Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
k8s-ingress
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
3
Merge Requests
3
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
uplex-varnish
k8s-ingress
Commits
e380c936
Commit
e380c936
authored
May 10, 2021
by
Geoff Simmons
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Support self-sharding with conditions under helm deployments.
parent
075c5b26
Changes
10
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
228 additions
and
77 deletions
+228
-77
varnishcfg-crd.yaml
charts/viking-controller/crds/varnishcfg-crd.yaml
+96
-38
Makefile
examples/self-sharding/Makefile
+10
-0
values-primary-only-by-clientid.yaml
examples/self-sharding/values-primary-only-by-clientid.yaml
+9
-8
values-primary-only.yaml
examples/self-sharding/values-primary-only.yaml
+8
-7
values-self-sharding.yaml
examples/self-sharding/values-self-sharding.yaml
+8
-7
values-shard-by-digest.yaml
examples/self-sharding/values-shard-by-digest.yaml
+4
-3
values-shard-by-key.yaml
examples/self-sharding/values-shard-by-key.yaml
+3
-2
values-shard-by-url.yaml
examples/self-sharding/values-shard-by-url.yaml
+3
-2
values-shard-conditions.yaml
examples/self-sharding/values-shard-conditions.yaml
+35
-0
values.yaml
test/e2e/tmplcfg/values.yaml
+52
-10
No files found.
charts/viking-controller/crds/varnishcfg-crd.yaml
View file @
e380c936
...
...
@@ -34,49 +34,107 @@ spec:
self-sharding
:
type
:
object
properties
:
max-secondary-ttl
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
primaryOnly
:
type
:
boolean
key
:
type
:
string
pattern
:
"
^client
\\
.identity$|^req
\\
.(url|http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
digest
:
type
:
string
enum
:
-
CRC32
-
ICRC32
-
MD5
-
RS
-
SHA1
-
SHA224
-
SHA256
-
SHA384
-
SHA512
-
SHA3_224
-
SHA3_256
-
SHA3_512
probe
:
shard
:
type
:
object
properties
:
timeout
:
max-secondary-ttl
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
interval
:
primaryOnly
:
type
:
boolean
key
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
initial
:
type
:
integer
minimum
:
0
window
:
type
:
integer
minimum
:
0
maximum
:
64
threshold
:
type
:
integer
minimum
:
0
maximum
:
64
pattern
:
"
^client
\\
.identity$|^req
\\
.(url|http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
digest
:
type
:
string
enum
:
-
CRC32
-
ICRC32
-
MD5
-
RS
-
SHA1
-
SHA224
-
SHA256
-
SHA384
-
SHA512
-
SHA3_224
-
SHA3_256
-
SHA3_512
probe
:
type
:
object
properties
:
timeout
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
interval
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
initial
:
type
:
integer
minimum
:
0
window
:
type
:
integer
minimum
:
0
maximum
:
64
threshold
:
type
:
integer
minimum
:
0
maximum
:
64
conditions
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
comparand
properties
:
comparand
:
type
:
string
pattern
:
"
^req
\\
.(url|method|proto|http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
compare
:
type
:
string
enum
:
-
equal
-
not-equal
-
match
-
not-match
-
prefix
-
not-prefix
-
exists
-
not-exists
values
:
type
:
array
minItems
:
1
items
:
type
:
string
match-flags
:
type
:
object
properties
:
max-mem
:
type
:
integer
minimum
:
0
anchor
:
type
:
string
enum
:
-
none
-
start
-
both
utf8
:
type
:
boolean
posix-syntax
:
type
:
boolean
longest-match
:
type
:
boolean
literal
:
type
:
boolean
never-capture
:
type
:
boolean
case-sensitive
:
type
:
boolean
perl-classes
:
type
:
boolean
word-boundary
:
type
:
boolean
auth
:
type
:
array
minItems
:
1
...
...
examples/self-sharding/Makefile
View file @
e380c936
...
...
@@ -58,6 +58,10 @@ deploy-primary-only-by-clientid-helm:
@
helm
install
viking-ingress-primary-only-by-clientid
$(CHARTDIR)
/viking-test-app
\
--values
values-primary-only-by-clientid.yaml
deploy-shard-conditions-helm
:
@
helm
install
viking-ingress-shard-conditions
$(CHARTDIR)
/viking-test-app
\
--values
values-shard-conditions.yaml
deploy-cafe-kubectl
:
@
kubectl apply
-f
$(mkdir)
/../hello/cafe.yaml
@
kubectl apply
-f
$(mkdir)
/../hello/cafe-ingress.yaml
...
