summaryrefslogtreecommitdiffstats
path: root/samples/services/nginx/docker/grpc
diff options
context:
space:
mode:
authorEddie Arrage <eddie.arrage@huawei.com>2018-03-21 18:38:59 +0000
committerEddie Arrage <eddie.arrage@huawei.com>2018-03-30 01:22:37 +0000
commit1575a9b3f7e7f475d4d5d8d1541f783948c0d398 (patch)
tree6c663149df632258e41a5d961079a9236d42a7a8 /samples/services/nginx/docker/grpc
parent9f3d87d798cf04c243e82d284a7dc4f7b3ec5c1a (diff)
Added initial nginx services
- Proxy allows ingress traffic to be sent to another element in service mesh - Mirroring is also in the default configuration - Default configuration is to proxy to a clover-server and mirror to snort-ids - A location_path (URI in HTTP requests) can be reconfigured to restrict proxing; default to '/' - A proxy_path can be reconfigured to specify an alternate destination - A mirror path can be reconfigured to specify where traffic will be spanned - The default server_port (listen port) for the proxy is 9180 but can be reconfigured - The default server_name is http-proxy but can be reconfigured - Reconfiguration is done over GRPC with jinja2 template for nginx - Currently snort ids sends alerts to proxy with stub code in GRPC - Refactored the code to have a nginx base with subservices - Proxy, Load Balancer (lb), and Server can share code - mainly GRPC server - Nginx subservices have separate docker builds - Improved build scripts for CI - Render yaml manifests dynamically - Improve nginx_client for runtime modifications (but not really useful yet) Change-Id: Icbff6890021bcc8a8da4690c9261205d6e1ca43a Signed-off-by: Eddie Arrage <eddie.arrage@huawei.com>
Diffstat (limited to 'samples/services/nginx/docker/grpc')
-rwxr-xr-xsamples/services/nginx/docker/grpc/build_proto.sh11
-rw-r--r--samples/services/nginx/docker/grpc/nginx.proto51
-rw-r--r--samples/services/nginx/docker/grpc/nginx_client.py87
-rw-r--r--samples/services/nginx/docker/grpc/nginx_grpc_server.py142
-rw-r--r--samples/services/nginx/docker/grpc/nginx_pb2.py360
-rw-r--r--samples/services/nginx/docker/grpc/nginx_pb2_grpc.py97
-rw-r--r--samples/services/nginx/docker/grpc/templates/lb.template82
-rw-r--r--samples/services/nginx/docker/grpc/templates/proxy.template85
-rw-r--r--samples/services/nginx/docker/grpc/templates/server.template71
9 files changed, 986 insertions, 0 deletions
diff --git a/samples/services/nginx/docker/grpc/build_proto.sh b/samples/services/nginx/docker/grpc/build_proto.sh
new file mode 100755
index 0000000..a98080a
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/build_proto.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+#
+# Copyright (c) Authors of Clover
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+
+python -m grpc_tools.protoc -I./ --python_out=. --grpc_python_out=. nginx.proto
diff --git a/samples/services/nginx/docker/grpc/nginx.proto b/samples/services/nginx/docker/grpc/nginx.proto
new file mode 100644
index 0000000..3779a82
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/nginx.proto
@@ -0,0 +1,51 @@
+// Copyright (c) Authors of Clover
+//
+// All rights reserved. This program and the accompanying materials
+// are made available under the terms of the Apache License, Version 2.0
+// which accompanies this distribution, and is available at
+// http://www.apache.org/licenses/LICENSE-2.0
+
+syntax = "proto3";
+
+package nginx;
+
+// The controller service definition.
