-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
POC: HTTP reverse proxy cache #3610
Changes from 74 commits
ec47483
b44d9af
99c3723
6fbecb3
ccced29
3dbbd5d
2353348
4b1f3c6
c359c19
ec7d36a
2ea5d0c
ece1c18
c809117
07962c4
617b7e9
79e312c
9d2f865
0653aab
f230aee
285115d
a0bc285
05262ca
d79ffa0
3e68564
c762edf
da7e085
9737750
cee4832
3bc83d2
4a36fc2
8b48975
7bd9bcb
afe1a6d
1195ebd
1710525
b3b6dc3
60ce02f
60cc980
eb3210b
2a63d18
a806c73
4fa3b28
64c651c
417441d
562041d
8c4aaca
9921354
7703e00
b68c6ba
b76ae5b
c13290a
ed26dc7
5745469
5192278
ac67488
aa6401a
4419f41
de2c216
547bb02
27f9450
ec122df
d846b19
7be7027
1152865
ff3d262
04c764e
d4d1a25
1aaab39
75ad228
4d8c949
9ada6e8
3e38717
4ace13c
eb4d98c
288220d
3a8b16b
df27b33
a532c21
ae74c7b
ad6cabc
a05fdec
c04ebb7
e851ff4
73b4d1e
a3318ab
7353997
d7212f3
459f198
8e146b3
6805865
51788fd
3f604db
fd99973
dd199d7
5c82d0c
81509a7
f0c9260
fac40ca
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
ARG VERSION=7.5.0 | ||
|
||
FROM varnish:${VERSION} | ||
|
||
USER root | ||
|
||
RUN set -e; \ | ||
apt-get update; \ | ||
apt-get -y install prometheus-varnish-exporter; | ||
|
||
RUN rm -rf /var/lib/apt/lists/*; | ||
|
||
USER varnish |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
../../../api/docker/varnish/vcl |
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The varnish deployment setup is mostly copied from https://github.com/softonic/varnish-chart/blob/master/templates/deployment.yaml However, I made some simplifications. And there were some missing things, that prevented me, from directly using their chart. |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,116 @@ | ||
{{- if .Values.apiCache.enabled }} | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: {{ include "apiCache.name" . }} | ||
labels: | ||
{{- include "apiCache.selectorLabels" . | nindent 4 }} | ||
{{- include "app.commonLabels" . | nindent 4 }} | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
{{- include "apiCache.selectorLabels" . | nindent 6 }} | ||
template: | ||
metadata: | ||
labels: | ||
{{- include "apiCache.selectorLabels" . | nindent 8 }} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. you could add an annotation with the shasum of the confimap. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Fixed with 5192278 Probably this line is obsolete, because I also included There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Maybe you only change the config after some problem and then redeploy with the same image tag. |
||
annotations: | ||
checksum/vclConfigmap: {{ include (print $.Template.BasePath "/api_cache_vcl_configmap.yaml") . | sha256sum }} | ||
rollme: {{ .Values.imageTag | quote }} | ||
spec: | ||
{{- with .Values.imagePullSecrets }} | ||
imagePullSecrets: | ||
{{- toYaml . | nindent 8 }} | ||
{{- end }} | ||
serviceAccountName: {{ include "app.serviceAccountName" . }} | ||
securityContext: | ||
{{- toYaml .Values.podSecurityContext | nindent 8 }} | ||
enableServiceLinks: false | ||
containers: | ||
- name: {{ .Chart.Name }}-api-cache-varnishd | ||
securityContext: | ||
{{- toYaml .Values.securityContext | nindent 12 }} | ||
image: "{{ .Values.apiCache.image.repository }}:{{ .Values.apiCache.image.tag | default .Values.imageTag }}" | ||
imagePullPolicy: {{ .Values.apiCache.image.pullPolicy }} | ||
ports: | ||
- name: http | ||
containerPort: {{ .Values.apiCache.varnishHttpPort }} | ||
protocol: TCP | ||
- name: purge | ||
containerPort: {{ .Values.apiCache.varnishPurgePort }} | ||
protocol: TCP | ||
env: | ||
- name: VARNISH_SIZE | ||
value: "{{ .Values.apiCache.varnishSize }}" | ||
- name: VARNISH_HTTP_PORT | ||
value: "{{ .Values.apiCache.varnishHttpPort }}" | ||
- name: COOKIE_PREFIX | ||
value: {{ include "api.cookiePrefix" . | quote }} | ||
args: | ||
- -a | ||
- {{ printf ":%d,HTTP" (.Values.apiCache.varnishPurgePort | int) }} | ||
- -p | ||
- http_max_hdr=96 | ||
resources: | ||
{{- toYaml .Values.apiCache.resources | nindent 12 }} | ||
volumeMounts: | ||
- name: vcl-configmap | ||
mountPath: /etc/varnish | ||
- name: vsm | ||
mountPath: /var/lib/varnish | ||
{{- if .Values.apiCache.logging.enabled }} | ||
- name: {{ .Chart.Name }}-api-cache-varnishncsa | ||
securityContext: | ||
{{- toYaml .Values.securityContext | nindent 12 }} | ||
image: "{{ .Values.apiCache.image.repository }}:{{ .Values.apiCache.image.tag | default .Values.imageTag }}" | ||
imagePullPolicy: {{ .Values.apiCache.image.pullPolicy }} | ||
command: | ||
- varnishncsa | ||
- -b | ||
- -c | ||
{{- if .Values.apiCache.logging.customOutputJsonFormat }} | ||
- -j | ||
{{- end }} | ||
{{- if .Values.apiCache.logging.customOutput }} | ||
- -F | ||
- {{ .Values.apiCache.logging.customOutput | squote }} | ||
{{- end }} | ||
- -t | ||
- {{ .Values.apiCache.logging.timeout | quote }} | ||
resources: | ||
{{- toYaml .Values.apiCache.logging.resources | nindent 12 }} | ||
volumeMounts: | ||
- name: vsm | ||
mountPath: /var/lib/varnish | ||
{{- end }} | ||
{{- if .Values.apiCache.prometheus.enabled }} | ||
carlobeltrame marked this conversation as resolved.
