Add support for temporal and permanent redirects

2017-08-19 18:13:02 -03:00 · 2017-08-19 18:13:02 -03:00 · ed68194688
commit ed68194688
parent f6413e292f
12 changed files with 232 additions and 33 deletions
--- a/core/pkg/ingress/annotations/redirect/redirect.go
+++ b/core/pkg/ingress/annotations/redirect/redirect.go
@ -0,0 +1,131 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package redirect
+
+import (
+	"net/http"
+	"net/url"
+	"strings"
+
+	extensions "k8s.io/api/extensions/v1beta1"
+
+	"k8s.io/ingress/core/pkg/ingress/annotations/parser"
+	"k8s.io/ingress/core/pkg/ingress/errors"
+)
+
+const (
+	permanent = "ingress.kubernetes.io/permanent-redirect"
+	temporal  = "ingress.kubernetes.io/temporal-redirect"
+	www       = "ingress.kubernetes.io/from-to-www-redirect"
+)
+
+// Redirect returns the redirect configuration for an Ingress rule
+type Redirect struct {
+	URL       string `json:"url"`
+	Code      int    `json:"code"`
+	FromToWWW bool   `json:"fromToWWW"`
+}
+
+type redirect struct{}
+
+// NewParser creates a new redirect annotation parser
+func NewParser() parser.IngressAnnotation {
+	return redirect{}
+}
+
+// Parse parses the annotations contained in the ingress
+// rule used to create a redirect in the paths defined in the rule.
+// If the Ingress containes both annotations the execution order is
+// temporal and then permanent
+func (a redirect) Parse(ing *extensions.Ingress) (interface{}, error) {
+	r3w, _ := parser.GetBoolAnnotation(www, ing)
+
+	tr, err := parser.GetStringAnnotation(temporal, ing)
+	if err != nil && !errors.IsMissingAnnotations(err) {
+		return nil, err
+	}
+
+	if tr != "" {
+		if err := isValidURL(tr); err != nil {
+			return nil, err
+		}
+
+		return &Redirect{
+			URL:       tr,
+			Code:      http.StatusFound,
+			FromToWWW: r3w,
+		}, nil
+	}
+
+	pr, err := parser.GetStringAnnotation(permanent, ing)
+	if err != nil && !errors.IsMissingAnnotations(err) {
+		return nil, err
+	}
+
+	if pr != "" {
+		if err := isValidURL(pr); err != nil {
+			return nil, err
+		}
+
+		return &Redirect{
+			URL:       pr,
+			Code:      http.StatusMovedPermanently,
+			FromToWWW: r3w,
+		}, nil
+	}
+
+	if r3w {
+		return &Redirect{
+			FromToWWW: r3w,
+		}, nil
+	}
+
+	return nil, errors.ErrMissingAnnotations
+}
+
+// Equal tests for equality between two Redirect types
+func (r1 *Redirect) Equal(r2 *Redirect) bool {
+	if r1 == r2 {
+		return true
+	}
+	if r1 == nil || r2 == nil {
+		return false
+	}
+	if r1.URL != r2.URL {
+		return false
+	}
+	if r1.Code != r2.Code {
+		return false
+	}
+	if r1.FromToWWW != r2.FromToWWW {
+		return false
+	}
+	return true
+}
+
+func isValidURL(s string) error {
+	u, err := url.Parse(s)
+	if err != nil {
+		return err
+	}
+
+	if !strings.HasPrefix(u.Scheme, "http") {
+		return errors.Errorf("only http and https are valid protocols (%v)", u.Scheme)
+	}
+
+	return nil
+}
--- a/core/pkg/ingress/controller/annotations.go
+++ b/core/pkg/ingress/controller/annotations.go
@ -19,6 +19,7 @@ package controller
 import (
 	"github.com/golang/glog"
 	extensions "k8s.io/api/extensions/v1beta1"
+	"k8s.io/ingress/core/pkg/ingress/annotations/alias"
 	"k8s.io/ingress/core/pkg/ingress/annotations/auth"
 	"k8s.io/ingress/core/pkg/ingress/annotations/authreq"
 	"k8s.io/ingress/core/pkg/ingress/annotations/authtls"
@ -29,6 +30,7 @@ import (
 	"k8s.io/ingress/core/pkg/ingress/annotations/portinredirect"
 	"k8s.io/ingress/core/pkg/ingress/annotations/proxy"
 	"k8s.io/ingress/core/pkg/ingress/annotations/ratelimit"
+	"k8s.io/ingress/core/pkg/ingress/annotations/redirect"
 	"k8s.io/ingress/core/pkg/ingress/annotations/rewrite"
 	"k8s.io/ingress/core/pkg/ingress/annotations/secureupstream"
 	"k8s.io/ingress/core/pkg/ingress/annotations/serviceupstream"
@ -37,7 +39,6 @@ import (
 	"k8s.io/ingress/core/pkg/ingress/annotations/sslpassthrough"
 	"k8s.io/ingress/core/pkg/ingress/errors"
 	"k8s.io/ingress/core/pkg/ingress/resolver"
-	"k8s.io/ingress/core/pkg/ingress/annotations/alias"
 )