+service Controller {
+
+ rpc ModifyProxy (ConfigProxy) returns (NginxReply) {}
+ rpc ModifyServer (ConfigServer) returns (NginxReply) {}
+ rpc ModifyLB (ConfigLB) returns (NginxReply) {}
+ rpc ProcessAlerts (AlertMessage) returns (NginxReply) {}
+}
+
+message AlertMessage {
+ string event_id = 1;
+ string redis_key = 2;
+}
+
+message ConfigProxy {
+ string server_port = 1;
+ string server_name = 2;
+ string location_path = 3;
+ string proxy_path = 4;
+ string mirror_path = 5;
+}
+
+message ConfigServer {
+ string server_port = 1;
+ string server_name = 2;
+ string site_root = 3;
+ string site_index = 4;
+}
+
+message ConfigLB {
+ string server_port = 1;
+ string server_name = 2;
+ string slb_list = 3;
+ string slb_group = 4;
+ string lb_path = 5;
+}
+
+message NginxReply {
+ string message = 1;
+}
diff --git a/samples/services/nginx/docker/grpc/nginx_client.py b/samples/services/nginx/docker/grpc/nginx_client.py
new file mode 100644
index 0000000..dfefb08
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/nginx_client.py
@@ -0,0 +1,87 @@
+# Copyright (c) Authors of Clover
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+
+from __future__ import print_function
+from kubernetes import client, config
+
+import grpc
+import argparse
+import pickle
+
+import nginx_pb2
+import nginx_pb2_grpc
+
+
+def run(args):
+ # get pod ip for grpc
+ pod_ip = get_podip(args['service_name'])
+ if pod_ip == '':
+ return "Cant find service with name: {}".format(args['service_name'])
+ nginx_grpc = pod_ip + ':50054'
+ channel = grpc.insecure_channel(nginx_grpc)
+ stub = nginx_pb2_grpc.ControllerStub(channel)
+
+ # modify config
+ if args['service_type'] == 'lb':
+ modify_lb(stub)
+ elif args['service_type'] == 'proxy':
+ modify_proxy(stub)
+ elif args['service_type'] == 'server':
+ modify_server(stub)
+ else:
+ return "Invalid service type: {}".format(args['service_type'])
+ return "Modification complete"
+
+
+def get_podip(pod_name):
+ config.load_kube_config()
+ v1 = client.CoreV1Api()
+ ret = v1.list_pod_for_all_namespaces(watch=False)
+ ip = ''
+ for i in ret.items:
+ if i.metadata.name.lower().find(pod_name.lower()) != -1:
+ print(i.status.pod_ip)
+ ip = i.status.pod_ip
+ return str(ip)
+
+
+def modify_proxy(stub):
+ response = stub.ModifyProxy(nginx_pb2.ConfigProxy(
+ server_port='9180', server_name='http-proxy',
+ location_path='/', proxy_path='http://clover-server:9180',
+ mirror_path='http://snort-ids:80'))
+ print(response.message)
+
+
+def modify_server(stub):
+ response = stub.ModifyServer(nginx_pb2.ConfigServer(
+ server_port='9180', server_name='clover-server',
+ site_root='/var/www/html', site_index='index.nginx-debian.html'))
+ print(response.message)
+
+
+def modify_lb(stub):
+ slb_list = pickle.dumps(
+ ['clover-server1', 'clover-server2', 'clover-server3'])
+ response = stub.ModifyLB(nginx_pb2.ConfigLB(
+ server_port='9188', server_name='http-lb',
+ slb_list=slb_list,
+ slb_group='cloverlb', lb_path='/'))
+ print(response.message)
+
+
+if __name__ == '__main__':
+ parser = argparse.ArgumentParser()
+ parser.add_argument(
+ '--service_type', required=True,
+ help='The service to reconfigure')
+ parser.add_argument(
+ '--service_name', required=True,
+ help='The service to reconfigure')
+
+ args = parser.parse_args()
+ print(run(vars(args)))
diff --git a/samples/services/nginx/docker/grpc/nginx_grpc_server.py b/samples/services/nginx/docker/grpc/nginx_grpc_server.py
new file mode 100644
index 0000000..6f2de0f
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/nginx_grpc_server.py
@@ -0,0 +1,142 @@
+# Copyright (c) Authors of Clover
+#
+# All rights reserved. This program and the accompanying materials
+# are made available under the terms of the Apache License, Version 2.0
+# which accompanies this distribution, and is available at
+# http://www.apache.org/licenses/LICENSE-2.0
+
+
+from concurrent import futures
+import time
+import sys
+import grpc
+import subprocess
