mirror of
https://github.com/cloudflare/cloudflared.git
synced 2025-07-27 20:09:58 +00:00
TUN-3725: Warp-routing is independent of ingress
- Changed warp-routing configuration to its own yaml.
- Ingress Rules host matching is indepedent of warp-routing.
This commit is contained in:
Sudarsan Reddy
committed by
Nuno Diegues
Nuno Diegues
parent
368066a966
commit
b4700a52e3
@@ -25,8 +25,9 @@ var (
|
||||
)
|
||||
|
||||
const (
|
||||
ServiceBastion = "bastion"
|
||||
ServiceTeamnet = "teamnet-proxy"
|
||||
ServiceBridge = "bridge service"
|
||||
ServiceBastion = "bastion"
|
||||
ServiceWarpRouting = "warp-routing"
|
||||
)
|
||||
|
||||
// FindMatchingRule returns the index of the Ingress Rule which matches the given
|
||||
@@ -43,6 +44,7 @@ func (ing Ingress) FindMatchingRule(hostname, path string) (*Rule, int) {
|
||||
return &rule, i
|
||||
}
|
||||
}
|
||||
|
||||
i := len(ing.Rules) - 1
|
||||
return &ing.Rules[i], i
|
||||
}
|
||||
@@ -89,13 +91,24 @@ func NewSingleOrigin(c *cli.Context, allowURLFromArgs bool) (Ingress, error) {
|
||||
return ing, err
|
||||
}
|
||||
|
||||
// WarpRoutingService starts a tcp stream between the origin and requests from
|
||||
// warp clients.
|
||||
type WarpRoutingService struct {
|
||||
Proxy StreamBasedOriginProxy
|
||||
}
|
||||
|
||||
func NewWarpRoutingService() *WarpRoutingService {
|
||||
warpRoutingService := newBridgeService(DefaultStreamHandler, ServiceWarpRouting)
|
||||
return &WarpRoutingService{Proxy: warpRoutingService}
|
||||
}
|
||||
|
||||
// Get a single origin service from the CLI/config.
|
||||
func parseSingleOriginService(c *cli.Context, allowURLFromArgs bool) (originService, error) {
|
||||
if c.IsSet("hello-world") {
|
||||
return new(helloWorld), nil
|
||||
}
|
||||
if c.IsSet(config.BastionFlag) {
|
||||
return newBridgeService(nil), nil
|
||||
return newBridgeService(nil, ServiceBastion), nil
|
||||
}
|
||||
if c.IsSet("url") {
|
||||
originURL, err := config.ValidateUrl(c, allowURLFromArgs)
|
||||
@@ -169,9 +182,7 @@ func validate(ingress []config.UnvalidatedIngressRule, defaults OriginRequestCon
|
||||
// overwrite the localService.URL field when `start` is called. So,
|
||||
// leave the URL field empty for now.
|
||||
cfg.BastionMode = true
|
||||
service = newBridgeService(nil)
|
||||
} else if r.Service == ServiceTeamnet {
|
||||
service = newBridgeService(DefaultStreamHandler)
|
||||
service = newBridgeService(nil, ServiceBastion)
|
||||
} else {
|
||||
// Validate URL services
|
||||
u, err := url.Parse(r.Service)
|
||||
|
||||
@@ -3,6 +3,7 @@ package ingress
|
||||
import (
|
||||
"flag"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"regexp"
|
||||
"testing"
|
||||
@@ -315,7 +316,7 @@ ingress:
|
||||
want: []Rule{
|
||||
{
|
||||
Hostname: "bastion.foo.com",
|
||||
Service: newBridgeService(nil),
|
||||
Service: newBridgeService(nil, ServiceBastion),
|
||||
Config: setConfig(originRequestFromYAML(config.OriginRequestConfig{}), config.OriginRequestConfig{BastionMode: &tr}),
|
||||
},
|
||||
{
|
||||
@@ -335,7 +336,7 @@ ingress:
|
||||
want: []Rule{
|
||||
{
|
||||
Hostname: "bastion.foo.com",
|
||||
Service: newBridgeService(nil),
|
||||
Service: newBridgeService(nil, ServiceBastion),
|
||||
Config: setConfig(originRequestFromYAML(config.OriginRequestConfig{}), config.OriginRequestConfig{BastionMode: &tr}),
|
||||
},
|
||||
{
|
||||
@@ -463,6 +464,7 @@ func TestFindMatchingRule(t *testing.T) {
|
||||
tests := []struct {
|
||||
host string
|
||||
path string
|
||||
req *http.Request
|
||||
wantRuleIndex int
|
||||
}{
|
||||
{
|
||||
@@ -497,9 +499,9 @@ func TestFindMatchingRule(t *testing.T) {
|
||||
},
|
||||
}
|
||||
|
||||
for i, test := range tests {
|
||||
for _, test := range tests {
|
||||
_, ruleIndex := ingress.FindMatchingRule(test.host, test.path)
|
||||
assert.Equal(t, test.wantRuleIndex, ruleIndex, fmt.Sprintf("Expect host=%s, path=%s to match rule %d, got %d", test.host, test.path, test.wantRuleIndex, i))
|
||||
assert.Equal(t, test.wantRuleIndex, ruleIndex, fmt.Sprintf("Expect host=%s, path=%s to match rule %d, got %d", test.host, test.path, test.wantRuleIndex, ruleIndex))
|
||||
}
|
||||
}
|
||||
|
||||
@@ -561,6 +563,7 @@ ingress:
|
||||
if err != nil {
|
||||
b.Error(err)
|
||||
}
|
||||
|
||||
for n := 0; n < b.N; n++ {
|
||||
ing.FindMatchingRule("tunnel1.example.com", "")
|
||||
ing.FindMatchingRule("tunnel2.example.com", "")
|
||||
|
||||
@@ -91,7 +91,7 @@ func TestBridgeServiceDestination(t *testing.T) {
|
||||
wantErr: true,
|
||||
},
|
||||
}
|
||||
s := newBridgeService(nil)
|
||||
s := newBridgeService(nil, ServiceBastion)
|
||||
for _, test := range tests {
|
||||
r := &http.Request{
|
||||
Header: test.header,
|
||||
|
||||
@@ -78,20 +78,22 @@ func (o *httpService) String() string {
|
||||
|
||||
// bridgeService is like a jump host, the destination is specified by the client
|
||||
type bridgeService struct {
|
||||
client *tcpClient
|
||||
client *tcpClient
|
||||
serviceName string
|
||||
}
|
||||
|
||||
// if streamHandler is nil, a default one is set.
|
||||
func newBridgeService(streamHandler streamHandlerFunc) *bridgeService {
|
||||
func newBridgeService(streamHandler streamHandlerFunc, serviceName string) *bridgeService {
|
||||
return &bridgeService{
|
||||
client: &tcpClient{
|
||||
streamHandler: streamHandler,
|
||||
},
|
||||
serviceName: serviceName,
|
||||
}
|
||||
}
|
||||
|
||||
func (o *bridgeService) String() string {
|
||||
return "bridge service"
|
||||
return ServiceBridge + ":" + o.serviceName
|
||||
}
|
||||
|
||||
func (o *bridgeService) start(wg *sync.WaitGroup, log *zerolog.Logger, shutdownC <-chan struct{}, errC chan error, cfg OriginRequestConfig) error {
|
||||
|
||||
Reference in New Issue
Block a user