use of io.fabric8.service.jclouds.firewall.Rule in project fabric8 by jboss-fuse.
the class JsonRuleBaseReader method parseJson.
/**
* Will try to parse the {@link InputStream} which is expected to be in the following
* JSON format:
* <pre>
* { "rulebase" : [
* { "rule": "/foo/{path}", "to": "https://foo.com/cheese/{path}"},
* { "rule": "/customers/{id}/address/{addressId}", "to": "http://another.com/addresses/{addressId}/customer/{id}"}
* ]
* }
* </pre>
*
* <strong>Note that the passed-in {@link InputStream} will be closed by this method</strong>. This
* is a little unusual as normally the closing is the responsibility of the party that created the
* InputStream, but in this case we decided handling this is more user friendly.
*
* @param in the {@link InputStream} stream to read.
* @return {@code Map} where the key maps to the 'rule' in the JSON, and the value maps to 'to'.
*/
public static Map<String, HttpProxyRule> parseJson(InputStream in) {
chechNotNull(in);
HashMap<String, HttpProxyRule> map = new HashMap<String, HttpProxyRule>();
try {
JsonNode config = OM.readTree(in);
JsonNode globalCookiePath = config.get("cookiePath");
JsonNode globalDomain = config.get("cookieDomain");
for (JsonNode entry : getRuleBase(config)) {
String rule = entry.get("rule").asText();
map.put(rule, new HttpProxyRule(rule).to(entry.get("to").asText()).setCookiePath(getGlobal(entry, globalCookiePath, "cookiePath")).setCookieDomain(getGlobal(entry, globalDomain, "cookieDomain")));
}
return map;
} catch (IOException e) {
throw new RuntimeException(e.getMessage(), e);
} finally {
safeClose(in);
}
}
use of io.fabric8.service.jclouds.firewall.Rule in project fabric8-maven-plugin by fabric8io.
the class ApplyMojo method serviceHasIngressRule.
/**
* Returns true if there is an existing ingress rule for the given service
*/
private boolean serviceHasIngressRule(List<Ingress> ingresses, Service service) {
String serviceName = KubernetesHelper.getName(service);
for (Ingress ingress : ingresses) {
IngressSpec spec = ingress.getSpec();
if (spec == null) {
break;
}
List<IngressRule> rules = spec.getRules();
if (rules == null) {
break;
}
for (IngressRule rule : rules) {
HTTPIngressRuleValue http = rule.getHttp();
if (http == null) {
break;
}
List<HTTPIngressPath> paths = http.getPaths();
if (paths == null) {
break;
}
for (HTTPIngressPath path : paths) {
IngressBackend backend = path.getBackend();
if (backend == null) {
break;
}
if (Objects.equals(serviceName, backend.getServiceName())) {
return true;
}
}
}
}
return false;
}
use of io.fabric8.service.jclouds.firewall.Rule in project fabric8 by fabric8io.
the class KubernetesHelper method getServiceURL.
/**
* Returns the URL to access the service; using the environment variables, routes
* or service clusterIP address
*
* @throws IllegalArgumentException if the URL cannot be found for the serviceName and namespace
*/
public static String getServiceURL(KubernetesClient client, String serviceName, String serviceNamespace, String serviceProtocol, String servicePortName, boolean serviceExternal) {
Service srv = null;
String serviceHost = KubernetesServices.serviceToHostOrBlank(serviceName);
String servicePort = KubernetesServices.serviceToPortOrBlank(serviceName, servicePortName);
String serviceProto = serviceProtocol != null ? serviceProtocol : KubernetesServices.serviceToProtocol(serviceName, servicePort);
// Use specified or fallback namespace.
String actualNamespace = Strings.isNotBlank(serviceNamespace) ? serviceNamespace : client.getNamespace();
// 1. Inside Kubernetes: Services as ENV vars
if (!serviceExternal && Strings.isNotBlank(serviceHost) && Strings.isNotBlank(servicePort) && Strings.isNotBlank(serviceProtocol)) {
return serviceProtocol + "://" + serviceHost + ":" + servicePort;
// 2. Anywhere: When namespace is passed System / Env var. Mostly needed for integration tests.