+import pickle
+import logging
+import nginx_pb2
+import nginx_pb2_grpc
+
+from jinja2 import Template
+
+_ONE_DAY_IN_SECONDS = 60 * 60 * 24
+GRPC_PORT = '[::]:50054'
+
+
+class Controller(nginx_pb2_grpc.ControllerServicer):
+
+ def __init__(self, service_type):
+ logging.basicConfig(filename='nginx.log', level=logging.DEBUG)
+ self.service_type = service_type
+ self.out_file = '/etc/nginx/nginx.conf'
+ # self.out_file = 'testfile'
+ if service_type == "proxy":
+ # self.template_file = 'templates/proxy.template'
+ self.template_file = '/grpc/templates/proxy.template'
+ self.ModifyProxy(nginx_pb2.ConfigProxy(
+ server_port='9180', server_name='http-proxy',
+ location_path='/', proxy_path='http://clover-server:9180',
+ mirror_path='http://snort-ids:80'), "")
+ if service_type == "server":
+ # self.template_file = 'templates/server.template'
+ self.template_file = '/grpc/templates/server.template'
+ self.ModifyServer(nginx_pb2.ConfigServer(
+ server_port='9180', server_name='clover-server',
+ site_root='/var/www/html',
+ site_index='index.nginx-debian.html'), "")
+ if service_type == "lb":
+ # self.template_file = 'templates/lb.template'
+ self.template_file = '/grpc/templates/lb.template'
+ slb_list = pickle.dumps(
+ ['clover-server1', 'clover-server2', 'clover-server3'])
+ self.ModifyLB(nginx_pb2.ConfigLB(
+ server_port='9180', server_name='http-lb',
+ slb_list=slb_list,
+ slb_group='cloverlb', lb_path='/'), "")
+
+ def ModifyProxy(self, r, context):
+ try:
+ with open(self.template_file) as f:
+ tmpl = Template(f.read())
+ output = tmpl.render(
+ server_port=r.server_port,
+ server_name=r.server_name,
+ location_path=r.location_path,
+ proxy_path=r.proxy_path,
+ mirror_path=r.mirror_path
+ )
+ with open(self.out_file, "wb") as fh:
+ fh.write(output)
+ msg = "Modified nginx config"
+ self.RestartNginx()
+ except Exception as e:
+ logging.debug(e)
+ msg = "Failed to modify nginx config"
+ return nginx_pb2.NginxReply(message=msg)
+
+ def ModifyServer(self, r, context):
+ try:
+ with open(self.template_file) as f:
+ tmpl = Template(f.read())
+ output = tmpl.render(
+ server_port=r.server_port,
+ server_name=r.server_name,
+ site_root=r.site_root,
+ site_index=r.site_index
+ )
+ with open(self.out_file, "wb") as fh:
+ fh.write(output)
+ msg = "Modified nginx config"
+ self.RestartNginx()
+ except Exception as e:
+ logging.debug(e)
+ msg = "Failed to modify nginx config"
+ return nginx_pb2.NginxReply(message=msg)
+
+ def ModifyLB(self, r, context):
+ try:
+ with open(self.template_file) as f:
+ tmpl = Template(f.read())
+ output = tmpl.render(
+ server_port=r.server_port,
+ server_name=r.server_name,
+ slb_list=pickle.loads(r.slb_list),
+ slb_group=r.slb_group,
+ lb_path=r.lb_path
+ )
+ with open(self.out_file, "wb") as fh:
+ fh.write(output)
+ msg = "Modified nginx config"
+ self.RestartNginx()
+ except Exception as e:
+ logging.debug(e)
+ msg = "Failed to modify nginx config"
+ return nginx_pb2.NginxReply(message=msg)
+
+ def RestartNginx(self):
+ subprocess.Popen(
+ ["service nginx restart"], shell=True)
+
+ def ProcessAlerts(self, request, context):
+ try:
+ msg = "Processed alert"
+ except Exception as e:
+ logging.debug(e)
+ msg = "Failed to process alert"
+ return nginx_pb2.NginxReply(message=msg)
+
+
+def serve(service_type):
+ server = grpc.server(futures.ThreadPoolExecutor(max_workers=10))
+ nginx_pb2_grpc.add_ControllerServicer_to_server(
+ Controller(service_type), server)
+ server.add_insecure_port(GRPC_PORT)
+ server.start()
+ try:
+ while True:
+ time.sleep(_ONE_DAY_IN_SECONDS)
+ except KeyboardInterrupt:
+ server.stop(0)
+
+
+if __name__ == '__main__':
+ serve(sys.argv[1])
diff --git a/samples/services/nginx/docker/grpc/nginx_pb2.py b/samples/services/nginx/docker/grpc/nginx_pb2.py
new file mode 100644
index 0000000..3600b6d
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/nginx_pb2.py
@@ -0,0 +1,360 @@
+# Generated by the protocol buffer compiler. DO NOT EDIT!
