ingress-nginx-helm/internal/ingress/controller/util.go

/*
Copyright 2015 The Kubernetes Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package controller

import (
	"os"
	"os/exec"
	"syscall"

	"k8s.io/apimachinery/pkg/util/intstr"

	"fmt"

	"k8s.io/klog"

	api "k8s.io/api/core/v1"
	"k8s.io/kubernetes/pkg/util/sysctl"

	"k8s.io/ingress-nginx/internal/ingress"
)

// newUpstream creates an upstream without servers.
func newUpstream(name string) *ingress.Backend {
	return &ingress.Backend{
		Name:      name,
		Endpoints: []ingress.Endpoint{},
		Service:   &api.Service{},
		SessionAffinity: ingress.SessionAffinityConfig{
			CookieSessionAffinity: ingress.CookieSessionAffinity{
				Locations: make(map[string][]string),
			},
		},
	}
}

// upstreamName returns a formatted upstream name based on namespace, service, and port
func upstreamName(namespace string, service string, port intstr.IntOrString) string {
	return fmt.Sprintf("%v-%v-%v", namespace, service, port.String())
}

// sysctlSomaxconn returns the maximum number of connections that can be queued
// for acceptance (value of net.core.somaxconn)
// http://nginx.org/en/docs/http/ngx_http_core_module.html#listen
func sysctlSomaxconn() int {
	maxConns, err := sysctl.New().GetSysctl("net/core/somaxconn")
	if err != nil || maxConns < 512 {
		klog.V(3).Infof("net.core.somaxconn=%v (using system default)", maxConns)
		return 511
	}

	return maxConns
}

// rlimitMaxNumFiles returns hard limit for RLIMIT_NOFILE
func rlimitMaxNumFiles() int {
	var rLimit syscall.Rlimit
	err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rLimit)
	if err != nil {
		klog.Errorf("Error reading system maximum number of open file descriptors (RLIMIT_NOFILE): %v", err)
		return 0
	}
	klog.V(2).Infof("rlimit.max=%v", rLimit.Max)
	return int(rLimit.Max)
}

const (
	defBinary = "/usr/sbin/nginx"
	cfgPath   = "/etc/nginx/nginx.conf"
)

var valgrind = []string{
	"valgrind",
	"--tool=memcheck",
	"--leak-check=full",
	"--show-leak-kinds=all",
	"--leak-check=yes",
}

func nginxExecCommand(args ...string) *exec.Cmd {
	ngx := os.Getenv("NGINX_BINARY")
	if ngx == "" {
		ngx = defBinary
	}

	cmdArgs := []string{"--deep"}

	if os.Getenv("RUN_WITH_VALGRIND") == "true" {
		cmdArgs = append(cmdArgs, valgrind...)
	}

	cmdArgs = append(cmdArgs, ngx, "-c", cfgPath)
	cmdArgs = append(cmdArgs, args...)

	return exec.Command("authbind", cmdArgs...)
}

func nginxTestCommand(cfg string) *exec.Cmd {
	return exec.Command(defBinary, "-c", cfg, "-t")
}
Split implementations from generic code 2016-11-10 22:56:29 +00:00			`/*`
			`Copyright 2015 The Kubernetes Authors.`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

			`package controller`

			`import (`
Create UDP collector that listens to UDP messages from monitor.lua and exposes them on /metrics endpoint 2018-06-14 00:55:07 +00:00			`"os"`
			`"os/exec"`
Revert "Get file max from fs/file-max. (#2050)" (#2241) This reverts commit d8efd39694c028329ad4f9c7e27531518956df4c. 2018-03-22 16:03:04 +00:00			`"syscall"`

Update nginx image 2019-02-09 21:53:31 +00:00			`"k8s.io/apimachinery/pkg/util/intstr"`

implement canary annotation and alternative backends Adds the ability to create alternative backends. Alternative backends enable traffic shaping by sharing a single location but routing to different backends depending on the TrafficShapingPolicy defined by AlternativeBackends. When the list of upstreams and servers are retrieved, we then call mergeAlternativeBackends which iterates through the paths of every ingress and checks if the backend supporting the path is a AlternativeBackend. If so, we then iterate through the map of servers and find the real backend that the AlternativeBackend should fall under. Once found, the AlternativeBackend is embedded in the list of VirtualBackends for the real backend. If no matching real backend for a AlternativeBackend is found, then the AlternativeBackend is deleted as it cannot be backed by any server. 2018-09-18 18:05:32 +00:00			`"fmt"`

Replace glog with klog 2018-12-05 16:27:55 +00:00			`"k8s.io/klog"`
Cleanup 2017-09-17 18:42:31 +00:00
1 2017-08-23 05:00:42 +00:00			`api "k8s.io/api/core/v1"`
Add healthz tests 2017-11-06 22:34:30 +00:00			`"k8s.io/kubernetes/pkg/util/sysctl"`
1 2017-08-23 05:00:42 +00:00
Rename package pkg to internal 2017-11-07 22:02:12 +00:00			`"k8s.io/ingress-nginx/internal/ingress"`
Split implementations from generic code 2016-11-10 22:56:29 +00:00			`)`

