Skip to content

Commit

Permalink
Add Kubernetes mesh attempt 6
Browse files Browse the repository at this point in the history
  • Loading branch information
@teh-username
teh-username committed Mar 17, 2019
1 parent 75d7dc7 commit 997f14d
Show file tree
Hide file tree
Showing 5 changed files with 252 additions and 0 deletions.
74 changes: 74 additions & 0 deletions kubernetes/attempt-6/README.md
View file
@@ -0,0 +1,74 @@
## Sixth Attempt

```
+-----------+
|+---------+|
||service-a|| +----------+
|+---------+| --->|xds-server|
|+-----+ -------/ +----------+
||proxy|<--/|
|+-----+ |
+-----------+
```

* Implementing a simple XDS server that responds to CDS requests

Discovery Request:
```
{
'version_info': '0',
'node': {
'id': 'id-service-a',
'cluster': 'cluster-service-a',
'build_version': '628d1668d7dc9244e3a8fa3d3fbabca23e92e23d/1.10.0-dev/Clean/RELEASE/BoringSSL'
}
}
```

Discovery Response:
```
{
'version_info': '0',
'resources': [
{
'@type': 'type.googleapis.com/envoy.api.v2.Cluster',
'name': 'local_service',
'connect_timeout': '0.25s',
'type': 'strict_dns',
'lb_policy': 'round_robin',
'load_assignment': {
'cluster_name': 'local_service',
'endpoints': [
{
'lb_endpoints': [
{
'endpoint': {
'address': {
'socket_address': {
'address': '127.0.0.1',
'port_value': '8080'
}
}
}
}
]
}
]
}
}
]
}
```

## Verification

Run `kubectl port-forward service-a 8081:8001` and go to `http://localhost:8081/clusters`. You should see the `local_service` cluster along with `local_service::added_via_api::true`.


### Relevant Links

* [Guidance for Building a Control Plane to Manage Envoy Proxy at the edge, as a gateway, or in a mesh](https://medium.com/solo-io/guidance-for-building-a-control-plane-to-manage-envoy-proxy-at-the-edge-as-a-gateway-or-in-a-mesh-badb6c36a2af)
* [Envoy Bootstrap configuration](https://www.envoyproxy.io/docs/envoy/latest/configuration/overview/v2_overview#bootstrap-configuration)
* [proto3 JSON mapping](https://developers.google.com/protocol-buffers/docs/proto3#json)
* [xDS REST and gRPC protocol](https://github.com/envoyproxy/data-plane-api/blob/master/XDS_PROTOCOL.md#rest-json-polling-subscriptions)
* [Common discovery API components](https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/discovery.proto#)
25 changes: 25 additions & 0 deletions kubernetes/attempt-6/manifests/cds-server.yaml
View file
@@ -0,0 +1,25 @@
kind: Service
apiVersion: v1
metadata:
name: cds-server
spec:
selector:
app: cds-server
ports:
- protocol: TCP
port: 8080
targetPort: 8080
---
apiVersion: v1
kind: Pod
metadata:
name: cds-server
labels:
app: cds-server
spec:
containers:
- name: cds-server
image: tehusername/xds-server:0.1.1
ports:
- containerPort: 8080
name: endpoint
102 changes: 102 additions & 0 deletions kubernetes/attempt-6/manifests/service-a.yaml
View file
@@ -0,0 +1,102 @@
apiVersion: v1
data:
envoy.yaml: |
node:
id: 'id-service-a'
cluster: 'cluster-service-a'
dynamic_resources:
cds_config:
api_config_source:
api_type: REST
refresh_delay: 10s
cluster_names:
- cds_cluster
static_resources:
clusters:
- name: cds_cluster
connect_timeout: 0.250s
type: strict_dns
lb_policy: round_robin
load_assignment:
cluster_name: cds_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: cds-server
port_value: 8080
admin:
access_log_path: "/dev/null"
address:
socket_address:
address: 0.0.0.0
port_value: 8001
kind: ConfigMap
metadata:
creationTimestamp: null
name: envoy-config-service-a
---
kind: Service
apiVersion: v1
metadata:
name: service-a
spec:
selector:
app: service-a
ports:
- protocol: TCP
port: 8080
targetPort: 8080
---
apiVersion: v1
kind: Pod
metadata:
name: service-a
labels:
app: service-a
spec:
initContainers:
- name: proxy-init
image: tehusername/proxy-init:1.3
env:
- name: SERVICE_PORTS
value: "8080"
- name: GID
value: "1337"
- name: UID
value: "1337"
- name: PROXY_EGRESS_PORT
value: "9001"
- name: PROXY_INGRESS_PORT
value: "9211"
securityContext:
capabilities:
add: ["NET_ADMIN"]
privileged: true
containers:
- name: service-a
image: tehusername/sample-service:2.2
ports:
- containerPort: 8080
name: endpoint
- name: proxy
image: envoyproxy/envoy:latest
securityContext:
runAsUser: 1337
command: ['/usr/local/bin/envoy']
args: ['-c', '/etc/envoy/envoy.yaml']
ports:
- containerPort: 9211
name: ingress
- containerPort: 9001
name: egress
- containerPort: 8001
name: admin
volumeMounts:
- name: envoy-config
mountPath: /etc/envoy
volumes:
- name: envoy-config
configMap:
name: envoy-config-service-a
7 changes: 7 additions & 0 deletions kubernetes/attempt-6/xds-server/Dockerfile
View file
@@ -0,0 +1,7 @@
FROM python:3.7-alpine

RUN pip3 install -q Flask==1.0.2
RUN mkdir /code
ADD ./server.py /code

CMD ["python3", "/code/server.py"]
44 changes: 44 additions & 0 deletions kubernetes/attempt-6/xds-server/server.py
View file
@@ -0,0 +1,44 @@
from flask import Flask, request, jsonify
import sys

app = Flask(__name__)

@app.route('/v2/discovery:clusters', methods=['GET', 'POST'])
def cluster_discovery():
print(f"Request received for cluster discovery", file=sys.stderr)
print(request.get_json(), file=sys.stderr)
return jsonify({
'version_info': '0',
'resources': [
{
'@type': 'type.googleapis.com/envoy.api.v2.Cluster',
'name': 'local_service',
'connect_timeout': '0.25s',
'type': 'strict_dns',
'lb_policy': 'round_robin',
'load_assignment': {
'cluster_name': 'local_service',
'endpoints': [
{
'lb_endpoints': [
{
'endpoint': {
'address': {
'socket_address': {
'address': '127.0.0.1',
'port_value': '8080'
}
}
}
}
]
}
]
}
}
]
})


if __name__ == "__main__":
app.run(host='0.0.0.0', port=8080, debug=True)

0 comments on commit 997f14d

Please sign in to comment.