migrate to envoy in progress...

Dockerfile

@@ -1,4 +1,4 @@
-FROM traefik:v3.0
+FROM envoyproxy/envoy:v1.22.8
 
 ARG BUILD_TIME
 
@@ -8,11 +8,11 @@ LABEL dev.egommerce.image.service="api-gateway"
 LABEL dev.egommerce.image.version="1.0"
 LABEL dev.egommerce.image.build_time=${BUILD_TIME}
 
-COPY ./api-gateway/etc /etc/traefik
-COPY ./api-gateway/plugins /plugins-local
+COPY ./api-gateway/etc /etc/envoy
+# COPY ./api-gateway/plugins /plugins-local
 COPY ./api-gateway/entrypoint.sh ./api-gateway/wait-for-it.sh /
 
 ENTRYPOINT ["/entrypoint.sh"]
-CMD ["traefik"]
+CMD ["envoy", "-c", "/etc/envoy/envoy.yaml"]
 
 EXPOSE 443 8080

README.md

@@ -1,3 +1,3 @@
 # API Gateway
 
-API Gateway - API Gateway based on Traefik service
+API Gateway - API Gateway based on Envoy service

api-gateway/.vscode/launch.json

@@ -1,15 +0,0 @@
-{
-    // Use IntelliSense to learn about possible attributes.
-    // Hover to view descriptions of existing attributes.
-    // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
-    "version": "0.2.0",
-    "configurations": [
-        {
-            "type": "java",
-            "name": "Debug App",
-            "request": "launch",
-            "mainClass": "com.egommerce.apigateway.Bootstrap",
-            "projectName": "api-gateway"
-        }
-    ]
-}

api-gateway/.vscode/settings.json

@@ -1,4 +0,0 @@
-{
-    "java.configuration.updateBuildConfiguration": "interactive",
-    "maven.view": "hierarchical"
-}

api-gateway/entrypoint.sh

@@ -14,22 +14,22 @@ waitForService()
     done
 }
 
-waitForService "api-registry:8500"
+# waitForService "api-registry:8500"
 
 set -e
 
 # first arg is `-f` or `--some-option`
 if [ "${1#-}" != "$1" ]; then
-    set -- traefik "$@"
+    set -- envoy "$@"
 fi
 
-# if our command is a valid Traefik subcommand, let's invoke it through Traefik instead
-# (this allows for "docker run traefik version", etc)
-if traefik "$1" --help >/dev/null 2>&1
+# if our command is a valid Envoy subcommand, let's invoke it through Envoy instead
+# (this allows for "docker run envoy version", etc)
+if envoy "$1" --help >/dev/null 2>&1
 then
-    set -- traefik "$@"
+    set -- envoy "$@"
 else
-    echo "= '$1' is not a Traefik command: assuming shell execution." 1>&2
+    echo "= '$1' is not a Envoy command: assuming shell execution." 1>&2
 fi
 
 # echo "Executing: $@"

api-gateway/etc/cds.yaml

@@ -0,0 +1,23 @@
+resources:
+- "@type": type.googleapis.com/envoy.config.cluster.v3.Cluster
+  name: example_proxy_cluster
+  type: STRICT_DNS
+  typed_extension_protocol_options:
+    envoy.extensions.upstreams.http.v3.HttpProtocolOptions:
+      "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions
+      explicit_http_config:
+        http2_protocol_options: {}
+  load_assignment:
+    cluster_name: example_proxy_cluster
+    endpoints:
+    - lb_endpoints:
+      - endpoint:
+          address:
+            socket_address:
+              address: www.envoyproxy.io
+              port_value: 443
+  transport_socket:
+    name: envoy.transport_sockets.tls
+    typed_config:
+      "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
+      sni: www.envoyproxy.io

api-gateway/etc/envoy.yaml

@@ -0,0 +1,12 @@
+dynamic_resources:
+  cds_config:
+    path: /etc/envoy/cds.yaml
+  lds_config:
+    path: /etc/envoy/lds.yaml
+
+admin:
+  address:
+    socket_address:
+      address: 0.0.0.0
+      port_value: 8080
+

api-gateway/etc/lds.yaml

@@ -0,0 +1,29 @@
+resources:
+- "@type": type.googleapis.com/envoy.config.listener.v3.Listener
+  name: listener_0
+  address:
+    socket_address:
+      address: 0.0.0.0
+      port_value: 8443
+  filter_chains:
+  - filters:
+    - name: envoy.http_connection_manager
+      typed_config:
+        "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+        stat_prefix: ingress_http
+        http_filters:
+        - name: envoy.router
+          typed_config:
+            "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
+        route_config:
+          name: local_route
+          virtual_hosts:
+          - name: local_service
+            domains:
+            - "*"
+            routes:
+            - match:
+                prefix: "/"
+              route:
+                host_rewrite_literal: www.envoyproxy.io
+                cluster: example_proxy_cluster

api-gateway/etc/tls.yml

@@ -1,9 +0,0 @@
-tls:
-  certificates:
-        certFile: /etc/traefik/certs/client.cert
-        keyFile: /etc/traefik/certs/client.key
-  stores:
-    default:
-      defaultCertificate:
-        certFile: /etc/traefik/certs/client.cert
-        keyFile: /etc/traefik/certs/client.key