} else if (Strings.isNotBlank(actualNamespace)) {
try {
srv = client.services().inNamespace(actualNamespace).withName(serviceName).get();
} catch (Exception e) {
LOGGER.warn("Could not lookup service:" + serviceName + " in namespace:" + actualNamespace + ", due to: " + e.getMessage());
}
}
if (srv == null) {
// lets try use environment variables
String hostAndPort = Systems.getServiceHostAndPort(serviceName, "", "");
if (!hostAndPort.startsWith(":")) {
return serviceProto + "://" + hostAndPort;
}
}
if (srv == null) {
throw new IllegalArgumentException("No kubernetes service could be found for name: " + serviceName + " in namespace: " + actualNamespace);
}
String answer = getOrCreateAnnotations(srv).get(Annotations.Service.EXPOSE_URL);
if (Strings.isNotBlank(answer)) {
return answer;
}
try {
if (Strings.isNullOrBlank(servicePortName) && isOpenShift(client)) {
OpenShiftClient openShiftClient = client.adapt(OpenShiftClient.class);
Route route = openShiftClient.routes().inNamespace(actualNamespace).withName(serviceName).get();
if (route != null) {
return (serviceProto + "://" + route.getSpec().getHost()).toLowerCase();
}
}
} catch (KubernetesClientException e) {
if (e.getCode() == 403) {
LOGGER.warn("Could not lookup route:" + serviceName + " in namespace:" + actualNamespace + ", due to: " + e.getMessage());
} else {
throw e;
}
}
ServicePort port = findServicePortByName(srv, servicePortName);
if (port == null) {
throw new RuntimeException("Couldn't find port: " + servicePortName + " for service:" + serviceName);
}
String clusterIP = srv.getSpec().getClusterIP();
if ("None".equals(clusterIP)) {
throw new IllegalStateException("Service: " + serviceName + " in namespace:" + serviceNamespace + "is head-less. Search for endpoints instead.");
}
Integer portNumber = port.getPort();
if (Strings.isNullOrBlank(clusterIP)) {
IngressList ingresses = client.extensions().ingresses().inNamespace(serviceNamespace).list();
if (ingresses != null) {
List<Ingress> items = ingresses.getItems();
if (items != null) {
for (Ingress item : items) {
String ns = getNamespace(item);
if (Objects.equal(serviceNamespace, ns)) {
IngressSpec spec = item.getSpec();
if (spec != null) {
List<IngressRule> rules = spec.getRules();
List<IngressTLS> tls = spec.getTls();
if (rules != null) {
for (IngressRule rule : rules) {
HTTPIngressRuleValue http = rule.getHttp();
if (http != null) {
List<HTTPIngressPath> paths = http.getPaths();
if (paths != null) {
for (HTTPIngressPath path : paths) {
IngressBackend backend = path.getBackend();
if (backend != null) {
String backendServiceName = backend.getServiceName();
if (serviceName.equals(backendServiceName) && portsMatch(port, backend.getServicePort())) {
String pathPostfix = path.getPath();
if (tls != null) {
for (IngressTLS tlsHost : tls) {
List<String> hosts = tlsHost.getHosts();
if (hosts != null) {
for (String host : hosts) {
if (Strings.isNotBlank(host)) {
if (Strings.isNullOrBlank(pathPostfix)) {
pathPostfix = "/";
}
return "https://" + URLUtils.pathJoin(host, pathPostfix);
}
}
}
}
}
answer = rule.getHost();
if (Strings.isNotBlank(answer)) {
if (Strings.isNullOrBlank(pathPostfix)) {
pathPostfix = "/";
}
return "http://" + URLUtils.pathJoin(answer, pathPostfix);
}
}
}
}
}
}
}
}
}
}
}
}
}
// lets try use the status on GKE
ServiceStatus status = srv.getStatus();
if (status != null) {
LoadBalancerStatus loadBalancerStatus = status.getLoadBalancer();
if (loadBalancerStatus != null) {
List<LoadBalancerIngress> loadBalancerIngresses = loadBalancerStatus.getIngress();
if (loadBalancerIngresses != null) {
for (LoadBalancerIngress loadBalancerIngress : loadBalancerIngresses) {
String ip = loadBalancerIngress.getIp();
if (Strings.isNotBlank(ip)) {
clusterIP = ip;
break;
}
}
}
}
}
}
if (Strings.isNullOrBlank(clusterIP)) {
// on vanilla kubernetes we can use nodePort to access things externally
boolean found = false;
Integer nodePort = port.getNodePort();
if (nodePort != null) {
try {
NodeList nodeList = client.nodes().list();
if (nodeList != null) {
List<Node> items = nodeList.getItems();
if (items != null) {
for (Node item : items) {
NodeStatus status = item.getStatus();
if (!found && status != null) {
List<NodeAddress> addresses = status.getAddresses();
if (addresses != null) {
for (NodeAddress address : addresses) {
String ip = address.getAddress();
if (Strings.isNotBlank(ip)) {
clusterIP = ip;
portNumber = nodePort;
found = true;
break;
}
}
}
}
if (!found) {
NodeSpec spec = item.getSpec();
if (spec != null) {
clusterIP = spec.getExternalID();
if (Strings.isNotBlank(clusterIP)) {
portNumber = nodePort;
break;
}
}
}
}
}
}
} catch (Exception e) {
// ignore could not find a node!
LOG.warn("Could not find a node!: " + e, e);
}
}
}
return (serviceProto + "://" + clusterIP + ":" + portNumber).toLowerCase();
}
use of io.fabric8.service.jclouds.firewall.Rule in project fabric8 by jboss-fuse.
the class JsonRuleBaseReaderTest method parseWithGlobalCookiePath.
@Test
public void parseWithGlobalCookiePath() throws Exception {
final InputStream in = JsonRuleBaseBuilder.newRuleBase().globalCookiePath("/cookiePath").rule("/foo/{path}", "https://foo.com/cheese/{path}").rule("/foo2/{path}", "https://foo2.com/cheese/{path}", "/overriddenCookiePath").inputStream();
final Map<String, HttpProxyRule> rules = JsonRuleBaseReader.parseJson(in);
assertThat(rules.get("/foo/{path}").getCookiePath(), equalTo("/cookiePath"));
assertThat(rules.get("/foo2/{path}").getCookiePath(), equalTo("/overriddenCookiePath"));
}
use of io.fabric8.service.jclouds.firewall.Rule in project fabric8 by jboss-fuse.
the class JsonRuleBaseReaderTest method parseJson.
@Test
public void parseJson() throws Exception {
final InputStream in = JsonRuleBaseBuilder.newRuleBase().rule("/foo/{path}", "https://foo.com/cheese/{path}").rule("/cust/{id}/address/{addressId}", "http://at.com/addresses/{addressId}/cust/id}").inputStream();
Map<String, HttpProxyRule> rules = JsonRuleBaseReader.parseJson(in);
assertEquals("https://foo.com/cheese/{path}", asString(rules.get("/foo/{path}")));
assertEquals("http://at.com/addresses/{addressId}/cust/id}", asString(rules.get("/cust/{id}/address/{addressId}")));
assertClosed(in);
}
Aggregations