From 58a084b937b9ed3c5c14cde72bfee18a1ab21396 Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 13 Jun 2020 18:40:51 +0200 Subject: [PATCH 01/23] Add heroku deploy scripts --- .dockerignore | 1 + Dockerfile | 94 ++++++++++++++++++++++++++++++++++++++++++ app.json | 3 ++ envoy-front-proxy.yaml | 87 ++++++++++++++++++++++++++++++++++++++ envoy.yaml | 51 +++++++++++++++++++++++ heroku.yml | 7 ++++ run-envoy.sh | 21 ++++++++++ 7 files changed, 264 insertions(+) create mode 100644 .dockerignore create mode 100644 Dockerfile create mode 100644 app.json create mode 100644 envoy-front-proxy.yaml create mode 100644 envoy.yaml create mode 100644 heroku.yml create mode 100755 run-envoy.sh diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..04204c7c9 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +config diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..1bbe6cd96 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,94 @@ +FROM alpine:3.9 as consul + +# This is the release of Consul to pull in. +ENV CONSUL_VERSION=1.7.4 + +# This is the location of the releases. +ENV HASHICORP_RELEASES=https://releases.hashicorp.com + +# Create a consul user and group first so the IDs get set the same way, even as +# the rest of this may change over time. +RUN addgroup consul && \ + adduser -S -G consul consul + +# Set up certificates, base tools, and Consul. +# libc6-compat is needed to symlink the shared libraries for ARM builds +RUN set -eux && \ + apk add --no-cache ca-certificates curl dumb-init gnupg libcap openssl su-exec iputils jq libc6-compat && \ + gpg --keyserver keyserver.ubuntu.com --recv-keys 91A6E7F85D05C65630BEF18951852D87348FFC4C && \ + mkdir -p /tmp/build && \ + cd /tmp/build && \ + apkArch="$(apk --print-arch)" && \ + case "${apkArch}" in \ + aarch64) consulArch='arm64' ;; \ + armhf) consulArch='armhfv6' ;; \ + x86) consulArch='386' ;; \ + x86_64) consulArch='amd64' ;; \ + *) echo >&2 "error: unsupported architecture: ${apkArch} (see ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/)" && exit 1 ;; \ + esac && \ + wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_${consulArch}.zip && \ + wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_SHA256SUMS && \ + wget ${HASHICORP_RELEASES}/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_SHA256SUMS.sig && \ + gpg --batch --verify consul_${CONSUL_VERSION}_SHA256SUMS.sig consul_${CONSUL_VERSION}_SHA256SUMS && \ + grep consul_${CONSUL_VERSION}_linux_${consulArch}.zip consul_${CONSUL_VERSION}_SHA256SUMS | sha256sum -c && \ + unzip -d /bin consul_${CONSUL_VERSION}_linux_${consulArch}.zip && \ + cd /tmp && \ + rm -rf /tmp/build && \ + gpgconf --kill all && \ + apk del gnupg openssl && \ + rm -rf /root/.gnupg && \ +# tiny smoke test to ensure the binary we downloaded runs + consul version + +# The /consul/data dir is used by Consul to store state. The agent will be started +# with /consul/config as the configuration directory so you can add additional +# config files in that location. +RUN mkdir -p /consul/data && \ + mkdir -p /consul/config + +# set up nsswitch.conf for Go's "netgo" implementation which is used by Consul, +# otherwise DNS supercedes the container's hosts file, which we don't want. +RUN test -e /etc/nsswitch.conf || echo 'hosts: files dns' > /etc/nsswitch.conf + +# Expose the consul data directory as a volume since there's mutable state in there. +VOLUME /consul/data + +# Server RPC is used for communication between Consul clients and servers for internal +# request forwarding. +EXPOSE 8300 + +# Serf LAN and WAN (WAN is used only by Consul servers) are used for gossip between +# Consul agents. LAN is within the datacenter and WAN is between just the Consul +# servers in all datacenters. +EXPOSE 8301 8301/udp 8302 8302/udp + +# HTTP and DNS (both TCP and UDP) are the primary interfaces that applications +# use to interact with Consul. +EXPOSE 8500 8600 8600/udp + +# Consul doesn't need root privileges so we run it as the consul user from the +# entry point script. The entry point script also uses dumb-init as the top-level +# process to reap any zombie processes created by Consul sub-processes. + +FROM gradle:5.6.2-jdk11 AS build +COPY --chown=gradle:gradle . /home/gradle/src +WORKDIR /home/gradle/src +RUN gradle :envoy-control-runner:assemble --no-daemon + +FROM envoyproxy/envoy-alpine-dev:6c2137468c25d167dbbe4719b0ecaf343bfb4233 +COPY envoy.yaml /etc/envoy.yaml +COPY envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml +COPY --from=consul /bin/consul /bin/consul + +COPY run-envoy.sh /run-envoy.sh +ENTRYPOINT ["sh", "/run-envoy.sh"] + +RUN apk --no-cache add openjdk11 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community +COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/envoy-control-runner-*.tar /var/tmp/ +RUN mkdir /var/tmp/envoy-control-runner +RUN tar -xvf /var/tmp/envoy-control-runner*.tar -C /tmp/ +RUN mv /tmp/envoy-control-runner*/* /var/tmp/envoy-control-runner +RUN mkdir /var/tmp/config +VOLUME /var/tmp/config +# APP_PORT: 8080 +# XDS_PORT: 50000 diff --git a/app.json b/app.json new file mode 100644 index 000000000..bbde70925 --- /dev/null +++ b/app.json @@ -0,0 +1,3 @@ +{ + "stack": "container" +} diff --git a/envoy-front-proxy.yaml b/envoy-front-proxy.yaml new file mode 100644 index 000000000..9275ed883 --- /dev/null +++ b/envoy-front-proxy.yaml @@ -0,0 +1,87 @@ +admin: + access_log_path: /dev/stdout + address: + socket_address: + address: 0.0.0.0 + port_value: 10001 +static_resources: + clusters: + - name: this_admin + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: this_admin + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10001 + - name: envoy1 + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: envoy1 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10010 + - name: consul1 + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: consul1 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8500 + listeners: + - name: ingress + address: + socket_address: + address: 0.0.0.0 + port_value: {{.IngressListenerPort}} + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + use_remote_address: true + stat_prefix: ingress_http + codec_type: AUTO + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: ["*"] + routes: + - match: { prefix: "/envoy1/"} + route: + cluster: envoy1 + prefix_rewrite: "/" + - match: { prefix: "/consul/ui"} + route: + cluster: consul1 + prefix_rewrite: "/consul/ui" + - match: { prefix: "/v1/"} + route: + cluster: consul1 + prefix_rewrite: "/v1/" + - match: { prefix: "/status/envoy/"} + route: + cluster: this_admin + prefix_rewrite: "/" + - match: { path: "/" } + direct_response: + status: 200 + body: + inline_string: '

Welcome to mesh on heroku

\n

this is front proxy view, see apps

envoy1
' + http_filters: + - name: envoy.filters.http.router \ No newline at end of file diff --git a/envoy.yaml b/envoy.yaml new file mode 100644 index 000000000..955b5657e --- /dev/null +++ b/envoy.yaml @@ -0,0 +1,51 @@ +admin: + access_log_path: /dev/stdout + address: + socket_address: + address: 0.0.0.0 + port_value: 10011 +static_resources: + clusters: + - name: this_admin + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: this_admin + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10011 + listeners: + - name: ingress + address: + socket_address: + address: 0.0.0.0 + port_value: 10010 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + use_remote_address: true + stat_prefix: ingress_http + codec_type: AUTO + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: ["*"] + routes: + - match: { prefix: "/status/envoy/"} + route: + cluster: this_admin + prefix_rewrite: "/" + - match: { path: "/" } + direct_response: + status: 200 + body: + inline_string: "Hello" + http_filters: + - name: envoy.filters.http.router \ No newline at end of file diff --git a/heroku.yml b/heroku.yml new file mode 100644 index 000000000..f629ab176 --- /dev/null +++ b/heroku.yml @@ -0,0 +1,7 @@ +setup: + addons: + - plan: 'papertrail:choklad' + as: PAPERTRAIL +build: + docker: + web: Dockerfile diff --git a/run-envoy.sh b/run-envoy.sh new file mode 100755 index 000000000..b8ca2e2b3 --- /dev/null +++ b/run-envoy.sh @@ -0,0 +1,21 @@ +#!/usr/bin/dumb-init /bin/sh +set -e + +sed -i "s/{{.IngressListenerPort}}/${PORT:-10000}/g" /etc/envoy-front-proxy.yaml + +/usr/local/bin/envoy --base-id 1 -c /etc/envoy.yaml & +/usr/local/bin/envoy -c /etc/envoy-front-proxy.yaml & + +# start EC +START_ARGUMENTS="" +CONFIG_FILE=/var/tmp/config/application.yaml +if [ -f "$CONFIG_FILE" ]; then + START_ARGUMENTS="--spring.config.location=file:$CONFIG_FILE " +fi +if [ ! -z "${ENVOY_CONTROL_PROPERTIES}" ]; then + START_ARGUMENTS="$START_ARGUMENTS $ENVOY_CONTROL_PROPERTIES" +fi +echo "Launching Envoy-control with $START_ARGUMENTS" +/var/tmp/envoy-control-runner/bin/envoy-control-runner $START_ARGUMENTS & + +consul agent -server -ui -ui-content-path "/consul/ui" -dev -client 0.0.0.0 From e53b1f07496253c9e3a835cef4664d0194eeeeb3 Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 13 Jun 2020 20:36:47 +0200 Subject: [PATCH 02/23] EC starts on localhost From 9a4be8ed8ce300672066ec20f557f7350500890b Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 13 Jun 2020 22:57:28 +0200 Subject: [PATCH 03/23] Run ls --- run-envoy.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/run-envoy.sh b/run-envoy.sh index b8ca2e2b3..95d040c13 100755 --- a/run-envoy.sh +++ b/run-envoy.sh @@ -16,6 +16,9 @@ if [ ! -z "${ENVOY_CONTROL_PROPERTIES}" ]; then START_ARGUMENTS="$START_ARGUMENTS $ENVOY_CONTROL_PROPERTIES" fi echo "Launching Envoy-control with $START_ARGUMENTS" +ls /var/tmp/ +ls /var/tmp/envoy-control-runner +ls /var/tmp/envoy-control-runner/bin/ /var/tmp/envoy-control-runner/bin/envoy-control-runner $START_ARGUMENTS & consul agent -server -ui -ui-content-path "/consul/ui" -dev -client 0.0.0.0 From a49b25d1ae70be3793f36cad7cc5b74e9f8e6bef Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 13 Jun 2020 23:04:44 +0200 Subject: [PATCH 04/23] Run ls in bg --- Dockerfile | 2 -- run-envoy.sh | 6 +++--- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1bbe6cd96..94ae31513 100644 --- a/Dockerfile +++ b/Dockerfile @@ -88,7 +88,5 @@ COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/envo RUN mkdir /var/tmp/envoy-control-runner RUN tar -xvf /var/tmp/envoy-control-runner*.tar -C /tmp/ RUN mv /tmp/envoy-control-runner*/* /var/tmp/envoy-control-runner -RUN mkdir /var/tmp/config -VOLUME /var/tmp/config # APP_PORT: 8080 # XDS_PORT: 50000 diff --git a/run-envoy.sh b/run-envoy.sh index 95d040c13..17bf916a4 100755 --- a/run-envoy.sh +++ b/run-envoy.sh @@ -16,9 +16,9 @@ if [ ! -z "${ENVOY_CONTROL_PROPERTIES}" ]; then START_ARGUMENTS="$START_ARGUMENTS $ENVOY_CONTROL_PROPERTIES" fi echo "Launching Envoy-control with $START_ARGUMENTS" -ls /var/tmp/ -ls /var/tmp/envoy-control-runner -ls /var/tmp/envoy-control-runner/bin/ +ls /var/tmp/ & +ls /var/tmp/envoy-control-runner & +ls /var/tmp/envoy-control-runner/bin/ & /var/tmp/envoy-control-runner/bin/envoy-control-runner $START_ARGUMENTS & consul agent -server -ui -ui-content-path "/consul/ui" -dev -client 0.0.0.0 From 049b9005dc9c7596baca6e710bea8470f2c03616 Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 13 Jun 2020 23:18:24 +0200 Subject: [PATCH 05/23] Entrypoint / cmd --- Dockerfile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 94ae31513..ddc5dfd5b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -80,9 +80,6 @@ COPY envoy.yaml /etc/envoy.yaml COPY envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml COPY --from=consul /bin/consul /bin/consul -COPY run-envoy.sh /run-envoy.sh -ENTRYPOINT ["sh", "/run-envoy.sh"] - RUN apk --no-cache add openjdk11 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/envoy-control-runner-*.tar /var/tmp/ RUN mkdir /var/tmp/envoy-control-runner @@ -90,3 +87,7 @@ RUN tar -xvf /var/tmp/envoy-control-runner*.tar -C /tmp/ RUN mv /tmp/envoy-control-runner*/* /var/tmp/envoy-control-runner # APP_PORT: 8080 # XDS_PORT: 50000 + +COPY run-envoy.sh /run-envoy.sh +ENTRYPOINT ["sh"] +CMD ["/run-envoy.sh"] From 89a2d27c8348de18a2dbd276b4cc3de0c8dae268 Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 13 Jun 2020 23:24:46 +0200 Subject: [PATCH 06/23] Entrypoint / cmd 2 --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index ddc5dfd5b..c0ca661ec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -89,5 +89,4 @@ RUN mv /tmp/envoy-control-runner*/* /var/tmp/envoy-control-runner # XDS_PORT: 50000 COPY run-envoy.sh /run-envoy.sh -ENTRYPOINT ["sh"] -CMD ["/run-envoy.sh"] +CMD ["sh", "/run-envoy.sh"] From 273c97aa750e835bf20727f612132906882e9130 Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 13 Jun 2020 23:34:54 +0200 Subject: [PATCH 07/23] tmp --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index c0ca661ec..90e1b22a0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -81,10 +81,10 @@ COPY envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml COPY --from=consul /bin/consul /bin/consul RUN apk --no-cache add openjdk11 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community -COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/envoy-control-runner-*.tar /var/tmp/ -RUN mkdir /var/tmp/envoy-control-runner -RUN tar -xvf /var/tmp/envoy-control-runner*.tar -C /tmp/ -RUN mv /tmp/envoy-control-runner*/* /var/tmp/envoy-control-runner +RUN mkdir /bin/envoy-control +COPY --from=build /home/gradle/src/ /bin/envoy-control/ +#RUN tar -xvf /bin/envoy-control/envoy-control-runner/build/distributions/envoy-control-runner*.tar -C /tmp/ +#RUN mv /tmp/envoy-control-runner*/* /var/tmp/envoy-control-runner # APP_PORT: 8080 # XDS_PORT: 50000 From 1f59f75738d7ba23d0cfc363234f2bc49c91cfef Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 13 Jun 2020 23:49:59 +0200 Subject: [PATCH 08/23] tmp --- Dockerfile | 8 ++++---- run-envoy.sh | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 90e1b22a0..86528f7dc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -81,10 +81,10 @@ COPY envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml COPY --from=consul /bin/consul /bin/consul RUN apk --no-cache add openjdk11 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community -RUN mkdir /bin/envoy-control -COPY --from=build /home/gradle/src/ /bin/envoy-control/ -#RUN tar -xvf /bin/envoy-control/envoy-control-runner/build/distributions/envoy-control-runner*.tar -C /tmp/ -#RUN mv /tmp/envoy-control-runner*/* /var/tmp/envoy-control-runner +RUN mkdir /tmp/envoy-control-dist /tmp/envoy-control /bin/envoy-control +COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/ /tmp/envoy-control-dist +RUN tar -xvf /tmp/envoy-control-dist/envoy-control-runner*.tar -C /tmp/envoy-control +RUN mv /tmp/envoy-control/envoy-control-runner*/ /bin/envoy-control/envoy-control-runner # APP_PORT: 8080 # XDS_PORT: 50000 diff --git a/run-envoy.sh b/run-envoy.sh index 17bf916a4..8a7136d30 100755 --- a/run-envoy.sh +++ b/run-envoy.sh @@ -19,6 +19,6 @@ echo "Launching Envoy-control with $START_ARGUMENTS" ls /var/tmp/ & ls /var/tmp/envoy-control-runner & ls /var/tmp/envoy-control-runner/bin/ & -/var/tmp/envoy-control-runner/bin/envoy-control-runner $START_ARGUMENTS & +/bin/envoy-control/envoy-control-runner/bin/envoy-control-runner $START_ARGUMENTS & consul agent -server -ui -ui-content-path "/consul/ui" -dev -client 0.0.0.0 From 7fe2b402a79f7b58f7889d167c530e7f7cd9fa74 Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 08:21:37 +0200 Subject: [PATCH 09/23] EC starts, add EC to front proxy --- Dockerfile | 3 ++- envoy-front-proxy.yaml | 16 ++++++++++++++++ run-envoy.sh | 2 +- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 86528f7dc..1d5e4da05 100644 --- a/Dockerfile +++ b/Dockerfile @@ -81,8 +81,9 @@ COPY envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml COPY --from=consul /bin/consul /bin/consul RUN apk --no-cache add openjdk11 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community -RUN mkdir /tmp/envoy-control-dist /tmp/envoy-control /bin/envoy-control +RUN mkdir /tmp/envoy-control-dist /tmp/envoy-control /bin/envoy-control /etc/envoy-control COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/ /tmp/envoy-control-dist +COPY ./envoy-control-runner/src/main/resources/application.yaml /etc/envoy-control/ RUN tar -xvf /tmp/envoy-control-dist/envoy-control-runner*.tar -C /tmp/envoy-control RUN mv /tmp/envoy-control/envoy-control-runner*/ /bin/envoy-control/envoy-control-runner # APP_PORT: 8080 diff --git a/envoy-front-proxy.yaml b/envoy-front-proxy.yaml index 9275ed883..c26ecc55a 100644 --- a/envoy-front-proxy.yaml +++ b/envoy-front-proxy.yaml @@ -30,6 +30,18 @@ static_resources: socket_address: address: 127.0.0.1 port_value: 10010 + - name: ec1 + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: ec1 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8080 - name: consul1 type: STATIC connect_timeout: 1s @@ -62,6 +74,10 @@ static_resources: - name: local_service domains: ["*"] routes: + - match: { prefix: "/ec1/"} + route: + cluster: ec1 + prefix_rewrite: "/" - match: { prefix: "/envoy1/"} route: cluster: envoy1 diff --git a/run-envoy.sh b/run-envoy.sh index 8a7136d30..f8d15027e 100755 --- a/run-envoy.sh +++ b/run-envoy.sh @@ -8,7 +8,7 @@ sed -i "s/{{.IngressListenerPort}}/${PORT:-10000}/g" /etc/envoy-front-proxy.yaml # start EC START_ARGUMENTS="" -CONFIG_FILE=/var/tmp/config/application.yaml +CONFIG_FILE=/etc/envoy-control/application.yaml if [ -f "$CONFIG_FILE" ]; then START_ARGUMENTS="--spring.config.location=file:$CONFIG_FILE " fi From 7afde97a8e88797087031cfcaf6788e056e568da Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 09:02:22 +0200 Subject: [PATCH 10/23] Try to get dynamic config from EC --- envoy.yaml | 68 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 35 insertions(+), 33 deletions(-) diff --git a/envoy.yaml b/envoy.yaml index 955b5657e..8705c6c2c 100644 --- a/envoy.yaml +++ b/envoy.yaml @@ -3,9 +3,42 @@ admin: address: socket_address: address: 0.0.0.0 - port_value: 10011 + port_value: 10012 +dynamic_resources: + lds_config: {ads: {}} + cds_config: {ads: {}} + ads_config: + api_type: GRPC + grpc_services: + envoy_grpc: + cluster_name: envoy-control-xds +node: + cluster: test-cluster + id: test-id + metadata: + service_name: "echo1" + ads: true + ingress_host: "0.0.0.0" + ingress_port: 10010 + egress_host: "0.0.0.0" + egress_port: 10011 + use_remote_address: true + access_log_enabled: false + add_upstream_external_address_header: true + resources_dir: "/etc/envoy/extra" + proxy_settings: + outgoing: + dependencies: + - service: "consul" static_resources: clusters: + - name: envoy-control-xds + connect_timeout: 1s + hosts: + - socket_address: + address: 127.0.0.1 + port_value: 50000 + http2_protocol_options: {} - name: this_admin type: STATIC connect_timeout: 1s @@ -17,35 +50,4 @@ static_resources: address: socket_address: address: 127.0.0.1 - port_value: 10011 - listeners: - - name: ingress - address: - socket_address: - address: 0.0.0.0 - port_value: 10010 - filter_chains: - - filters: - - name: envoy.filters.network.http_connection_manager - typed_config: - "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager - use_remote_address: true - stat_prefix: ingress_http - codec_type: AUTO - route_config: - name: local_route - virtual_hosts: - - name: local_service - domains: ["*"] - routes: - - match: { prefix: "/status/envoy/"} - route: - cluster: this_admin - prefix_rewrite: "/" - - match: { path: "/" } - direct_response: - status: 200 - body: - inline_string: "Hello" - http_filters: - - name: envoy.filters.http.router \ No newline at end of file + port_value: 10012 From 12447ea4213e6418ac64da7bbf80b2971329b55b Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 09:53:30 +0200 Subject: [PATCH 11/23] Use direct_response as local_service --- envoy-front-proxy.yaml | 18 +++++++++++++++++- envoy.yaml | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+), 1 deletion(-) diff --git a/envoy-front-proxy.yaml b/envoy-front-proxy.yaml index c26ecc55a..f07edf3ef 100644 --- a/envoy-front-proxy.yaml +++ b/envoy-front-proxy.yaml @@ -30,6 +30,18 @@ static_resources: socket_address: address: 127.0.0.1 port_value: 10010 + - name: envoy1-direct + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: envoy1-direct + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10013 - name: ec1 type: STATIC connect_timeout: 1s @@ -78,10 +90,14 @@ static_resources: route: cluster: ec1 prefix_rewrite: "/" - - match: { prefix: "/envoy1/"} + - match: { prefix: "/envoy1/ingress"} route: cluster: envoy1 prefix_rewrite: "/" + - match: { prefix: "/envoy1/direct"} + route: + cluster: envoy1-direct + prefix_rewrite: "/" - match: { prefix: "/consul/ui"} route: cluster: consul1 diff --git a/envoy.yaml b/envoy.yaml index 8705c6c2c..228a926f2 100644 --- a/envoy.yaml +++ b/envoy.yaml @@ -31,7 +31,41 @@ node: dependencies: - service: "consul" static_resources: + listeners: + - name: ingress_direct_response + address: + socket_address: + address: 0.0.0.0 + port_value: 10013 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + use_remote_address: true + stat_prefix: ingress_http + codec_type: AUTO + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: ["*"] + routes: + - match: { path: "/" } + direct_response: + status: 