commit | 5c1ff59e641902185adff83fefd5954abe9a4490 | [log] [tgz] |
---|---|---|
author | Kit Chan <kichan@apache.org> | Mon Aug 10 17:37:45 2020 -0700 |
committer | GitHub <noreply@github.com> | Mon Aug 10 17:37:45 2020 -0700 |
tree | 18a936ab9fc2f875f838e7d2c3ad25b0cbff9503 | |
parent | ca13bf07a8fa50c6ad846fa9325147f39121fb32 [diff] |
Create ingress log directory (#41)
Apache Traffic Server (ATS) is a high performance, open-source, caching proxy server that is scalable and configurable. This project uses ATS as a Kubernetes(K8s) ingress
From high-level, the ingress controller talks to K8s' API and sets up watchers
on specific resources that are interesting to ATS. Then, the controller controls ATS by either(1) relay the information from K8s API to ATS, or (2) configure ATS directly.
To install Docker, visit its official page and install the correct version for your system.
The walkthrough uses Minikube to guide you through the setup process. Visit the official Minikube page to install Minikube.
If you are cloning this project for development, visit Setting up Go-Lang for detailed guide on how to develop projects in Go.
For other purposes, you can use git clone
or directly download repository to your computer.
Once you have cloned the project repo and started Docker and Minikube, in the terminal:
$ eval $(minikube docker-env)
$ cd trafficserver-ingress-controller
$ git submodule update --init
$ docker build -t ats_alpine .
$ docker build -t tsexporter k8s/backend/trafficserver_exporter/
$ docker build -t node-app-1 k8s/backend/node-app-1/
$ docker build -t node-app-2 k8s/backend/node-app-2/
$ docker pull fluent/fluentd:v1.6-debian-1
$ kubectl create namespace trafficserver-test
$ openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout tls.key -out tls.crt -subj "/CN=atssvc/O=atssvc"
$ kubectl create secret tls tls-secret --key tls.key --cert tls.crt -n trafficserver-test --dry-run=client -o yaml | kubectl apply -f -
$ kubectl apply -f k8s/configmaps/fluentd-configmap.yaml
$ kubectl apply -f k8s/traffic-server/
trafficserver-test
and deploy a single ATS pod to said namespace. The ATS pod is also where the ingress controller lives.The following steps can be executed in any order, thus list numbers are not used.
$ kubectl apply -f k8s/apps/
trafficserver-test-2
and trafficserver-test-3
if not already existappsvc1
and appsvc2
appsvc1
, and appsvc2
pods in trafficserver-test-2
, totally 4 pods in said namespace.appsvc1
, and appsvc2
pods in trafficserver-test-3
, totally 4 pods in this namespace. We now have 8 pods in total for the 2 services we have created and deployed in the 2 namespaces.$ kubectl apply -f k8s/ingresses/
trafficserver-test-2
and trafficserver-test-3
if not already existtrafficserver-test-2
and trafficserver-test-3
trafficserver-test-2
defines domain name test.media.com
with /app1
and /app2
as its pathstest.edge.com
; however, test.edge.com/app1
is only defined in trafficserver-test-2
and test.edge.com/app2
is only defined in trafficserver-test-3
test.edge.com/app2
in namespace trafficserver-test-3
When both steps above have executed at least once, ATS proxying will have started to work. To see proxy in action, we can use curl:
$ curl -vH "HOST:test.media.com" "$(minikube ip):30000/app1"
$ curl -vH "HOST:test.media.com" "$(minikube ip):30000/app2"
$ curl -vH "HOST:test.edge.com" "$(minikube ip):30000/app1"
$ curl -vH "HOST:test.edge.com" "$(minikube ip):30000/app2"
$ curl -vH "HOST:test.edge.com" -k "https://$(minikube ip):30043/app2"
Below is an example of configuring Apache Traffic Server reloadable configurations using kubernetes configmap resource:
$ kubectl apply -f k8s/configmaps/ats-configmap.yaml
trafficserver-test
with the annotation "ats-configmap":"true"
if not already existproxy.config.output.logfile.rolling_enabled: "1"
proxy.config.output.logfile.rolling_interval_sec: "3000"
proxy.config.restart.active_client_threshold: "0"
You can attach ATS lua script to an ingress object and ATS will execute it for requests matching the routing rules defined in the ingress object. See an example in annotation section of yaml file here
You can provide an environment variable called INGRESS_CLASS
in the deployment to specify the ingress class. Only ingress object with annotation kubernetes.io/ingress.class
with value equal to the environment variable value will be used by ATS for routing
This project ships with Fluentd already integrated with the Apache Traffic Server. The configuration file used for the same can be found here
As can be seen from the default configuration file, Fluentd reads the Apache Traffic Server access logs located at /usr/local/var/log/trafficserver/squid.log
and outputs them to stdout
. The ouput plugin for Fluentd can be changed to send the logs to any desired location supported by Fluentd including Elasticsearch, Kafka, MongoDB etc. You can read more about output plugins here.
Use the following steps to install Prometheus and Grafana and use them to monitor the Apache Traffic Server statistics.
$ kubectl apply -f k8s/prometheus/ats-stats.yaml
$ kubectl apply -f k8s/configmaps/prometheus-configmap.yaml
$ kubectl apply -f k8s/prometheus/prometheus-deployment.yaml
x.x.x.x:30090
in your web browser to access Prometheus where x.x.x.x
is the IP returned by the command: $ minikube ip
x.x.x.x:30030
in your web browser to access the Grafana dashboard where x.x.x.x
is the IP returned by the command: $ minikube ip
.admin:admin
localhost:9090
as the URL trafficserver_responses_total
and press Shift + Enter. go
command to your PATH: export PATH=$PATH:/usr/local/go/bin
export GOPATH=$(go env GOPATH)
export PATH=$PATH:$(go env GOPATH)/bin
mkdir -p $GOPATH/src/github.com/
cd $GOPATH/src/github.com/
git clone <project>
go.mod
within Go paths, you must export: export GO111MODULE=on
to be able to compile locally.To compile, type: go build -o ingress_ats main/main.go
The project includes unit tests for the controller written in Golang and the plugin written in Lua.
To run the Golang unit tests: go test ./watcher/ && go test ./redis/
The Lua unit tests use busted
for testing. busted
can be installed using luarocks
:luarocks install busted
. More information on how to install busted is available here.
:warning: Note that the project uses Lua 5.1 version
To run the Lua unit tests:
cd pluginats
busted connect_redis_test.lua
The repository comes with basic support for both vscode and vim
.
If you're using vscode
:
.vscode/settings.json
contains some basic settings for whitespaces and tabs.vscode/extensions.json
contains a few recommended extensions for this project. It is highly recommended to install the Go extension since it contains the code lint this project used during development.If you're using vim
, a vimrc
file with basic whitespace and tab configurations is also provided