+# source: nginx.proto
+
+import sys
+_b=sys.version_info[0]<3 and (lambda x:x) or (lambda x:x.encode('latin1'))
+from google.protobuf import descriptor as _descriptor
+from google.protobuf import message as _message
+from google.protobuf import reflection as _reflection
+from google.protobuf import symbol_database as _symbol_database
+from google.protobuf import descriptor_pb2
+# @@protoc_insertion_point(imports)
+
+_sym_db = _symbol_database.Default()
+
+
+
+
+DESCRIPTOR = _descriptor.FileDescriptor(
+ name='nginx.proto',
+ package='nginx',
+ syntax='proto3',
+ serialized_pb=_b('\n\x0bnginx.proto\x12\x05nginx\"3\n\x0c\x41lertMessage\x12\x10\n\x08\x65vent_id\x18\x01 \x01(\t\x12\x11\n\tredis_key\x18\x02 \x01(\t\"w\n\x0b\x43onfigProxy\x12\x13\n\x0bserver_port\x18\x01 \x01(\t\x12\x13\n\x0bserver_name\x18\x02 \x01(\t\x12\x15\n\rlocation_path\x18\x03 \x01(\t\x12\x12\n\nproxy_path\x18\x04 \x01(\t\x12\x13\n\x0bmirror_path\x18\x05 \x01(\t\"_\n\x0c\x43onfigServer\x12\x13\n\x0bserver_port\x18\x01 \x01(\t\x12\x13\n\x0bserver_name\x18\x02 \x01(\t\x12\x11\n\tsite_root\x18\x03 \x01(\t\x12\x12\n\nsite_index\x18\x04 \x01(\t\"j\n\x08\x43onfigLB\x12\x13\n\x0bserver_port\x18\x01 \x01(\t\x12\x13\n\x0bserver_name\x18\x02 \x01(\t\x12\x10\n\x08slb_list\x18\x03 \x01(\t\x12\x11\n\tslb_group\x18\x04 \x01(\t\x12\x0f\n\x07lb_path\x18\x05 \x01(\t\"\x1d\n\nNginxReply\x12\x0f\n\x07message\x18\x01 \x01(\t2\xeb\x01\n\nController\x12\x36\n\x0bModifyProxy\x12\x12.nginx.ConfigProxy\x1a\x11.nginx.NginxReply\"\x00\x12\x38\n\x0cModifyServer\x12\x13.nginx.ConfigServer\x1a\x11.nginx.NginxReply\"\x00\x12\x30\n\x08ModifyLB\x12\x0f.nginx.ConfigLB\x1a\x11.nginx.NginxReply\"\x00\x12\x39\n\rProcessAlerts\x12\x13.nginx.AlertMessage\x1a\x11.nginx.NginxReply\"\x00\x62\x06proto3')
+)
+
+
+
+
+_ALERTMESSAGE = _descriptor.Descriptor(
+ name='AlertMessage',
+ full_name='nginx.AlertMessage',
+ filename=None,
+ file=DESCRIPTOR,
+ containing_type=None,
+ fields=[
+ _descriptor.FieldDescriptor(
+ name='event_id', full_name='nginx.AlertMessage.event_id', index=0,
+ number=1, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='redis_key', full_name='nginx.AlertMessage.redis_key', index=1,
+ number=2, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ ],
+ extensions=[
+ ],
+ nested_types=[],
+ enum_types=[
+ ],
+ options=None,
+ is_extendable=False,
+ syntax='proto3',
+ extension_ranges=[],
+ oneofs=[
+ ],
+ serialized_start=22,
+ serialized_end=73,
+)
+
+
+_CONFIGPROXY = _descriptor.Descriptor(
+ name='ConfigProxy',
+ full_name='nginx.ConfigProxy',
+ filename=None,
+ file=DESCRIPTOR,
+ containing_type=None,
+ fields=[
+ _descriptor.FieldDescriptor(
+ name='server_port', full_name='nginx.ConfigProxy.server_port', index=0,
+ number=1, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='server_name', full_name='nginx.ConfigProxy.server_name', index=1,
+ number=2, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='location_path', full_name='nginx.ConfigProxy.location_path', index=2,
+ number=3, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='proxy_path', full_name='nginx.ConfigProxy.proxy_path', index=3,