 type extractorConfig interface {
@ -64,7 +65,8 @@ func newAnnotationExtractor(cfg extractorConfig) annotationExtractor {
 			"UsePortInRedirects":   portinredirect.NewParser(cfg),
 			"Proxy":                proxy.NewParser(cfg),
 			"RateLimit":            ratelimit.NewParser(cfg),
-			"Redirect":             rewrite.NewParser(cfg),
+			"Redirect":             redirect.NewParser(),
+			"Rewrite":              rewrite.NewParser(cfg),
 			"SecureUpstream":       secureupstream.NewParser(cfg),
 			"ServiceUpstream":      serviceupstream.NewParser(),
 			"SessionAffinity":      sessionaffinity.NewParser(),
--- a/core/pkg/ingress/controller/controller.go
+++ b/core/pkg/ingress/controller/controller.go
@ -610,11 +610,13 @@ func (ic *GenericController) getBackendServers() ([]*ingress.Backend, []*ingress
 	upstreams := ic.createUpstreams(ings)
 	servers := ic.createServers(ings, upstreams)

-	// If a server has a hostname equivalent to a pre-existing alias, then we remove the alias
+	// If a server has a hostname equivalent to a pre-existing alias, then we
+	// remove the alias to avoid conflicts.
 	for _, server := range servers {
 		for j, alias := range servers {
 			if server.Hostname == alias.Alias {
-				glog.Warningf("There is a conflict with hostname '%v' and alias of `%v`.", server.Hostname, alias.Hostname)
+				glog.Warningf("There is a conflict with server hostname '%v' and alias '%v' (in server %v). Removing alias to avoid conflicts.",
+					server.Hostname, alias.Hostname, alias.Hostname)
 				servers[j].Alias = ""
 			}
 		}
@ -678,6 +680,9 @@ func (ic *GenericController) getBackendServers() ([]*ingress.Backend, []*ingress
 						loc.Port = ups.Port
 						loc.Service = ups.Service
 						mergeLocationAnnotations(loc, anns)
+						if loc.Redirect.FromToWWW {
+							server.RedirectFromToWWW = true
+						}
 						break
 					}
 				}
@ -692,6 +697,9 @@ func (ic *GenericController) getBackendServers() ([]*ingress.Backend, []*ingress
 						Port:         ups.Port,
 					}
 					mergeLocationAnnotations(loc, anns)
+					if loc.Redirect.FromToWWW {
+						server.RedirectFromToWWW = true
+					}
 					server.Locations = append(server.Locations, loc)
 				}

