This repository has been archived by the owner on Dec 7, 2022. It is now read-only.
Improve global-sidecar request forwarding capabilities #47
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
YonkaFang
reviewed
Apr 19, 2022
YonkaFang
reviewed
Apr 19, 2022
cywang1905
force-pushed
the
master
branch
2 times, most recently
from
dc580b1
to
84a6744
Compare
cywang1905
changed the title
cywang1905
force-pushed
the
master
branch
2 times, most recently
from
3690966
to
70a905e
Compare
YonkaFang
reviewed
Apr 22, 2022
| @@ -95,19 +95,25 @@ spec: | |||
| serviceAccountName: global-sidecar | |||
| containers: | |||
| - name: global-sidecar | |||
| env: | |||
| - name: wormholePorts | |||
| value: {{ join ";" $f.wormholePort | quote }} | |||
There was a problem hiding this comment.
, joined items are more common
| @@ -95,19 +95,25 @@ spec: | |||
| serviceAccountName: global-sidecar | |||
| containers: | |||
| - name: global-sidecar | |||
| env: | |||
| - name: wormholePorts | |||
cmd/proxy/main.go
Outdated
|
|
||
| log "github.com/sirupsen/logrus" | ||
|
|
||
| "slime.io/slime/modules/lazyload/pkg/proxy" | ||
| ) | ||
|
|
||
| const WormholePorts = "wormholePorts" |
cmd/proxy/main.go
Outdated
| log.Println("Starting health check on :8080") | ||
| if err := http.ListenAndServe(":8080", handler); err != nil { | ||
| log.Println("Starting health check on :18080") | ||
| if err := http.ListenAndServe(":18080", handler); err != nil { |
There was a problem hiding this comment.
no hardcode. pass via env/config and etc...
There was a problem hiding this comment.
add env "PROBE_PORT", default 8080
cmd/proxy/main.go
Outdated
| log.Println("Starting proxy server on", *addr) | ||
| if err := http.ListenAndServe(*addr, handler); err != nil { | ||
| log.Fatal("ListenAndServe:", err) | ||
| p, err := strconv.Atoi(whPort) |
There was a problem hiding this comment.
prepare int ports in advance
pkg/proxy/http.go
Outdated
| @@ -72,7 +53,33 @@ func (p *Proxy) ServeHTTP(w http.ResponseWriter, req *http.Request) { | |||
| } | |||
| } | |||
| } | |||
| log.Infof("received request, reqHost: %s", reqHost) | |||
| log.Infof("proxy received request, reqHost: %s", reqHost) | |||
There was a problem hiding this comment.
Infof? debug or trace level
There was a problem hiding this comment.
change to debug level
cmd/proxy/main.go
Outdated
| } | ||
| handler := &proxy.Proxy{WormholePort: p} | ||
|
|
||
| addr := flag.String("addr"+strconv.Itoa(idx), "0.0.0.0:"+whPort, "The addr of the application.") |
pkg/proxy/http.go
Outdated
| origDestIp = reqHost | ||
| } | ||
| } | ||
| log.Infof("proxy forward request to: %s:%d", origDestIp, origDestPort) |
cmd/proxy/main.go
Outdated
| flag.Parse() | ||
|
|
||
| if idx != len(whPorts)-1 { | ||
| go handler.StartServer(addr) |
There was a problem hiding this comment.
only the last server failure will cause the app to exit?
There was a problem hiding this comment.
change, main func will exit when all web servers are closed
YonkaFang
reviewed
Apr 24, 2022
| @@ -95,19 +95,29 @@ spec: | |||
| serviceAccountName: global-sidecar | |||
| containers: | |||
| - name: global-sidecar | |||
| env: | |||
| - name: PROBE_PORT | |||
| value: {{ default 8080 $gs.probePort | quote }} | |||
There was a problem hiding this comment.
this default port value is very likely to conflict with business svc port. we should replace it with an uncommon one.
YonkaFang
reviewed
Apr 24, 2022
| livenessProbe: | ||
| failureThreshold: 3 | ||
| httpGet: | ||
| path: /healthz/live | ||
| port: 8080 | ||
| port: {{ default 8080 $gs.probePort }} |
There was a problem hiding this comment.
can we use a var to hold this and avoid writing it everywhere?
YonkaFang
approved these changes
Apr 24, 2022
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem Solved
Global-sidecar would calculate the destination address to be forwarded based on the request header "Slime-Orig-Dest" when forwarding the request previously. When the request header "Slime-Orig-Dest" is empty, forwarding is rejected.
This PR extends the use of the global-sidecar scenario. When the request header "Slime-Orig-Dest" is empty, global-sidecar uses the request.host and the port on which the global-sidecar accepts the request as the destinatiuon address. Then request forwards directly, without generating an accesslog metric.
* The picture is not accurate enough. Traffic forwarded by global-sidecar is routed through the sidecarProxy when it reaches the destination, unless traffic hijacking has been disabled.This allows business traffic to be directed to the global-sidecar for correct forwarding when there is a problem with some business sidecarProxy. This implies some sense of disaster recovery capability.
Notes
general.wormholePortdefines requests of which service ports should be forwarded, connected by ";"component.globalSidecar.replicascomponent.globalSidecar.resourcesUsage Example