Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(appmesh): add Virtual Gateways and Gateway Routes #10879

Merged
merged 42 commits into from
Oct 29, 2020
Merged
Show file tree
Hide file tree
Changes from 26 commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
5cab38c
Initial VGW commit
Sep 29, 2020
71ac7dd
Update with upstream changes
Oct 1, 2020
0cf538a
Add initial round of tests
Oct 2, 2020
1849af9
Fixes a bug with default paths on health checks
Oct 2, 2020
4e26790
Implements Gateway Routes
Oct 14, 2020
9c7dc48
Adds routeType to GatewayRouteBaseProps
Oct 14, 2020
0d47976
Update packages/@aws-cdk/aws-appmesh/lib/virtual-node.ts
dfezzie Oct 15, 2020
463f507
Reworks Gateway Routes to use bind classes for protocol spec variants
Oct 16, 2020
860a40a
Merge branch 'master' into gateway
Oct 16, 2020
d2c59bb
Adds addListener to VGW
Oct 16, 2020
4976d8f
Adds gateway listener protocol variant classes
Oct 16, 2020
ce2f325
Adds addListener method to IVirtualGateway
Oct 16, 2020
45690a9
Merge branch 'master' into gateway
Oct 21, 2020
2939e5c
Fixes some build issues
Oct 21, 2020
a242bfd
adds utility method to add multiple gateway routes to a VirtualGateway
Oct 21, 2020
a97a5c5
adds more tests to gateway routes
Oct 21, 2020
0016549
adds integ tests for gateway routes
Oct 21, 2020
5a54ab5
Updates README and adds tests for adding multiple gateway routes
Oct 21, 2020
2b36223
Merge branch 'master' into gateway
Oct 21, 2020
ca1d0b3
Apply suggestions from code review
dfezzie Oct 21, 2020
92dd147
refactor gateway route spec related code into a separate file
Oct 21, 2020
4c9a69c
add a newline between properties
Oct 21, 2020
214177c
do not export gateway listeners
Oct 21, 2020
93ded0e
removes fromResourceName methods and replaces it with fromResourceAtt…
Oct 22, 2020
b737de6
makes error message more specific for prefixPath
Oct 22, 2020
2689cc0
Merge branch 'master' into gateway
Oct 22, 2020
48900ef
Apply suggestions from code review
dfezzie Oct 26, 2020
1df5158
Merge branch 'master' into gateway
dfezzie Oct 26, 2020
bcd5425
Revert "removes fromResourceName methods and replaces it with fromRes…
Oct 26, 2020
94e79a8
Update README with requested changes
Oct 26, 2020
9cd6eb6
Addresses PR comments
Oct 26, 2020
14df61e
bind method for gateway listeners no longer returns raw cfn spec
Oct 26, 2020
b30faaf
uses inheritance for http2 gateway listener and removes fromName() me…
Oct 26, 2020
a86c57b
add protocol variant tests for gateway routes
Oct 26, 2020
4e432c2
addresses smaller changes from review
Oct 28, 2020
e550d53
moves gateway listener classes to separate file and adds health check…
Oct 28, 2020
7813bbc
removes addListener() methods from virtual gateways
Oct 28, 2020
8670dbd
removes the ListenerBase interface
Oct 28, 2020
c01eb4c
Merge branch 'master' into gateway
Oct 28, 2020
5efc195
remove validation for only having 1 listener on virtual gateways
Oct 29, 2020
1eda686
Merge branch 'master' into gateway
Oct 29, 2020
519fc23
Merge branch 'master' into gateway
skinny85 Oct 29, 2020
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
122 changes: 93 additions & 29 deletions packages/@aws-cdk/aws-appmesh/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -126,8 +126,6 @@ mesh.addVirtualService('virtual-service', {

A `virtual node` acts as a logical pointer to a particular task group, such as an Amazon ECS service or a Kubernetes deployment.

![Virtual node logical diagram](https://docs.aws.amazon.com/app-mesh/latest/userguide/images/virtual_node.png)

dfezzie marked this conversation as resolved.
Show resolved Hide resolved
When you create a `virtual node`, you must specify the DNS service discovery hostname for your task group. Any inbound traffic that your `virtual node` expects should be specified as a listener. Any outbound traffic that your `virtual node` expects to reach should be specified as a backend.

