Merge pull request #258 from rikatz/nginx-sticky-annotations

Nginx sticky annotations
2017-02-17 05:27:18 +05:30 · 2017-02-17 05:27:18 +05:30 · 698c08402a
commit 698c08402a
parent a41ee3f4ce 4be502efaa
10 changed files with 406 additions and 10 deletions
--- a/core/pkg/ingress/annotations/sessionaffinity/main.go
+++ b/core/pkg/ingress/annotations/sessionaffinity/main.go
@ -0,0 +1,118 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package sessionaffinity
+
+import (
+	"regexp"
+
+	"github.com/golang/glog"
+
+	"k8s.io/kubernetes/pkg/apis/extensions"
+
+	"k8s.io/ingress/core/pkg/ingress/annotations/parser"
+)
+
+const (
+	annotationAffinityType = "ingress.kubernetes.io/affinity"
+	// If a cookie with this name exists,
+	// its value is used as an index into the list of available backends.
+	annotationAffinityCookieName = "ingress.kubernetes.io/session-cookie-name"
+	defaultAffinityCookieName    = "INGRESSCOOKIE"
+	// This is the algorithm used by nginx to generate a value for the session cookie, if
+	// one isn't supplied and affintiy is set to "cookie".
+	annotationAffinityCookieHash = "ingress.kubernetes.io/session-cookie-hash"
+	defaultAffinityCookieHash    = "md5"
+)
+
+var (
+	affinityCookieHashRegex = regexp.MustCompile(`^(index|md5|sha1)$`)
+)
+
+// AffinityConfig describes the per ingress session affinity config
+type AffinityConfig struct {
+	// The type of affinity that will be used
+	AffinityType string `json:"type"`
+	CookieConfig
+}
+
+// CookieConfig describes the Config of cookie type affinity
+type CookieConfig struct {
+	// The name of the cookie that will be used in case of cookie affinity type.
+	Name string `json:"name"`
+	// The hash that will be used to encode the cookie in case of cookie affinity type
+	Hash string `json:"hash"`
+}
+
+// CookieAffinityParse gets the annotation values related to Cookie Affinity
+// It also sets default values when no value or incorrect value is found
+func CookieAffinityParse(ing *extensions.Ingress) *CookieConfig {
+
+	sn, err := parser.GetStringAnnotation(annotationAffinityCookieName, ing)
+
+	if err != nil || sn == "" {
+		glog.V(3).Infof("Ingress %v: No value found in annotation %v. Using the default %v", ing.Name, annotationAffinityCookieName, defaultAffinityCookieName)
+		sn = defaultAffinityCookieName
+	}
+
+	sh, err := parser.GetStringAnnotation(annotationAffinityCookieHash, ing)
+
+	if err != nil || !affinityCookieHashRegex.MatchString(sh) {
+		glog.V(3).Infof("Invalid or no annotation value found in Ingress %v: %v. Setting it to default %v", ing.Name, annotationAffinityCookieHash, defaultAffinityCookieHash)
+		sh = defaultAffinityCookieHash
+	}
+
+	return &CookieConfig{
+		Name: sn,
+		Hash: sh,
+	}
+}
+
+// NewParser creates a new Affinity annotation parser
+func NewParser() parser.IngressAnnotation {
+	return affinity{}
+}
+
+type affinity struct {
+}
+
+// ParseAnnotations parses the annotations contained in the ingress
+// rule used to configure the affinity directives
+func (a affinity) Parse(ing *extensions.Ingress) (interface{}, error) {
+
+	var cookieAffinityConfig *CookieConfig
+	cookieAffinityConfig = &CookieConfig{}
+
+	// Check the type of affinity that will be used
+	at, err := parser.GetStringAnnotation(annotationAffinityType, ing)
+	if err != nil {
+		at = ""
+	}
+
+	switch at {
+	case "cookie":
+		cookieAffinityConfig = CookieAffinityParse(ing)
+
+	default:
+		glog.V(3).Infof("No default affinity was found for Ingress %v", ing.Name)
+
+	}
+	return &AffinityConfig{
+		AffinityType: at,
+		CookieConfig: *cookieAffinityConfig,
+	}, nil
+
+}
--- a/core/pkg/ingress/annotations/sessionaffinity/main_test.go
+++ b/core/pkg/ingress/annotations/sessionaffinity/main_test.go
@ -0,0 +1,88 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package sessionaffinity
+
+import (
+	"testing"
+
+	"k8s.io/kubernetes/pkg/api"
+	"k8s.io/kubernetes/pkg/apis/extensions"
+	"k8s.io/kubernetes/pkg/util/intstr"
+)
+
+func buildIngress() *extensions.Ingress {
+	defaultBackend := extensions.IngressBackend{
+		ServiceName: "default-backend",
+		ServicePort: intstr.FromInt(80),
+	}
+
+	return &extensions.Ingress{
+		ObjectMeta: api.ObjectMeta{
+			Name:      "foo",
+			Namespace: api.NamespaceDefault,
+		},
+		Spec: extensions.IngressSpec{
+			Backend: &extensions.IngressBackend{
+				ServiceName: "default-backend",
+				ServicePort: intstr.FromInt(80),
+			},
+			Rules: []extensions.IngressRule{
+				{
+					Host: "foo.bar.com",
+					IngressRuleValue: extensions.IngressRuleValue{
+						HTTP: &extensions.HTTPIngressRuleValue{
+							Paths: []extensions.HTTPIngressPath{
+								{
+									Path:    "/foo",
+									Backend: defaultBackend,
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+}
+
+func TestIngressAffinityCookieConfig(t *testing.T) {
+	ing := buildIngress()
+
+	data := map[string]string{}
+	data[annotationAffinityType] = "cookie"
+	data[annotationAffinityCookieHash] = "sha123"
+	data[annotationAffinityCookieName] = "INGRESSCOOKIE"
+	ing.SetAnnotations(data)
+
+	affin, _ := NewParser().Parse(ing)
+	nginxAffinity, ok := affin.(*AffinityConfig)
+	if !ok {
+		t.Errorf("expected a Config type")
+	}
+
+	if nginxAffinity.AffinityType != "cookie" {
+		t.Errorf("expected cookie as sticky-type but returned %v", nginxAffinity.AffinityType)
+	}
+
+	if nginxAffinity.CookieConfig.Hash != "md5" {
+		t.Errorf("expected md5 as sticky-hash but returned %v", nginxAffinity.CookieConfig.Hash)
+	}
+
+	if nginxAffinity.CookieConfig.Name != "INGRESSCOOKIE" {
+		t.Errorf("expected route as sticky-name but returned %v", nginxAffinity.CookieConfig.Name)
+	}
+}
--- a/core/pkg/ingress/controller/annotations.go
+++ b/core/pkg/ingress/controller/annotations.go
@ -33,6 +33,7 @@ import (
 	"k8s.io/ingress/core/pkg/ingress/annotations/ratelimit"
 	"k8s.io/ingress/core/pkg/ingress/annotations/rewrite"
 	"k8s.io/ingress/core/pkg/ingress/annotations/secureupstream"
+	"k8s.io/ingress/core/pkg/ingress/annotations/sessionaffinity"
 	"k8s.io/ingress/core/pkg/ingress/annotations/sslpassthrough"
 	"k8s.io/ingress/core/pkg/ingress/errors"
 	"k8s.io/ingress/core/pkg/ingress/resolver"
@ -62,6 +63,7 @@ func newAnnotationExtractor(cfg extractorConfig) annotationExtractor {
 			"RateLimit":          ratelimit.NewParser(),
 			"Redirect":           rewrite.NewParser(cfg),
 			"SecureUpstream":     secureupstream.NewParser(),
+			"SessionAffinity":    sessionaffinity.NewParser(),
 			"SSLPassthrough":     sslpassthrough.NewParser(),
 		},
 	}
@ -96,9 +98,10 @@ func (e *annotationExtractor) Extract(ing *extensions.Ingress) map[string]interf
 }