Show resolved
Hide resolved
|
||
- name: {{ .Chart.Name }}-api-cache-prometheus-exporter | ||
securityContext: | ||
{{- toYaml .Values.securityContext | nindent 12 }} | ||
image: "{{ .Values.apiCache.image.repository }}:{{ .Values.apiCache.image.tag | default .Values.imageTag }}" | ||
imagePullPolicy: {{ .Values.apiCache.image.pullPolicy }} | ||
ports: | ||
- name: metrics | ||
containerPort: {{ .Values.apiCache.prometheus.port }} | ||
protocol: TCP | ||
resources: | ||
{{- toYaml .Values.apiCache.prometheus.resources | nindent 12 }} | ||
command: | ||
- prometheus-varnish-exporter | ||
- -web.telemetry-path | ||
- "{{ .Values.apiCache.prometheus.path }}" | ||
- -web.listen-address | ||
- ":{{ .Values.apiCache.prometheus.port }}" | ||
volumeMounts: | ||
- name: vsm | ||
mountPath: /var/lib/varnish | ||
{{- end }} | ||
volumes: | ||
- name: vcl-configmap | ||
configMap: | ||
name: {{ include "apiCache.name" . }}-vcl-configmap | ||
- name: vsm | ||
emptyDir: | ||
medium: Memory | ||
{{- end }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
{{- if .Values.apiCache.enabled }} | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: {{ include "apiCache.name" . }} | ||
labels: | ||
{{- include "apiCache.selectorLabels" . | nindent 4 }} | ||
{{- include "app.commonLabels" . | nindent 4 }} | ||
spec: | ||
type: {{ .Values.apiCache.service.type }} | ||
ports: | ||
- port: {{ .Values.apiCache.service.ports.http }} | ||
targetPort: http | ||
protocol: TCP | ||
name: http | ||
- port: {{ .Values.apiCache.service.ports.purge }} | ||
targetPort: purge | ||
protocol: TCP | ||
name: purge | ||
- port: {{ .Values.apiCache.prometheus.port }} | ||
targetPort: metrics | ||
protocol: TCP | ||
name: metrics | ||
selector: | ||
{{- include "apiCache.selectorLabels" . | nindent 4 }} | ||
{{- end }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
{{- if .Values.apiCache.enabled }} | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: {{ include "apiCache.name" . }}-vcl-configmap | ||
labels: | ||
{{- include "apiCache.selectorLabels" . | nindent 4 }} | ||
{{- include "app.commonLabels" . | nindent 4 }} | ||
data: | ||
# includes all files except the ones starting with _ | ||
{{ (.Files.Glob "files/vcl/[!_]*").AsConfig | indent 2 }} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think this also excludes any hidden files (files starting with a period |
||
# override backend config | ||
_config.vcl: |- | ||
backend default { | ||
.host = "{{ include "api.name" .}}"; | ||
.port = "{{ .Values.api.service.port }}"; | ||
} | ||
{{- end }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -12,6 +12,7 @@ metadata: | |
{{- end }} | ||
{{- include "ingress.basicAuth.annotations" . | nindent 4 }} | ||
{{- if not (.Values.print.ingress.readTimeoutSeconds | empty) }} | ||
nginx.ingress.kubernetes.io/use-regex: "true" | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Why do we need this? |
||
nginx.ingress.kubernetes.io/proxy-read-timeout: {{ .Values.print.ingress.readTimeoutSeconds | quote }} | ||
{{- end }} | ||
spec: | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mostly copied from https://github.com/softonic/varnish/blob/master/Dockerfile
As an alternative, we could also set this up as an independent package outside of this repository (e.g. ecamp/varnish) and regularly build/deploy on docker hub. Both is ok for me.