The response metadata for your new `virtual node` contains the Amazon Resource Name (ARN) that is associated with the `virtual node`. Set this value (either the full ARN or the truncated resource name) as the APPMESH_VIRTUAL_NODE_NAME environment variable for your task group's Envoy proxy container in your task definition or pod spec. For example, the value could be mesh/default/virtualNode/simpleapp. This is then mapped to the node.id and node.cluster Envoy parameters.
Expand All @@ -144,7 +142,6 @@ const namespace = new servicediscovery.PrivateDnsNamespace(this, 'test-namespace
const service = namespace.createService('Svc');

const node = mesh.addVirtualNode('virtual-node', {
dnsHostName: 'node-a',
cloudMapService: service,
listener: {
portMapping: {
Expand All @@ -170,7 +167,6 @@ Create a `VirtualNode` with the the constructor and add tags.
```typescript
const node = new VirtualNode(this, 'node', {
mesh,
dnsHostName: 'node-1',
skinny85 marked this conversation as resolved.
Show resolved Hide resolved
cloudMapService: service,
listener: {
portMapping: {
Expand All @@ -193,7 +189,7 @@ const node = new VirtualNode(this, 'node', {
cdk.Tag.add(node, 'Environment', 'Dev');
```

The listeners property can be left blank and added later with the `mesh.addListeners()` method. The `healthcheck` property is optional but if specifying a listener, the `portMappings` must contain at least one property.
The listeners property can be left blank and added later with the `node.addListeners()` method. The `healthcheck` property is optional but if specifying a listener, the `portMappings` must contain at least one property.

## Adding a Route

Expand Down Expand Up @@ -235,34 +231,102 @@ router.addRoute('route', {
});
```

Multiple routes may also be added at once to different applications or targets.
## Adding a Virtual Gateway

A `virtual gateway` allows resources outside your mesh to communicate to resources that are inside your mesh. The `virtual gateway` represents an Envoy proxy running in an Amazon ECS task, in a Kubernetes service, or on an Amazon EC2 instance. Unlike a `virtual node`, which represents an Envoy running with an application, a `virtual gateway` represents Envoy deployed by itself.
dfezzie marked this conversation as resolved.
Show resolved Hide resolved
dfezzie marked this conversation as resolved.
Show resolved Hide resolved

A `virtual gateway` is similar to a `virtual node` in that it has a `listener` that accepts traffic for a particular port and protocol (HTTP, HTTP2, GRPC). The traffic that the `virtual gateway` receives, is directed to other services in your mesh, using rules defined in `gateway routes` which can be added to your `virtual gateway`.

Create a `virtual gateway` with the constructor
dfezzie marked this conversation as resolved.
Show resolved Hide resolved

```typescript
ratingsRouter.addRoutes(
['route1', 'route2'],
[
{
routeTargets: [
{
virtualNode,
weight: 1,
},
],
prefix: `/path-to-app`,
routeType: RouteType.HTTP,
const gateway = new appmesh.VirtualGateway(stack, 'gateway', {
mesh: mesh,
listeners: [appmesh.VirtualGatewayListener.httpGatewayListener({
port: 443,
healthCheck: {
interval: cdk.Duration.seconds(10),
},
{
routeTargets: [
{
virtualNode: virtualNode2,
weight: 1,
})],
accessLog: appmesh.AccessLog.fromFilePath('/dev/stdout'),
virtualGatewayName: 'virtualGateway',
});
```

Add a `virtual gateway` directly to the mesh
dfezzie marked this conversation as resolved.
Show resolved Hide resolved

