-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
health_check: add Cached custom health checker #24742
Closed
Closed
Changes from all commits
Commits
Show all changes
21 commits
Select commit
Hold shift + click to select a range
3c42bb6
health_check: add Cached custom health checker
8c458c8
Apply ci format fixes
d20c719
Add code owner for cached health check extension
54a2a31
Don't throw exceptions in header file
ece38c9
Apply proto format fix
bd56ad5
Add label to docs
43905b0
Switch from std::mutex to Thread::MutexBasicLockable
0ce3280
Add capath to spelling dictionary
5e1e280
Merge branch 'main' into cached
5447df5
Add an extra code owner for cached health checker extension
9549a73
Add a maintainer owner to cached health checker extension
c7881ae
Remove unused import
6ae17a8
Fix release date for hiredis
973d8f9
Remove extra @ in codeowners
4976ecf
Try to fix windows build
69db315
Add fPIC compiler flags for hiredis
b392e1f
Define strncasecmp for windows
1a33eb8
Remove endif comments
746a9e2
Disable build of shared hiredis libraries
badad5f
Update hiredis patch for windows
83b8b1a
Link to the static hiredis libs on windows
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
Validating CODEOWNERS rules …
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -32,6 +32,7 @@ enum HealthCheckerType { | |
GRPC = 2; | ||
REDIS = 3; | ||
THRIFT = 4; | ||
CACHED = 5; | ||
} | ||
|
||
// [#next-free-field: 10] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. | ||
|
||
load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") | ||
|
||
licenses(["notice"]) # Apache 2 | ||
|
||
api_proto_package( | ||
deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], | ||
) |
73 changes: 73 additions & 0 deletions
73
api/envoy/extensions/health_checkers/cached/v3/cached.proto
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
syntax = "proto3"; | ||
|
||
package envoy.extensions.health_checkers.cached.v3; | ||
|
||
import "google/protobuf/duration.proto"; | ||
|
||
import "udpa/annotations/status.proto"; | ||
import "validate/validate.proto"; | ||
|
||
option java_package = "io.envoyproxy.envoy.extensions.health_checkers.cached.v3"; | ||
option java_outer_classname = "CachedProto"; | ||
option java_multiple_files = true; | ||
option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/health_checkers/cached/v3;cachedv3"; | ||
option (udpa.annotations.file_status).package_version_status = ACTIVE; | ||
|
||
// [#protodoc-title: Cached] | ||
// Cached health checker :ref:`configuration overview <config_health_checkers_cached>`. | ||
// [#extension: envoy.health_checkers.cached] | ||
|
||
// [#next-free-field: 9] | ||
message Cached { | ||
// [#next-free-field: 7] | ||
message TlsOptions { | ||
// whether tls is enabled for the cache server. | ||
bool enabled = 1; | ||
|
||
// cacert is an optional name of a CA certificate/bundle file to load | ||
// and use for validation of the cache server. | ||
string cacert = 2; | ||
|
||
// capath is an optional directory path where trusted CA certificate files are | ||
// stored in an OpenSSL-compatible structure. | ||
string capath = 3; | ||
|
||
// cert and key are optional names of a client side | ||
// certificate and private key files to use for authentication. They need to | ||
// be both specified or omitted. | ||
string cert = 4; | ||
|
||
// cert and key are optional names of a client side | ||
