/images/router/haproxy/conf/haproxy-config.template b/images/router/haproxy/conf/haproxy-config.template
@@ -22,6 +22,9 @@
 {{/* cidrListPattern: Match a space separated list of CIDRs; e.g. 192.168.21.23/24 192.10.2.12 */}}
 {{- $cidrListPattern := printf `(?:%s(?: +%s)*)` $cidrPattern $cidrPattern -}}
 
+{{/* cookie name pattern: */}}
+{{- $cookieNameRE := "[a-zA-Z0-9_-]+" -}}
+
 {{- $timeSpecRE := "[1-9][0-9]*(us|ms|s|m|h|d)?" }}
 global
   maxconn {{env "ROUTER_MAX_CONNECTIONS" "20000"}}
@@ -377,7 +380,7 @@ backend be_secure:{{$cfgIdx}}
   {{- end }}
 
   {{- if not (isTrue (index $cfg.Annotations "haproxy.router.openshift.io/disable_cookies")) }}
-  cookie {{$cfg.RoutingKeyName}} insert indirect nocache httponly
+  cookie {{firstMatch $cookieNameRE (index $cfg.Annotations "router.openshift.io/cookie_name") (env "ROUTER_COOKIE_NAME" "") $cfg.RoutingKeyName}} insert indirect nocache httponly
     {{- if and (matchValues (print $cfg.TLSTermination) "edge" "reencrypt") (ne $cfg.InsecureEdgeTerminationPolicy "Allow") }} secure
     {{- end }}
   {{- end }}{{/* end disable cookies check */}}