...
@@ -115,6 +119,10 @@ undeploy-primary-only-by-clientid-helm:
@
helm uninstall viking-ingress-primary-only-by-clientid
$(MAKE)
wait
undeploy-shard-conditions-helm
:
@
helm uninstall viking-ingress-shard-conditions
$(MAKE)
wait
undeploy-cafe-kubectl
:
@
kubectl delete
-f
$(mkdir)
/../hello/cafe-ingress.yaml
@
kubectl delete
-f
$(mkdir)
/../hello/cafe.yaml
...
...
@@ -182,6 +190,8 @@ deploy-shard-by-key: deploy-shard-by-key-helm
undeploy-shard-by-key
:
undeploy-shard-by-key-helm
deploy-primary-only-by-clientid
:
deploy-primary-only-by-clientid-helm
undeploy-primary-only-by-clientid
:
undeploy-primary-only-by-clientid-helm
deploy-shard-conditions
:
deploy-shard-conditions-helm
undeploy-shard-conditions
:
undeploy-shard-conditions-helm
endif
ifeq
($(EXAMPLE),self-sharding)
...
...
examples/self-sharding/values-primary-only-by-clientid.yaml
View file @
e380c936
...
...
@@ -19,11 +19,12 @@ ingress:
vikingAdmSvc
:
varnish-ingress-admin
selfSharding
:
primaryOnly
:
true
key
:
client.identity
probe
:
timeout
:
6s
interval
:
6s
initial
:
2
window
:
4
threshold
:
3
shard
:
primaryOnly
:
true
key
:
client.identity
probe
:
timeout
:
6s
interval
:
6s
initial
:
2
window
:
4
threshold
:
3
examples/self-sharding/values-primary-only.yaml
View file @
e380c936
...
...
@@ -19,10 +19,11 @@ ingress:
vikingAdmSvc
:
varnish-ingress-admin
selfSharding
:
primaryOnly
:
true
probe
:
timeout
:
6s
interval
:
6s
initial
:
2
window
:
4
threshold
:
3
shard
:
primaryOnly
:
true
probe
:
timeout
:
6s
interval
:
6s
initial
:
2
window
:
4
threshold
:
3
examples/self-sharding/values-self-sharding.yaml
View file @
e380c936
...
...
@@ -19,10 +19,11 @@ ingress:
vikingAdmSvc
:
varnish-ingress-admin
selfSharding
:
max-secondary-ttl
:
2m
probe
:
timeout
:
6s
interval
:
6s
initial
:
2
window
:
4
threshold
:
3
shard
:
max-secondary-ttl
:
2m
probe
:
timeout
:
6s
interval
:
6s
initial
:
2
window
:
4
threshold
:
3
examples/self-sharding/values-shard-by-digest.yaml
View file @
e380c936
...
...
@@ -19,6 +19,7 @@ ingress:
vikingAdmSvc
:
varnish-ingress-admin
selfSharding
:
primaryOnly
:
true
key
:
req.http.Host
digest
:
SHA3_512
shard
:
primaryOnly
:
true
key
:
req.http.Host
digest
:
SHA3_512
examples/self-sharding/values-shard-by-key.yaml
View file @
e380c936
...
...
@@ -19,5 +19,6 @@ ingress:
vikingAdmSvc
:
varnish-ingress-admin
selfSharding
:
primaryOnly
:
true
key
:
req.http.Host
shard
:
primaryOnly
:
true
key
:
req.http.Host
examples/self-sharding/values-shard-by-url.yaml
View file @
e380c936
...
...
