diff --git a/charts/fsm/README.md b/charts/fsm/README.md index 750336933..812aa506b 100644 --- a/charts/fsm/README.md +++ b/charts/fsm/README.md @@ -213,7 +213,12 @@ The following table lists the configurable parameters of the fsm chart and their | fsm.fsmController.resource | object | `{"limits":{"cpu":"1.5","memory":"1G"},"requests":{"cpu":"0.5","memory":"128M"}}` | FSM controller's container resource parameters. See https://docs.flomesh.io/docs/guides/ha_scale/scale/ for more details. | | fsm.fsmController.tolerations | list | `[]` | Node tolerations applied to control plane pods. The specified tolerations allow pods to schedule onto nodes with matching taints. | | fsm.fsmGateway.enabled | bool | `false` | | +| fsm.fsmGateway.fgwLogLevel | string | `"info"` | | +| fsm.fsmGateway.http1PerRequestLoadBalancing | bool | `false` | | +| fsm.fsmGateway.http2PerRequestLoadBalancing | bool | `true` | | | fsm.fsmGateway.logLevel | string | `"info"` | | +| fsm.fsmGateway.sslPassthroughUpstreamPort | int | `443` | | +| fsm.fsmGateway.stripAnyHostPort | bool | `true` | | | fsm.fsmIngress.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].key | string | `"kubernetes.io/os"` | | | fsm.fsmIngress.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].operator | string | `"In"` | | | fsm.fsmIngress.affinity.nodeAffinity.requiredDuringSchedulingIgnoredDuringExecution.nodeSelectorTerms[0].matchExpressions[0].values[0] | string | `"linux"` | | diff --git a/charts/fsm/templates/preset-mesh-config.yaml b/charts/fsm/templates/preset-mesh-config.yaml index 20d551f36..2a6d15a30 100644 --- a/charts/fsm/templates/preset-mesh-config.yaml +++ b/charts/fsm/templates/preset-mesh-config.yaml @@ -117,7 +117,12 @@ data: }, "gatewayAPI": { "enabled": {{ and .Values.fsm.fsmGateway.enabled (not .Values.fsm.fsmIngress.enabled) }}, - "logLevel": "{{ .Values.fsm.fsmGateway.logLevel }}" + "logLevel": "{{ .Values.fsm.fsmGateway.logLevel }}", + "fgwLogLevel": "{{ .Values.fsm.fsmGateway.fgwLogLevel }}", + "stripAnyHostPort": {{ .Values.fsm.fsmGateway.stripAnyHostPort }}, + "sslPassthroughUpstreamPort": {{ .Values.fsm.fsmGateway.sslPassthroughUpstreamPort }}, + "http1PerRequestLoadBalancing": {{ .Values.fsm.fsmGateway.http1PerRequestLoadBalancing }}, + "http2PerRequestLoadBalancing": {{ .Values.fsm.fsmGateway.http2PerRequestLoadBalancing }} }, "serviceLB": { "enabled": {{ .Values.fsm.serviceLB.enabled }}, diff --git a/charts/fsm/values.schema.json b/charts/fsm/values.schema.json index e4d561fbc..3836d4356 100644 --- a/charts/fsm/values.schema.json +++ b/charts/fsm/values.schema.json @@ -1830,7 +1830,12 @@ "title": "The gatewayApi Schema", "required": [ "enabled", - "logLevel" + "logLevel", + "fgwLogLevel", + "stripAnyHostPort", + "sslPassthroughUpstreamPort", + "http1PerRequestLoadBalancing", + "http2PerRequestLoadBalancing" ], "properties": { "enabled": { @@ -1842,6 +1847,31 @@ "type": "string", "default": "info", "title": "The logLevel Schema" + }, + "fgwLogLevel": { + "type": "string", + "default": "info", + "title": "The FGW logLevel Schema" + }, + "stripAnyHostPort": { + "type": "boolean", + "default": true, + "title": "The stripAnyHostPort Schema" + }, + "sslPassthroughUpstreamPort": { + "type": "integer", + "default": 443, + "title": "The sslPassthroughUpstreamPort Schema" + }, + "http1PerRequestLoadBalancing": { + "type": "boolean", + "default": false, + "title": "The http1PerRequestLoadBalancing Schema" + }, + "http2PerRequestLoadBalancing": { + "type": "boolean", + "default": true, + "title": "The