			`// newUpstream creates an upstream without servers.`
Remove interface 2016-11-11 23:43:35 +00:00			`func newUpstream(name string) *ingress.Backend {`
			`return &ingress.Backend{`
Add Generic interface 2016-11-16 18:24:26 +00:00			`Name: name,`
Remove interface 2016-11-11 23:43:35 +00:00			`Endpoints: []ingress.Endpoint{},`
1 2017-08-23 05:00:42 +00:00			`Service: &api.Service{},`
Add feature to allow sticky sessions per location 2017-06-16 00:43:17 +00:00			`SessionAffinity: ingress.SessionAffinityConfig{`
			`CookieSessionAffinity: ingress.CookieSessionAffinity{`
			`Locations: make(map[string][]string),`
			`},`
			`},`
Split implementations from generic code 2016-11-10 22:56:29 +00:00			`}`
			`}`

implement canary annotation and alternative backends Adds the ability to create alternative backends. Alternative backends enable traffic shaping by sharing a single location but routing to different backends depending on the TrafficShapingPolicy defined by AlternativeBackends. When the list of upstreams and servers are retrieved, we then call mergeAlternativeBackends which iterates through the paths of every ingress and checks if the backend supporting the path is a AlternativeBackend. If so, we then iterate through the map of servers and find the real backend that the AlternativeBackend should fall under. Once found, the AlternativeBackend is embedded in the list of VirtualBackends for the real backend. If no matching real backend for a AlternativeBackend is found, then the AlternativeBackend is deleted as it cannot be backed by any server. 2018-09-18 18:05:32 +00:00			`// upstreamName returns a formatted upstream name based on namespace, service, and port`
			`func upstreamName(namespace string, service string, port intstr.IntOrString) string {`
			`return fmt.Sprintf("%v-%v-%v", namespace, service, port.String())`
			`}`

Clarify log messages in controller pkg 2018-06-13 18:15:45 +00:00			`// sysctlSomaxconn returns the maximum number of connections that can be queued`
			`// for acceptance (value of net.core.somaxconn)`
Add healthz tests 2017-11-06 22:34:30 +00:00			`// http://nginx.org/en/docs/http/ngx_http_core_module.html#listen`
			`func sysctlSomaxconn() int {`
			`maxConns, err := sysctl.New().GetSysctl("net/core/somaxconn")`
			`if err != nil \|\| maxConns < 512 {`
Replace glog with klog 2018-12-05 16:27:55 +00:00			`klog.V(3).Infof("net.core.somaxconn=%v (using system default)", maxConns)`
Add healthz tests 2017-11-06 22:34:30 +00:00			`return 511`
			`}`

			`return maxConns`
			`}`

rename sysctlFSFileMax to rlimitMaxNumFiles to reflect what it actually does 2019-01-15 20:34:17 +00:00			`// rlimitMaxNumFiles returns hard limit for RLIMIT_NOFILE`
			`func rlimitMaxNumFiles() int {`
Revert "Get file max from fs/file-max. (#2050)" (#2241) This reverts commit d8efd39694c028329ad4f9c7e27531518956df4c. 2018-03-22 16:03:04 +00:00			`var rLimit syscall.Rlimit`
			`err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rLimit)`
Add healthz tests 2017-11-06 22:34:30 +00:00			`if err != nil {`
Replace glog with klog 2018-12-05 16:27:55 +00:00			`klog.Errorf("Error reading system maximum number of open file descriptors (RLIMIT_NOFILE): %v", err)`
Add healthz tests 2017-11-06 22:34:30 +00:00			`return 0`
			`}`
Replace glog with klog 2018-12-05 16:27:55 +00:00			`klog.V(2).Infof("rlimit.max=%v", rLimit.Max)`
Revert "Get file max from fs/file-max. (#2050)" (#2241) This reverts commit d8efd39694c028329ad4f9c7e27531518956df4c. 2018-03-22 16:03:04 +00:00			`return int(rLimit.Max)`
Add healthz tests 2017-11-06 22:34:30 +00:00			`}`
Create UDP collector that listens to UDP messages from monitor.lua and exposes them on /metrics endpoint 2018-06-14 00:55:07 +00:00
			`const (`
			`defBinary = "/usr/sbin/nginx"`
			`cfgPath = "/etc/nginx/nginx.conf"`
			`)`

Add support for valgrind 2018-08-31 00:32:06 +00:00			`var valgrind = []string{`
			`"valgrind",`
			`"--tool=memcheck",`
			`"--leak-check=full",`
			`"--show-leak-kinds=all",`
			`"--leak-check=yes",`
			`}`

Create UDP collector that listens to UDP messages from monitor.lua and exposes them on /metrics endpoint 2018-06-14 00:55:07 +00:00			`func nginxExecCommand(args ...string) *exec.Cmd {`
			`ngx := os.Getenv("NGINX_BINARY")`
			`if ngx == "" {`
			`ngx = defBinary`
			`}`

Add support for valgrind 2018-08-31 00:32:06 +00:00			`cmdArgs := []string{"--deep"}`

			`if os.Getenv("RUN_WITH_VALGRIND") == "true" {`
			`cmdArgs = append(cmdArgs, valgrind...)`
			`}`

			`cmdArgs = append(cmdArgs, ngx, "-c", cfgPath)`
Create UDP collector that listens to UDP messages from monitor.lua and exposes them on /metrics endpoint 2018-06-14 00:55:07 +00:00			`cmdArgs = append(cmdArgs, args...)`
Add support for valgrind 2018-08-31 00:32:06 +00:00
Use authbind to bind privileged ports 2018-08-03 13:50:53 +00:00			`return exec.Command("authbind", cmdArgs...)`
Create UDP collector that listens to UDP messages from monitor.lua and exposes them on /metrics endpoint 2018-06-14 00:55:07 +00:00			`}`

			`func nginxTestCommand(cfg string) *exec.Cmd {`
Update nginx image 2019-02-09 21:53:31 +00:00			`return exec.Command(defBinary, "-c", cfg, "-t")`
Create UDP collector that listens to UDP messages from monitor.lua and exposes them on /metrics endpoint 2018-06-14 00:55:07 +00:00			`}`