 const (
-	secureUpstream = "SecureUpstream"
-	healthCheck    = "HealthCheck"
-	sslPassthrough = "SSLPassthrough"
+	secureUpstream  = "SecureUpstream"
+	healthCheck     = "HealthCheck"
+	sslPassthrough  = "SSLPassthrough"
+	sessionAffinity = "SessionAffinity"
 )

 func (e *annotationExtractor) SecureUpstream(ing *extensions.Ingress) bool {
@ -115,3 +118,8 @@ func (e *annotationExtractor) SSLPassthrough(ing *extensions.Ingress) bool {
 	val, _ := e.annotations[sslPassthrough].Parse(ing)
 	return val.(bool)
 }
+
+func (e *annotationExtractor) SessionAffinity(ing *extensions.Ingress) *sessionaffinity.AffinityConfig {
+	val, _ := e.annotations[sessionAffinity].Parse(ing)
+	return val.(*sessionaffinity.AffinityConfig)
+}
--- a/core/pkg/ingress/controller/annotations_test.go
+++ b/core/pkg/ingress/controller/annotations_test.go
@ -28,10 +28,13 @@ import (
 )

 const (
-	annotationSecureUpstream = "ingress.kubernetes.io/secure-backends"
-	annotationUpsMaxFails    = "ingress.kubernetes.io/upstream-max-fails"
-	annotationUpsFailTimeout = "ingress.kubernetes.io/upstream-fail-timeout"
-	annotationPassthrough    = "ingress.kubernetes.io/ssl-passthrough"
+	annotationSecureUpstream     = "ingress.kubernetes.io/secure-backends"
+	annotationUpsMaxFails        = "ingress.kubernetes.io/upstream-max-fails"
+	annotationUpsFailTimeout     = "ingress.kubernetes.io/upstream-fail-timeout"
+	annotationPassthrough        = "ingress.kubernetes.io/ssl-passthrough"
+	annotationAffinityType       = "ingress.kubernetes.io/affinity"
+	annotationAffinityCookieName = "ingress.kubernetes.io/session-cookie-name"
+	annotationAffinityCookieHash = "ingress.kubernetes.io/session-cookie-hash"
 )