@@ -19,5 +19,6 @@ ingress:
vikingAdmSvc
:
varnish-ingress-admin
selfSharding
:
primaryOnly
:
true
key
:
req.url
shard
:
primaryOnly
:
true
key
:
req.url
examples/self-sharding/values-shard-conditions.yaml
0 → 100644
View file @
e380c936
apps
:
coffee
:
image
:
nginxdemos/hello:plain-text
replicas
:
2
tea
:
image
:
nginxdemos/hello:plain-text
replicas
:
3
ingress
:
name
:
cafe-ingress
rules
:
-
host
:
cafe.example.com
paths
:
-
path
:
/tea
app
:
tea
-
path
:
/coffee
app
:
coffee
vikingAdmSvc
:
varnish-ingress-admin
selfSharding
:
conditions
:
-
comparand
:
req.url
compare
:
prefix
values
:
-
/foo/
shard
:
primaryOnly
:
true
key
:
client.identity
probe
:
timeout
:
6s
interval
:
6s
initial
:
2
window
:
4
threshold
:
3
test/e2e/tmplcfg/values.yaml
View file @
e380c936
...
...
@@ -547,11 +547,14 @@ templates:
import blob;
import blobdigest;
import taskvar;
import re2;
import selector;
probe vk8s_probe_varnish {
.request = "HEAD /vk8s_cluster_health HTTP/1.1"
"Host: vk8s_cluster"
"Connection: close";
{{- if .Probe }}
{{- if .Probe.Timeout}}
.timeout = {{.Probe.Timeout}};
{{- end}}
...
...
@@ -567,6 +570,7 @@ templates:
{{- if .Probe.Threshold}}
.threshold = {{.Probe.Threshold}};
{{- end}}
{{- end}}
}
{{range $node := .Nodes -}}
...
...
@@ -596,19 +600,45 @@ templates:
{{ if .PrimaryOnly -}}
new vk8s_cluster_primary = taskvar.backend();
{{- end }}
{{range $cidx, $c := .Conditions -}}
{{if condNeedsMatcher $c -}}
new {{condMatcher $cidx}} = {{vmod $c.Compare}}.set({{flags $c}});
{{- range $val := $c.Values}}
{{condMatcher $cidx}}.add("{{$val}}");
{{- end -}}
{{end -}}
{{end -}}
}
sub vcl_recv {
{{ if .PrimaryOnly -}}
{{- digest_update 'c' . }}
vk8s_cluster_primary.set(vk8s_cluster.backend(resolve=NOW
{{- key 'c' .}}));
if (remote.ip !~ vk8s_cluster_acl
&& "" + vk8s_cluster_primary.get() != server.identity) {
set req.backend_hint = vk8s_cluster_primary.get();
return (pipe);
}
else {{ end }}if (remote.ip ~ vk8s_cluster_acl) {
{{ if .Conditions -}}
if (
{{- range $cidx, $cond := .Conditions}}
{{- if ne $cidx 0}} &&
{{end}}
{{- if .Negate}}! {{end}}
{{- if condNeedsMatcher $cond}}
{{- condMatcher $cidx}}.{{match .Compare}}({{.Comparand}})
{{- else if exists .Compare}}
{{- .Comparand}}
{{- else}}
{{- .Comparand}} {{cmpRelation .Compare .Negate}} {{value $cond}}
{{- end}}
{{- end -}}
) {
{{ end -}}
{{- digest_update 'c' . }}
vk8s_cluster_primary.set(vk8s_cluster.backend(resolve=NOW
{{- key 'c' .}}));
if (remote.ip !~ vk8s_cluster_acl
&& "" + vk8s_cluster_primary.get() != server.identity) {
set req.backend_hint = vk8s_cluster_primary.get();
return (pipe);
}
{{ if .Conditions }}}{{ end -}}
{{ end -}}
if (remote.ip ~ vk8s_cluster_acl) {
if (req.http.Host == "vk8s_cluster") {
if (req.url == "/vk8s_cluster_health") {
return (synth(200));
...
...
@@ -631,7 +661,19 @@ templates:
sub vcl_backend_fetch {
{{- digest_update 'b' . }}
vk8s_cluster_param.set({{ key 'b' .}});
if (bereq.retries == 0
if (
{{- range $cidx, $cond := .Conditions}}
{{- if .Negate}}! {{end}}
{{- if condNeedsMatcher $cond}}
{{- condMatcher $cidx}}.{{match .Compare}}({{.Comparand}})
{{- else if exists .Compare}}
{{- .Comparand}}
{{- else}}
{{- .Comparand}} {{cmpRelation .Compare .Negate}} {{value $cond}}
{{- end}}
&&
{{ end -}}
bereq.retries == 0
&& !bereq.uncacheable
&& remote.ip !~ vk8s_cluster_acl
&& "" + vk8s_cluster.backend(resolve=NOW) != server.identity) {
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment