Commit 0e24804d authored by Geoff Simmons's avatar Geoff Simmons

Add support for hostname wildcards.

parent cabe6784
...@@ -31,7 +31,7 @@ spec: ...@@ -31,7 +31,7 @@ spec:
{{- if .Values.ingress.rules }} {{- if .Values.ingress.rules }}
rules: rules:
{{- range $rule := .Values.ingress.rules }} {{- range $rule := .Values.ingress.rules }}
- host: {{ $rule.host }} - host: {{ $rule.host | quote }}
http: http:
paths: paths:
{{- range $path := $rule.paths }} {{- range $path := $rule.paths }}
......
...@@ -200,3 +200,24 @@ func TestIngressPathTypes(t *testing.T) { ...@@ -200,3 +200,24 @@ func TestIngressPathTypes(t *testing.T) {
templateTest(t, ingressTmpl, cafeBarPathsSpec, templateTest(t, ingressTmpl, cafeBarPathsSpec,
"ingress_path_types.golden") "ingress_path_types.golden")
} }
var wildcardSpec = Spec{
Rules: []Rule{
{
Host: "*.example.com",
PathMap: map[PathKey]Service{
{
Path: "/",
Type: PathPrefix,
}: coffeeSvc,
},
},
},
IntSvcs: map[string]Service{
"coffee-svc": coffeeSvc,
},
}
func TestWildcardHost(t *testing.T) {
templateTest(t, ingressTmpl, wildcardSpec, "wildcard.golden")
}
vcl 4.1;
import std;
import directors;
import re2;
import dynamic;
import selector;
include "bogo_backend.vcl";
backend vk8s_default_coffee-6b9f5c47d7-bdt68_80 {
.host = "192.0.2.4";
.port = "80";
}
backend vk8s_default_coffee-6b9f5c47d7-l5zvl_80 {
.host = "192.0.2.5";
.port = "80";
}
sub vcl_init {
new vk8s_coffee-svc_director = directors.round_robin();
vk8s_coffee-svc_director.add_backend(vk8s_default_coffee-6b9f5c47d7-bdt68_80
);
vk8s_coffee-svc_director.add_backend(vk8s_default_coffee-6b9f5c47d7-l5zvl_80
);
new vk8s__2a__example_com_pfxMatcher = re2.set(anchor=start);
vk8s__2a__example_com_pfxMatcher.add("/",
backend=vk8s_coffee-svc_director.backend());
}
sub vk8s__2a__example_com_match {
if (vk8s__2a__example_com_pfxMatcher.match(bereq.url)) {
set bereq.backend = vk8s__2a__example_com_pfxMatcher.backend(select=LAST);
}
}
sub vcl_init {
new vk8s_hosts = re2.set(anchor=both);
vk8s_hosts.add("[^.]+\Q.example.com\E(:\d+)?",
sub=vk8s__2a__example_com_match);
}
sub vcl_backend_fetch {
set bereq.backend = vk8s_notfound;
if (vk8s_hosts.match(bereq.http.Host)) {
call vk8s_hosts.subroutine(select=FIRST);
}
if (bereq.backend == vk8s_notfound) {
return (error(404));
}
}
...@@ -395,6 +395,9 @@ func hostRegex(host string) string { ...@@ -395,6 +395,9 @@ func hostRegex(host string) string {
if host == "" { if host == "" {
return "[^:]+" return "[^:]+"
} }
if strings.HasPrefix(host, "*") {
return `[^.]+\Q` + strings.TrimLeft(host, "*") + `\E`
}
return `\Q` + host + `\E` return `\Q` + host + `\E`
} }
......
...@@ -153,6 +153,7 @@ echo Varieties of Ingress ...@@ -153,6 +153,7 @@ echo Varieties of Ingress
cd ${MYPATH}/e2e/ingresses cd ${MYPATH}/e2e/ingresses
make EXAMPLE=fanout-nohost deploy verify undeploy make EXAMPLE=fanout-nohost deploy verify undeploy
make EXAMPLE=vhost-nohost deploy verify undeploy make EXAMPLE=vhost-nohost deploy verify undeploy
make EXAMPLE=wildcard-host deploy verify undeploy
echo Ingress pathType field echo Ingress pathType field
cd ${MYPATH}/e2e/pathTypes cd ${MYPATH}/e2e/pathTypes
......