+ number=4, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='mirror_path', full_name='nginx.ConfigProxy.mirror_path', index=4,
+ number=5, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ ],
+ extensions=[
+ ],
+ nested_types=[],
+ enum_types=[
+ ],
+ options=None,
+ is_extendable=False,
+ syntax='proto3',
+ extension_ranges=[],
+ oneofs=[
+ ],
+ serialized_start=75,
+ serialized_end=194,
+)
+
+
+_CONFIGSERVER = _descriptor.Descriptor(
+ name='ConfigServer',
+ full_name='nginx.ConfigServer',
+ filename=None,
+ file=DESCRIPTOR,
+ containing_type=None,
+ fields=[
+ _descriptor.FieldDescriptor(
+ name='server_port', full_name='nginx.ConfigServer.server_port', index=0,
+ number=1, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='server_name', full_name='nginx.ConfigServer.server_name', index=1,
+ number=2, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='site_root', full_name='nginx.ConfigServer.site_root', index=2,
+ number=3, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='site_index', full_name='nginx.ConfigServer.site_index', index=3,
+ number=4, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ ],
+ extensions=[
+ ],
+ nested_types=[],
+ enum_types=[
+ ],
+ options=None,
+ is_extendable=False,
+ syntax='proto3',
+ extension_ranges=[],
+ oneofs=[
+ ],
+ serialized_start=196,
+ serialized_end=291,
+)
+
+
+_CONFIGLB = _descriptor.Descriptor(
+ name='ConfigLB',
+ full_name='nginx.ConfigLB',
+ filename=None,
+ file=DESCRIPTOR,
+ containing_type=None,
+ fields=[
+ _descriptor.FieldDescriptor(
+ name='server_port', full_name='nginx.ConfigLB.server_port', index=0,
+ number=1, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='server_name', full_name='nginx.ConfigLB.server_name', index=1,
+ number=2, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='slb_list', full_name='nginx.ConfigLB.slb_list', index=2,
+ number=3, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='slb_group', full_name='nginx.ConfigLB.slb_group', index=3,
+ number=4, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ _descriptor.FieldDescriptor(
+ name='lb_path', full_name='nginx.ConfigLB.lb_path', index=4,
+ number=5, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ ],
+ extensions=[
+ ],
+ nested_types=[],
+ enum_types=[
+ ],
+ options=None,
+ is_extendable=False,
+ syntax='proto3',
+ extension_ranges=[],
+ oneofs=[
+ ],
+ serialized_start=293,
+ serialized_end=399,
+)
+
+
+_NGINXREPLY = _descriptor.Descriptor(
+ name='NginxReply',
+ full_name='nginx.NginxReply',
+ filename=None,
+ file=DESCRIPTOR,
+ containing_type=None,
+ fields=[
+ _descriptor.FieldDescriptor(
+ name='message', full_name='nginx.NginxReply.message', index=0,
+ number=1, type=9, cpp_type=9, label=1,
+ has_default_value=False, default_value=_b("").decode('utf-8'),
+ message_type=None, enum_type=None, containing_type=None,
+ is_extension=False, extension_scope=None,
+ options=None, file=DESCRIPTOR),
+ ],
+ extensions=[
+ ],
+ nested_types=[],
+ enum_types=[
+ ],
+ options=None,
+ is_extendable=False,
+ syntax='proto3',
+ extension_ranges=[],
+ oneofs=[
+ ],
+ serialized_start=401,
+ serialized_end=430,
+)
+