// certificate and private key files to use for authentication. They need to | ||
// be both specified or omitted. | ||
string key = 5; | ||
|
||
// sni is an optional and will be used as a server name indication | ||
// (SNI) TLS extension. | ||
string sni = 6; | ||
} | ||
|
||
// hostname of the cache server. | ||
string host = 1; | ||
|
||
// port number of the cache server. | ||
uint32 port = 2 [(validate.rules).uint32 = {lte: 65535}]; | ||
|
||
// username used to authenticate with the cache server. | ||
string user = 3; | ||
|
||
// password used to authenticate with the cache server. | ||
string password = 4; | ||
|
||
// database number of the cache server. | ||
uint32 db = 5 [(validate.rules).uint32 = {lt: 2147483647}]; | ||
|
||
// connect timeout of the cache server. | ||
google.protobuf.Duration connect_timeout = 6; | ||
|
||
// command timeout of the cache server. | ||
google.protobuf.Duration command_timeout = 7; | ||
|
||
// tls options of the cache server. | ||
TlsOptions tls_options = 8; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
diff --git a/CMakeLists.txt b/CMakeLists.txt | ||
index 3d52d0c..e03b5d4 100644 | ||
--- a/CMakeLists.txt | ||
+++ b/CMakeLists.txt | ||
@@ -44,9 +44,7 @@ IF(WIN32) | ||
ADD_DEFINITIONS(-D_CRT_SECURE_NO_WARNINGS -DWIN32_LEAN_AND_MEAN) | ||
ENDIF() | ||
|
||
-ADD_LIBRARY(hiredis SHARED ${hiredis_sources}) | ||
ADD_LIBRARY(hiredis_static STATIC ${hiredis_sources}) | ||
-ADD_LIBRARY(hiredis::hiredis ALIAS hiredis) | ||
ADD_LIBRARY(hiredis::hiredis_static ALIAS hiredis_static) | ||
|
||
IF(NOT MSVC) | ||
@@ -54,25 +52,18 @@ IF(NOT MSVC) | ||
PROPERTIES OUTPUT_NAME hiredis) | ||
ENDIF() | ||
|
||
-SET_TARGET_PROPERTIES(hiredis | ||
- PROPERTIES WINDOWS_EXPORT_ALL_SYMBOLS TRUE | ||
- VERSION "${HIREDIS_SONAME}") | ||
IF(MSVC) | ||
SET_TARGET_PROPERTIES(hiredis_static | ||
PROPERTIES COMPILE_FLAGS /Z7) | ||
ENDIF() | ||
IF(WIN32 OR MINGW) | ||
- TARGET_LINK_LIBRARIES(hiredis PUBLIC ws2_32 crypt32) | ||
TARGET_LINK_LIBRARIES(hiredis_static PUBLIC ws2_32 crypt32) | ||
ELSEIF(CMAKE_SYSTEM_NAME MATCHES "FreeBSD") | ||
- TARGET_LINK_LIBRARIES(hiredis PUBLIC m) | ||
TARGET_LINK_LIBRARIES(hiredis_static PUBLIC m) | ||
ELSEIF(CMAKE_SYSTEM_NAME MATCHES "SunOS") | ||
- TARGET_LINK_LIBRARIES(hiredis PUBLIC socket) | ||
TARGET_LINK_LIBRARIES(hiredis_static PUBLIC socket) | ||
ENDIF() | ||
|
||
-TARGET_INCLUDE_DIRECTORIES(hiredis PUBLIC $<INSTALL_INTERFACE:include> $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>) | ||
TARGET_INCLUDE_DIRECTORIES(hiredis_static PUBLIC $<INSTALL_INTERFACE:include> $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>) | ||
|
||
CONFIGURE_FILE(hiredis.pc.in hiredis.pc @ONLY) | ||
@@ -103,7 +94,7 @@ set(CPACK_RPM_PACKAGE_AUTOREQPROV ON) | ||
|
||
include(CPack) | ||
|
||
-INSTALL(TARGETS hiredis hiredis_static | ||
+INSTALL(TARGETS hiredis_static | ||
EXPORT hiredis-targets | ||
RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} | ||
LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} | ||
@@ -161,8 +152,6 @@ IF(ENABLE_SSL) | ||
FIND_PACKAGE(OpenSSL REQUIRED) | ||
SET(hiredis_ssl_sources | ||
ssl.c) | ||
- ADD_LIBRARY(hiredis_ssl SHARED | ||
- ${hiredis_ssl_sources}) | ||
ADD_LIBRARY(hiredis_ssl_static STATIC | ||
${hiredis_ssl_sources}) | ||
IF(NOT MSVC) | ||
@@ -174,26 +163,19 @@ IF(ENABLE_SSL) | ||
SET_PROPERTY(TARGET hiredis_ssl PROPERTY LINK_FLAGS "-Wl,-undefined -Wl,dynamic_lookup") | ||
