Initial state of swapping to envoy from nginx, this isn't fully functional, still need to make the builder use it and need to get URL re-writing working.

2021-01-05 16:04:12 +00:00 · 2021-01-05 16:04:12 +00:00 · ead0d6756e
parent 36127ad6e6
commit ead0d6756e
4 changed files with 105 additions and 74 deletions
--- a/hosting/docker-compose.yaml
+++ b/hosting/docker-compose.yaml
@ -6,13 +6,13 @@ services:
    volumes: 
      - ./server:/app
    ports:
-      - "${APP_PORT}:${APP_PORT}"
+      - "${APP_PORT}:4002"
    environment:
      SELF_HOSTED: 1 
      COUCH_DB_URL: http://${COUCH_DB_USER}:${COUCH_DB_PASSWORD}@couchdb-service:5984
      BUDIBASE_ENVIRONMENT: ${BUDIBASE_ENVIRONMENT}
      LOGO_URL: ${LOGO_URL}
-      PORT: ${APP_PORT}
+      PORT: 4002
      HOSTING_URL: ${HOSTING_URL}
      MINIO_PORT: ${MINIO_PORT}
      JWT_SECRET: ${JWT_SECRET}
@ -22,19 +22,18 @@ services:
  worker-service:
    build: ./worker
    ports:
-      - "${WORKER_PORT}:${WORKER_PORT}"
+      - "${WORKER_PORT}:4003"
    environment:
      SELF_HOSTED: 1,
      DEPLOYMENT_API_KEY: ${WORKER_API_KEY}
-      PORT: ${WORKER_PORT}
+      PORT: 4003
      MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY}
      MINIO_SECRET_KEY: ${MINIO_SECRET_KEY}
-      RAW_MINIO_URL: http://nginx-service:5001
+      RAW_MINIO_URL: http://minio-service:9000
      COUCH_DB_USERNAME: ${COUCH_DB_USER}
      COUCH_DB_PASSWORD: ${COUCH_DB_PASSWORD}
      RAW_COUCH_DB_URL: http://couchdb-service:5984
    depends_on:
      - nginx-service
      - minio-service
      - couch-init
@ -54,14 +53,18 @@ services:
      timeout: 20s
      retries: 3
-  nginx-service:
+  proxy-service:
-    image: nginx:1.19.2-alpine
+    image: envoyproxy/envoy:v1.16-latest
    volumes:
-      - ./nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./envoy.yaml:/etc/envoy/envoy.yaml
    ports:
-      - "${MINIO_PORT}:5001"
+      - "${MAIN_PORT}:10000"
      - "9901:9901"
    depends_on:
      - minio-service
      - worker-service
      - app-service
      - couchdb-service
  couchdb-service:
    image: apache/couchdb:3.0
--- a/hosting/envoy.yaml
+++ b/hosting/envoy.yaml
@ -0,0 +1,91 @@
 admin:
  access_log_path: /tmp/admin_access.log
  address:
    socket_address: { address: 0.0.0.0, port_value: 9901 }
 static_resources:
  listeners:
  - name: main_listener
    address:
      socket_address: { address: 0.0.0.0, port_value: 10000 }
    filter_chains:
    - filters:
      - name: envoy.filters.network.http_connection_manager
        typed_config:
          "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
          stat_prefix: ingress_http
          codec_type: auto
          route_config:
            name: local_route
            virtual_hosts:
            - name: local_services
              domains: ["*"]
              routes:
              - match: { prefix: "/app" }
                route: { cluster: app-service }
              - match: { prefix: "/obj" }
                route: { cluster: minio-service }
              - match: { prefix: "/worker" }
                route: { cluster: worker-service }
              - match: { prefix: "/db" }
                route: { cluster: couchdb-service }
          http_filters:
          - name: envoy.filters.http.router
  clusters:
  - name: app-service
    connect_timeout: 0.25s
    type: strict_dns
    lb_policy: round_robin
    load_assignment:
      cluster_name: app-service
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address: 
                address: app-service
                port_value: 4002
  - name: minio-service
    connect_timeout: 0.25s
    type: strict_dns
    lb_policy: round_robin
    load_assignment:
      cluster_name: minio-service
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address:
                address: minio-service
                port_value: 9000
  - name: worker-service
    connect_timeout: 0.25s
    type: strict_dns
    lb_policy: round_robin
    load_assignment:
      cluster_name: worker-service
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address: 
                address: worker-service
                port_value: 4003
  - name: couchdb-service
    connect_timeout: 0.25s
    type: strict_dns
    lb_policy: round_robin
    load_assignment:
      cluster_name: couchdb-service
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address:
                address: couchdb-service
                port_value: 5984
--- a/hosting/hosting.properties
+++ b/hosting/hosting.properties
@ -6,6 +6,7 @@ WORKER_API_KEY=budibase
 BUDIBASE_ENVIRONMENT=PRODUCTION
 HOSTING_URL=http://localhost
 LOGO_URL=https://logoipsum.com/logo/logo-15.svg
 MAIN_PORT=10000
 APP_PORT=4002
 WORKER_PORT=4003
 MINIO_PORT=4004
--- a/hosting/nginx.conf
+++ b/hosting/nginx.conf
@ -1,64 +0,0 @@
 user  nginx;
 worker_processes  auto;
 error_log  /var/log/nginx/error.log warn;
 pid        /var/run/nginx.pid;
 events {
    worker_connections  1024;
 }
 http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  65;
    #gzip  on;
    # include /etc/nginx/conf.d/*.conf;
    upstream minio {
        # if adding more minio services to cluster add them here
        server minio-service:9000;
    }
    server {
        listen       5001;
        listen  [::]:5001;
        server_name  localhost;
         # To allow special characters in headers
         ignore_invalid_headers off;
         client_max_body_size 100m;
         # To disable buffering
         proxy_buffering off;
        location / {
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_connect_timeout 300;
            # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
            proxy_http_version 1.1;
            proxy_set_header Connection "";
            chunked_transfer_encoding off;
            proxy_pass http://minio;
        }
    }
 }