+DESCRIPTOR.message_types_by_name['AlertMessage'] = _ALERTMESSAGE
+DESCRIPTOR.message_types_by_name['ConfigProxy'] = _CONFIGPROXY
+DESCRIPTOR.message_types_by_name['ConfigServer'] = _CONFIGSERVER
+DESCRIPTOR.message_types_by_name['ConfigLB'] = _CONFIGLB
+DESCRIPTOR.message_types_by_name['NginxReply'] = _NGINXREPLY
+_sym_db.RegisterFileDescriptor(DESCRIPTOR)
+
+AlertMessage = _reflection.GeneratedProtocolMessageType('AlertMessage', (_message.Message,), dict(
+ DESCRIPTOR = _ALERTMESSAGE,
+ __module__ = 'nginx_pb2'
+ # @@protoc_insertion_point(class_scope:nginx.AlertMessage)
+ ))
+_sym_db.RegisterMessage(AlertMessage)
+
+ConfigProxy = _reflection.GeneratedProtocolMessageType('ConfigProxy', (_message.Message,), dict(
+ DESCRIPTOR = _CONFIGPROXY,
+ __module__ = 'nginx_pb2'
+ # @@protoc_insertion_point(class_scope:nginx.ConfigProxy)
+ ))
+_sym_db.RegisterMessage(ConfigProxy)
+
+ConfigServer = _reflection.GeneratedProtocolMessageType('ConfigServer', (_message.Message,), dict(
+ DESCRIPTOR = _CONFIGSERVER,
+ __module__ = 'nginx_pb2'
+ # @@protoc_insertion_point(class_scope:nginx.ConfigServer)
+ ))
+_sym_db.RegisterMessage(ConfigServer)
+
+ConfigLB = _reflection.GeneratedProtocolMessageType('ConfigLB', (_message.Message,), dict(
+ DESCRIPTOR = _CONFIGLB,
+ __module__ = 'nginx_pb2'
+ # @@protoc_insertion_point(class_scope:nginx.ConfigLB)
+ ))
+_sym_db.RegisterMessage(ConfigLB)
+
+NginxReply = _reflection.GeneratedProtocolMessageType('NginxReply', (_message.Message,), dict(
+ DESCRIPTOR = _NGINXREPLY,
+ __module__ = 'nginx_pb2'
+ # @@protoc_insertion_point(class_scope:nginx.NginxReply)
+ ))
+_sym_db.RegisterMessage(NginxReply)
+
+
+
+_CONTROLLER = _descriptor.ServiceDescriptor(
+ name='Controller',
+ full_name='nginx.Controller',
+ file=DESCRIPTOR,
+ index=0,
+ options=None,
+ serialized_start=433,
+ serialized_end=668,
+ methods=[
+ _descriptor.MethodDescriptor(
+ name='ModifyProxy',
+ full_name='nginx.Controller.ModifyProxy',
+ index=0,
+ containing_service=None,
+ input_type=_CONFIGPROXY,
+ output_type=_NGINXREPLY,
+ options=None,
+ ),
+ _descriptor.MethodDescriptor(
+ name='ModifyServer',
+ full_name='nginx.Controller.ModifyServer',
+ index=1,
+ containing_service=None,
+ input_type=_CONFIGSERVER,
+ output_type=_NGINXREPLY,
+ options=None,
+ ),
+ _descriptor.MethodDescriptor(
+ name='ModifyLB',
+ full_name='nginx.Controller.ModifyLB',
+ index=2,
+ containing_service=None,
+ input_type=_CONFIGLB,
+ output_type=_NGINXREPLY,
+ options=None,
+ ),
+ _descriptor.MethodDescriptor(
+ name='ProcessAlerts',
+ full_name='nginx.Controller.ProcessAlerts',
+ index=3,
+ containing_service=None,
+ input_type=_ALERTMESSAGE,
+ output_type=_NGINXREPLY,
+ options=None,
+ ),
+])
+_sym_db.RegisterServiceDescriptor(_CONTROLLER)
+
+DESCRIPTOR.services_by_name['Controller'] = _CONTROLLER
+
+# @@protoc_insertion_point(module_scope)
diff --git a/samples/services/nginx/docker/grpc/nginx_pb2_grpc.py b/samples/services/nginx/docker/grpc/nginx_pb2_grpc.py
new file mode 100644
index 0000000..2b36fc0
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/nginx_pb2_grpc.py
@@ -0,0 +1,97 @@
+# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT!
