Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feature: support proxy https request from cloud to edge through yurt-tunnel #442

Merged

Conversation

rambohe-ch
Copy link
Member

What type of PR is this?

Uncomment only one /kind <> line, hit enter to put that in a new line, and remove leading whitespace from that line:
/kind bug
/kind documentation
/kind enhancement
/kind good-first-issue
/kind feature
/kind question
/kind design
/sig ai
/sig iot
/sig network
/sig storage
/sig storage

/kind feature

What this PR does / why we need it:

  1. Yurt-tunnel can proxy https request from cloud to edge nodes, so components(like prometheus) on the cloud nodes can access the https service(like node-exporter) on the edge node through yurt-tunnel.
  2. Beside of 10250 and 10255 Ports, In order to support more tcp ports of https and http service on edge nodes. use can configure the yurt-tunnel-server-cfg configmap, and add specified tcp ports in https-proxy-ports and http-proxy-port field of configmap.
  3. for example, prometheus on cloud node likes to collect metrics at endpoint https://{nodeIP}:9051 and http://{ndoeIP}:9052 on edge nodes, you need to configure as following:
http-proxy-ports: "9052"
https-proxy-ports: "9051"

Which issue(s) this PR fixes:

Fixes #414

Special notes for your reviewer:

Does this PR introduce a user-facing change?


other Note

@openyurt-bot
Copy link
Collaborator

@rambohe-ch: GitHub didn't allow me to assign the following users: your_reviewer.

Note that only openyurtio members, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time.
For more information please see the contributor guide

In response to this:

What type of PR is this?

Uncomment only one /kind <> line, hit enter to put that in a new line, and remove leading whitespace from that line:
/kind bug
/kind documentation
/kind enhancement
/kind good-first-issue
/kind feature
/kind question
/kind design
/sig ai
/sig iot
/sig network
/sig storage
/sig storage

/kind feature

What this PR does / why we need it:

  1. Yurt-tunnel can proxy https request from cloud to edge nodes, so components(like prometheus) on the cloud nodes can access the https service(like node-exporter) on the edge node through yurt-tunnel.
  2. Beside of 10250 and 10255 Ports, In order to support more tcp ports of https and http service on edge nodes. use can configure the yurt-tunnel-server-cfg configmap, and add specified tcp ports in https-proxy-ports and http-proxy-port field of configmap.
  3. for example, prometheus on cloud node likes to collect metrics at endpoint https://{nodeIP}:9051 and http://{ndoeIP}:9052 on edge nodes, you need to configure as following:
http-proxy-ports: "9052"
https-proxy-ports: "9051"

Which issue(s) this PR fixes:

Fixes #414

Special notes for your reviewer:

Does this PR introduce a user-facing change?


other Note

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openyurt-bot openyurt-bot added the kind/feature kind/feature label Aug 31, 2021
@openyurt-bot openyurt-bot requested review from Fei-Guo and kadisi August 31, 2021 10:32
@openyurt-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rambohe-ch

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openyurt-bot openyurt-bot added approved approved size/XL size/XL: 500-999 labels Aug 31, 2021
@rambohe-ch
Copy link
Member Author

/assign @Fei-Guo @SataQiu

}

// field dnat-ports-pair will be deprecated in future version
pairStr, ok := cm.Data[yurttunnelServerDnatDataKey]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems that you can dedup the code 102-115 with 119-134 by introducing at local function.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Fei-Guo It's a good idea, fixed it.

@@ -129,6 +129,8 @@ metadata:
name: __project_prefix__-tunnel-server-cfg
namespace: kube-system
data:
http-proxy-ports: ""
https-proxy-ports: ""
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about using an array rather than a comma-separated string?

Copy link
Member Author

@rambohe-ch rambohe-ch Sep 7, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DrmagicE
I think comma-separated string is more simpler than array string for user to edit fields in configmap resource. because array string like the following setting:

http-proxy-ports: '["aaa", "aaa", "aaa"]'
https-proxy-ports: '["bbb", "bbb", "bbb"]'

so how about keep this comma-separated string design?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, it is reasonable.

@rambohe-ch rambohe-ch force-pushed the tunnel-support-proxy-https branch from 8643d21 to c097f60 Compare September 7, 2021 10:12
@Fei-Guo
Copy link
Member

Fei-Guo commented Sep 7, 2021

Please add the copyright headers for all the files that miss it in this change. Otherwise, LGTM.

@rambohe-ch rambohe-ch force-pushed the tunnel-support-proxy-https branch from c097f60 to c252e44 Compare September 8, 2021 06:18
@rambohe-ch
Copy link
Member Author

rambohe-ch commented Sep 8, 2021

Please add the copyright headers for all the files that miss it in this change. Otherwise, LGTM.

@Fei-Guo ok, copyright headers are added.

Copy link
Member

@SataQiu SataQiu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openyurt-bot openyurt-bot added the lgtm lgtm label Sep 8, 2021
@openyurt-bot openyurt-bot merged commit e79ed77 into openyurtio:master Sep 8, 2021
MrGirl pushed a commit to MrGirl/openyurt that referenced this pull request Mar 29, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved approved kind/feature kind/feature lgtm lgtm size/XL size/XL: 500-999
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[yurt tunnel]support proxy https request from cloud to edge through yurt-tunnel
5 participants