http2PerRequestLoadBalancing Schema" } } }, diff --git a/charts/fsm/values.yaml b/charts/fsm/values.yaml index 084f1530e..a382505cb 100644 --- a/charts/fsm/values.yaml +++ b/charts/fsm/values.yaml @@ -936,6 +936,11 @@ fsm: fsmGateway: enabled: false logLevel: info + fgwLogLevel: info + stripAnyHostPort: true + sslPassthroughUpstreamPort: 443 + http1PerRequestLoadBalancing: false + http2PerRequestLoadBalancing: true # # -- FSM ServiceLB parameters diff --git a/cmd/fsm-bootstrap/crds/config.flomesh.io_meshconfigs.yaml b/cmd/fsm-bootstrap/crds/config.flomesh.io_meshconfigs.yaml index 84ca0c73a..4d4c1e64b 100644 --- a/cmd/fsm-bootstrap/crds/config.flomesh.io_meshconfigs.yaml +++ b/cmd/fsm-bootstrap/crds/config.flomesh.io_meshconfigs.yaml @@ -1440,10 +1440,38 @@ spec: gatewayAPI: description: GatewayAPI defines the configurations of GatewayAPI features. properties: + StripAnyHostPort: + default: false + description: StripAnyHostPort defines if strip any host port is + enabled. + type: boolean enabled: default: false description: Enabled defines if gateway api is enabled. type: boolean + fgwLogLevel: + default: info + description: FGWLogLevel defines the log level of FGW. + enum: + - trace + - debug + - info + - warn + - error + - fatal + - panic + - disabled + type: string + http1PerRequestLoadBalancing: + default: false + description: HTTP1PerRequestLoadBalancing defines if load balancing + based on per-request is enabled for http1. + type: boolean + http2PerRequestLoadBalancing: + default: false + description: HTTP2PerRequestLoadBalancing defines if load balancing + based on per-request is enabled for http2. + type: boolean logLevel: default: info description: LogLevel defines the log level of gateway api. @@ -1457,9 +1485,20 @@ spec: - panic - disabled type: string + sslPassthroughUpstreamPort: + default: 443 + description: SSLPassthroughUpstreamPort defines the default upstream + port of SSL passthrough. + format: int32 + type: integer required: + - StripAnyHostPort - enabled + - fgwLogLevel + - http1PerRequestLoadBalancing + - http2PerRequestLoadBalancing - logLevel + - sslPassthroughUpstreamPort type: object image: description: Image defines the configurations of Image info diff --git a/pkg/apis/config/v1alpha3/mesh_config.go b/pkg/apis/config/v1alpha3/mesh_config.go index 426a7e3a9..22923466c 100644 --- a/pkg/apis/config/v1alpha3/mesh_config.go +++ b/pkg/apis/config/v1alpha3/mesh_config.go @@ -573,6 +573,27 @@ type GatewayAPISpec struct { // +kubebuilder:validation:Enum=trace;debug;info;warn;error;fatal;panic;disabled // LogLevel defines the log level of gateway api. LogLevel string `json:"logLevel"` + + // +kubebuilder:default=info + // +kubebuilder:validation:Enum=trace;debug;info;warn;error;fatal;panic;disabled + // FGWLogLevel defines the log level of FGW. + FGWLogLevel string `json:"fgwLogLevel"` + + // +kubebuilder:default=false + // StripAnyHostPort defines if strip any host port is enabled. + StripAnyHostPort bool `json:"StripAnyHostPort"` + + // +kubebuilder:default=443 + // SSLPassthroughUpstreamPort defines the default upstream port of SSL passthrough. + SSLPassthroughUpstreamPort int32 `json:"sslPassthroughUpstreamPort"` + + // +kubebuilder:default=false + // HTTP1PerRequestLoadBalancing defines if load balancing based on per-request is enabled for http1. + HTTP1PerRequestLoadBalancing bool `json:"http1PerRequestLoadBalancing"` + + // +kubebuilder:default=false + // HTTP2PerRequestLoadBalancing