ENDIF() | ||
|
||
- SET_TARGET_PROPERTIES(hiredis_ssl | ||
- PROPERTIES | ||
- WINDOWS_EXPORT_ALL_SYMBOLS TRUE | ||
- VERSION "${HIREDIS_SONAME}") | ||
IF(MSVC) | ||
SET_TARGET_PROPERTIES(hiredis_ssl_static | ||
PROPERTIES COMPILE_FLAGS /Z7) | ||
ENDIF() | ||
|
||
- TARGET_INCLUDE_DIRECTORIES(hiredis_ssl PRIVATE "${OPENSSL_INCLUDE_DIR}") | ||
TARGET_INCLUDE_DIRECTORIES(hiredis_ssl_static PRIVATE "${OPENSSL_INCLUDE_DIR}") | ||
|
||
- TARGET_LINK_LIBRARIES(hiredis_ssl PRIVATE ${OPENSSL_LIBRARIES}) | ||
IF (WIN32 OR MINGW) | ||
- TARGET_LINK_LIBRARIES(hiredis_ssl PRIVATE hiredis) | ||
TARGET_LINK_LIBRARIES(hiredis_ssl_static PUBLIC hiredis_static) | ||
ENDIF() | ||
CONFIGURE_FILE(hiredis_ssl.pc.in hiredis_ssl.pc @ONLY) | ||
|
||
- INSTALL(TARGETS hiredis_ssl hiredis_ssl_static | ||
+ INSTALL(TARGETS hiredis_ssl_static | ||
EXPORT hiredis_ssl-targets | ||
RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} | ||
LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} | ||
diff --git a/ssl.c b/ssl.c | ||
index 7d7ff66..491ce5a 100644 | ||
--- a/ssl.c | ||
+++ b/ssl.c | ||
@@ -40,6 +40,12 @@ | ||
#ifdef _WIN32 | ||
#include <windows.h> | ||
#include <wincrypt.h> | ||
+#undef X509_NAME | ||
+#undef X509_EXTENSIONS | ||
+#undef PKCS7_ISSUER_AND_SERIAL | ||
+#undef PKCS7_SIGNER_INFO | ||
+#undef OCSP_REQUEST | ||
+#undef OCSP_RESPONSE | ||
#else | ||
#include <pthread.h> | ||
#endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
31 changes: 31 additions & 0 deletions
31
docs/root/configuration/upstream/health_checkers/cached.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
.. _config_health_checkers_cached: | ||
|
||
Cached Health Checker | ||
===================== | ||
|
||
The Cached Health Checker (with :code:`envoy.health_checkers.cached` as name) subscribe to a redis cache for upstream host health check notification. | ||
Once the health check result is set in the redis cache by a third party checker, a keyspace set event is recevied from the redis cache, then it get | ||
the health check result and store it in a in memory cache. | ||
|
||
|
||
An example for :ref:`custom_health_check <envoy_v3_api_msg_config.core.v3.HealthCheck.CustomHealthCheck>` | ||
using the Cached health checker is shown below: | ||
|
||
|
||
.. code-block:: yaml | ||
|
||
custom_health_check: | ||
name: envoy.health_checkers.cached | ||
typed_config: | ||
"@type": type.googleapis.com/envoy.extensions.health_checkers.cached.v3.Cached | ||
host: localhost | ||
port: 6400 | ||
password: foobared | ||
db: 100 | ||
tls_options: | ||
enabled: true | ||
cacert: /etc/redis/ca.crt | ||
cert: /etc/redis/client.crt | ||
key: /etc/redis/client.key | ||
|
||
* :ref:`v3 API reference <envoy_v3_api_msg_config.core.v3.HealthCheck.CustomHealthCheck>` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,5 +6,6 @@ Health checkers | |
.. toctree:: | ||
:maxdepth: 2 | ||
|
||
cached | ||
redis | ||
thrift |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can/should the cached server be an upstream cluster?
This should take care of all the connection parameters.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, this parameters are for a cache server
The purpose is to avoid query upstream cluster and just use the cache
https://github.com/envoyproxy/envoy/blob/badad5f2aadde7523be4e422146ff10a099055db/source/extensions/health_checkers/cached/hiredis.cc