def _add_route(config, domains, route, enable_ssl_redirect):
route_name = routes_manager.get_name(route)
logs.info(f'adding route to nginx config: {route_name}')
logs.debug_verbose(config=config,
domains=domains,
route=route,
enable_ssl_redirect=enable_ssl_redirect)
backend_url = routes_manager.get_backend_url(route)
frontend_hostname = routes_manager.get_frontend_hostname(route)
print(f'F/B = {frontend_hostname} {backend_url}')
root_domain, sub_domain = routes_manager.get_domain_parts(route)
domains.setdefault(root_domain, []).append(sub_domain)
# if route['spec'].get('extra-no-dns-subdomains'):
# extra_hostnames = ',' + ','.join([f'{s}.{root_domain}' for s in route['spec']['extra-no-dns-subdomains']])
# else:
extra_hostnames = ''
logs.debug_verbose(route_name=route_name,
backend_url=backend_url,
frontend_hostname=frontend_hostname,
root_domain=root_domain,
sub_domain=sub_domain,
domains=domains,
extra_hostnames=extra_hostnames)
if backend_url:
raise NotImplementedError()
def update(router_name, wait_ready, spec, annotations, routes, dry_run=False):
logs.debug(f'updating nginx router: {router_name}')
logs.debug_verbose(router_name=router_name, spec=spec, routes=routes)
return nginx_deployment.update(router_name,
wait_ready,
spec,
annotations,
routes,
dry_run=dry_run)
def _add_route(config, domains, route, enable_ssl_redirect):
route_name = routes_manager.get_name(route)
logs.info(f'adding route to traefik config: {route_name}')
logs.debug_verbose(config=config,
domains=domains,
route=route,
enable_ssl_redirect=enable_ssl_redirect)
backend_url = routes_manager.get_backend_url(route)
frontend_hostname = routes_manager.get_frontend_hostname(route)
print(f'F/B = {frontend_hostname} {backend_url}')
root_domain, sub_domain = routes_manager.get_domain_parts(route)
domains.setdefault(root_domain, []).append(sub_domain)
if route['spec'].get('extra-no-dns-subdomains'):
extra_hostnames = ',' + ','.join([
f'{s}.{root_domain}'
for s in route['spec']['extra-no-dns-subdomains']
])
else:
extra_hostnames = ''
logs.debug_verbose(route_name=route_name,
backend_url=backend_url,
frontend_hostname=frontend_hostname,
root_domain=root_domain,
sub_domain=sub_domain,
domains=domains,
extra_hostnames=extra_hostnames)
if backend_url:
config['backends'][route_name] = {
'servers': {
'server1': {
'url': backend_url
}
}
}
config['frontends'][route_name] = {
'backend':
route_name,
'passHostHeader':
True,
'headers': {
'SSLRedirect': bool(enable_ssl_redirect)
},
'routes': {
'route1': {
'rule': f'Host:{frontend_hostname}{extra_hostnames}'
}
},
**({
'auth': {
'basic': {
'usersFile':
'/httpauth-' + route['spec']['httpauth-secret'] + '/.htpasswd'
}
}
} if route['spec'].get('httpauth-secret') else {}),
}
def list(router_labels):
routes = kubectl.get_items_by_labels('CkanCloudRoute', router_labels, required=False)
logs.debug_verbose(router_labels=router_labels, routes=routes)
_routes = []
if routes:
for route in routes:
route = get_module(route).get_route(route)
logs.debug_verbose(route=route)
_routes.append(route)
return _routes
def _init_router(router_name, router_values=None, required=False):
router = kubectl.get(f'CkanCloudRouter {router_name}', required=required) if not router_values else router_values
if router:
spec = router['spec']
router_type = spec['type']
assert router_type in ROUTER_TYPES, f'Unsupported router type: {router_type}'
router_type_config = ROUTER_TYPES[router_type]
annotations = CkanRoutersAnnotations(router_name, router)
labels = _get_labels(router_name, router_type)
logs.debug_verbose('_init_router', router=router, router_type_config=router_type_config, labels=labels)
