Skip to content
Permalink
Browse files

feat(model): support locations

watch router.deis.io/proxyLocations and router.deis.io/proxyDomain and
update routing rules according to settings passed there.
  • Loading branch information...
notmaxx committed Sep 11, 2018
1 parent ad8a231 commit d079bacc2eb55c0f0fc0285b2db6143d24406e95
Showing with 89 additions and 34 deletions.
  1. +2 −0 README.md
  2. +50 −0 model/model.go
  3. +37 −34 nginx/config.go
@@ -288,6 +288,8 @@ _Note that Kubernetes annotation maps are all of Go type `map[string]string`. A
| <a name="app-nginx-proxy-buffers-number"></a>routable application | service | [router.deis.io/nginx.proxyBuffers.number](#app-nginx-proxy-buffers-number) | `"8"` | `number` argument to the nginx `proxy_buffers` directive. This can be used to override the same option set globally on the router. |
| <a name="app-nginx-proxy-buffers-size"></a>routable application | service | [router.deis.io/nginx.proxyBuffers.size](#app-nginx-proxy-buffers-size) | `"4k"` | `size` argument to the nginx `proxy_buffers` directive expressed in bytes (no suffix), kilobytes (suffixes `k` and `K`), or megabytes (suffixes `m` and `M`). This can be used to override the same option set globally on the router. |
| <a name="app-nginx-proxy-buffers-busy-size"></a>routable application | service | [router.deis.io/nginx.proxyBuffers.busySize](#app-nginx-proxy-buffers-busy-size) | `"8k"` | nginx `proxy_busy_buffers_size` expressed in bytes (no suffix), kilobytes (suffixes `k` and `K`), or megabytes (suffixes `m` and `M`). This can be used to override the same option set globally on the router. |
|<a name="app-proxy-locations"></a>routable application | service | [router.deis.io/proxyLocations](#app-proxy-locations) | N/A | A list of locations of this servide to plug-in into another service determined by `router.deis.io/proxyDomain` |
|<a name="app-proxy-domain"></a>routable application | service | [router.deis.io/proxyDomain](#app-proxy-domain) | N/A | A reference to another service to plug-in `router.deis.io/proxyLocations` to |

#### Annotations by example

@@ -3,6 +3,7 @@ package model
import (
"bytes"
"encoding/gob"
goerrors "errors"
"fmt"
"log"
"strings"
@@ -150,6 +151,14 @@ type AppConfig struct {
Maintenance bool `key:"maintenance" constraint:"(?i)^(true|false)$"`
SSLConfig *SSLConfig `key:"ssl"`
Nginx *NginxAppConfig `key:"nginx"`
ProxyLocations []string `key:"proxyLocations"`
ProxyDomain string `key:"proxyDomain"`
Locations []*Location
}

type Location struct {
App *AppConfig
Path string
}

func newAppConfig(routerConfig *RouterConfig) (*AppConfig, error) {
@@ -391,6 +400,11 @@ func build(kubeClient *kubernetes.Clientset, routerDeployment *v1beta1ext.Deploy
routerConfig.AppConfigs = append(routerConfig.AppConfigs, appConfig)
}
}
err = linkLocations(routerConfig.AppConfigs)
if err != nil {
return nil, err
}
addRootLocations(routerConfig.AppConfigs)
if builderService != nil {
builderConfig, err := buildBuilderConfig(builderService)
if err != nil {
@@ -403,6 +417,41 @@ func build(kubeClient *kubernetes.Clientset, routerDeployment *v1beta1ext.Deploy
return routerConfig, nil
}

func appByDomain(appConfigs []*AppConfig, domain string) *AppConfig {
for _, app := range appConfigs {
for _, appDomain := range app.Domains {
if domain == appDomain {
return app
}
}
}
return nil
}

func linkLocations(appConfigs []*AppConfig) error {
for _, app := range appConfigs {
if app.ProxyDomain != "" && len(app.ProxyLocations) > 0 {
targetApp := appByDomain(appConfigs, app.ProxyDomain)
if targetApp == nil {
return goerrors.New(fmt.Sprintf("Can't find ProxyDomain '%s' in any application", app.ProxyDomain))
}

for _, loc := range app.ProxyLocations {
location := &Location{App: app, Path: loc}
targetApp.Locations = append(targetApp.Locations, location)
}
}
}
return nil
}

func addRootLocations(appConfigs []*AppConfig) {
for _, app := range appConfigs {
rootLocation := &Location{App: app, Path: "/"}
app.Locations = append(app.Locations, rootLocation)
}
}

func buildRouterConfig(routerDeployment *v1beta1.Deployment, platformCertSecret *v1.Secret, dhParamSecret *v1.Secret) (*RouterConfig, error) {
routerConfig, err := newRouterConfig()
if err != nil {
@@ -449,6 +498,7 @@ func buildAppConfig(kubeClient *kubernetes.Clientset, service v1.Service, router
if err != nil {
return nil, err
}