 type mockCfg struct {
@ -179,3 +182,39 @@ func TestSSLPassthrough(t *testing.T) {
 		}
 	}
 }
+
+func TestAffinitySession(t *testing.T) {
+	ec := newAnnotationExtractor(mockCfg{})
+	ing := buildIngress()
+
+	fooAnns := []struct {
+		annotations  map[string]string
+		affinitytype string
+		hash         string
+		name         string
+	}{
+		{map[string]string{annotationAffinityType: "cookie", annotationAffinityCookieHash: "md5", annotationAffinityCookieName: "route"}, "cookie", "md5", "route"},
+		{map[string]string{annotationAffinityType: "cookie", annotationAffinityCookieHash: "xpto", annotationAffinityCookieName: "route1"}, "cookie", "md5", "route1"},
+		{map[string]string{annotationAffinityType: "cookie", annotationAffinityCookieHash: "", annotationAffinityCookieName: ""}, "cookie", "md5", "INGRESSCOOKIE"},
+		{map[string]string{}, "", "", ""},
+		{nil, "", "", ""},
+	}
+
+	for _, foo := range fooAnns {
+		ing.SetAnnotations(foo.annotations)
+		r := ec.SessionAffinity(ing)
+		t.Logf("Testing pass %v %v %v", foo.affinitytype, foo.hash, foo.name)
+		if r == nil {
+			t.Errorf("Returned nil but expected a SessionAffinity.AffinityConfig")
+			continue
+		}
+
+		if r.CookieConfig.Hash != foo.hash {
+			t.Errorf("Returned %v but expected %v for Hash", r.CookieConfig.Hash, foo.hash)
+		}
+
+		if r.CookieConfig.Name != foo.name {
+			t.Errorf("Returned %v but expected %v for Name", r.CookieConfig.Name, foo.name)
+		}
+	}
+}
--- a/core/pkg/ingress/controller/controller.go
+++ b/core/pkg/ingress/controller/controller.go
@ -723,6 +723,7 @@ func (ic *GenericController) createUpstreams(data []interface{}) map[string]*ing

 		secUpstream := ic.annotations.SecureUpstream(ing)
 		hz := ic.annotations.HealthCheck(ing)
+		affinity := ic.annotations.SessionAffinity(ing)

 		var defBackend string
 		if ing.Spec.Backend != nil {
@ -762,6 +763,14 @@ func (ic *GenericController) createUpstreams(data []interface{}) map[string]*ing
 				if !upstreams[name].Secure {
 					upstreams[name].Secure = secUpstream
 				}
+				if upstreams[name].SessionAffinity.AffinityType == "" {
+					upstreams[name].SessionAffinity.AffinityType = affinity.AffinityType
+					if affinity.AffinityType == "cookie" {
+						upstreams[name].SessionAffinity.CookieSessionAffinity.Name = affinity.CookieConfig.Name
+						upstreams[name].SessionAffinity.CookieSessionAffinity.Hash = affinity.CookieConfig.Hash
+					}
+				}
+
 				svcKey := fmt.Sprintf("%v/%v", ing.GetNamespace(), path.Backend.ServiceName)
 				endp, err := ic.serviceEndpoints(svcKey, path.Backend.ServicePort.String(), hz)
 				if err != nil {
--- a/core/pkg/ingress/types.go
+++ b/core/pkg/ingress/types.go
@ -154,6 +154,26 @@ type Backend struct {
 	Secure bool `json:"secure"`
 	// Endpoints contains the list of endpoints currently running
 	Endpoints []Endpoint `json:"endpoints"`
+	// StickySession contains the StickyConfig object with stickness configuration
+
+	SessionAffinity SessionAffinityConfig
+}
+
+// SessionAffinityConfig describes different affinity configurations for new sessions.
+// Once a session is mapped to a backend based on some affinity setting, it
+// retains that mapping till the backend goes down, or the ingress controller
+// restarts. Exactly one of these values will be set on the upstream, since multiple
+// affinity values are incompatible. Once set, the backend makes no guarantees
+// about honoring updates.
+type SessionAffinityConfig struct {
+	AffinityType          string `json:"name"`
+	CookieSessionAffinity CookieSessionAffinity
+}
+
+// CookieSessionAffinity defines the structure used in Affinity configured by Cookies.
+type CookieSessionAffinity struct {
+	Name string `json:"name"`
+	Hash string `json:"hash"`
 }

 // Endpoint describes a kubernetes endpoint in a backend