Remove lua and use fastcgi to render errors

controllers/nginx/pkg/cmd/controller/nginx.go

@@ -38,6 +38,7 @@ import (
 	extensions "k8s.io/api/extensions/v1beta1"
 
 	"k8s.io/ingress/controllers/nginx/pkg/config"
+	"k8s.io/ingress/controllers/nginx/pkg/fastcgi"
 	ngx_template "k8s.io/ingress/controllers/nginx/pkg/template"
 	"k8s.io/ingress/controllers/nginx/pkg/version"
 	"k8s.io/ingress/core/pkg/ingress"
@@ -54,6 +55,10 @@ const (
 
 	defaultStatusModule statusModule = "default"
 	vtsStatusModule     statusModule = "vts"
+
+	defUpstreamName = "upstream-default-backend"
+
+	fastCGISocket = "/var/run/go-fastcgi.sock"
 )
 
 var (
@@ -123,6 +128,23 @@ func newNGINXController() ingress.Controller {
 		}
 	}()
 
+	fcgiListener, err := net.Listen("unix", fastCGISocket)
+	if err != nil {
+		glog.Fatalf("%v", err)
+	}
+
+	err = os.Chmod(fastCGISocket, 0777)
+	if err != nil {
+		glog.Fatalf("%v", err)
+	}
+
+	go func() {
+		err = fastcgi.ServeError(fcgiListener)
+		if err != nil {
+			glog.Fatalf("%v", err)
+		}
+	}()
+
 	var onChange func()
 	onChange = func() {
 		template, err := ngx_template.NewTemplate(tmplPath, onChange)
@@ -523,7 +545,7 @@ func (n *NGINXController) OnUpdate(ingressCfg ingress.Configuration) error {
 
 	cfg.SSLDHParam = sslDHParam
 
-	content, err := n.t.Write(config.TemplateConfig{
+	tc := config.TemplateConfig{
 		ProxySetHeaders:     setHeaders,
 		AddHeaders:          addHeaders,
 		MaxOpenFiles:        maxOpenFiles,
@@ -537,7 +559,21 @@ func (n *NGINXController) OnUpdate(ingressCfg ingress.Configuration) error {
 		CustomErrors:        len(cfg.CustomHTTPErrors) > 0,
 		Cfg:                 cfg,
 		IsIPV6Enabled:       n.isIPV6Enabled && !cfg.DisableIpv6,
-	})
+	}
+
+	// We need to extract the endpoints to be used in the fastcgi error handler
+	for _, b := range ingressCfg.Backends {
+		if b.Name == defUpstreamName {
+			eps := []string{}
+			for _, e := range b.Endpoints {
+				eps = append(eps, fmt.Sprintf("%v:%v", e.Address, e.Port))
+			}
+			tc.DefaultBackendEndpoints = strings.Join(eps, ",")
+			break
+		}
+	}
+
+	content, err := n.t.Write(tc)
 
 	if err != nil {
 		return err

controllers/nginx/pkg/config/config.go

@@ -406,17 +406,18 @@ func (cfg Configuration) BuildLogFormatUpstream() string {
 
 // TemplateConfig contains the nginx configuration to render the file nginx.conf
 type TemplateConfig struct {
-	ProxySetHeaders     map[string]string
-	AddHeaders          map[string]string
-	MaxOpenFiles        int
-	BacklogSize         int
-	Backends            []*ingress.Backend
-	PassthroughBackends []*ingress.SSLPassthroughBackend
-	Servers             []*ingress.Server
-	TCPBackends         []ingress.L4Service
-	UDPBackends         []ingress.L4Service
-	HealthzURI          string
-	CustomErrors        bool
-	Cfg                 Configuration
-	IsIPV6Enabled       bool
+	DefaultBackendEndpoints string
+	ProxySetHeaders         map[string]string
+	AddHeaders              map[string]string
+	MaxOpenFiles            int
+	BacklogSize             int
+	Backends                []*ingress.Backend
+	PassthroughBackends     []*ingress.SSLPassthroughBackend
+	Servers                 []*ingress.Server
+	TCPBackends             []ingress.L4Service
+	UDPBackends             []ingress.L4Service
+	HealthzURI              string
+	CustomErrors            bool
+	Cfg                     Configuration
+	IsIPV6Enabled           bool
 }