defines if load balancing based on per-request is enabled for http2. + HTTP2PerRequestLoadBalancing bool `json:"http2PerRequestLoadBalancing"` } // ServiceLBSpec is the type to represent service lb. diff --git a/pkg/configurator/methods.go b/pkg/configurator/methods.go index 102c9162c..de1f9b39c 100644 --- a/pkg/configurator/methods.go +++ b/pkg/configurator/methods.go @@ -505,6 +505,36 @@ func (c *Client) GetFSMGatewayLogLevel() string { return mcSpec.GatewayAPI.LogLevel } +// GetFGWLogLevel returns log level of FGW +func (c *Client) GetFGWLogLevel() string { + mcSpec := c.getMeshConfig().Spec + return mcSpec.GatewayAPI.FGWLogLevel +} + +// IsFGWStripAnyHostPort returns whether to strip any host port +func (c *Client) IsFGWStripAnyHostPort() bool { + mcSpec := c.getMeshConfig().Spec + return mcSpec.GatewayAPI.StripAnyHostPort +} + +// GetFGWSSLPassthroughUpstreamPort returns the default upstream port that FGW used for SSL Passthrough +func (c *Client) GetFGWSSLPassthroughUpstreamPort() int32 { + mcSpec := c.getMeshConfig().Spec + return mcSpec.GatewayAPI.SSLPassthroughUpstreamPort +} + +// IsFGWHTTP1PerRequestLoadBalancingEnabled returns whether per-request load balancing is enabled for HTTP1 protocol +func (c *Client) IsFGWHTTP1PerRequestLoadBalancingEnabled() bool { + mcSpec := c.getMeshConfig().Spec + return mcSpec.GatewayAPI.HTTP1PerRequestLoadBalancing +} + +// IsFGWHTTP2PerRequestLoadBalancingEnabled returns whether per-request load balancing is enabled for HTTP2 protocol +func (c *Client) IsFGWHTTP2PerRequestLoadBalancingEnabled() bool { + mcSpec := c.getMeshConfig().Spec + return mcSpec.GatewayAPI.HTTP2PerRequestLoadBalancing +} + // IsIngressEnabled returns whether Ingress is enabled func (c *Client) IsIngressEnabled() bool { mcSpec := c.getMeshConfig().Spec diff --git a/pkg/configurator/mock_client_generated.go b/pkg/configurator/mock_client_generated.go index 2909d3397..983226ea3 100644 --- a/pkg/configurator/mock_client_generated.go +++ b/pkg/configurator/mock_client_generated.go @@ -80,6 +80,34 @@ func (mr *MockConfiguratorMockRecorder) GetConfigResyncInterval() *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetConfigResyncInterval", reflect.TypeOf((*MockConfigurator)(nil).GetConfigResyncInterval)) } +// GetFGWLogLevel mocks base method. +func (m *MockConfigurator) GetFGWLogLevel() string { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetFGWLogLevel") + ret0, _ := ret[0].(string) + return ret0 +} + +// GetFGWLogLevel indicates an expected call of GetFGWLogLevel. +func (mr *MockConfiguratorMockRecorder) GetFGWLogLevel() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetFGWLogLevel", reflect.TypeOf((*MockConfigurator)(nil).GetFGWLogLevel)) +} + +// GetFGWSSLPassthroughUpstreamPort mocks base method. +func (m *MockConfigurator) GetFGWSSLPassthroughUpstreamPort() int32 { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetFGWSSLPassthroughUpstreamPort") + ret0, _ := ret[0].(int32) + return ret0 +} + +// GetFGWSSLPassthroughUpstreamPort indicates an expected call of GetFGWSSLPassthroughUpstreamPort. +func (mr *MockConfiguratorMockRecorder) GetFGWSSLPassthroughUpstreamPort() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetFGWSSLPassthroughUpstreamPort", reflect.TypeOf((*MockConfigurator)(nil).GetFGWSSLPassthroughUpstreamPort)) +} + // GetFLBSecretName mocks base method. func (m *MockConfigurator) GetFLBSecretName() string { m.ctrl.T.Helper() @@ -739,6 +767,48 @@ func (mr *MockConfiguratorMockRecorder) IsEgressEnabled() *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IsEgressEnabled", reflect.TypeOf((*MockConfigurator)(nil).IsEgressEnabled)) } +// IsFGWHTTP1PerRequestLoadBalancingEnabled mocks base method. +func (m *MockConfigurator) IsFGWHTTP1PerRequestLoadBalancingEnabled() bool { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "IsFGWHTTP1PerRequestLoadBalancingEnabled") + ret0, _ := ret[0].