+import grpc
+
+import nginx_pb2 as nginx__pb2
+
+
+class ControllerStub(object):
+ """The controller service definition.
+ """
+
+ def __init__(self, channel):
+ """Constructor.
+
+ Args:
+ channel: A grpc.Channel.
+ """
+ self.ModifyProxy = channel.unary_unary(
+ '/nginx.Controller/ModifyProxy',
+ request_serializer=nginx__pb2.ConfigProxy.SerializeToString,
+ response_deserializer=nginx__pb2.NginxReply.FromString,
+ )
+ self.ModifyServer = channel.unary_unary(
+ '/nginx.Controller/ModifyServer',
+ request_serializer=nginx__pb2.ConfigServer.SerializeToString,
+ response_deserializer=nginx__pb2.NginxReply.FromString,
+ )
+ self.ModifyLB = channel.unary_unary(
+ '/nginx.Controller/ModifyLB',
+ request_serializer=nginx__pb2.ConfigLB.SerializeToString,
+ response_deserializer=nginx__pb2.NginxReply.FromString,
+ )
+ self.ProcessAlerts = channel.unary_unary(
+ '/nginx.Controller/ProcessAlerts',
+ request_serializer=nginx__pb2.AlertMessage.SerializeToString,
+ response_deserializer=nginx__pb2.NginxReply.FromString,
+ )
+
+
+class ControllerServicer(object):
+ """The controller service definition.
+ """
+
+ def ModifyProxy(self, request, context):
+ # missing associated documentation comment in .proto file
+ pass
+ context.set_code(grpc.StatusCode.UNIMPLEMENTED)
+ context.set_details('Method not implemented!')
+ raise NotImplementedError('Method not implemented!')
+
+ def ModifyServer(self, request, context):
+ # missing associated documentation comment in .proto file
+ pass
+ context.set_code(grpc.StatusCode.UNIMPLEMENTED)
+ context.set_details('Method not implemented!')
+ raise NotImplementedError('Method not implemented!')
+
+ def ModifyLB(self, request, context):
+ # missing associated documentation comment in .proto file
+ pass
+ context.set_code(grpc.StatusCode.UNIMPLEMENTED)
+ context.set_details('Method not implemented!')
+ raise NotImplementedError('Method not implemented!')
+
+ def ProcessAlerts(self, request, context):
+ # missing associated documentation comment in .proto file
+ pass
+ context.set_code(grpc.StatusCode.UNIMPLEMENTED)
+ context.set_details('Method not implemented!')
+ raise NotImplementedError('Method not implemented!')
+
+
+def add_ControllerServicer_to_server(servicer, server):
+ rpc_method_handlers = {
+ 'ModifyProxy': grpc.unary_unary_rpc_method_handler(
+ servicer.ModifyProxy,
+ request_deserializer=nginx__pb2.ConfigProxy.FromString,
+ response_serializer=nginx__pb2.NginxReply.SerializeToString,
+ ),
+ 'ModifyServer': grpc.unary_unary_rpc_method_handler(
+ servicer.ModifyServer,
+ request_deserializer=nginx__pb2.ConfigServer.FromString,
+ response_serializer=nginx__pb2.NginxReply.SerializeToString,
+ ),
+ 'ModifyLB': grpc.unary_unary_rpc_method_handler(
+ servicer.ModifyLB,
+ request_deserializer=nginx__pb2.ConfigLB.FromString,
+ response_serializer=nginx__pb2.NginxReply.SerializeToString,
+ ),
+ 'ProcessAlerts': grpc.unary_unary_rpc_method_handler(
+ servicer.ProcessAlerts,
+ request_deserializer=nginx__pb2.AlertMessage.FromString,
+ response_serializer=nginx__pb2.NginxReply.SerializeToString,
+ ),
+ }
+ generic_handler = grpc.method_handlers_generic_handler(
+ 'nginx.Controller', rpc_method_handlers)
+ server.add_generic_rpc_handlers((generic_handler,))
diff --git a/samples/services/nginx/docker/grpc/templates/lb.template b/samples/services/nginx/docker/grpc/templates/lb.template
new file mode 100644
index 0000000..4866408
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/templates/lb.template
@@ -0,0 +1,82 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+
+events {
+ worker_connections 768;
+ # multi_accept on;
+}
+