--- a/core/pkg/ingress/controller/util_test.go
+++ b/core/pkg/ingress/controller/util_test.go
@ -27,6 +27,7 @@ import (
 	"k8s.io/ingress/core/pkg/ingress/annotations/ipwhitelist"
 	"k8s.io/ingress/core/pkg/ingress/annotations/proxy"
 	"k8s.io/ingress/core/pkg/ingress/annotations/ratelimit"
+	"k8s.io/ingress/core/pkg/ingress/annotations/redirect"
 	"k8s.io/ingress/core/pkg/ingress/annotations/rewrite"
 )

@ -48,7 +49,8 @@ func TestMergeLocationAnnotations(t *testing.T) {
 		"EnableCORS":         true,
 		"ExternalAuth":       authreq.External{},
 		"RateLimit":          ratelimit.RateLimit{},
-		"Redirect":           rewrite.Redirect{},
+		"Redirect":           redirect.Redirect{},
+		"Rewrite":            rewrite.Redirect{},
 		"Whitelist":          ipwhitelist.SourceRange{},
 		"Proxy":              proxy.Configuration{},
 		"CertificateAuth":    authtls.AuthSSLConfig{},
--- a/core/pkg/ingress/errors/errors.go
+++ b/core/pkg/ingress/errors/errors.go
@ -83,3 +83,11 @@ func IsInvalidContent(e error) bool {
 	_, ok := e.(InvalidContent)
 	return ok
 }
+
+func New(m string) error {
+	return errors.New(m)
+}
+
+func Errorf(format string, args ...interface{}) error {
+	return errors.Errorf(format, args)
+}
--- a/core/pkg/ingress/types.go
+++ b/core/pkg/ingress/types.go
@ -32,6 +32,7 @@ import (
 	"k8s.io/ingress/core/pkg/ingress/annotations/ipwhitelist"
 	"k8s.io/ingress/core/pkg/ingress/annotations/proxy"
 	"k8s.io/ingress/core/pkg/ingress/annotations/ratelimit"
+	"k8s.io/ingress/core/pkg/ingress/annotations/redirect"
 	"k8s.io/ingress/core/pkg/ingress/annotations/rewrite"
 	"k8s.io/ingress/core/pkg/ingress/defaults"
 	"k8s.io/ingress/core/pkg/ingress/resolver"
@ -220,8 +221,10 @@ type Server struct {
 	SSLPemChecksum string `json:"sslPemChecksum"`
 	// Locations list of URIs configured in the server.
 	Locations []*Location `json:"locations,omitempty"`
-	// return the alias of the server name
+	// Alias return the alias of the server name
 	Alias string `json:"alias,omitempty"`
+	// RedirectFromToWWW returns if a redirect to/from prefix www is required
+	RedirectFromToWWW bool `json:"redirectFromToWWW,omitempty"`
 }

 // Location describes an URI inside a server.
@ -276,9 +279,12 @@ type Location struct {
 	// The Redirect annotation precedes RateLimit
 	// +optional
 	RateLimit ratelimit.RateLimit `json:"rateLimit,omitempty"`
-	// Redirect describes the redirection this location.
+	// Redirect describes a temporal o permanent redirection this location.
 	// +optional
-	Redirect rewrite.Redirect `json:"redirect,omitempty"`
+	Redirect redirect.Redirect `json:"redirect,omitempty"`
+	// Rewrite describes the redirection this location.
+	// +optional
+	Rewrite rewrite.Redirect `json:"rewrite,omitempty"`
 	// Whitelist indicates only connections from certain client
 	// addresses or networks are allowed.
 	// +optional
--- a/core/pkg/ingress/types_equals.go
+++ b/core/pkg/ingress/types_equals.go
@ -361,6 +361,9 @@ func (l1 *Location) Equal(l2 *Location) bool {
 	if !(&l1.Redirect).Equal(&l2.Redirect) {
 		return false
 	}
+	if !(&l1.Rewrite).Equal(&l2.Rewrite) {
+		return false
+	}
 	if !(&l1.Whitelist).Equal(&l2.Whitelist) {
 		return false
 	}