(bool) + return ret0 +} + +// IsFGWHTTP1PerRequestLoadBalancingEnabled indicates an expected call of IsFGWHTTP1PerRequestLoadBalancingEnabled. +func (mr *MockConfiguratorMockRecorder) IsFGWHTTP1PerRequestLoadBalancingEnabled() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IsFGWHTTP1PerRequestLoadBalancingEnabled", reflect.TypeOf((*MockConfigurator)(nil).IsFGWHTTP1PerRequestLoadBalancingEnabled)) +} + +// IsFGWHTTP2PerRequestLoadBalancingEnabled mocks base method. +func (m *MockConfigurator) IsFGWHTTP2PerRequestLoadBalancingEnabled() bool { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "IsFGWHTTP2PerRequestLoadBalancingEnabled") + ret0, _ := ret[0].(bool) + return ret0 +} + +// IsFGWHTTP2PerRequestLoadBalancingEnabled indicates an expected call of IsFGWHTTP2PerRequestLoadBalancingEnabled. +func (mr *MockConfiguratorMockRecorder) IsFGWHTTP2PerRequestLoadBalancingEnabled() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IsFGWHTTP2PerRequestLoadBalancingEnabled", reflect.TypeOf((*MockConfigurator)(nil).IsFGWHTTP2PerRequestLoadBalancingEnabled)) +} + +// IsFGWStripAnyHostPort mocks base method. +func (m *MockConfigurator) IsFGWStripAnyHostPort() bool { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "IsFGWStripAnyHostPort") + ret0, _ := ret[0].(bool) + return ret0 +} + +// IsFGWStripAnyHostPort indicates an expected call of IsFGWStripAnyHostPort. +func (mr *MockConfiguratorMockRecorder) IsFGWStripAnyHostPort() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IsFGWStripAnyHostPort", reflect.TypeOf((*MockConfigurator)(nil).IsFGWStripAnyHostPort)) +} + // IsFLBEnabled mocks base method. func (m *MockConfigurator) IsFLBEnabled() bool { m.ctrl.T.Helper() diff --git a/pkg/configurator/types.go b/pkg/configurator/types.go index 43e753a51..252c942e5 100644 --- a/pkg/configurator/types.go +++ b/pkg/configurator/types.go @@ -167,6 +167,21 @@ type Configurator interface { // GetFSMGatewayLogLevel returns log level of FSM Gateway GetFSMGatewayLogLevel() string + // GetFGWLogLevel returns log level of FSM Gateway + GetFGWLogLevel() string + + // IsFGWStripAnyHostPort returns whether to strip any host port + IsFGWStripAnyHostPort() bool + + // GetFGWSSLPassthroughUpstreamPort returns the default upstream port that FGW used for SSL Passthrough + GetFGWSSLPassthroughUpstreamPort() int32 + + // IsFGWHTTP1PerRequestLoadBalancingEnabled returns whether per-request load balancing is enabled for HTTP1 protocol + IsFGWHTTP1PerRequestLoadBalancingEnabled() bool + + // IsFGWHTTP2PerRequestLoadBalancingEnabled returns whether per-request load balancing is enabled for HTTP2 protocol + IsFGWHTTP2PerRequestLoadBalancingEnabled() bool + // IsIngressEnabled returns whether Ingress is enabled IsIngressEnabled() bool diff --git a/pkg/gateway/cache/config.go b/pkg/gateway/cache/config.go index 0cedd1de9..9d6c14fbc 100644 --- a/pkg/gateway/cache/config.go +++ b/pkg/gateway/cache/config.go @@ -119,13 +119,15 @@ func (c *GatewayCache) getVersionOfConfigJSON(basepath string) (string, error) { func (c *GatewayCache) defaults() routecfg.Defaults { return