controllers/nginx/pkg/fastcgi/fastcgi.go

@@ -0,0 +1,104 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package fastcgi
+
+import (
+	"fmt"
+	"io/ioutil"
+	"math/rand"
+	"net"
+	"net/http"
+	"net/http/fcgi"
+	"strconv"
+	"strings"
+)
+
+const (
+	// CodeHeader name of the header that indicates the expected response
+	// status code
+	CodeHeader = "X-Code"
+	// FormatHeader name of the header with the expected Content-Type to be
+	// sent to the client
+	FormatHeader = "X-Format"
+	// EndpointsHeader comma separated header that contains the list of
+	// endpoints for the default backend
+	EndpointsHeader = "X-Endpoints"
+	// ContentTypeHeader returns information about the type of the returned body
+	ContentTypeHeader = "Content-Type"
+)
+
+// ServeError creates a fastcgi handler to serve the custom error pages
+func ServeError(l net.Listener) error {
+	return fcgi.Serve(l, handler())
+}
+
+func handler() http.Handler {
+	r := http.NewServeMux()
+	r.HandleFunc("/", serveError)
+	return r
+}
+
+func serveError(w http.ResponseWriter, req *http.Request) {
+	code := req.Header.Get(CodeHeader)
+	format := req.Header.Get(FormatHeader)
+
+	if format == "" || format == "*/*" {
+		format = "text/html"
+	}
+
+	httpCode, err := strconv.Atoi(code)
+	if err != nil {
+		httpCode = 404
+	}
+
+	de := []byte(fmt.Sprintf("default backend - %v", httpCode))
+
+	w.Header().Set(ContentTypeHeader, format)
+	w.WriteHeader(httpCode)
+
+	eh := req.Header.Get(EndpointsHeader)
+
+	if eh == "" {
+		w.Write(de)
+		return
+	}
+
+	eps := strings.Split(eh, ",")
+
+	// TODO: add retries in case of errors
+	ep := eps[rand.Intn(len(eps))]
+	req, err = http.NewRequest("GET", fmt.Sprintf("http://%v/", ep), nil)
+	if err != nil {
+		w.Write(de)
+		return
+	}
+
+	client := &http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		w.Write(de)
+		return
+	}
+
+	b, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		w.Write(de)
+		return
+	}
+	defer resp.Body.Close()
+	w.Write(b)
+}

controllers/nginx/pkg/fastcgi/fastcgi_test.go

@@ -0,0 +1,70 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+package fastcgi
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func TestErrorHandler(t *testing.T) {
+	tt := []struct {
+		name   string
+		code   int
+		format string
+	}{
+		{name: "404 text/html", code: 404, format: "text/html"},
+		{name: "503 text/html", code: 503, format: "text/html"},
+		{name: "404 application/json", code: 404, format: "application/json"},
+	}
+
+	for _, tc := range tt {
+		t.Run(tc.name, func(t *testing.T) {
+			req, err := http.NewRequest("GET", "localhost:8080/", nil)
+			req.Header.Add(CodeHeader, fmt.Sprintf("%v", tc.code))
+			req.Header.Add(FormatHeader, tc.format)
+			if err != nil {
+				t.Fatalf("could not created request: %v", err)
+			}
+			w := httptest.NewRecorder()
+			serveError(w, req)
+
+			res := w.Result()
+			defer res.Body.Close()
+
+			b, err := ioutil.ReadAll(res.Body)
+			if err != nil {
+				t.Fatalf("could not read response: %v", err)
+			}
+
+			if res.StatusCode != tc.code {
+				t.Errorf("expected status %v; got %v", tc.code, res.StatusCode)
+			}
+
+			ct := res.Header.Get(ContentTypeHeader)
+			if ct != tc.format {
+				t.Errorf("expected content type %v; got %v", tc.format, ct)
+			}
+
+			if len(b) == 0 {
+				t.Fatalf("unexpected empty body")
+			}
+		})
+	}
+}