Enabled the dynamic reload of GeoIP data (#2107)
* Moved geoip data into its own folder so it can be volume mounted * Added FS watches for the geoip data * Fixed single quotes issue (interpolation) * Fixed gofmt errors * Updated to directory crawl
This commit is contained in:
Karl Stoney
Manuel Alejandro de Brito Fontes
parent
ce8ba06208
commit
d1b6f32981
3 changed files with 46 additions and 16 deletions
|
|
@ -95,14 +95,16 @@ if [[ ${ARCH} == "s390x" ]]; then
|
|||
git config --global pack.threads "1"
|
||||
fi
|
||||
|
||||
# download GeoIP databases
|
||||
wget -O /etc/nginx/GeoIP.dat.gz https://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz || { echo 'Could not download GeoLiteCountry, exiting.' ; exit 1; }
|
||||
wget -O /etc/nginx/GeoLiteCity.dat.gz https://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz || { echo 'Could not download GeoLiteCity, exiting.' ; exit 1; }
|
||||
wget -O /etc/nginx/GeoIPASNum.dat.gz http://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz || { echo 'Could not download GeoLiteOrg, exiting.' ; exit 1; }
|
||||
|
||||
gunzip /etc/nginx/GeoIP.dat.gz
|
||||
gunzip /etc/nginx/GeoLiteCity.dat.gz
|
||||
gunzip /etc/nginx/GeoIPASNum.dat.gz
|
||||
# Get the GeoIP data
|
||||
GEOIP_FOLDER=/etc/nginx/geoip
|
||||
mkdir -p $GEOIP_FOLDER
|
||||
function geoip_get {
|
||||
wget -O $GEOIP_FOLDER/$1 $2 || { echo "Could not download $1, exiting." ; exit 1; }
|
||||
gunzip $GEOIP_FOLDER/$1
|
||||
}
|
||||
geoip_get "GeoIP.dat.gz" "https://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz"
|
||||
geoip_get "GeoLiteCity.dat.gz" "https://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz"
|
||||
geoip_get "GeoIPASNum.dat.gz" "http://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz"
|
||||
|
||||
mkdir --verbose -p "$BUILD_PATH"
|
||||
cd "$BUILD_PATH"
|
||||
|
|
|
|||
|
|
@ -56,6 +56,7 @@ import (
|
|||
"k8s.io/ingress-nginx/internal/net/ssl"
|
||||
"k8s.io/ingress-nginx/internal/task"
|
||||
"k8s.io/ingress-nginx/internal/watch"
|
||||
"path/filepath"
|
||||
)
|
||||
|
||||
type statusModule string
|
||||
|
|
@ -69,6 +70,7 @@ const (
|
|||
|
||||
var (
|
||||
tmplPath = "/etc/nginx/template/nginx.tmpl"
|
||||
geoipPath = "/etc/nginx/geoip"
|
||||
cfgPath = "/etc/nginx/nginx.conf"
|
||||
nginxBinary = "/usr/sbin/nginx"
|
||||
)
|
||||
|
|
@ -152,8 +154,8 @@ func NewNGINXController(config *Configuration, fs file.Filesystem) *NGINXControl
|
|||
glog.Warning("Update of ingress status is disabled (flag --update-status=false was specified)")
|
||||
}
|
||||
|
||||
var onChange func()
|
||||
onChange = func() {
|
||||
var onTemplateChange func()
|
||||
onTemplateChange = func() {
|
||||
template, err := ngx_template.NewTemplate(tmplPath, fs)
|
||||
if err != nil {
|
||||
// this error is different from the rest because it must be clear why nginx is not working
|
||||
|
|
@ -179,12 +181,38 @@ Error loading new template : %v
|
|||
|
||||
// TODO: refactor
|
||||
if _, ok := fs.(filesystem.DefaultFs); !ok {
|
||||
watch.NewDummyFileWatcher(tmplPath, onChange)
|
||||
watch.NewDummyFileWatcher(tmplPath, onTemplateChange)
|
||||
} else {
|
||||
_, err = watch.NewFileWatcher(tmplPath, onChange)
|
||||
|
||||
_, err = watch.NewFileWatcher(tmplPath, onTemplateChange)
|
||||
if err != nil {
|
||||
glog.Fatalf("unexpected error watching template %v: %v", tmplPath, err)
|
||||
glog.Fatalf("unexpected error creating file watcher: %v", err)
|
||||
}
|
||||
|
||||
filesToWatch := []string{}
|
||||
err := filepath.Walk("/etc/nginx/geoip/", func(path string, info os.FileInfo, err error) error {
|
||||
if info.IsDir() {
|
||||
return nil
|
||||
}
|
||||
|
||||
filesToWatch = append(filesToWatch, path)
|
||||
return nil
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
glog.Fatalf("unexpected error creating file watcher: %v", err)
|
||||
}
|
||||
|
||||
for _, f := range filesToWatch {
|
||||
_, err = watch.NewFileWatcher(f, func() {
|
||||
glog.Info("file %v changed. Reloading NGINX", f)
|
||||
n.SetForceReload(true)
|
||||
})
|
||||
if err != nil {
|
||||
glog.Fatalf("unexpected error creating file watcher: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return n
|
||||
|
|
|
|||
|
|
@ -47,9 +47,9 @@ http {
|
|||
{{/* databases used to determine the country depending on the client IP address */}}
|
||||
{{/* http://nginx.org/en/docs/http/ngx_http_geoip_module.html */}}
|
||||
{{/* this is require to calculate traffic for individual country using GeoIP in the status page */}}
|
||||
geoip_country /etc/nginx/GeoIP.dat;
|
||||
geoip_city /etc/nginx/GeoLiteCity.dat;
|
||||
geoip_org /etc/nginx/GeoIPASNum.dat;
|
||||
geoip_country /etc/nginx/geoip/GeoIP.dat;
|
||||
geoip_city /etc/nginx/geoip/GeoLiteCity.dat;
|
||||
geoip_org /etc/nginx/geoip/GeoIPASNum.dat;
|
||||
geoip_proxy_recursive on;
|
||||
|
||||
{{ if $cfg.EnableVtsStatus }}
|
||||
|
|
|
|||
Loading…
Reference in a new issue