...@@ -41,6 +41,7 @@ no-kubectl: ...@@ -41,6 +41,7 @@ no-kubectl:
ifeq ($(DEPLOY),kubectl) ifeq ($(DEPLOY),kubectl)
deploy-fanout-nohost verify-fanout-nohost wait uninstall undeploy: no-kubectl deploy-fanout-nohost verify-fanout-nohost wait uninstall undeploy: no-kubectl
deploy-vhost-nohost verify-vhost-nohost: no-kubectl deploy-vhost-nohost verify-vhost-nohost: no-kubectl
deploy-wildcard-host verify-wildcard-host: no-kubectl
else else
deploy-fanout-nohost: deploy-fanout-nohost:
...@@ -51,6 +52,10 @@ deploy-vhost-nohost: ...@@ -51,6 +52,10 @@ deploy-vhost-nohost:
@helm install viking-ingress $(CHARTDIR)/viking-test-app \ @helm install viking-ingress $(CHARTDIR)/viking-test-app \
--values values-vhost-nohost.yaml --values values-vhost-nohost.yaml
deploy-wildcard-host:
@helm install viking-ingress $(CHARTDIR)/viking-test-app \
--values values-wildcard-host.yaml
# TESTOPTS are passed to varnishtest, e.g.: make TESTOPTS=-v verify # TESTOPTS are passed to varnishtest, e.g.: make TESTOPTS=-v verify
verify-fanout-nohost: verify-fanout-nohost:
$(mkdir)/verify.sh fanout-nohost.vtc $(mkdir)/verify.sh fanout-nohost.vtc
...@@ -58,6 +63,9 @@ verify-fanout-nohost: ...@@ -58,6 +63,9 @@ verify-fanout-nohost:
verify-vhost-nohost: verify-vhost-nohost:
$(mkdir)/verify.sh vhost-nohost.vtc $(mkdir)/verify.sh vhost-nohost.vtc
verify-wildcard-host:
$(mkdir)/verify.sh wildcard-host.vtc
wait: wait:
@echo Waiting until varnish-ingress Pods are not configured for Ingress @echo Waiting until varnish-ingress Pods are not configured for Ingress
$(TESTDIR)/wait.sh app=varnish-ingress $(TESTDIR)/wait.sh app=varnish-ingress
...@@ -77,6 +85,9 @@ verify: verify-fanout-nohost ...@@ -77,6 +85,9 @@ verify: verify-fanout-nohost
else ifeq ($(EXAMPLE),vhost-nohost) else ifeq ($(EXAMPLE),vhost-nohost)
deploy: deploy-vhost-nohost deploy: deploy-vhost-nohost
verify: verify-vhost-nohost verify: verify-vhost-nohost
else ifeq ($(EXAMPLE),wildcard-host)
deploy: deploy-wildcard-host
verify: verify-wildcard-host
else else
deploy verify: no-example deploy verify: no-example
endif endif
......
apps:
coffee:
image: uplex/http-echo
replicas: 2
targetPort: 7357
tea:
image: uplex/http-echo
replicas: 3
targetPort: 7357
milk:
image: uplex/http-echo
replicas: 2
targetPort: 7357
ingress:
name: wildcard-host-ingress
rules:
- host: "*.example.com"
paths:
- path: /coffee
type: Prefix
app: coffee
- path: /tea
type: Prefix
app: tea
- host: "*.foo.com"
paths:
- pathType: Prefix
path: /
app: milk
# looks like -*- vcl -*-
varnishtest "Ingress rules with wildcard host"
client c1 -connect "${localhost} ${localport}" {
txreq -url /coffee/foo -hdr "Host: anything.example.com"
rxresp
expect resp.status == 200
expect resp.body ~ "(?m)^Host: anything.example.com"
expect resp.body ~ "(?m)^URI: /coffee/foo$"
expect resp.body ~ "(?m)^Server name: coffee-[a-z0-9]+-[a-z0-9]+$"
txreq -url /tea/bar -hdr "Host: whatever.example.com"
rxresp
expect resp.status == 200
expect resp.body ~ "(?m)^Host: whatever.example.com"
expect resp.body ~ "(?m)^URI: /tea/bar$"
expect resp.body ~ "(?m)^Server name: tea-[a-z0-9]+-[a-z0-9]+$"
txreq -hdr "Host: bar.foo.com"
rxresp
expect resp.status == 200
expect resp.body ~ "(?m)^Host: bar.foo.com"
expect resp.body ~ "(?m)^URI: /$"
expect resp.body ~ "(?m)^Server name: milk-[a-z0-9]+-[a-z0-9]+$"
txreq -hdr "Host: baz.bar.foo.com"
rxresp
expect resp.status == 404
txreq -hdr "Host: foo.com"
rxresp
expect resp.status == 404
} -run
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment