I'm trying to figure out how to use nginx proxy cache with some specific rules. For exemple, when i'm hosting Ghost or Wordpress, I don't want to cache admin section. Using server snippet, I've tried a lot of different combinaison but still have issues with cache in admin section.
nginx.ingress.kubernetes.io/proxy-buffering: "on"
nginx.ingress.kubernetes.io/server-snippet: |-
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_ignore_headers Set-Cookie;
proxy_cache app_cache;
proxy_cache_lock on;
proxy_cache_valid any 30m;
add_header X-Cache-Status $upstream_cache_status;
I want to use nginx code snippet for (ghost|sinout) paths to bypass cache when in admin area, but i'm loosing the proxy_pass context resulting to a 502 bad gateway.
Here is the current ingress config caching every pages, admin path too:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/proxy-buffering: "on"
nginx.ingress.kubernetes.io/server-snippet: |-
proxy_cache my_blog_cache;
proxy_cache_lock on;
proxy_cache_valid any 30m;
add_header X-Cache-Status $upstream_cache_status;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
name: my-blog
namespace: web
spec:
rules:
- host: blog.example.com
http:
paths:
- backend:
serviceName: ingress-541322b8660dbd2ceb1e8ff1813f0dd5
servicePort: 2368
path: /
tls:
- hosts:
- blog.example.com
secretName: my-blog-cert
status:
loadBalancer:
ingress:
- ip: 1.2.3.4
Here is the nginx config i'm trying to get but not compatible with ingress annotations:
location / {
proxy_cache my_blog_cache;
proxy_cache_valid 200 30m;
proxy_cache_valid 404 1m;
proxy_pass http://ghost_upstream;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_ignore_headers Set-Cookie;
proxy_hide_header Set-Cookie;
proxy_hide_header X-powered-by;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
expires 10m;
}
location /content/images {
alias /path/to/ghost/content/images;
access_log off;
expires max;
}
location /assets {
alias /path/to/ghost/content/themes/uno-master/assets;
access_log off;
expires max;
}
location /public {
alias /path/to/ghost/core/built/public;
access_log off;
expires max;
}
location /ghost/scripts {
alias /path/to/ghost/core/built/scripts;
access_log off;
expires max;
}
location ~ ^/(?:ghost|signout) {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://ghost_upstream;
add_header Cache-Control "no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0";
}
Thanks for your help !
There are some options in nginx-ingress controller that is only possible to change using ConfigMap and other is possible using Annnotations, as you are doing.
You can combine both to reach the expected result, or create a custom template.
Here you can see an alternative that maybe could help you.