Skip to content

Commit

Permalink
Initial example with petstore and Envoy
Browse files Browse the repository at this point in the history
  • Loading branch information
@Tarick
Tarick committed Sep 21, 2021
1 parent 4173c09 commit 21f6c9c
Show file tree
Hide file tree
Showing 4 changed files with 566 additions and 0 deletions.
19 changes: 19 additions & 0 deletions examples/petshop/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# Testing Envoy as Ingress

This directory provides local testing configuration with Envoy as frontend proxy and petshop application as a backend.

Envoy configuration is done accordingly to cut-off Petshop OpenAPI file with *x-kusk* extension configuration.

To run:

```shell
docker-compose up
```

Envoy frontend will be availlable on *localhost:8080* while backend could be reached on http://172.21.0.3:8080 .

To test:

```shell
curl -v -X GET 'http://localhost:8080/pets_prefix/api/v3/pet/1' -H 'accept: application/json'
```
29 changes: 29 additions & 0 deletions examples/petshop/docker-compose.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
version: "3.7"
services:

front-envoy:
container_name: front-envoy
image: envoyproxy/envoy-dev:latest
networks:
kusk-ingress:
ipv4_address: "172.21.0.2"
volumes:
- ./envoy-proxy.yaml:/etc/envoy/envoy.yaml
ports:
- "8080:8080"

petstore:
container_name: petstore
image: swaggerapi/petstore3:unstable
networks:
kusk-ingress:
ipv4_address: "172.21.0.3"


networks:
kusk-ingress:
name: "kusk-ingress"
ipam:
driver: default
config:
- subnet: 172.21.0.0/24
180 changes: 180 additions & 0 deletions examples/petshop/envoy-proxy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,180 @@
static_resources:
listeners:
- address:
socket_address:
address: 0.0.0.0
port_value: 8080
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
codec_type: AUTO
stat_prefix: ingress_http
http_filters:
- name: envoy.filters.http.local_ratelimit
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit
stat_prefix: http_local_rate_limiter
- name: envoy.filters.http.router
route_config:
name: local_route
virtual_hosts:
# Multiple backend services are possible given different domains
# Only unique values for domains are permitted
- name: backend
# Host here
domains:
- "*"
routes:
# GET "/petstore/api/v3/pet/findByStatus"
- match:
path: "/petstore/api/v3/pet/findByStatus"
# Matcher by headers, method is considered as one. Multiple name ":method" entries won't work
headers:
name: ":method"
string_match:
exact: "GET"
route:
regex_rewrite:
pattern:
google_re2: {}
regex: "/petstore/"
substitution: "/"
cluster: petstore
# PUT /petstore/api/v3/pet
- match:
path: "/petstore/api/v3/pet"
headers:
name: ":method"
string_match:
exact: "PUT"
route:
regex_rewrite:
pattern:
google_re2: {}
regex: "/petstore/"
substitution: "/"
cluster: petstore
# POST /petstore/api/v3/pet
- match:
path: "/petstore/api/v3/pet"
headers:
name: ":method"
string_match:
exact: "POST"
route:
regex_rewrite:
pattern:
google_re2: {}
regex: "/petstore/"
substitution: "/"
cluster: petstore
# GET /petstore/api/v3/pet​/{petId}
- match:
safe_regex:
google_re2: {}
# /pet​/{petId} - need to look at petId type for regex or generate generic one ([A-Za-z0-9])
regex: /petstore/api/v3/pet/(\d)+
headers:
name: ":method"
string_match:
exact: "GET"
route:
#TODO: test CORS, since petstore application provides it by itself and headers are replaced
cors:
allow_origin_string_match:
- safe_regex:
google_re2: {}
regex: ".*"
allow_methods: "GET,POST,OPTIONS"
allow_headers: "Content-Type"
expose_headers: "X-Custom-Header"
max_age: "86400"
# If not specified, the default timeout is 15s. A value of 0 will disable timeout (i.e. wait indefinitely). This timeout includes all retries.
# Seconds, otherwise (without "s" - nanoseconds)
timeout: "10s"
idle_timeout: "40s"
regex_rewrite:
pattern:
google_re2: {}
regex: "/petstore/"
substitution: "/"
cluster: petstore
# Rate limiting for this route
# Burst can be specified by max_tokens being bigger than tokens_per_fill
# Here we have burst 30 requests, with 10 rps refill
typed_per_filter_config:
envoy.filters.http.local_ratelimit:
"@type": type.googleapis.com/envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit
stat_prefix: http_local_rate_limiter
token_bucket:
max_tokens: 30
tokens_per_fill: 10
fill_interval: 1s
filter_enabled:
runtime_key: local_rate_limit_enabled
default_value:
numerator: 100
denominator: HUNDRED
filter_enforced:
runtime_key: local_rate_limit_enforced
default_value:
numerator: 100
denominator: HUNDRED
response_headers_to_add:
- append: false
header:
key: x-local-rate-limit
value: 'true'
- match:
# /pet​/{petId} - need to look at petId type for regex or generate generic one ([A-Za-z0-9])
safe_regex:
google_re2: {}
regex: /petstore/api/v3/pet/(\d)+
headers:
name: ":method"
string_match:
exact: "POST"
route:
prefix_rewrite: "/"
cluster: petstore
clusters:
- name: petstore
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: petstore
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: petstore
port_value: 8080
# - name: service2
# type: STRICT_DNS
# lb_policy: ROUND_ROBIN
# load_assignment:
# cluster_name: service2
# endpoints:
# - lb_endpoints:
# - endpoint:
# address:
# socket_address:
# address: service2
# port_value: 8000
admin:
address:
socket_address:
address: 0.0.0.0
port_value: 8001
layered_runtime:
layers:
- name: static_layer_0
static_layer:
envoy:
resource_limits:
listener:
example_listener_name:
connection_limit: 10000
Loading

0 comments on commit 21f6c9c

Please sign in to comment.