Skip to content

Commit

Permalink
Merge branch 'main' into fix-issue-1457
Browse files Browse the repository at this point in the history
  • Loading branch information
wind57 committed Apr 8, 2024
2 parents f53ff16 + 5784dfa commit 180a98f
Show file tree
Hide file tree
Showing 12 changed files with 340 additions and 545 deletions.
3 changes: 2 additions & 1 deletion docs/antora-playbook.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
antora:
extensions:
- '@springio/antora-extensions/partial-build-extension'
# atlas-extension must be before latest-version-extension so latest versions are applied to imported versions
- '@antora/atlas-extension'
- require: '@springio/antora-extensions/latest-version-extension'
- require: '@springio/antora-extensions/inject-collector-cache-config-extension'
- '@antora/collector-extension'
- '@antora/atlas-extension'
- require: '@springio/antora-extensions/root-component-extension'
root_component_name: 'cloud-kubernetes'
- '@springio/antora-extensions/static-page-extension'
Expand Down
65 changes: 60 additions & 5 deletions docs/modules/ROOT/pages/load-balancer.adoc
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[[loadbalancer-for-kubernetes]]
= LoadBalancer for Kubernetes

This project includes Spring Cloud Load Balancer for load balancing based on Kubernetes Endpoints and provides implementation of load balancer based on Kubernetes Service.
This project includes Spring Cloud Load Balancer for load balancing based on either Kubernetes Endpoints or Kubernetes Service.
To include it to your project add the following dependency.
Fabric8 Implementation
[source,xml]
Expand All @@ -21,16 +21,71 @@ Kubernetes Java Client Implementation
</dependency>
----

To enable load balancing based on Kubernetes Service name use the following property. Then load balancer would try to call application using address, for example `service-a.default.svc.cluster.local`
There are two "modes" in which load balancer works: `POD` and `SERVICE`, denoted by the property (default being `POD`)

[source]
----
spring.cloud.kubernetes.loadbalancer.mode=SERVICE
----

To enabled load balancing across all namespaces use the following property. Property from `spring-cloud-kubernetes-discovery` module is respected.
or

[source]
----
spring.cloud.kubernetes.loadbalancer.mode=POD
----

In `POD` mode, we will use the `DiscoveryClient` to find all services that match your load balancer name. For example, if you have a configuration like this:

[source]
----
@Bean
@LoadBalanced
WebClient.Builder client() {
return WebClient.builder();
}
----

and issue a request to `http://service-a` using that `WebClient`, we will use `service-a` to call `DiscoveryClient::getInstances` with this value. Since this is using `DiscoveryClient`, all the configuration specific to it apply, which are explained in the relevant part of the documentation.

On the other hand, if you use `SERVICE` mode, things are a bit different, but closely resemble discovery client settings. For example, to answer the question in which namespace(s) to look for service(s) with name `service-a`, we will use one of the settings:

[source]
----
spring.cloud.kubernetes.discovery.all-namespaces=true
spring.cloud.kubernetes.discovery.all-namespaces
spring.cloud.kubernetes.discovery.namespaces
----

If a service needs to be accessed over HTTPS you need to add a label or annotation to your service definition with the name `secured` and the value `true` and the load balancer will then use HTTPS to make requests to the service.
to either search in all-namespaces, or the so-called "selective namespaces". If none of the above are specified, xref:property-source-config.adoc#namespace-resolution[Namespace Resolution] kicks in.

Once we find all the services, we need to know what port to call them by. If the service in question has a single port defined, that is what we will use, no matter of its name. If there are no ports defined, this service will not be considered for load balancing and will be skipped.

If there are more then one ports defined, we will try to match its name to the value of the property (`http` by default):

[source]
----
spring.cloud.kubernetes.loadbalancer.portName
----

In case such a match is found, that port number will be used. Otherwise, the "first" port from the list will be used. This last option is non-deterministic and care must be taken.

Once we know the port, we know how to call that service. The URL will have the form:

[source]
----
service-a.<SERVICE_NAMESPACE>.svc.<DOMAIN>:<FOUND_PORT>
----


`<SERVICE_NAMESPACE>` is the namespace where the service resides, `DOMAIN` is the value of the property (by default it is equal to `cluster.local`):

[source]
----
spring.cloud.kubernetes.loadbalancer.clusterDomain
----

and `<FOUND_PORT>` is the port of the service that we have chosen described in the process above.

If a service needs to be accessed over HTTPS, you need to explicitly configure that. The rules for that are exactly the same as for the discovery implementation and can be found in the relevant part of the documentation regarding discovery-client.