```typescript
const gateway = mesh.addVirtualGateway('gateway', {
accessLog: appmesh.AccessLog.fromFilePath('/dev/stdout'),
virtualGatewayName: 'virtualGateway',
listeners: [appmesh.VirtualGatewayListener.httpGatewayListener({
dfezzie marked this conversation as resolved.
Show resolved Hide resolved
port: 443,
healthCheck: {
interval: cdk.Duration.seconds(10),
},
})],
});
```

The `listeners` field can be omitted which will default to an HTTP Listener on port 8080. A `gateway route` can be added using the `gateway.addGatewayRoute()` method.

## Adding a Gateway Route

A `gateway route` is attached to a virtual gateway and routes traffic to an existing virtual service. If a route matches a request, it can distribute traffic to a target virtual service.

For `HTTP` based routes, the `match` field can be used to match on a route prefix. By default, an `HTTP` based route will match on `/`. All matches must start with a leading `/`.
dfezzie marked this conversation as resolved.
Show resolved Hide resolved

```typescript
gateway.addGatewayRoute('gateway-route-http', {
routeSpec: appmesh.GatewayRouteSpec.httpRouteSpec({
routeTarget: virtualService,
match: {
prefixMatch: '/',
},
}),
});
```

For `GRPC` based routes, the `match` field can be used to match on service names. You cannot omit the field, and must specify a match for these routes.

```typescript
gateway.addGatewayRoute('gateway-route-grpc', {
routeSpec: appmesh.GatewayRouteSpec.grpcRouteSpec({
routeTarget: virtualService,
match: {
serviceName: 'my-service.default.svc.cluster.local',
},
}),
});
```

Multiple gateway routes may also be added at route incoming traffic to different `virtual services`.

