Merge pull request #135 from 3scale-ops/feat/add-scopedroutes

feat/scoped-routes

README.md

@@ -194,6 +194,11 @@ spec:
     routes:
       - name: route1
         value: {"name":"route1","virtual_hosts":[{"name":"vhost","domains":["*"],"routes":[{"match":{"prefix":"/"},"direct_response":{"status":200}}]}]}
+    # ScopedRoutes is a list of the Envoy Scoped Route resource type.
+    # API V3 reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/scoped_route.proto
+    scopedRoutes:
+      - name: scoped_route1
+        value: {"name":"scoped_route1","route_configuration_name":"route1","key":{"fragments":[{"string_key":"test"}]}}
     # Listeners is a list of the Envoy Listener resource type.
     # API V3 reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/listener/v3/listener.proto
     listeners:

apis/marin3r/v1alpha1/envoyconfig_types.go

@@ -94,6 +94,10 @@ type EnvoyResources struct {
 	// API V3 reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/route.proto
 	// +operator-sdk:csv:customresourcedefinitions:type=spec
 	Routes []EnvoyResource `json:"routes,omitempty"`
+	// ScopedRoutes is a list of the envoy ScopeRoute resource type.
+	// API V3 reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/scoped_route.proto
+	// +operator-sdk:csv:customresourcedefinitions:type=spec
+	ScopedRoutes []EnvoyResource `json:"scopedRoutes,omitempty"`
 	// Listeners is a list of the envoy Listener resource type.
 	// API V3 reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/listener/v3/listener.proto
 	// +operator-sdk:csv:customresourcedefinitions:type=spec

apis/marin3r/v1alpha1/envoyconfig_webhook.go

@@ -82,6 +82,12 @@ func (r *EnvoyConfig) ValidateResources() error {
 		}
 	}
 
+	for _, route := range r.Spec.EnvoyResources.ScopedRoutes {
+		if err := envoy_resources.Validate(route.Value, r.GetSerialization(), r.GetEnvoyAPIVersion(), envoy.ScopedRoute); err != nil {
+			errList = append(errList, err)
+		}
+	}
+
 	for _, listener := range r.Spec.EnvoyResources.Listeners {
 		if err := envoy_resources.Validate(listener.Value, r.GetSerialization(), r.GetEnvoyAPIVersion(), envoy.Listener); err != nil {
 			errList = append(errList, err)

apis/marin3r/v1alpha1/envoyconfigrevision_types.go

@@ -118,12 +118,13 @@ func (status *EnvoyConfigRevisionStatus) IsTainted() bool {
 // VersionTracker tracks the versions of the resources
 // that this revision publishes in the xDS server cache
 type VersionTracker struct {
-	Endpoints string `json:"endpoints,omitempty"`
-	Clusters  string `json:"clusters,omitempty"`
-	Routes    string `json:"routes,omitempty"`
-	Listeners string `json:"listeners,omitempty"`
-	Secrets   string `json:"secrets,omitempty"`
-	Runtimes  string `json:"runtimes,omitempty"`
+	Endpoints    string `json:"endpoints,omitempty"`
+	Clusters     string `json:"clusters,omitempty"`
+	Routes       string `json:"routes,omitempty"`
+	ScopedRoutes string `json:"scopedRoutes,omitempty"`
+	Listeners    string `json:"listeners,omitempty"`
+	Secrets      string `json:"secrets,omitempty"`
+	Runtimes     string `json:"runtimes,omitempty"`
 }
 
