Allow configuration of map-hash-bucket-size and map-hash-max-size directives

docs/content/configuration/global-configuration/configmap-resource.md

@@ -86,6 +86,8 @@ See the doc about [VirtualServer and VirtualServerRoute resources](/nginx-ingres
 |``worker-shutdown-timeout`` | Sets the value of the [worker_shutdown_timeout](https://nginx.org/en/docs/ngx_core_module.html#worker_shutdown_timeout) directive. | N/A |  |
 |``server-names-hash-bucket-size`` | Sets the value of the [server_names_hash_bucket_size](https://nginx.org/en/docs/http/ngx_http_core_module.html#server_names_hash_bucket_size) directive. | ``256`` |  |
 |``server-names-hash-max-size`` | Sets the value of the [server_names_hash_max_size](https://nginx.org/en/docs/http/ngx_http_core_module.html#server_names_hash_max_size) directive. | ``1024`` |  |
+|``map-hash-bucket-size`` | Sets the value of the [map_hash_bucket_size](http://nginx.org/en/docs/http/ngx_http_map_module.html#map_hash_bucket_size) directive.| ``256`` |  |
+|``map-hash-max-size`` | Sets the value of the [map_hash_max_size](http://nginx.org/en/docs/http/ngx_http_map_module.html#map_hash_max_size) directive. | ``2048`` |  |
 |``resolver-addresses`` | Sets the value of the [resolver](https://nginx.org/en/docs/http/ngx_http_core_module.html#resolver) addresses. Note: If you use a DNS name (for example, ``kube-dns.kube-system.svc.cluster.local`` ) as a resolver address, NGINX Plus will resolve it using the system resolver during the start and on every configuration reload. If the name cannot be resolved or the DNS server doesn't respond, NGINX Plus will fail to start or reload. To avoid this, we recommend using IP addresses as resolver addresses instead of DNS names. Supported in NGINX Plus only. | N/A | [Support for Type ExternalName Services](https://github.com/nginxinc/kubernetes-ingress/tree/v2.4.1/examples/ingress-resources/externalname-services). |
 |``resolver-ipv6`` | Enables IPv6 resolution in the resolver. Supported in NGINX Plus only. | ``True`` | [Support for Type ExternalName Services](https://github.com/nginxinc/kubernetes-ingress/tree/v2.4.1/examples/ingress-resources/externalname-services). |
 |``resolver-valid`` | Sets the time NGINX caches the resolved DNS records. Supported in NGINX Plus only. | TTL value of a DNS record | [Support for Type ExternalName Services](https://github.com/nginxinc/kubernetes-ingress/tree/v2.4.1/examples/ingress-resources/externalname-services). |

internal/configs/config_params.go

@@ -37,6 +37,8 @@ type ConfigParams struct {
 	MainStreamLogFormat                    []string
 	MainStreamLogFormatEscaping            string
 	MainStreamSnippets                     []string
+	MainMapHashBucketSize                  string
+	MainMapHashMaxSize                     string
 	MainWorkerConnections                  string
 	MainWorkerCPUAffinity                  string
 	MainWorkerProcesses                    string
@@ -160,6 +162,8 @@ func NewDefaultConfigParams(isPlus bool) *ConfigParams {
 		SSLRedirect:                   true,
 		MainServerNamesHashBucketSize: "256",
 		MainServerNamesHashMaxSize:    "1024",
+		MainMapHashBucketSize:         "256",
+		MainMapHashMaxSize:            "2048",
 		ProxyBuffering:                true,
 		MainWorkerProcesses:           "auto",
 		MainWorkerConnections:         "1024",

internal/configs/configmaps.go

@@ -78,6 +78,14 @@ func ParseConfigMap(cfgm *v1.ConfigMap, nginxPlus bool, hasAppProtect bool, hasA
 		cfgParams.MainServerNamesHashMaxSize = serverNamesHashMaxSize
 	}
 
+	if mapHashBucketSize, exists := cfgm.Data["map-hash-bucket-size"]; exists {
+		cfgParams.MainMapHashBucketSize = mapHashBucketSize
+	}
+
+	if mapHashMaxSize, exists := cfgm.Data["map-hash-max-size"]; exists {
+		cfgParams.MainMapHashMaxSize = mapHashMaxSize
+	}
+
 	if HTTP2, exists, err := GetMapKeyAsBool(cfgm.Data, "http2", cfgm); exists {
 		if err != nil {
 			glog.Error(err)
@@ -533,6 +541,8 @@ func GenerateNginxMainConfig(staticCfgParams *StaticConfigParams, config *Config
 		SetRealIPFrom:                      config.SetRealIPFrom,
 		ServerNamesHashBucketSize:          config.MainServerNamesHashBucketSize,
 		ServerNamesHashMaxSize:             config.MainServerNamesHashMaxSize,
+		MapHashBucketSize:                  config.MainMapHashBucketSize,
+		MapHashMaxSize:                     config.MainMapHashMaxSize,
 		ServerTokens:                       config.ServerTokens,
 		SSLCiphers:                         config.MainServerSSLCiphers,
 		SSLDHParam:                         config.MainServerSSLDHParam,

internal/configs/version1/config.go

@@ -192,6 +192,8 @@ type MainConfig struct {
 	SetRealIPFrom                      []string
 	ServerNamesHashBucketSize          string
 	ServerNamesHashMaxSize             string
+	MapHashBucketSize                  string
+	MapHashMaxSize                     string
 	ServerTokens                       string
 	SSLRejectHandshake                 bool
 	SSLCiphers                         string

internal/configs/version1/nginx-plus.tmpl

@@ -295,6 +295,9 @@ stream {
     {{if .ResolverTimeout}}resolver_timeout {{.ResolverTimeout}};{{end}}
     {{end}}
 
+    map_hash_max_size {{.MapHashMaxSize}};
+    {{if .MapHashBucketSize}}map_hash_bucket_size {{.MapHashBucketSize}};{{end}}
+
     {{if .TLSPassthrough}}
     map $ssl_preread_server_name $dest_internal_passthrough  {
         default unix:/var/lib/nginx/passthrough-https.sock;

internal/configs/version1/nginx.tmpl

@@ -229,6 +229,9 @@ stream {
     {{range $value := .StreamSnippets}}
     {{$value}}{{end}}
 
+    map_hash_max_size {{.MapHashMaxSize}};
+    {{if .MapHashBucketSize}}map_hash_bucket_size {{.MapHashBucketSize}};{{end}}
+
     {{if .TLSPassthrough}}
     map $ssl_preread_server_name $dest_internal_passthrough  {
         default unix:/var/lib/nginx/passthrough-https.sock;