api-gateway/etc/traefik.yml

@@ -1,68 +0,0 @@
-################################################################
-global:
-  checkNewVersion: false
-  sendAnonymousUsage: false
-
-################################################################
-entryPoints:
-  https:
-    address: :443
-    transport:
-      respondingTimeouts:
-        readTimeout: '100ms'
-        writeTimeout: '100ms'
-        idleTimeout: '200ms'
-        # ^^ FIXME: Use ENV var
-  metrics:
-    address: :8084
-
-################################################################
-# serversTransport:
-  # insecureSkipVerify: true
-  # rootCAs:
-    # - /etc/traefik/certs/client.cert
-
-################################################################
-api:
-  insecure: true
-  # dashboard: true
-
-################################################################
-providers:
-  file:
-    filename: /etc/traefik/tls.yml
-  docker:
-    exposedByDefault: false
-    # Default host rule.
-    # Optional
-    # Default: "Host(`{{ normalize .Name }}`)"
-    # defaultRule: Host(`{{ normalize .Name }}.docker.localhost`)
-################################################################
-  consulCatalog:
-    exposedByDefault: false
-    refreshInterval: 5s
-    # ^^ configure in stack`s yml api-registry `command:` section: --providers.consulcatalog.refreshInterval=10s
-    endpoint:
-      address: api-registry:8500
-      # ^^ FIXME: Use ENV var
-
-################################################################
-# log:
-#   level: DEBUG
-
-################################################################
-accessLog: {}
-
-################################################################
-metrics:
-  prometheus:
-    entryPoint: metrics
-    addEntryPointsLabels: true
-    addRoutersLabels: true
-    addServicesLabels: true
-
-################################################################
-experimental:
-  localPlugins:
-    requestid:
-      moduleName: "git.pbiernat.dev/traefik/plugin-requestid"

api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/.traefik.yml

@@ -1,6 +0,0 @@
-displayName: Add X-Request-ID Header
-type: middleware
-import: git.pbiernat.dev/traefik/plugin-requestid
-summary: 'Add a X-Request-ID header for tracing'
-
-testData: {}

api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/README.md

@@ -1,3 +0,0 @@
-# plugin-requestid
-
-Add X-Request-ID header

api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/go.mod

@@ -1,3 +0,0 @@
-module git.pbiernat.dev/traefik/plugin-requestid
-
-go 1.18

api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/requestid.go

@@ -1,61 +0,0 @@
-package plugin_requestid
-
-import (
-	"context"
-	"fmt"
-	"net/http"
-)
-
-const defaultHeaderName = "X-Request-ID"
-
-// Config plugin configuration
-type Config struct {
-	HeaderName string `json:"headerName"`
-}
-
-// CreateConfig create default plugin configuration
-func CreateConfig() *Config {
-	return &Config{
-		HeaderName: defaultHeaderName,
-	}
-}
-
-// RequestIDHeader
-type RequestIDHeader struct {
-	headerName string
-	name       string
-	next       http.Handler
-}
-
-// New create new RequestIDHeader
-func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) {
-	hdr := &RequestIDHeader{
-		next: next,
-		name: name,
-	}
-
-	if config == nil {
-		return nil, fmt.Errorf("config can not be nil")
-	}
-
-	if config.HeaderName == "" {
-		hdr.headerName = defaultHeaderName
-	} else {
-		hdr.headerName = config.HeaderName
-	}
-
-	return hdr, nil
-
-}
-
-func (r *RequestIDHeader) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
-	uuid := newUUID().String()
-
-	// header injection to backend service
-	req.Header.Add(r.headerName, uuid)
-
-	// header injection to client response
-	rw.Header().Add(r.headerName, uuid)
-
-	r.next.ServeHTTP(rw, req)
-}

api-gateway/plugins/src/git.pbiernat.dev/traefik/plugin-requestid/uuid.go

@@ -1,58 +0,0 @@
-// source: https://github.com/trinnylondon/traefik-add-trace-id/blob/master/rand-utils.go
-package plugin_requestid
-
-import (
-	"crypto/rand"
-	"encoding/hex"
-	"io"
-)
-
-var rander = rand.Reader // random function
-type UUID [16]byte
-
-func must(uuid UUID, err error) UUID {
-	if err != nil {
-		panic(err)
-	}
-	return uuid
-}
-
-func newUUID() UUID {
-	return must(newRandom())
-}
-
-func newRandom() (UUID, error) {
-	return newRandomFromReader(rander)
-}
-
-// newRandomFromReader returns a UUID based on bytes read from a given io.Reader.
-func newRandomFromReader(r io.Reader) (UUID, error) {
-	var uuid UUID
-	_, err := io.ReadFull(r, uuid[:])
-	if err != nil {
-		return UUID{}, err
-	}
-	uuid[6] = (uuid[6] & 0x0f) | 0x40 // Version 4
-	uuid[8] = (uuid[8] & 0x3f) | 0x80 // Variant is 10
-	return uuid, nil
-}
-
-// String returns the string form of uuid, xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
-// , or "" if uuid is invalid.
-func (uuid UUID) String() string {
-	var buf [36]byte
-	encodeHex(buf[:], uuid)
-	return string(buf[:])
-}
-
-func encodeHex(dst []byte, uuid UUID) {
-	hex.Encode(dst, uuid[:4])
-	dst[8] = '-'
-	hex.Encode(dst[9:13], uuid[4:6])
-	dst[13] = '-'
-	hex.Encode(dst[14:18], uuid[6:8])
-	dst[18] = '-'
-	hex.Encode(dst[19:23], uuid[8:10])
-	dst[23] = '-'
-	hex.Encode(dst[24:], uuid[10:])
-}