 // +kubebuilder:object:root=true

config/crd/bases/marin3r.3scale.net_envoyconfigrevisions.yaml

@@ -170,6 +170,25 @@ spec:
                       - value
                       type: object
                     type: array
+                  scopedRoutes:
+                    description: 'ScopedRoutes is a list of the envoy ScopeRoute resource
+                      type. API V3 reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/scoped_route.proto'
+                    items:
+                      description: EnvoyResource holds serialized representation of
+                        an envoy resource
+                      properties:
+                        name:
+                          description: Name of the envoy resource
+                          type: string
+                        value:
+                          description: Value is the serialized representation of the
+                            envoy resource
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
                   secrets:
                     description: Secrets is a list of references to Kubernetes Secret
                       objects.
@@ -287,6 +306,8 @@ spec:
                     type: string
                   runtimes:
                     type: string
+                  scopedRoutes:
+                    type: string
                   secrets:
                     type: string
                 type: object

config/crd/bases/marin3r.3scale.net_envoyconfigs.yaml

@@ -162,6 +162,25 @@ spec:
                       - value
                       type: object
                     type: array
+                  scopedRoutes:
+                    description: 'ScopedRoutes is a list of the envoy ScopeRoute resource
+                      type. API V3 reference: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/route/v3/scoped_route.proto'
+                    items:
+                      description: EnvoyResource holds serialized representation of
+                        an envoy resource
+                      properties:
+                        name:
+                          description: Name of the envoy resource
+                          type: string
+                        value:
+                          description: Value is the serialized representation of the
+                            envoy resource
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
                   secrets:
                     description: Secrets is a list of references to Kubernetes Secret
                       objects.

examples/e2e/deployment/envoyconfig.yaml

@@ -15,7 +15,7 @@ spec:
       - name: kuard
         value: |
           name: kuard
-          connect_timeout: 10ms
+          connect_timeout: 0.010s
           type: STRICT_DNS
           dns_lookup_family: V4_ONLY
           lb_policy: ROUND_ROBIN
@@ -29,17 +29,22 @@ spec:
                           address: kuard
                           port_value: 8080
     routes:
-      - name: local
+      - name: kuard
         value: |
-          name: local
+          name: kuard
           virtual_hosts:
             - name: all
               domains: ["*"]
               routes:
-                - match:
-                    prefix: "/"
-                  route:
-                    cluster: kuard
+                - { match: {prefix: "/"}, route: { cluster: "kuard" }}
+    scopedRoutes:
+      - name: scoped_route_kuard
+        value: |
+          name: scoped_route_kuard
+          route_configuration_name: kuard
+          key:
+            fragments:
+              - string_key: kuard
     listeners:
       - name: https
         value: |
@@ -59,7 +64,7 @@ spec:
                         "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
                         path: /dev/stdout
                   stat_prefix: ingress_http
-                  rds: { route_config_name: "local", config_source: { ads: {}, resource_api_version: "V3" }}
+                  rds: { route_config_name: "kuard", config_source: { ads: {}, resource_api_version: "V3" }}
                   http_filters:
                     - name: envoy.filters.http.router
               transport_socket:
@@ -70,3 +75,43 @@ spec:
                     tls_certificate_sds_secret_configs:
                       - name: kuard.default.svc
                         sds_config: { ads: {}, resource_api_version: "V3" }
+      - name: https-scoped
+        value: |
+          name: https-scoped
+          address:
+            socket_address:
+              address: 0.0.0.0
+              port_value: 8444
+          filter_chains:
+            - filters:
+                - name: envoy.filters.network.http_connection_manager
+                  typed_config:
+                    "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+                    access_log:
+                      - name: envoy.access_loggers.file
+                        typed_config:
+                          "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
+                          path: /dev/stdout
+                    stat_prefix: ingress_http
+                    scoped_routes:
+                      name: scoped
+                      scope_key_builder:
+                        fragments:
+                          - header_value_extractor:
+                              name: X-Route-Selector
+                              element_separator: ","
+                              element:
+                                separator: "="
+                                key: route
+                      rds_config_source: { ads: {}, resource_api_version: "V3" }
+                      scoped_rds: { scoped_rds_config_source: { ads: {}, resource_api_version: "V3" }}
+                    http_filters:
+                      - name: envoy.filters.http.router
+              transport_socket:
+                name: envoy.transport_sockets.tls
+                typed_config:
+                  "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext
+                  common_tls_context:
+                    tls_certificate_sds_secret_configs:
+                      - name: kuard.default.svc
+                        sds_config: { ads: {}, resource_api_version: "V3" }