Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
75d7dc7
commit 997f14d
Showing
5 changed files
with
252 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
## Sixth Attempt | ||
|
||
``` | ||
+-----------+ | ||
|+---------+| | ||
||service-a|| +----------+ | ||
|+---------+| --->|xds-server| | ||
|+-----+ -------/ +----------+ | ||
||proxy|<--/| | ||
|+-----+ | | ||
+-----------+ | ||
``` | ||
|
||
* Implementing a simple XDS server that responds to CDS requests | ||
|
||
Discovery Request: | ||
``` | ||
{ | ||
'version_info': '0', | ||
'node': { | ||
'id': 'id-service-a', | ||
'cluster': 'cluster-service-a', | ||
'build_version': '628d1668d7dc9244e3a8fa3d3fbabca23e92e23d/1.10.0-dev/Clean/RELEASE/BoringSSL' | ||
} | ||
} | ||
``` | ||
|
||
Discovery Response: | ||
``` | ||
{ | ||
'version_info': '0', | ||
'resources': [ | ||
{ | ||
'@type': 'type.googleapis.com/envoy.api.v2.Cluster', | ||
'name': 'local_service', | ||
'connect_timeout': '0.25s', | ||
'type': 'strict_dns', | ||
'lb_policy': 'round_robin', | ||
'load_assignment': { | ||
'cluster_name': 'local_service', | ||
'endpoints': [ | ||
{ | ||
'lb_endpoints': [ | ||
{ | ||
'endpoint': { | ||
'address': { | ||
'socket_address': { | ||
'address': '127.0.0.1', | ||
'port_value': '8080' | ||
} | ||
} | ||
} | ||
} | ||
] | ||
} | ||
] | ||
} | ||
} | ||
] | ||
} | ||
``` | ||
|
||
## Verification | ||
|
||
Run `kubectl port-forward service-a 8081:8001` and go to `http://localhost:8081/clusters`. You should see the `local_service` cluster along with `local_service::added_via_api::true`. | ||
|
||
|
||
### Relevant Links | ||
|
||
* [Guidance for Building a Control Plane to Manage Envoy Proxy at the edge, as a gateway, or in a mesh](https://medium.com/solo-io/guidance-for-building-a-control-plane-to-manage-envoy-proxy-at-the-edge-as-a-gateway-or-in-a-mesh-badb6c36a2af) | ||
* [Envoy Bootstrap configuration](https://www.envoyproxy.io/docs/envoy/latest/configuration/overview/v2_overview#bootstrap-configuration) | ||
* [proto3 JSON mapping](https://developers.google.com/protocol-buffers/docs/proto3#json) | ||
* [xDS REST and gRPC protocol](https://github.com/envoyproxy/data-plane-api/blob/master/XDS_PROTOCOL.md#rest-json-polling-subscriptions) | ||
* [Common discovery API components](https://www.envoyproxy.io/docs/envoy/latest/api-v2/api/v2/discovery.proto#) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
kind: Service | ||
apiVersion: v1 | ||
metadata: | ||
name: cds-server | ||
spec: | ||
selector: | ||
app: cds-server | ||
ports: | ||
- protocol: TCP | ||
port: 8080 | ||
targetPort: 8080 | ||
--- | ||
apiVersion: v1 | ||
kind: Pod | ||
metadata: | ||
name: cds-server | ||
labels: | ||
app: cds-server | ||
spec: | ||
containers: | ||
- name: cds-server | ||
image: tehusername/xds-server:0.1.1 | ||
ports: | ||
- containerPort: 8080 | ||
name: endpoint |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
apiVersion: v1 | ||
data: | ||
envoy.yaml: | | ||
node: | ||
id: 'id-service-a' | ||
cluster: 'cluster-service-a' | ||
dynamic_resources: | ||
cds_config: | ||
api_config_source: | ||
api_type: REST | ||
refresh_delay: 10s | ||
cluster_names: | ||