200 + body: + inline_string: "Hello" + http_filters: + - name: envoy.filters.http.router clusters: + - name: local_service + connect_timeout: 1s + hosts: + - socket_address: + address: 127.0.0.1 + port_value: 10013 + http2_protocol_options: {} - name: envoy-control-xds connect_timeout: 1s hosts: From 7c009bd815a6bee271aedd2e6a63930d6869a433 Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 10:02:21 +0200 Subject: [PATCH 12/23] Add shalshes --- envoy-front-proxy.yaml | 4 ++-- envoy.yaml | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/envoy-front-proxy.yaml b/envoy-front-proxy.yaml index f07edf3ef..fb1fbcc0e 100644 --- a/envoy-front-proxy.yaml +++ b/envoy-front-proxy.yaml @@ -90,11 +90,11 @@ static_resources: route: cluster: ec1 prefix_rewrite: "/" - - match: { prefix: "/envoy1/ingress"} + - match: { prefix: "/envoy1/ingress/"} route: cluster: envoy1 prefix_rewrite: "/" - - match: { prefix: "/envoy1/direct"} + - match: { prefix: "/envoy1/direct/"} route: cluster: envoy1-direct prefix_rewrite: "/" diff --git a/envoy.yaml b/envoy.yaml index 228a926f2..ee61edc18 100644 --- a/envoy.yaml +++ b/envoy.yaml @@ -51,6 +51,10 @@ static_resources: - name: local_service domains: ["*"] routes: + - match: { prefix: "/status/envoy/"} + route: + cluster: this_admin + prefix_rewrite: "/" - match: { path: "/" } direct_response: status: 200 From e8235bed0e63bca5a85b70936c63f3f504129777 Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 10:22:52 +0200 Subject: [PATCH 13/23] Add egress --- envoy-front-proxy.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/envoy-front-proxy.yaml b/envoy-front-proxy.yaml index fb1fbcc0e..59011cec5 100644 --- a/envoy-front-proxy.yaml +++ b/envoy-front-proxy.yaml @@ -30,6 +30,18 @@ static_resources: socket_address: address: 127.0.0.1 port_value: 10010 + - name: envoy1-egress + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: envoy1-egress + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10011 - name: envoy1-direct type: STATIC connect_timeout: 1s @@ -94,6 +106,10 @@ static_resources: route: cluster: envoy1 prefix_rewrite: "/" + - match: { prefix: "/envoy1/egress/"} + route: + cluster: envoy1-egress + prefix_rewrite: "/" - match: { prefix: "/envoy1/direct/"} route: cluster: envoy1-direct From e9b74b175e90d43e951e69e1d502cf93ed6d0c68 Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 10:31:32 +0200 Subject: [PATCH 14/23] Try to register echo1 --- Dockerfile | 2 +- envoy.yaml | 1 + run-envoy.sh | 13 +++++++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 1d5e4da05..7d9e64501 100644 --- a/Dockerfile +++ b/Dockerfile @@ -80,7 +80,7 @@ COPY envoy.yaml /etc/envoy.yaml COPY envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml COPY --from=consul /bin/consul /bin/consul -RUN apk --no-cache add openjdk11 --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community +RUN apk --no-cache add openjdk11 curl --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community RUN mkdir /tmp/envoy-control-dist /tmp/envoy-control /bin/envoy-control /etc/envoy-control COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/ /tmp/envoy-control-dist COPY ./envoy-control-runner/src/main/resources/application.yaml /etc/envoy-control/ diff --git a/envoy.yaml b/envoy.yaml index ee61edc18..c0fc190fc 100644 --- a/envoy.yaml +++ b/envoy.yaml @@ -30,6 +30,7 @@ node: outgoing: dependencies: - service: "consul" + - service: "echo1" static_resources: listeners: - name: ingress_direct_response diff --git a/run-envoy.sh b/run-envoy.sh index f8d15027e..b42fa2175 100755 --- a/run-envoy.sh +++ b/run-envoy.sh @@ -21,4 +21,17 @@ ls /var/tmp/envoy-control-runner & ls /var/tmp/envoy-control-runner/bin/ & /bin/envoy-control/envoy-control-runner/bin/envoy-control-runner $START_ARGUMENTS & +sh -c 'sleep 10; curl -X PUT --data "{ + "ID": "echo1", + "Name": "echo1", + "Tags": [ "primary" ], + "Address": "127.0.0.1", + "Port": 10010, + "Check": { + "DeregisterCriticalServiceAfter": "90m", + "http": "http://127.0.0.1:10010", + "Interval": "10s" + } +}" -s localhost:8500/v1/agent/service/register' & + consul agent -server -ui -ui-content-path "/consul/ui" -dev -client 0.0.0.0 From bcff981c2999c6eb0d2c31e0b26be45ac339c96e Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 10:47:15 +0200 Subject: [PATCH 15/23] Try to fix registration --- Dockerfile | 1 + register-echo1.json | 15 +++++++++++++++ run-envoy.sh | 16 +--------------- 3 files changed, 17 insertions(+), 15 deletions(-) create mode 100644 register-echo1.json diff --git a/Dockerfile b/Dockerfile index 7d9e64501..2292fc0a0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -84,6 +84,7 @@ RUN apk --no-cache add openjdk11 curl --repository=http://dl-cdn.alpinelinux.org RUN mkdir /tmp/envoy-control-dist /tmp/envoy-control /bin/envoy-control /etc/envoy-control COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/ /tmp/envoy-control-dist COPY ./envoy-control-runner/src/main/resources/application.yaml /etc/envoy-control/ +COPY ./register-echo1.json /etc/envoy-control/ RUN tar -xvf /tmp/envoy-control-dist/envoy-control-runner*.tar -C /tmp/envoy-control RUN mv /tmp/envoy-control/envoy-control-runner*/ /bin/envoy-control/envoy-control-runner # APP_PORT: 8080 diff --git a/register-echo1.json b/register-echo1.json new file mode 100644 index 000000000..bcb3292c5 --- /dev/null +++ b/register-echo1.json @@ -0,0 +1,15 @@ +{ + "ID":"echo1", + "Name":"echo1", + "Tags":[ + "primary" + ], + "Address":"127.0.0.1", + "Port":10010, + "Check":{ + "DeregisterCriticalServiceAfter":"90m", + "http":"http://127.0.0.1:10010", + "Interval":"10s" + } +} + diff --git a/run-envoy.sh b/run-envoy.sh index b42fa2175..c4d3f8f3c 100755 --- a/run-envoy.sh +++ b/run-envoy.sh @@ -16,22 +16,8 @@ if [ ! -z "${ENVOY_CONTROL_PROPERTIES}" ]; then START_ARGUMENTS="$START_ARGUMENTS $ENVOY_CONTROL_PROPERTIES" fi echo "Launching Envoy-control with $START_ARGUMENTS" -ls /var/tmp/ & -ls /var/tmp/envoy-control-runner & -ls /var/tmp/envoy-control-runner/bin/ & /bin/envoy-control/envoy-control-runner/bin/envoy-control-runner $START_ARGUMENTS & -sh -c 'sleep 10; curl -X PUT --data "{ - "ID": "echo1", - "Name": "echo1", - "Tags": [ "primary" ], - "Address": "127.0.0.1", - "Port": 10010, - "Check": { - "DeregisterCriticalServiceAfter": "90m", - "http": "http://127.0.0.1:10010", - "Interval": "10s" - } -}" -s localhost:8500/v1/agent/service/register' & +sh -c 'sleep 10; curl -X PUT -s localhost:8500/v1/agent/service/register -T /etc/envoy-control/register-echo1.json' & consul agent -server -ui -ui-content-path "/consul/ui" -dev -client 0.0.0.0 From 123a0f4419dbefdc0538ff583a24d48f984ffcd0 Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 11:01:38 +0200 Subject: [PATCH 16/23] Start envoy with a delay --- run-envoy.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/run-envoy.sh b/run-envoy.sh index c4d3f8f3c..0ae4d3db2 100755 --- a/run-envoy.sh +++ b/run-envoy.sh @@ -1,11 +1,6 @@ #!/usr/bin/dumb-init /bin/sh set -e -sed -i "s/{{.IngressListenerPort}}/${PORT:-10000}/g" /etc/envoy-front-proxy.yaml - -/usr/local/bin/envoy --base-id 1 -c /etc/envoy.yaml & -/usr/local/bin/envoy -c /etc/envoy-front-proxy.yaml & - # start EC START_ARGUMENTS="" CONFIG_FILE=/etc/envoy-control/application.yaml @@ -18,6 +13,11 @@ fi echo "Launching Envoy-control with $START_ARGUMENTS" /bin/envoy-control/envoy-control-runner/bin/envoy-control-runner $START_ARGUMENTS & -sh -c 'sleep 10; curl -X PUT -s localhost:8500/v1/agent/service/register -T /etc/envoy-control/register-echo1.json' & +# start envoys +sed -i "s/{{.IngressListenerPort}}/${PORT:-10000}/g" /etc/envoy-front-proxy.yaml +sh -c 'sleep 10; /usr/local/bin/envoy --base-id 1 -c /etc/envoy.yaml' & +/usr/local/bin/envoy -c /etc/envoy-front-proxy.yaml & + +sh -c 'sleep 12; curl -X PUT -s localhost:8500/v1/agent/service/register -T /etc/envoy-control/register-echo1.json' & consul agent -server -ui -ui-content-path "/consul/ui" -dev -client 0.0.0.0 From 1554b08098271cb6e52a681ce403da2ccaceea79 Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 11:09:32 +0200 Subject: [PATCH 17/23] it takes 11 seconds to run ec --- run-envoy.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/run-envoy.sh b/run-envoy.sh index 0ae4d3db2..27bfcc581 100755 --- a/run-envoy.sh +++ b/run-envoy.sh @@ -15,9 +15,9 @@ echo "Launching Envoy-control with $START_ARGUMENTS" # start envoys sed -i "s/{{.IngressListenerPort}}/${PORT:-10000}/g" /etc/envoy-front-proxy.yaml -sh -c 'sleep 10; /usr/local/bin/envoy --base-id 1 -c /etc/envoy.yaml' & +sh -c 'sleep 20; /usr/local/bin/envoy --base-id 1 -c /etc/envoy.yaml' & /usr/local/bin/envoy -c /etc/envoy-front-proxy.yaml & -sh -c 'sleep 12; curl -X PUT -s localhost:8500/v1/agent/service/register -T /etc/envoy-control/register-echo1.json' & +sh -c 'sleep 25; curl -X PUT -s localhost:8500/v1/agent/service/register -T /etc/envoy-control/register-echo1.json' & consul agent -server -ui -ui-content-path "/consul/ui" -dev -client 0.0.0.0 From f7bfcaf08b52febf125a115695569e2b960aeea5 Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 19:45:39 +0200 Subject: [PATCH 18/23] Automatically deploy papertrail --- app.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app.json b/app.json index bbde70925..d845b8e33 100644 --- a/app.json +++ b/app.json @@ -1,3 +1,8 @@ { + "addons": [ + { + "plan": "papertrail:choklad" + } + ], "stack": "container" } From bc6898f31900b3cfcd482f89859ca6c5718525de Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 20:36:22 +0200 Subject: [PATCH 19/23] Try to speed up build --- .dockerignore | 3 +++ Dockerfile | 17 ++++++++--------- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.dockerignore b/.dockerignore index 04204c7c9..9576c5422 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1 +1,4 @@ config +./**/build/** +./idea +./gradle diff --git a/Dockerfile b/Dockerfile index 2292fc0a0..7aa88025f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,11 +6,6 @@ ENV CONSUL_VERSION=1.7.4 # This is the location of the releases. ENV HASHICORP_RELEASES=https://releases.hashicorp.com -# Create a consul user and group first so the IDs get set the same way, even as -# the rest of this may change over time. -RUN addgroup consul && \ - adduser -S -G consul consul - # Set up certificates, base tools, and Consul. # libc6-compat is needed to symlink the shared libraries for ARM builds RUN set -eux && \ @@ -71,11 +66,15 @@ EXPOSE 8500 8600 8600/udp # process to reap any zombie processes created by Consul sub-processes. FROM gradle:5.6.2-jdk11 AS build -COPY --chown=gradle:gradle . /home/gradle/src +COPY --chown=gradle:gradle settings.gradle build.gradle /home/gradle/src/ +COPY --chown=gradle:gradle envoy-control-core/ /home/gradle/src/envoy-control-core/ +COPY --chown=gradle:gradle envoy-control-runner/ /home/gradle/src/envoy-control-runner/ +COPY --chown=gradle:gradle envoy-control-services/ /home/gradle/src/envoy-control-services/ +COPY --chown=gradle:gradle envoy-control-source-consul/ /home/gradle/src/envoy-control-source-consul/ WORKDIR /home/gradle/src -RUN gradle :envoy-control-runner:assemble --no-daemon +RUN gradle :envoy-control-runner:assemble --parallel --no-daemon -FROM envoyproxy/envoy-alpine-dev:6c2137468c25d167dbbe4719b0ecaf343bfb4233 +FROM envoyproxy/envoy-alpine-dev:6c2137468c25d167dbbe4719b0ecaf343bfb4233 as envoy COPY envoy.yaml /etc/envoy.yaml COPY envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml COPY --from=consul /bin/consul /bin/consul @@ -85,7 +84,7 @@ RUN mkdir /tmp/envoy-control-dist /tmp/envoy-control /bin/envoy-control /etc/env COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/ /tmp/envoy-control-dist COPY ./envoy-control-runner/src/main/resources/application.yaml /etc/envoy-control/ COPY ./register-echo1.json /etc/envoy-control/ -RUN tar -xvf /tmp/envoy-control-dist/envoy-control-runner*.tar -C /tmp/envoy-control +RUN tar -xf /tmp/envoy-control-dist/envoy-control-runner*.tar -C /tmp/envoy-control RUN mv /tmp/envoy-control/envoy-control-runner*/ /bin/envoy-control/envoy-control-runner # APP_PORT: 8080 # XDS_PORT: 50000 From 440b6b9faf3146695c5be025ecc08821b0ac7b6a Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 20:42:02 +0200 Subject: [PATCH 20/23] Check if cache works From a902af96873c576897dd18a0fafe6fb3f372d6f7 Mon Sep 17 00:00:00 2001 From: slonka Date: Sun, 14 Jun 2020 20:59:02 +0200 Subject: [PATCH 21/23] Move files --- Dockerfile | 8 ++++---- envoy-front-proxy.yaml => heroku/envoy-front-proxy.yaml | 0 envoy.yaml => heroku/envoy.yaml | 0 register-echo1.json => heroku/register-echo1.json | 0 run-envoy.sh => heroku/run-envoy.sh | 0 5 files changed, 4 insertions(+), 4 deletions(-) rename envoy-front-proxy.yaml => heroku/envoy-front-proxy.yaml (100%) rename envoy.yaml => heroku/envoy.yaml (100%) rename register-echo1.json => heroku/register-echo1.json (100%) rename run-envoy.sh => heroku/run-envoy.sh (100%) diff --git a/Dockerfile b/Dockerfile index 7aa88025f..fdfbad520 100644 --- a/Dockerfile +++ b/Dockerfile @@ -75,19 +75,19 @@ WORKDIR /home/gradle/src RUN gradle :envoy-control-runner:assemble --parallel --no-daemon FROM envoyproxy/envoy-alpine-dev:6c2137468c25d167dbbe4719b0ecaf343bfb4233 as envoy -COPY envoy.yaml /etc/envoy.yaml -COPY envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml +COPY heroku/envoy.yaml /etc/envoy.yaml +COPY heroku/envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml COPY --from=consul /bin/consul /bin/consul RUN apk --no-cache add openjdk11 curl --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community RUN mkdir /tmp/envoy-control-dist /tmp/envoy-control /bin/envoy-control /etc/envoy-control COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/ /tmp/envoy-control-dist COPY ./envoy-control-runner/src/main/resources/application.yaml /etc/envoy-control/ -COPY ./register-echo1.json /etc/envoy-control/ +COPY heroku/register-echo1.json /etc/envoy-control/ RUN tar -xf /tmp/envoy-control-dist/envoy-control-runner*.tar -C /tmp/envoy-control RUN mv /tmp/envoy-control/envoy-control-runner*/ /bin/envoy-control/envoy-control-runner # APP_PORT: 8080 # XDS_PORT: 50000 -COPY run-envoy.sh /run-envoy.sh +COPY heroku/run-envoy.sh /run-envoy.sh CMD ["sh", "/run-envoy.sh"] diff --git a/envoy-front-proxy.yaml b/heroku/envoy-front-proxy.yaml similarity index 100% rename from envoy-front-proxy.yaml rename to heroku/envoy-front-proxy.yaml diff --git a/envoy.yaml b/heroku/envoy.yaml similarity index 100% rename from envoy.yaml rename to heroku/envoy.yaml diff --git a/register-echo1.json b/heroku/register-echo1.json similarity index 100% rename from register-echo1.json rename to heroku/register-echo1.json diff --git a/run-envoy.sh b/heroku/run-envoy.sh similarity index 100% rename from run-envoy.sh rename to heroku/run-envoy.sh From 650c3f79654186bbf17d048407dc11482e3bbfee Mon Sep 17 00:00:00 2001 From: slonka Date: Fri, 19 Jun 2020 22:10:55 +0200 Subject: [PATCH 22/23] Run two envoys --- Dockerfile | 4 +- heroku/{envoy.yaml => envoy1.yaml} | 7 ++- heroku/envoy2.yaml | 97 ++++++++++++++++++++++++++++++ heroku/register-echo2.json | 15 +++++ heroku/run-envoy.sh | 3 +- 5 files changed, 123 insertions(+), 3 deletions(-) rename heroku/{envoy.yaml => envoy1.yaml} (93%) create mode 100644 heroku/envoy2.yaml create mode 100644 heroku/register-echo2.json diff --git a/Dockerfile b/Dockerfile index fdfbad520..8b85a859c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -75,7 +75,8 @@ WORKDIR /home/gradle/src RUN gradle :envoy-control-runner:assemble --parallel --no-daemon FROM envoyproxy/envoy-alpine-dev:6c2137468c25d167dbbe4719b0ecaf343bfb4233 as envoy -COPY heroku/envoy.yaml /etc/envoy.yaml +COPY heroku/envoy1.yaml /etc/envoy1.yaml +COPY heroku/envoy2.yaml /etc/envoy2.yaml COPY heroku/envoy-front-proxy.yaml /etc/envoy-front-proxy.yaml COPY --from=consul /bin/consul /bin/consul @@ -84,6 +85,7 @@ RUN mkdir /tmp/envoy-control-dist /tmp/envoy-control /bin/envoy-control /etc/env COPY --from=build /home/gradle/src/envoy-control-runner/build/distributions/ /tmp/envoy-control-dist COPY ./envoy-control-runner/src/main/resources/application.yaml /etc/envoy-control/ COPY heroku/register-echo1.json /etc/envoy-control/ +COPY heroku/register-echo2.json /etc/envoy-control/ RUN tar -xf /tmp/envoy-control-dist/envoy-control-runner*.tar -C /tmp/envoy-control RUN mv /tmp/envoy-control/envoy-control-runner*/ /bin/envoy-control/envoy-control-runner # APP_PORT: 8080 diff --git a/heroku/envoy.yaml b/heroku/envoy1.yaml similarity index 93% rename from heroku/envoy.yaml rename to heroku/envoy1.yaml index c0fc190fc..bdf40d11b 100644 --- a/heroku/envoy.yaml +++ b/heroku/envoy1.yaml @@ -27,10 +27,15 @@ node: add_upstream_external_address_header: true resources_dir: "/etc/envoy/extra" proxy_settings: + incoming: + endpoints: + - pathPrefix: "/" + clients: ["echo2"] outgoing: dependencies: - service: "consul" - service: "echo1" + - service: "echo2" static_resources: listeners: - name: ingress_direct_response @@ -60,7 +65,7 @@ static_resources: direct_response: status: 200 body: - inline_string: "Hello" + inline_string: "Hello from echo1" http_filters: - name: envoy.filters.http.router clusters: diff --git a/heroku/envoy2.yaml b/heroku/envoy2.yaml new file mode 100644 index 000000000..e445348bb --- /dev/null +++ b/heroku/envoy2.yaml @@ -0,0 +1,97 @@ +admin: + access_log_path: /dev/stdout + address: + socket_address: + address: 0.0.0.0 + port_value: 10022 +dynamic_resources: + lds_config: {ads: {}} + cds_config: {ads: {}} + ads_config: + api_type: GRPC + grpc_services: + envoy_grpc: + cluster_name: envoy-control-xds +node: + cluster: test-cluster + id: test-id + metadata: + service_name: "echo2" + ads: true + ingress_host: "0.0.0.0" + ingress_port: 10020 + egress_host: "0.0.0.0" + egress_port: 10021 + use_remote_address: true + access_log_enabled: false + add_upstream_external_address_header: true + resources_dir: "/etc/envoy/extra" + proxy_settings: + incoming: + endpoints: + - pathPrefix: "/" + clients: ["echo1"] + outgoing: + dependencies: + - service: "consul" + - service: "echo1" + - service: "echo2" +static_resources: + listeners: + - name: ingress_direct_response + address: + socket_address: + address: 0.0.0.0 + port_value: 10023 + filter_chains: + - filters: + - name: envoy.filters.network.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + use_remote_address: true + stat_prefix: ingress_http + codec_type: AUTO + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: ["*"] + routes: + - match: { prefix: "/status/envoy/"} + route: + cluster: this_admin + prefix_rewrite: "/" + - match: { path: "/" } + direct_response: + status: 200 + body: + inline_string: "Hello from echo2" + http_filters: + - name: envoy.filters.http.router + clusters: + - name: local_service + connect_timeout: 1s + hosts: + - socket_address: + address: 127.0.0.1 + port_value: 10023 + http2_protocol_options: {} + - name: envoy-control-xds + connect_timeout: 1s + hosts: + - socket_address: + address: 127.0.0.1 + port_value: 50000 + http2_protocol_options: {} + - name: this_admin + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: this_admin + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10022 diff --git a/heroku/register-echo2.json b/heroku/register-echo2.json new file mode 100644 index 000000000..426855d3d --- /dev/null +++ b/heroku/register-echo2.json @@ -0,0 +1,15 @@ +{ + "ID":"echo2", + "Name":"echo2", + "Tags":[ + "primary" + ], + "Address":"127.0.0.1", + "Port":10020, + "Check":{ + "DeregisterCriticalServiceAfter":"90m", + "http":"http://127.0.0.1:10020", + "Interval":"10s" + } +} + diff --git a/heroku/run-envoy.sh b/heroku/run-envoy.sh index 27bfcc581..6687ece1f 100755 --- a/heroku/run-envoy.sh +++ b/heroku/run-envoy.sh @@ -15,7 +15,8 @@ echo "Launching Envoy-control with $START_ARGUMENTS" # start envoys sed -i "s/{{.IngressListenerPort}}/${PORT:-10000}/g" /etc/envoy-front-proxy.yaml -sh -c 'sleep 20; /usr/local/bin/envoy --base-id 1 -c /etc/envoy.yaml' & +sh -c 'sleep 20; /usr/local/bin/envoy --base-id 1 -c /etc/envoy1.yaml' & +sh -c 'sleep 20; /usr/local/bin/envoy --base-id 2 -c /etc/envoy2.yaml' & /usr/local/bin/envoy -c /etc/envoy-front-proxy.yaml & sh -c 'sleep 25; curl -X PUT -s localhost:8500/v1/agent/service/register -T /etc/envoy-control/register-echo1.json' & From 96f613dca73acca97f78a4d1b9a510c88ccd49fc Mon Sep 17 00:00:00 2001 From: slonka Date: Sat, 20 Jun 2020 22:06:26 +0200 Subject: [PATCH 23/23] Add envoy2 clusters --- heroku/envoy-front-proxy.yaml | 38 +++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/heroku/envoy-front-proxy.yaml b/heroku/envoy-front-proxy.yaml index 59011cec5..4b82e0994 100644 --- a/heroku/envoy-front-proxy.yaml +++ b/heroku/envoy-front-proxy.yaml @@ -54,6 +54,44 @@ static_resources: socket_address: address: 127.0.0.1 port_value: 10013 + + - name: envoy2 + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: envoy2 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10020 + - name: envoy2-egress + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: envoy2-egress + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10021 + - name: envoy2-direct + type: STATIC + connect_timeout: 1s + load_assignment: + cluster_name: envoy2-direct + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 10023 + - name: ec1 type: STATIC connect_timeout: 1s