From 1575a9b3f7e7f475d4d5d8d1541f783948c0d398 Mon Sep 17 00:00:00 2001 From: Eddie Arrage Date: Wed, 21 Mar 2018 18:38:59 +0000 Subject: Added initial nginx services - Proxy allows ingress traffic to be sent to another element in service mesh - Mirroring is also in the default configuration - Default configuration is to proxy to a clover-server and mirror to snort-ids - A location_path (URI in HTTP requests) can be reconfigured to restrict proxing; default to '/' - A proxy_path can be reconfigured to specify an alternate destination - A mirror path can be reconfigured to specify where traffic will be spanned - The default server_port (listen port) for the proxy is 9180 but can be reconfigured - The default server_name is http-proxy but can be reconfigured - Reconfiguration is done over GRPC with jinja2 template for nginx - Currently snort ids sends alerts to proxy with stub code in GRPC - Refactored the code to have a nginx base with subservices - Proxy, Load Balancer (lb), and Server can share code - mainly GRPC server - Nginx subservices have separate docker builds - Improved build scripts for CI - Render yaml manifests dynamically - Improve nginx_client for runtime modifications (but not really useful yet) Change-Id: Icbff6890021bcc8a8da4690c9261205d6e1ca43a Signed-off-by: Eddie Arrage --- samples/services/nginx/yaml/manifest.template | 35 +++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 samples/services/nginx/yaml/manifest.template (limited to 'samples/services/nginx/yaml/manifest.template') diff --git a/samples/services/nginx/yaml/manifest.template b/samples/services/nginx/yaml/manifest.template new file mode 100644 index 0000000..ebd5392 --- /dev/null +++ b/samples/services/nginx/yaml/manifest.template @@ -0,0 +1,35 @@ +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ deploy_name }} + labels: + app: {{ deploy_name }} +spec: + template: + metadata: + labels: + app: {{ deploy_name }} + spec: + containers: + - name: {{ deploy_name }} + image: {{ image_path }}/{{ image_name }}:{{ image_tag }} + ports: + - containerPort: {{ grpc_port }} + - containerPort: {{ server_port }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ deploy_name }} + labels: + app: {{ deploy_name }} +spec: + ports: + - port: {{ grpc_port }} + name: grpc + - port: {{ server_port }} + name: http + selector: + app: {{ deploy_name }} +--- -- cgit 1.2.3-korg