- cds_cluster | ||
static_resources: | ||
clusters: | ||
- name: cds_cluster | ||
connect_timeout: 0.250s | ||
type: strict_dns | ||
lb_policy: round_robin | ||
load_assignment: | ||
cluster_name: cds_cluster | ||
endpoints: | ||
- lb_endpoints: | ||
- endpoint: | ||
address: | ||
socket_address: | ||
address: cds-server | ||
port_value: 8080 | ||
admin: | ||
access_log_path: "/dev/null" | ||
address: | ||
socket_address: | ||
address: 0.0.0.0 | ||
port_value: 8001 | ||
kind: ConfigMap | ||
metadata: | ||
creationTimestamp: null | ||
name: envoy-config-service-a | ||
--- | ||
kind: Service | ||
apiVersion: v1 | ||
metadata: | ||
name: service-a | ||
spec: | ||
selector: | ||
app: service-a | ||
ports: | ||
- protocol: TCP | ||
port: 8080 | ||
targetPort: 8080 | ||
--- | ||
apiVersion: v1 | ||
kind: Pod | ||
metadata: | ||
name: service-a | ||
labels: | ||
app: service-a | ||
spec: | ||
initContainers: | ||
- name: proxy-init | ||
image: tehusername/proxy-init:1.3 | ||
env: | ||
- name: SERVICE_PORTS | ||
value: "8080" | ||
- name: GID | ||
value: "1337" | ||
- name: UID | ||
value: "1337" | ||
- name: PROXY_EGRESS_PORT | ||
value: "9001" | ||
- name: PROXY_INGRESS_PORT | ||
value: "9211" | ||
securityContext: | ||
capabilities: | ||
add: ["NET_ADMIN"] | ||
privileged: true | ||
containers: | ||
- name: service-a | ||
image: tehusername/sample-service:2.2 | ||
ports: | ||
- containerPort: 8080 | ||
name: endpoint | ||
- name: proxy | ||
image: envoyproxy/envoy:latest | ||
securityContext: | ||
runAsUser: 1337 | ||
command: ['/usr/local/bin/envoy'] | ||
args: ['-c', '/etc/envoy/envoy.yaml'] | ||
ports: | ||
- containerPort: 9211 | ||
name: ingress | ||
- containerPort: 9001 | ||
name: egress | ||
- containerPort: 8001 | ||
name: admin | ||
volumeMounts: | ||
- name: envoy-config | ||
mountPath: /etc/envoy | ||
volumes: | ||
- name: envoy-config | ||
configMap: | ||
name: envoy-config-service-a |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
FROM python:3.7-alpine | ||
|
||
RUN pip3 install -q Flask==1.0.2 | ||
RUN mkdir /code | ||
ADD ./server.py /code | ||
|
||
CMD ["python3", "/code/server.py"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
from flask import Flask, request, jsonify | ||
import sys | ||
|
||
app = Flask(__name__) | ||
|
||
@app.route('/v2/discovery:clusters', methods=['GET', 'POST']) | ||
def cluster_discovery(): | ||
print(f"Request received for cluster discovery", file=sys.stderr) | ||
print(request.get_json(), file=sys.stderr) | ||
return jsonify({ | ||
'version_info': '0', | ||
'resources': [ | ||
{ | ||
'@type': 'type.googleapis.com/envoy.api.v2.Cluster', | ||
'name': 'local_service', | ||
'connect_timeout': '0.25s', | ||
'type': 'strict_dns', | ||
'lb_policy': 'round_robin', | ||
'load_assignment': { | ||
'cluster_name': 'local_service', | ||
'endpoints': [ | ||
{ | ||
'lb_endpoints': [ | ||
{ | ||
'endpoint': { | ||
'address': { | ||
'socket_address': { | ||
'address': '127.0.0.1', | ||
'port_value': '8080' | ||
} | ||
} | ||
} | ||
} | ||
] | ||
} | ||
] | ||
} | ||
} | ||
] | ||
}) | ||
|
||
|
||
if __name__ == "__main__": | ||
app.run(host='0.0.0.0', port=8080, debug=True) |