Merge branch 'main' into kylehodgetts/envoy-deployment

.dockerignore

@@ -0,0 +1,9 @@
+.git
+.gitignore
+bin/
+docs/
+examples/
+deploy/
+*.md
+.idea
+.vscode

.gitignore

@@ -15,5 +15,11 @@ bin
 # Dependency directories (remove the comment below to include it)
 # vendor/
 /.idea/
+.vscode/
 
-.vscode/
+.env
+
+# Binary file if built to the root
+kusk-gateway
+.vscode/
+testbin/

Dockerfile

@@ -10,12 +10,10 @@ COPY go.sum go.sum
 RUN go mod download
 
 # Copy the go source
-COPY main.go main.go
-COPY api/ api/
-COPY controllers/ controllers/
+COPY . .
 
 # Build
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go
+RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/root/go/pkg CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -v -o manager main.go
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details

Makefile

@@ -1,6 +1,6 @@
 
 # Image URL to use all building/pushing image targets
-IMG ?= controller:latest
+IMG ?= k3d-reg:5000/kusk-gateway:latest
 # Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
 CRD_OPTIONS ?= "crd:trivialVersions=true,preserveUnknownFields=false"
 
@@ -63,8 +63,8 @@ build: generate fmt vet ## Build manager binary.
 run: manifests generate fmt vet ## Run a controller from your host.
 	go run ./main.go
 
-docker-build: test ## Build docker image with the manager.
-	docker build -t ${IMG} .
+docker-build: ## Build docker image with the manager.
+	DOCKER_BUILDKIT=1 docker build -t ${IMG} .
 
 docker-push: ## Push docker image with the manager.
 	docker push ${IMG}

config/manager/kustomization.yaml

@@ -12,5 +12,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 images:
 - name: controller
-  newName: controller
+  newName: k3d-reg:5000/kusk-gateway
   newTag: latest

development/.env.example

@@ -0,0 +1,4 @@
+# Put here any variables, shared betwee all ports
+COMPOSE_PROJECT_NAME=kusk-gateway
+GO_CONTROL_PLANE_ADDRESS=kusk-gateway
+GO_CONTROL_PLANE_PORT=18000

development/README.md

@@ -0,0 +1,48 @@
+# Local development with Envoy, Kusk-gateway and OpenAPI files
+
+This directory provides local development configuration with kusk-gatway, Envoy as frontend proxy and petstore application as a backend.
+
+There are 1 petstore application and 1 front-envoy.
+
+Preliminary steps:
+
+```shell
+# From the project root
+cp development/.env.example ./.env
+```
+
+For the development change PROJECT_ROOT/.env file to point GO_CONTROL_PLANE_ADDRESS and GO_CONTROL_PLANE_PORT variables to ip address and port your kusk-gateway is listening on.
+This will allow Envoy instance to connect to your application in IDE.
+
+Front-envoy will generate configuration from envoy.yaml.tmpl with "default" Envoy cluster name and Node ID based on ENVOY_CLUSTER + HOSTNAME.
+
+Kusk-gateway will consume OpenAPI file, passed with "--in" parameter and will switch to "local" mode that will skip Kubernetes connection.
+
+Once Front Envoy starts, it will connect to kusk-gateway with GRPC with its NodeID and Cluster ("default") fields specified and kusk-gateway will provide generated configuration.
+
+To run:
+
+```shell
+# From the project root
+docker-compose up
+```
+
+Envoy frontends will be available on *http://172.21.0.5:8080* (Cluster1) and *http://172.21.0.6:8080* (Cluster2) while backend (petstore app) could be reached on http://172.21.0.3:8080 .
+
+On MacOS, the frontends are available on *http://localhost:8080* (Cluster1) and *http://localhost:8081* (Cluster2)
+
+Envoy management interface is available on *http://172.21.0.5:19000*,  *http://172.21.0.6:19000*, there one can verify what configuration it has in config_dump.
+
+On MacOS, the Envoy management interface is available on *http://localhost:19000* and *http://localhost:19001*  
+
+To test (depends on configured variables in your OpenAPI file):
+
+```shell
+# Linux
+curl -v -X GET 'http://172.21.0.5:8080/api/v3/pet/findByStatus?status=available' -H 'accept: application/json'
+
+# MacOS
+curl -v -X GET 'http://localhost:8080/api/v3/pet/findByStatus?status=available' -H 'accept: application/json'
+```
+
+For the convenience you can use provided petshop-openapi-short-with-kusk.yaml file in this directory.