return router, spec, router_type, annotations, labels, router_type_config
else:
logs.debug_verbose('_init_router', router=router, router_type_config=None, labels=None)
return None, None, None, None, None, None
def update(router_name, wait_ready, spec, annotations, routes):
logs.debug(f'updating traefik router: {router_name}')
logs.debug_verbose(router_name=router_name, spec=spec, routes=routes)
return traefik_deployment.update(router_name, wait_ready, spec, annotations, routes)
def _add_route(dynamic_config, domains, route, enable_ssl_redirect,
external_domains, wildcard_ssl_domain):
route_name = routes_manager.get_name(route)
logs.info(f'adding route to traefik v2 dynamic config: {route_name}')
logs.debug_verbose(dynamic_config=dynamic_config,
domains=domains,
route=route,
enable_ssl_redirect=enable_ssl_redirect)
backend_url = routes_manager.get_backend_url(route)
frontend_hostname = routes_manager.get_frontend_hostname(route)
print(f'F/B = {frontend_hostname} {backend_url}')
root_domain, sub_domain = routes_manager.get_domain_parts(route)
domains.setdefault(root_domain, []).append(sub_domain)
if route['spec'].get('extra-no-dns-subdomains'):
extra_hostnames = ',' + ','.join([
f'{s}.{root_domain}'
for s in route['spec']['extra-no-dns-subdomains']
])
else:
extra_hostnames = ''
logs.debug_verbose(route_name=route_name,
backend_url=backend_url,
frontend_hostname=frontend_hostname,
root_domain=root_domain,
sub_domain=sub_domain,
domains=domains,
extra_hostnames=extra_hostnames)
if backend_url:
# config['backends'][route_name] = {
# 'servers': {
# 'server1': {
# 'url': backend_url
# }
# }
# }
dynamic_config['http']['services'][route_name] = {
'loadBalancer': {
'servers': [{
'url': backend_url
}]
}
}
# config['frontends'][route_name] = {
# 'backend': route_name,
# 'passHostHeader': True,
# 'headers': {
# 'SSLRedirect': bool(enable_ssl_redirect)
# },
# 'routes': {
# 'route1': {
# 'rule': f'Host:{frontend_hostname}{extra_hostnames}'
# }
# },
# **({
# 'auth': {
# 'basic': {
# 'usersFile': '/httpauth-' + route['spec']['httpauth-secret'] + '/.htpasswd'
# }
# }
# } if route['spec'].get('httpauth-secret') else {}),
# }
assert not extra_hostnames, "extra_hostnames not supported yet for traefik v2: %s" % extra_hostnames
assert not route['spec'].get(
'httpauth-secret'
), "httpauth-secret not supported yet for traefik v2: %s" % route[
'spec']['httpauth-secret']
# passHostHeader is true by default
dynamic_config['http']['routers']['http-%s' % route_name] = {
'rule': f'Host(`{frontend_hostname}`)',
'service': route_name,
'middlewares': ['SSLRedirect'],
'entrypoints': ['http'],
}
domain_confs = []
assert not external_domains, "external_domains not yet supported for traefik v2"
if root_domain == wildcard_ssl_domain:
domain_confs.append({"main": f'*.{root_domain}'})
else:
domain_confs.append({
"main": root_domain,
'sans': [f'{sub_domain}.{root_domain}']
})
dynamic_config['http']['routers']['https-%s' % route_name] = {
'rule': f'Host(`{frontend_hostname}`)',
'service': route_name,
'middlewares': [],
'entrypoints': ['https'],
'tls': {
'certResolver': 'myresolver',
'domains': domain_confs
}
}
for i, domain in enumerate(route['spec'].get('extra-external-domains',
[])):
dynamic_config['http']['routers']['http-%s-eed%s' %
(route_name, i)] = {
'rule': f'Host(`{domain}`)',
'service': route_name,
'middlewares':
['SSLRedirect'],
'entrypoints': ['http'],
}
dynamic_config['http']['routers']['https-%s-eed%s' %
(route_name, i)] = {
'rule': f'Host(`{domain}`)',
'service': route_name,
'middlewares': [],
'entrypoints': ['https'],
'tls': {
'certResolver':
'tlsresolver',
'domains': [{
"main":
domain
}]
}
}