+http {
+
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+ # server_tokens off;
+
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ ##
+ # SSL Settings
+ ##
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+ ssl_prefer_server_ciphers on;
+
+ ##
+ # Logging Settings
+ ##
+
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ ##
+ # Gzip Settings
+ ##
+
+ gzip on;
+ gzip_disable "msie6";
+
+ # gzip_vary on;
+ # gzip_proxied any;
+ # gzip_comp_level 6;
+ # gzip_buffers 16 8k;
+ # gzip_http_version 1.1;
+ # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+ ##
+ # Virtual Host Configs
+ ##
+
+ include /etc/nginx/conf.d/*.conf;
+ #include /etc/nginx/sites-enabled/*;
+
+ upstream {{ slb_group }} {
+ {%- for item in slb_list %}
+ server {{ item }};
+ {%- endfor %}
+ }
+
+ server {
+ listen {{ server_port }};
+ server_name {{ server_name }};
+
+ location {{ lb_path }} {
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_pass http://{{ slb_group }};
+ }
+
+ }
+
+}
+
diff --git a/samples/services/nginx/docker/grpc/templates/proxy.template b/samples/services/nginx/docker/grpc/templates/proxy.template
new file mode 100644
index 0000000..72d611e
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/templates/proxy.template
@@ -0,0 +1,85 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+
+events {
+ worker_connections 768;
+ # multi_accept on;
+}
+
+http {
+
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+ # server_tokens off;
+
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ ##
+ # SSL Settings
+ ##
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+ ssl_prefer_server_ciphers on;
+
+ ##
+ # Logging Settings
+ ##
+
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ ##
+ # Gzip Settings
+ ##
+
+ gzip on;
+ gzip_disable "msie6";
+
+ # gzip_vary on;
+ # gzip_proxied any;
+ # gzip_comp_level 6;
+ # gzip_buffers 16 8k;
+ # gzip_http_version 1.1;
+ # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+ ##
+ # Virtual Host Configs
+ ##
+
+ include /etc/nginx/conf.d/*.conf;
+ #include /etc/nginx/sites-enabled/*;
+
+ server {
+ listen {{ server_port }};
+ server_name {{ server_name }};
+
+ location {{ location_path }} {
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_pass {{ proxy_path }};
+
+ post_action @post_ids;
+ }
+
+ location @post_ids {
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_pass {{ mirror_path }};
+ }
+
+ }
+
+}
+
diff --git a/samples/services/nginx/docker/grpc/templates/server.template b/samples/services/nginx/docker/grpc/templates/server.template
new file mode 100644
index 0000000..b5f8f1f
--- /dev/null
+++ b/samples/services/nginx/docker/grpc/templates/server.template
@@ -0,0 +1,71 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+
+events {
+ worker_connections 768;
+ # multi_accept on;
+}
+
+http {
+
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+ # server_tokens off;
+
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ ##
+ # SSL Settings
+ ##
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+ ssl_prefer_server_ciphers on;
+
+ ##
+ # Logging Settings
+ ##
+
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ ##
+ # Gzip Settings
+ ##
+
+ gzip on;
+ gzip_disable "msie6";
+
+ # gzip_vary on;
+ # gzip_proxied any;
+ # gzip_comp_level 6;
+ # gzip_buffers 16 8k;
+ # gzip_http_version 1.1;
+ # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+ ##
+ # Virtual Host Configs
+ ##
+
+ include /etc/nginx/conf.d/*.conf;
+ #include /etc/nginx/sites-enabled/*;
+
+ server {
+ listen {{ server_port }};
+ server_name {{ server_name }};
+
+ root {{ site_root }};
+ index {{ site_index }};
+ }
+
+}
+