diff --git a/Dockerfile b/Dockerfile index 8b793a9..0d35ba8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM traefik:v3.0 +FROM envoyproxy/envoy:v1.22.8 ARG BUILD_TIME @@ -8,11 +8,11 @@ LABEL dev.egommerce.image.service="api-gateway" LABEL dev.egommerce.image.version="1.0" LABEL dev.egommerce.image.build_time=${BUILD_TIME} -COPY ./api-gateway/etc /etc/traefik -COPY ./api-gateway/plugins /plugins-local +COPY ./api-gateway/etc /etc/envoy +# COPY ./api-gateway/plugins /plugins-local COPY ./api-gateway/entrypoint.sh ./api-gateway/wait-for-it.sh / ENTRYPOINT ["/entrypoint.sh"] -CMD ["traefik"] +CMD ["envoy", "-c", "/etc/envoy/envoy.yaml"] EXPOSE 443 8080 diff --git a/README.md b/README.md index be583e9..e0b919b 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,3 @@ # API Gateway -API Gateway - API Gateway based on Traefik service +API Gateway - API Gateway based on Envoy service diff --git a/api-gateway/.vscode/launch.json b/api-gateway/.vscode/launch.json deleted file mode 100644 index 2403c85..0000000 --- a/api-gateway/.vscode/launch.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - // Use IntelliSense to learn about possible attributes. - // Hover to view descriptions of existing attributes. - // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 - "version": "0.2.0", - "configurations": [ - { - "type": "java", - "name": "Debug App", - "request": "launch", - "mainClass": "com.egommerce.apigateway.Bootstrap", - "projectName": "api-gateway" - } - ] -} \ No newline at end of file diff --git a/api-gateway/.vscode/settings.json b/api-gateway/.vscode/settings.json deleted file mode 100644 index 89a7e88..0000000 --- a/api-gateway/.vscode/settings.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "java.configuration.updateBuildConfiguration": "interactive", - "maven.view": "hierarchical" -} \ No newline at end of file diff --git a/api-gateway/entrypoint.sh b/api-gateway/entrypoint.sh index 4217125..c3c76ff 100755 --- a/api-gateway/entrypoint.sh +++ b/api-gateway/entrypoint.sh @@ -14,22 +14,22 @@ waitForService() done } -waitForService "api-registry:8500" +# waitForService "api-registry:8500" set -e # first arg is `-f` or `--some-option` if [ "${1#-}" != "$1" ]; then - set -- traefik "$@" + set -- envoy "$@" fi -# if our command is a valid Traefik subcommand, let's invoke it through Traefik instead -# (this allows for "docker run traefik version", etc) -if traefik "$1" --help >/dev/null 2>&1 +# if our command is a valid Envoy subcommand, let's invoke it through Envoy instead +# (this allows for "docker run envoy version", etc) +if envoy "$1" --help >/dev/null 2>&1 then - set -- traefik "$@" + set -- envoy "$@" else - echo "= '$1' is not a Traefik command: assuming shell execution." 1>&2 + echo "= '$1' is not a Envoy command: assuming shell execution." 1>&2 fi # echo "Executing: $@" diff --git a/api-gateway/etc/cds.yaml b/api-gateway/etc/cds.yaml new file mode 100644 index 0000000..fc564cb --- /dev/null +++ b/api-gateway/etc/cds.yaml @@ -0,0 +1,23 @@ +resources: +- "@type": type.googleapis.com/envoy.config.cluster.v3.Cluster + name: example_proxy_cluster + type: STRICT_DNS + typed_extension_protocol_options: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicit_http_config: + http2_protocol_options: {} + load_assignment: + cluster_name: example_proxy_cluster + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: www.envoyproxy.io + port_value: 443 + transport_socket: + name: envoy.transport_sockets.tls + typed_config: + "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext + sni: www.envoyproxy.io diff --git a/api-gateway/etc/envoy.yaml b/api-gateway/etc/envoy.yaml new file mode 100644 index 0000000..55dc128 --- /dev/null +++ b/api-gateway/etc/envoy.yaml @@ -0,0 +1,12 @@ +dynamic_resources: + cds_config: + path: /etc/envoy/cds.yaml + lds_config: + path: /etc/envoy/lds.yaml + +admin: + address: + socket_address: + address: 0.0.0.0 + port_value: 8080 + diff --git a/api-gateway/etc/lds.yaml b/api-gateway/etc/lds.yaml new file mode 100644 index 0000000..0d1a4b5 --- /dev/null +++ b/api-gateway/etc/lds.yaml @@ -0,0 +1,29 @@ +resources: +- "@type": type.googleapis.com/envoy.config.listener.v3.Listener + name: listener_0 + address: + socket_address: + address: 0.0.0.0 + port_value: 8443 + filter_chains: + - filters: + - name: envoy.http_connection_manager + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + stat_prefix: ingress_http + http_filters: + - name: envoy.router + typed_config: + "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + route_config: + name: local_route + virtual_hosts: + - name: local_service + domains: + - "*" + routes: + - match: + prefix: "/" + route: + host_rewrite_literal: www.envoyproxy.io + cluster: example_proxy_cluster diff --git a/api-gateway/etc/tls.yml b/api-gateway/etc/tls.yml deleted file mode 100644 index bc7e093..0000000 --- a/api-gateway/etc/tls.yml +++ /dev/null @@ -1,9 +0,0 @@ -tls: - certificates: - certFile: /etc/traefik/certs/client.cert - keyFile: /etc/traefik/certs/client.key - stores: - default: - defaultCertificate: - certFile: /etc/traefik/certs/client.cert - keyFile: /etc/traefik/certs/client.key diff --git a/api-gateway/etc/traefik.yml b/api-gateway/etc/traefik.yml deleted file mode 100644 index 764840f..0000000 --- a/api-gateway/etc/traefik.yml +++ /dev/null @@ -1,68 +0,0 @@ -################################################################ -global: - checkNewVersion: false - sendAnonymousUsage: false - -################################################################ -entryPoints: - https: - address: :443 - transport: - respondingTimeouts: - readTimeout: '100ms' - writeTimeout: '100ms' - idleTimeout: '200ms' - # ^^ FIXME: Use ENV var - metrics: - address: :8084 - -################################################################ -# serversTransport: - # insecureSkipVerify: true - # rootCAs: - # - /etc/traefik/certs/client.cert - -################################################################ -api: - insecure: true - # dashboard: true - -################################################################ -providers: - file: - filename: /etc/traefik/tls.yml - docker: - exposedByDefault: false - # Default host rule. - # Optional - # Default: "Host(`{{ normalize .Name }}`)" - # defaultRule: Host(`{{ normalize .Name }}.docker.localhost`) -################################################################ - consulCatalog: - exposedByDefault: false - refreshInterval: 5s - # ^^ configure in stack`s yml api-registry `command:` section: --providers.consulcatalog.refreshInterval=10s - endpoint: - address: api-registry:8500 - # ^^ FIXME: Use ENV var - -################################################################ -# log: -# level: DEBUG - -################################################################ -accessLog: {} - -################################################################ -metrics: - prometheus: - entryPoint: metrics - addEntryPointsLabels: true - addRoutersLabels: true - addServicesLabels: true - -################################################################ -experimental: - localPlugins: - requestid: - moduleName: "git.pbiernat.dev/traefik/plugin-requestid" diff --git a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/.traefik.yml b/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/.traefik.yml deleted file mode 100644 index 02fd233..0000000 --- a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/.traefik.yml +++ /dev/null @@ -1,6 +0,0 @@ -displayName: Add X-Request-ID Header -type: middleware -import: git.pbiernat.dev/traefik/plugin-requestid -summary: 'Add a X-Request-ID header for tracing' - -testData: {} \ No newline at end of file diff --git a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/README.md b/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/README.md deleted file mode 100644 index 1a9f7bd..0000000 --- a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# plugin-requestid - -Add X-Request-ID header \ No newline at end of file diff --git a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/go.mod b/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/go.mod deleted file mode 100644 index d74eef9..0000000 --- a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module git.pbiernat.dev/traefik/plugin-requestid - -go 1.18 diff --git a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/requestid.go b/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/requestid.go deleted file mode 100644 index d5833d6..0000000 --- a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/requestid.go +++ /dev/null @@ -1,61 +0,0 @@ -package plugin_requestid - -import ( - "context" - "fmt" - "net/http" -) - -const defaultHeaderName = "X-Request-ID" - -// Config plugin configuration -type Config struct { - HeaderName string `json:"headerName"` -} - -// CreateConfig create default plugin configuration -func CreateConfig() *Config { - return &Config{ - HeaderName: defaultHeaderName, - } -} - -// RequestIDHeader -type RequestIDHeader struct { - headerName string - name string - next http.Handler -} - -// New create new RequestIDHeader -func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) { - hdr := &RequestIDHeader{ - next: next, - name: name, - } - - if config == nil { - return nil, fmt.Errorf("config can not be nil") - } - - if config.HeaderName == "" { - hdr.headerName = defaultHeaderName - } else { - hdr.headerName = config.HeaderName - } - - return hdr, nil - -} - -func (r *RequestIDHeader) ServeHTTP(rw http.ResponseWriter, req *http.Request) { - uuid := newUUID().String() - - // header injection to backend service - req.Header.Add(r.headerName, uuid) - - // header injection to client response - rw.Header().Add(r.headerName, uuid) - - r.next.ServeHTTP(rw, req) -} diff --git a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/uuid.go b/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/uuid.go deleted file mode 100644 index b1f1e12..0000000 --- a/api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/uuid.go +++ /dev/null @@ -1,58 +0,0 @@ -// source: https://github.com/trinnylondon/traefik-add-trace-id/blob/master/rand-utils.go -package plugin_requestid - -import ( - "crypto/rand" - "encoding/hex" - "io" -) - -var rander = rand.Reader // random function -type UUID [16]byte - -func must(uuid UUID, err error) UUID { - if err != nil { - panic(err) - } - return uuid -} - -func newUUID() UUID { - return must(newRandom()) -} - -func newRandom() (UUID, error) { - return newRandomFromReader(rander) -} - -// newRandomFromReader returns a UUID based on bytes read from a given io.Reader. -func newRandomFromReader(r io.Reader) (UUID, error) { - var uuid UUID - _, err := io.ReadFull(r, uuid[:]) - if err != nil { - return UUID{}, err - } - uuid[6] = (uuid[6] & 0x0f) | 0x40 // Version 4 - uuid[8] = (uuid[8] & 0x3f) | 0x80 // Variant is 10 - return uuid, nil -} - -// String returns the string form of uuid, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -// , or "" if uuid is invalid. -func (uuid UUID) String() string { - var buf [36]byte - encodeHex(buf[:], uuid) - return string(buf[:]) -} - -func encodeHex(dst []byte, uuid UUID) { - hex.Encode(dst, uuid[:4]) - dst[8] = '-' - hex.Encode(dst[9:13], uuid[4:6]) - dst[13] = '-' - hex.Encode(dst[14:18], uuid[6:8]) - dst[18] = '-' - hex.Encode(dst[19:23], uuid[8:10]) - dst[23] = '-' - hex.Encode(dst[24:], uuid[10:]) -}