development/envoy/Dockerfile

@@ -0,0 +1,13 @@
+FROM envoyproxy/envoy-dev:latest
+# Disable dpkg prompts
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt update -y -qq&& \
+    apt install -y curl && \
+    curl --silent -Lk -o /usr/local/bin/gomplate https://github.com/hairyhenderson/gomplate/releases/download/v3.10.0/gomplate_linux-amd64 &&\
+    chmod 755 /usr/local/bin/gomplate && \
+    apt clean -y &&\
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+COPY docker-entrypoint.sh /
+ENTRYPOINT [ "/docker-entrypoint.sh" ]
+CMD ["envoy", "-c" ,"/etc/envoy/envoy.yaml"]

development/envoy/docker-entrypoint.sh

@@ -0,0 +1,44 @@
+#!/usr/bin/env sh
+set -e
+
+loglevel="${loglevel:-}"
+USERID=$(id -u)
+
+# If present /etc/envoy/envoy.yaml.tmpl - generate config /etc/envoy/envoy.yaml from it.
+# Fail if any vars are not resolved.
+TEMPLATE_FILE="/etc/envoy/envoy.yaml.tmpl"
+CONFIG_FILE="/etc/envoy/envoy.yaml"
+if [ -f "${TEMPLATE_FILE}" ]; then
+    echo "Found $TEMPLATE_FILE, generating $CONFIG_FILE from it"
+    gomplate --file "${TEMPLATE_FILE}" --out "${CONFIG_FILE}" || {
+        echo "ERROR running gomplate, failing"
+        exit 1
+    }
+    echo "Finished generating $CONFIG_FILE"
+fi
+
+# if the first argument look like a parameter (i.e. start with '-'), run Envoy
+if [ "${1#-}" != "$1" ]; then
+    set -- envoy "$@"
+fi
+
+if [ "$1" = 'envoy' ]; then
+    # set the log level if the $loglevel variable is set
+    if [ -n "$loglevel" ]; then
+        set -- "$@" --log-level "$loglevel"
+    fi
+fi
+
+if [ "$ENVOY_UID" != "0" ] && [ "$USERID" = 0 ]; then
+    if [ -n "$ENVOY_UID" ]; then
+        usermod -u "$ENVOY_UID" envoy
+    fi
+    if [ -n "$ENVOY_GID" ]; then
+        groupmod -g "$ENVOY_GID" envoy
+    fi
+    # Ensure the envoy user is able to write to container logs
+    chown envoy:envoy /dev/stdout /dev/stderr
+    exec su-exec envoy "${@}"
+else
+    exec "${@}"
+fi

development/envoy/envoy.yaml.tmpl

@@ -0,0 +1,42 @@
+node:
+  cluster: {{ .Env.ENVOY_CLUSTER_ID }}
+  id: {{ .Env.ENVOY_CLUSTER_ID }}-{{ .Env.HOSTNAME }}
+
+dynamic_resources:
+  ads_config:
+    api_type: GRPC
+    transport_api_version: V3
+    grpc_services:
+    - envoy_grpc:
+        cluster_name: xds_cluster
+  cds_config:
+    resource_api_version: V3
+    ads: {}
+  lds_config:
+    resource_api_version: V3
+    ads: {}
+
+static_resources:
+  clusters:
+  - type: STRICT_DNS
+    typed_extension_protocol_options:
+      envoy.extensions.upstreams.http.v3.HttpProtocolOptions:
+        "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions
+        explicit_http_config:
+          http2_protocol_options: {}
+    name: xds_cluster
+    load_assignment:
+      cluster_name: xds_cluster
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: {{ .Env.GO_CONTROL_PLANE_ADDRESS }}
+                port_value: {{ .Env.GO_CONTROL_PLANE_PORT }}
+
+admin:
+  address:
+    socket_address:
+      address: 0.0.0.0
+      port_value: 19000