-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tag header based routing #6036
Tag header based routing #6036
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -30,6 +30,8 @@ import ( | |
netv1alpha1 "knative.dev/serving/pkg/apis/networking/v1alpha1" | ||
"knative.dev/serving/pkg/apis/serving" | ||
servingv1 "knative.dev/serving/pkg/apis/serving/v1" | ||
"knative.dev/serving/pkg/network" | ||
"knative.dev/serving/pkg/reconciler/route/config" | ||
"knative.dev/serving/pkg/reconciler/route/domains" | ||
"knative.dev/serving/pkg/reconciler/route/resources/labels" | ||
"knative.dev/serving/pkg/reconciler/route/resources/names" | ||
|
@@ -99,6 +101,8 @@ func MakeIngressSpec( | |
rules := make([]netv1alpha1.IngressRule, 0, len(names)) | ||
challengeHosts := getChallengeHosts(acmeChallenges) | ||
|
||
networkConfig := config.FromContext(ctx).Network | ||
|
||
for _, name := range names { | ||
visibilities := []netv1alpha1.IngressVisibility{netv1alpha1.IngressVisibilityClusterLocal} | ||
// If this is a public target (or not being marked as cluster-local), we also make public rule. | ||
|
@@ -111,6 +115,33 @@ func MakeIngressSpec( | |
return netv1alpha1.IngressSpec{}, err | ||
} | ||
rule := *makeIngressRule([]string{domain}, r.Namespace, visibility, targets[name]) | ||
if networkConfig.TagHeaderBasedRouting { | ||
if rule.HTTP.Paths[0].AppendHeaders == nil { | ||
rule.HTTP.Paths[0].AppendHeaders = make(map[string]string) | ||
} | ||
|
||
if name == traffic.DefaultTarget { | ||
// To provide a information if a request is routed via the "default route" or not, | ||
// the header "Knative-Serving-Default-Route: true" is appended here. | ||
// If the header has "true" and there is a "Knative-Serving-Tag" header, | ||
// then the request is having the undefined tag header, which will be observed in queue-proxy. | ||
rule.HTTP.Paths[0].AppendHeaders[network.DefaultRouteHeaderName] = "true" | ||
// Add ingress paths for a request with the tag header. | ||
// If a request has one of the `names`(tag name) except the default path, | ||
// the request will be routed via one of the ingress paths, corresponding to the tag name. | ||
rule.HTTP.Paths = append( | ||
makeTagBasedRoutingIngressPaths(r.Namespace, targets, names), rule.HTTP.Paths...) | ||
} else { | ||
// If a request is routed by a tag-attached hostname instead of the tag header, | ||
// the request may not have the tag header "Knative-Serving-Tag", | ||
// even though the ingress path used in the case is also originated | ||
// from the same Knative route with the ingress path for the tag based routing. | ||
// | ||
// To prevent such inconsistency, | ||
// the tag header is appended with the tag corresponding to the tag-attached hostname | ||
rule.HTTP.Paths[0].AppendHeaders[network.TagHeaderName] = name | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. It would be also helpful to explain why we append header here. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Resolved. |
||
} | ||
} | ||
// If this is a public rule, we need to configure ACME challenge paths. | ||
if visibility == netv1alpha1.IngressVisibilityExternalIP { | ||
rule.HTTP.Paths = append( | ||
|
@@ -173,6 +204,32 @@ func makeACMEIngressPaths(challenges map[string]netv1alpha1.HTTP01Challenge, dom | |
} | ||
|
||
func makeIngressRule(domains []string, ns string, visibility netv1alpha1.IngressVisibility, targets traffic.RevisionTargets) *netv1alpha1.IngressRule { | ||
return &netv1alpha1.IngressRule{ | ||
Hosts: domains, | ||
Visibility: visibility, | ||
HTTP: &netv1alpha1.HTTPIngressRuleValue{ | ||
Paths: []netv1alpha1.HTTPIngressPath{ | ||
*makeBaseIngressPath(ns, targets), | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
func makeTagBasedRoutingIngressPaths(ns string, targets map[string]traffic.RevisionTargets, names []string) []netv1alpha1.HTTPIngressPath { | ||
paths := make([]netv1alpha1.HTTPIngressPath, 0, len(names)) | ||
|
||
for _, name := range names { | ||
if name != traffic.DefaultTarget { | ||
path := makeBaseIngressPath(ns, targets[name]) | ||
path.Headers = map[string]netv1alpha1.HeaderMatch{network.TagHeaderName: {Exact: name}} | ||
paths = append(paths, *path) | ||
} | ||
} | ||
|
||
return paths | ||
} | ||
|
||
func makeBaseIngressPath(ns string, targets traffic.RevisionTargets) *netv1alpha1.HTTPIngressPath { | ||
// Optimistically allocate |targets| elements. | ||
splits := make([]netv1alpha1.IngressBackendSplit, 0, len(targets)) | ||
for _, t := range targets { | ||
|
@@ -196,14 +253,8 @@ func makeIngressRule(domains []string, ns string, visibility netv1alpha1.Ingress | |
}) | ||
} | ||
|
||
return &netv1alpha1.IngressRule{ | ||
Hosts: domains, | ||
Visibility: visibility, | ||
HTTP: &netv1alpha1.HTTPIngressRuleValue{ | ||
Paths: []netv1alpha1.HTTPIngressPath{{ | ||
Splits: splits, | ||
// TODO(lichuqiang): #2201, plumbing to config timeout and retries. | ||
}}, | ||
}, | ||
return &netv1alpha1.HTTPIngressPath{ | ||
Splits: splits, | ||
// TODO(lichuqiang): #2201, plumbing to config timeout and retries. | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It would be helpful to add some comments about what this ingress path is used for.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Resolved.