Integration mode for CR HeaderRewrites

The CR HeaderRewrites features an Integration operation mode that enriches the access log output with information and details not logged in Production mode. The additional log information are useful for application integration and fault-finding tasks, i.e., to discover potential header-related issues.

Integration mode can be enabled in the corresponding Custom Resources. Note that the extended logging output of the Integration mode will fill up storage space faster, compared to Production mode, when writing into a file or database.

Example of logging output in Integration mode

In the HeaderRewrites CR, the operationalMode can be toggled between Production (default) and Integration. For a configuration example, see tab Default in the CR Header Rewrites reference documentation.

General tips for working with CRs

  • CLI:
  • Use kubectl explain <replace with CRD name> --recursive to list all available options and the YAML structure.
  • Check the CRD description texts with kubectl explain <replace with CRD name and path> of the available options for more details.
  • API Reference documentation:
  • Click on the link to open the CR-related documentation in a new browser tab or window: CRD Reference documentation. See also the API Reference documentation links at the end article.

The following example shows the log output for the header rewrites. In contrast to the verbose logging in Integration mode, no header rewrites are logged in Production mode to reduce the log size:

In Production mode:

In Integration mode:

 ...
   "airlock": { 
    "header_rewrites": { 
      "response": [ 
        { 
          "headers": [ 
            "content-type" 
          ], 
          "type": "remove-rule", 
          "applied_rules": [ 
            "Remove Content Type Response Header" 
          ], 
          "action": "remove" 
        } 
      ], 
      "request": [ 
        { 
          "type": "allow-rule", 
          "applied_rules": [ 
            "Standard Allowed Request Headers", 
            "Allow custom request headers", 
            "Propagate X-Forwarded-For to upstream" 
          ], 
          "action": "remove", 
          "headers": [ 
            "front-end-https", 
            "x-forwarded-host", 
            "x-forwarded-port", 
            "x-forwarded-proto", 
            "x-forwarded-server", 
            "x-real-ip", 
            "accept-encoding" 
          ] 
        } 
      ] 
    },