routecfg.Defaults{ EnableDebug: c.isDebugEnabled(), - DefaultPassthroughUpstreamPort: 443, // TODO: enrich this from config - StripAnyHostPort: true, // TODO: enrich this from config + DefaultPassthroughUpstreamPort: c.cfg.GetFGWSSLPassthroughUpstreamPort(), + StripAnyHostPort: c.cfg.IsFGWStripAnyHostPort(), + HTTP1PerRequestLoadBalancing: c.cfg.IsFGWHTTP1PerRequestLoadBalancingEnabled(), + HTTP2PerRequestLoadBalancing: c.cfg.IsFGWHTTP2PerRequestLoadBalancingEnabled(), } } func (c *GatewayCache) isDebugEnabled() bool { - switch c.cfg.GetFSMGatewayLogLevel() { + switch c.cfg.GetFGWLogLevel() { case "debug", "trace": return true default: diff --git a/pkg/gateway/routecfg/types.go b/pkg/gateway/routecfg/types.go index e76e1662b..a216ff6cd 100644 --- a/pkg/gateway/routecfg/types.go +++ b/pkg/gateway/routecfg/types.go @@ -68,9 +68,11 @@ type ConfigSpec struct { // Defaults is the default configuration type Defaults struct { - EnableDebug bool `json:"EnableDebug"` - DefaultPassthroughUpstreamPort uint32 `json:"DefaultPassthroughUpstreamPort"` - StripAnyHostPort bool `json:"StripAnyHostPort"` + EnableDebug bool `json:"EnableDebug"` + DefaultPassthroughUpstreamPort int32 `json:"DefaultPassthroughUpstreamPort"` + StripAnyHostPort bool `json:"StripAnyHostPort"` + HTTP1PerRequestLoadBalancing bool `json:"HTTP1PerRequestLoadBalancing"` + HTTP2PerRequestLoadBalancing bool `json:"HTTP2PerRequestLoadBalancing"` } // Listener is the listener configuration diff --git a/pkg/manager/listeners/client.go b/pkg/manager/listeners/client.go index 79e7a274a..82367f339 100644 --- a/pkg/manager/listeners/client.go +++ b/pkg/manager/listeners/client.go @@ -15,6 +15,31 @@ type client struct { mc *configv1alpha3.MeshConfig } +func (c *client) GetFGWLogLevel() string { + //TODO implement me + panic("implement me") +} + +func (c *client) IsFGWStripAnyHostPort() bool { + //TODO implement me + panic("implement me") +} + +func (c *client) GetFGWSSLPassthroughUpstreamPort() int32 { + //TODO implement me + panic("implement me") +} + +func (c *client) IsFGWHTTP1PerRequestLoadBalancingEnabled() bool { + //TODO implement me + panic("implement me") +} + +func (c *client) IsFGWHTTP2PerRequestLoadBalancingEnabled() bool { + //TODO implement me + panic("implement me") +} + func (c *client) GetRemoteLoggingLevel() uint16 { //TODO implement me panic("implement me") diff --git a/pkg/messaging/broker.go b/pkg/messaging/broker.go index ee4f89e20..cf8b9156f 100644 --- a/pkg/messaging/broker.go +++ b/pkg/messaging/broker.go @@ -823,8 +823,12 @@ func gatewayInterestedConfigChanged(msg events.PubSubMessage) *gatewayUpdateEven prevSpec := prevMeshConfig.Spec newSpec := newMeshConfig.Spec - if prevSpec.GatewayAPI.LogLevel != newSpec.GatewayAPI.LogLevel || - prevSpec.FeatureFlags.EnableGatewayAgentService != newSpec.FeatureFlags.EnableGatewayAgentService { + if prevSpec.GatewayAPI.FGWLogLevel != newSpec.GatewayAPI.FGWLogLevel || + prevSpec.FeatureFlags.EnableGatewayAgentService != newSpec.FeatureFlags.EnableGatewayAgentService || + prevSpec.GatewayAPI.StripAnyHostPort != newSpec.GatewayAPI.StripAnyHostPort || + prevSpec.GatewayAPI.SSLPassthroughUpstreamPort != newSpec.GatewayAPI.SSLPassthroughUpstreamPort || + prevSpec.GatewayAPI.HTTP1PerRequestLoadBalancing != newSpec.GatewayAPI.HTTP1PerRequestLoadBalancing || + prevSpec.GatewayAPI.HTTP2PerRequestLoadBalancing != newSpec.GatewayAPI.HTTP2PerRequestLoadBalancing { return &gatewayUpdateEvent{ msg: msg, topic: announcements.GatewayUpdate.String(),