```typescript
// Add an HTTP Route
gateway.addGatewayRoutes([
dfezzie marked this conversation as resolved.
Show resolved Hide resolved
{
id: 'gateway-route',
props: {
routeSpec: appmesh.GatewayRouteSpec.httpRouteSpec({
routeTarget: virtualService,
}),
gatewayRouteName: 'gateway-route',
},
},
{
id: 'gateway-route2',
props: {
routeSpec: appmesh.GatewayRouteSpec.httpRouteSpec({
routeTarget: virtualService2,
match: {
prefixPath: '/echo',
},
],
prefix: `/path-to-app2`,
routeType: RouteType.HTTP,
}),
gatewayRouteName: 'gateway-route2',
},
]
);
},
]);
```

The number of `route ids` and `route targets` must match as each route needs to have a unique name per router.
The `id` field is the CloudFormation Logical ID for the new resource, and props are the configuration for the new route you are creating.
209 changes: 209 additions & 0 deletions packages/@aws-cdk/aws-appmesh/lib/gateway-route-spec.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,209 @@
import * as cdk from '@aws-cdk/core';
import { CfnGatewayRoute } from './appmesh.generated';
import { Protocol } from './shared-interfaces';
import { IVirtualService } from './virtual-service';

/**
* Properties specific for a GRPC GatewayRoute
*/
export interface GrpcRouteSpecProps {
/**
* The criterion for determining a request match for this GatewayRoute
*/
readonly match: GrpcGatewayRouteMatch;

/**
* The VirtualService this GatewayRoute directs traffic to
*/
readonly routeTarget: IVirtualService;
}

/**
* All Properties for GatewayRoute Specs
*/
export interface GatewayRouteSpecConfig {
/**
* The spec for an http gateway route
*
* @default - no http spec
*/
readonly httpSpecConfig?: CfnGatewayRoute.HttpGatewayRouteProperty;

/**
* The spec for an http2 gateway route
*
* @default - no http2 spec
*/
readonly http2SpecConfig?: CfnGatewayRoute.HttpGatewayRouteProperty;

/**
* The spec for a grpc gateway route
*
* @default - no grpc spec
*/
readonly grpcSpecConfig?: CfnGatewayRoute.GrpcGatewayRouteProperty;
}

/**
* Used to generate specs with different protocols for a GatewayRoute
*/
export abstract class GatewayRouteSpec {
/**
* Creates an HTTP Based GatewayRoute
*
* @param props - no http gateway route
*/
public static httpRouteSpec(props: HttpRouteSpecProps): GatewayRouteSpec {
return new HttpGatewayRouteSpec(props, Protocol.HTTP);
}

/**
* Creates an HTTP2 Based GatewayRoute
*
* @param props - no http2 gateway route
*/
public static http2RouteSpec(props: HttpRouteSpecProps): GatewayRouteSpec {
return new HttpGatewayRouteSpec(props, Protocol.HTTP2);
}

/**
* Creates an GRPC Based GatewayRoute
*
* @param props - no grpc gateway route
*/
public static grpcRouteSpec(props: GrpcRouteSpecProps): GatewayRouteSpec {
return new GrpcGatewayRouteSpec(props);
}

/**
* Called when the GatewayRouteSpec type is initialized. Can be used to enforce
* mutual exclusivity with future properties
*/
public abstract bind(scope: cdk.Construct): GatewayRouteSpecConfig;
}

class HttpGatewayRouteSpec extends GatewayRouteSpec {
/**
* The criterion for determining a request match for this GatewayRoute.
*
* @default - matches on '/'
*/
readonly match?: HttpGatewayRouteMatch;
/**
dfezzie marked this conversation as resolved.
Show resolved Hide resolved
* The VirtualService this GatewayRoute directs traffic to
*/
readonly routeTarget: IVirtualService;

/**
* Type of route you are creating
*/
readonly routeType: Protocol;

constructor(props: HttpRouteSpecProps, protocol: Protocol.HTTP | Protocol.HTTP2) {
super();
this.routeTarget = props.routeTarget;
this.routeType = protocol;
this.match = props.match;
}
dfezzie marked this conversation as resolved.
Show resolved Hide resolved

public bind(_scope: cdk.Construct): GatewayRouteSpecConfig {
const prefixPath = this.match ? this.match.prefixPath : '/';
if (prefixPath[0] != '/') {
throw new Error(`Prefix Path must start with \'/\', got: ${prefixPath}`);
}
const httpConfig: CfnGatewayRoute.HttpGatewayRouteProperty = {
match: {
prefix: prefixPath,
},
action: {
target: {
virtualService: {
virtualServiceName: this.routeTarget.virtualServiceName,
},
},
},
};
return {
httpSpecConfig: this.routeType === Protocol.HTTP ? httpConfig : undefined,
http2SpecConfig: this.routeType === Protocol.HTTP2 ? httpConfig : undefined,
};
}
}

class GrpcGatewayRouteSpec extends GatewayRouteSpec {
/**
* The criterion for determining a request match for this GatewayRoute.
*
* @default - no default
*/

dfezzie marked this conversation as resolved.
Show resolved Hide resolved
readonly match: GrpcGatewayRouteMatch;
/**
dfezzie marked this conversation as resolved.
Show resolved Hide resolved
* The VirtualService this GatewayRoute directs traffic to
*/
readonly routeTarget: IVirtualService;

constructor(props: GrpcRouteSpecProps) {
super();
this.match = props.match;
this.routeTarget = props.routeTarget;
}

public bind(_scope: cdk.Construct): GatewayRouteSpecConfig {
return {
grpcSpecConfig: {
action: {
target: {
virtualService: {
virtualServiceName: this.routeTarget.virtualServiceName,
},
},
},
match: {
serviceName: this.match.serviceName,
},
},
};
}
}

/**
* The criterion for determining a request match for this GatewayRoute
*/
export interface HttpGatewayRouteMatch {
/**
* Specifies the path to match requests with.
* This parameter must always start with /, which by itself matches all requests to the virtual service name.
* You can also match for path-based routing of requests. For example, if your virtual service name is my-service.local
* and you want the route to match requests to my-service.local/metrics, your prefix should be /metrics.
*
*/
readonly prefixPath: string;
}

/**
* The criterion for determining a request match for this GatewayRoute
*/
export interface GrpcGatewayRouteMatch {
/**
* The fully qualified domain name for the service to match from the request
*/
readonly serviceName: string;
}

/**
* Properties specific for HTTP Based GatewayRoutes
*/
export interface HttpRouteSpecProps {
dfezzie marked this conversation as resolved.
Show resolved Hide resolved
/**
* The criterion for determining a request match for this GatewayRoute
*
* @default - matches on '/'
*/
readonly match?: HttpGatewayRouteMatch;

/**
* The VirtualService this GatewayRoute directs traffic to
*/
readonly routeTarget: IVirtualService;
}
Loading