Refactoring of TCP and UDP services

2017-02-24 18:46:39 -03:00 · 2017-02-24 18:46:39 -03:00 · 84324af140
commit 84324af140
parent 33ab550290
7 changed files with 71 additions and 116 deletions
--- a/controllers/nginx/pkg/config/config.go
+++ b/controllers/nginx/pkg/config/config.go
@ -299,8 +299,8 @@ type TemplateConfig struct {
 	Backends            []*ingress.Backend
 	PassthroughBackends []*ingress.SSLPassthroughBackend
 	Servers             []*ingress.Server
-	TCPBackends         []*ingress.Location
-	UDPBackends         []*ingress.Location
+	TCPBackends         []ingress.L4Service
+	UDPBackends         []ingress.L4Service
 	HealthzURI          string
 	CustomErrors        bool
 	Cfg                 Configuration
--- a/controllers/nginx/pkg/template/template.go
+++ b/controllers/nginx/pkg/template/template.go
@ -134,7 +134,6 @@ var (
 		"buildSSLPassthroughUpstreams": buildSSLPassthroughUpstreams,
 		"buildResolvers":               buildResolvers,
 		"isLocationAllowed":            isLocationAllowed,
-		"buildStreamUpstreams":         buildStreamUpstreams,

 		"contains":  strings.Contains,
 		"hasPrefix": strings.HasPrefix,
@ -193,34 +192,6 @@ func buildSSLPassthroughUpstreams(b interface{}, sslb interface{}) string {
 	return buf.String()
 }

-func buildStreamUpstreams(proto string, b interface{}, s interface{}) string {
-	backends := b.([]*ingress.Backend)
-	streams := s.([]*ingress.Location)
-	buf := bytes.NewBuffer(make([]byte, 0, 10))
-	// multiple services can use the same upstream.
-	// avoid duplications using a map[name]=true
-	u := make(map[string]bool)
-	for _, stream := range streams {
-		if u[stream.Backend] {
-			continue
-		}
-		u[stream.Backend] = true
-		fmt.Fprintf(buf, "upstream %v-%v {\n", proto, stream.Backend)
-		// TODO: find a better way to avoid empty stream upstreams
-		fmt.Fprintf(buf, "\t\tserver 127.0.0.1:8181 down;\n")
-		for _, backend := range backends {
-			if backend.Name == stream.Backend {
-				for _, server := range backend.Endpoints {
-					fmt.Fprintf(buf, "\t\tserver %v:%v;\n", server.Address, server.Port)
-				}
-				break
-			}
-		}
-		fmt.Fprint(buf, "\t}\n\n")
-	}
-	return buf.String()
-}
-
 // buildLocation produces the location string, if the ingress has redirects
 // (specified through the ingress.kubernetes.io/rewrite-to annotation)
 func buildLocation(input interface{}) string {
--- a/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
+++ b/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
@ -326,8 +326,8 @@ http {

            proxy_http_version                      1.1;

-            proxy_cookie_domain                     {{ $location.Proxy.CookiePath }};
-            proxy_cookie_path                       {{ $location.Proxy.CookieDomain }};
+            proxy_cookie_domain                     {{ $location.Proxy.CookieDomain }};
+            proxy_cookie_path                       {{ $location.Proxy.CookiePath }};

            {{/* rewrite only works if the content is not compressed */}}
            {{ if $location.Redirect.AddBaseURL }}
@ -460,25 +460,33 @@ stream {
        ssl_preread             on;
    }
    
-    {{ buildStreamUpstreams "tcp" $backends .TCPBackends }}
-    
-    {{ buildStreamUpstreams "udp" $backends .UDPBackends }}
-
    # TCP services		
    {{ range $i, $tcpServer := .TCPBackends }}
-        server {
-            listen {{ $tcpServer.Path }};
-            proxy_pass             tcp-{{ $tcpServer.Backend }};		
-        }
+    upstream {{ $tcpServer.Backend.Namespace }}-{{ $tcpServer.Backend.Name }}-{{ $tcpServer.Backend.Port }} {
+    {{ range $j, $endpoint := $tcpServer.Endpoints }}
+        server                  {{ $endpoint.Address }}:{{ $endpoint.Port }};
+    {{ end }}
+    }
+    
+    server {
+        listen                  {{ $tcpServer.Port }};
+        proxy_pass              {{ $tcpServer.Backend.Namespace }}-{{ $tcpServer.Backend.Name }}-{{ $tcpServer.Backend.Port }};
+    }
    {{ end }}

-    # UDP services		
-    {{ range $i, $udpServer := .UDPBackends }}		
-        server {		
-            listen {{ $udpServer.Path }} udp;
-            proxy_responses        1;
-            proxy_pass             udp-{{ $udpServer.Backend }};
-        }		
+    # UDP services
+    {{ range $i, $udpServer := .UDPBackends }}
+    upstream {{ $udpServer.Backend.Namespace }}-{{ $udpServer.Backend.Name }}-{{ $udpServer.Backend.Port }} {
+    {{ range $j, $endpoint := $udpServer.Endpoints }}
+        server                  {{ $endpoint.Address }}:{{ $endpoint.Port }};
+    {{ end }}
+    }
+    
+    server {
+        listen                  {{ $udpServer.Port }};
+        proxy_responses         1;
+        proxy_pass              {{ $udpServer.Backend.Namespace }}-{{ $udpServer.Backend.Name }}-{{ $udpServer.Backend.Port }};		
+    }
    {{ end }}
 }

--- a/controllers/nginx/test/data/config.json
+++ b/controllers/nginx/test/data/config.json
@ -57134,57 +57134,7 @@
 		}]
 	}],
 	"sslDHParam": "",
-	"tcpBackends": [{
-		"path": "2222",
-		"isDefBackend": false,
-		"backend": "default-echoheaders-2222",
-		"basicDigestAuth": {
-			"type": "",
-			"realm": "",
-			"file": "",
-			"secured": false
-		},
-		"externalAuth": {
-			"url": "",
-			"method": "",
-			"sendBody": false
-		},
-		"rateLimit": {
-			"connections": {
-				"name": "",
-				"limit": 0,
-				"burst": 0,
-				"sharedSize": 0
-			},
-			"rps": {
-				"name": "",
-				"limit": 0,
-				"burst": 0,
-				"sharedSize": 0
-			}
-		},
-		"redirect": {
-			"target": "",
-			"addBaseUrl": false,
-			"sslRedirect": false
-		},
-		"whitelist": {
-			"cidr": null
-		},
-		"proxy": {
-			"conectTimeout": 0,
-			"sendTimeout": 0,
-			"readTimeout": 0,
-			"bufferSize": ""
-		},
-		"certificateAuth": {
-			"secret": "",
-			"certFilename": "",
-			"keyFilename": "",
-			"caFilename": "",
-			"pemSha": ""
-		}
-	}],
+	"tcpBackends": [],
 	"udpBackends": [],
 	"backends": [{
 		"name": "default-echoheaders-80",