// If no domains are found, we don't have the information we need to build routes
// to this application. Abort.
if len(appConfig.Domains) == 0 {
@@ -270,41 +270,44 @@ http {
vhost_traffic_status_filter_by_set_key {{ $appConfig.Name }} application::*;
location / {
{{ if $routerConfig.RequestIDs }}
add_header X-Request-Id $request_id always;
add_header X-Correlation-Id $correlation_id always;
{{end}}
{{ if $appConfig.Maintenance }}return 503;{{ else if $appConfig.Available }}
proxy_buffering {{ if $appConfig.Nginx.ProxyBuffersConfig.Enabled }}on{{ else }}off{{ end }};
proxy_buffer_size {{ $appConfig.Nginx.ProxyBuffersConfig.Size }};
proxy_buffers {{ $appConfig.Nginx.ProxyBuffersConfig.Number }} {{ $appConfig.Nginx.ProxyBuffersConfig.Size }};
proxy_busy_buffers_size {{ $appConfig.Nginx.ProxyBuffersConfig.BusySize }};
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $access_scheme;
proxy_set_header X-Forwarded-Port $forwarded_port;
proxy_redirect off;
proxy_connect_timeout {{ $appConfig.ConnectTimeout }};
proxy_send_timeout {{ $appConfig.TCPTimeout }};
proxy_read_timeout {{ $appConfig.TCPTimeout }};
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
{{ if $routerConfig.RequestIDs }}
proxy_set_header X-Request-Id $request_id;
proxy_set_header X-Correlation-Id $correlation_id;
{{ end }}
{{ if or $enforceSecure $appConfig.SSLConfig.Enforce }}if ($access_scheme !~* "^https|wss$") {
return 301 $uri_scheme://$host$request_uri;
}{{ end }}
{{ if $hstsConfig.Enabled }}add_header Strict-Transport-Security $sts always;{{ end }}
{{range $location := $appConfig.Locations}}
location {{ $location.Path }} {
{{ if $routerConfig.RequestIDs }}
add_header X-Request-Id $request_id always;
add_header X-Correlation-Id $correlation_id always;
{{end}}
{{ if $location.App.Maintenance }}return 503;{{ else if $location.App.Available }}
proxy_buffering {{ if $location.App.Nginx.ProxyBuffersConfig.Enabled }}on{{ else }}off{{ end }};
proxy_buffer_size {{ $location.App.Nginx.ProxyBuffersConfig.Size }};
proxy_buffers {{ $location.App.Nginx.ProxyBuffersConfig.Number }} {{ $location.App.Nginx.ProxyBuffersConfig.Size }};
proxy_busy_buffers_size {{ $location.App.Nginx.ProxyBuffersConfig.BusySize }};
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $access_scheme;
proxy_set_header X-Forwarded-Port $forwarded_port;
proxy_redirect off;
proxy_connect_timeout {{ $location.App.ConnectTimeout }};
proxy_send_timeout {{ $location.App.TCPTimeout }};
proxy_read_timeout {{ $location.App.TCPTimeout }};
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
{{ if $routerConfig.RequestIDs }}
proxy_set_header X-Request-Id $request_id;
proxy_set_header X-Correlation-Id $correlation_id;
{{ end }}
{{ if or $enforceSecure $location.App.SSLConfig.Enforce }}if ($access_scheme !~* "^https|wss$") {
return 301 $uri_scheme://$host$request_uri;
}{{ end }}
{{ if $hstsConfig.Enabled }}add_header Strict-Transport-Security $sts always;{{ end }}
proxy_pass http://{{$location.App.ServiceIP}}:80;{{ else }}return 503;{{ end }}
}
{{end}}
proxy_pass http://{{$appConfig.ServiceIP}}:80;{{ else }}return 503;{{ end }}
}
{{ if $appConfig.Maintenance }}error_page 503 @maintenance;
location @maintenance {
root /;

0 comments on commit d079bac

Please sign in to comment.
You can’t perform that action at this time.