Original file line number Diff line number Diff line change
Expand Up @@ -16,79 +16,127 @@

package org.springframework.cloud.kubernetes.client.loadbalancer;

import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;

import io.kubernetes.client.openapi.models.V1ObjectMeta;
import io.kubernetes.client.openapi.models.V1Service;
import io.kubernetes.client.openapi.models.V1ServicePort;
import io.kubernetes.client.openapi.models.V1ServiceSpec;
import org.apache.commons.logging.LogFactory;

import org.springframework.cloud.kubernetes.commons.discovery.DefaultKubernetesServiceInstance;
import org.springframework.cloud.kubernetes.commons.discovery.DiscoveryClientUtils;
import org.springframework.cloud.kubernetes.commons.discovery.KubernetesDiscoveryProperties;
import org.springframework.cloud.kubernetes.commons.discovery.KubernetesServiceInstance;
import org.springframework.cloud.kubernetes.commons.discovery.ServiceMetadata;
import org.springframework.cloud.kubernetes.commons.discovery.ServicePortNameAndNumber;
import org.springframework.cloud.kubernetes.commons.discovery.ServicePortSecureResolver;
import org.springframework.cloud.kubernetes.commons.loadbalancer.KubernetesLoadBalancerProperties;
import org.springframework.cloud.kubernetes.commons.loadbalancer.KubernetesServiceInstanceMapper;
import org.springframework.core.log.LogAccessor;
import org.springframework.util.StringUtils;

import static java.util.Optional.ofNullable;
import static org.springframework.cloud.kubernetes.commons.discovery.KubernetesDiscoveryConstants.NON_DETERMINISTIC_PORT_MESSAGE;
import static org.springframework.cloud.kubernetes.commons.discovery.KubernetesDiscoveryConstants.PORT_NAME_PROPERTY;
import static org.springframework.cloud.kubernetes.commons.discovery.ServicePortSecureResolver.Input;

/**
* @author Ryan Baxter
*/
public class KubernetesClientServiceInstanceMapper implements KubernetesServiceInstanceMapper<V1Service> {

private KubernetesLoadBalancerProperties properties;
private static final LogAccessor LOG = new LogAccessor(
LogFactory.getLog(KubernetesClientServiceInstanceMapper.class));

/**
* empty on purpose, load balancer implementation does not need them.
*/
private static final Map<String, Integer> PORTS_DATA = Map.of();

private final KubernetesLoadBalancerProperties properties;

private KubernetesDiscoveryProperties discoveryProperties;
private final KubernetesDiscoveryProperties discoveryProperties;

private final ServicePortSecureResolver resolver;

public KubernetesClientServiceInstanceMapper(KubernetesLoadBalancerProperties properties,
KubernetesDiscoveryProperties discoveryProperties) {
this.properties = properties;
this.discoveryProperties = discoveryProperties;
resolver = new ServicePortSecureResolver(discoveryProperties);
}

@Override
public KubernetesServiceInstance map(V1Service service) {
final V1ObjectMeta meta = service.getMetadata();
V1ObjectMeta metadata = service.getMetadata();

List<V1ServicePort> ports = ofNullable(service.getSpec()).map(V1ServiceSpec::getPorts).orElse(List.of());
V1ServicePort port;

if (ports.isEmpty()) {
LOG.warn(() -> "service : " + metadata.getName() + " does not have any ServicePort(s),"
+ " will not consider it for load balancing");
return null;
}

final List<V1ServicePort> ports = service.getSpec().getPorts();
V1ServicePort port = null;
if (ports.size() == 1) {
LOG.debug(() -> "single ServicePort found, will use it as-is " + "(without checking " + PORT_NAME_PROPERTY
+ ")");
port = ports.get(0);
}
else if (ports.size() > 1 && StringUtils.hasText(this.properties.getPortName())) {
Optional<V1ServicePort> optPort = ports.stream()
.filter(it -> properties.getPortName().endsWith(it.getName())).findAny();
if (optPort.isPresent()) {
port = optPort.get();
else {
String portNameFromProperties = properties.getPortName();
if (StringUtils.hasText(portNameFromProperties)) {
Optional<V1ServicePort> optionalPort = ports.stream()
.filter(x -> Objects.equals(x.getName(), portNameFromProperties)).findAny();
if (optionalPort.isPresent()) {
LOG.debug(() -> "found port name that matches : " + portNameFromProperties);
port = optionalPort.get();
}
else {
logWarning(portNameFromProperties);
port = ports.get(0);
}
}
else {
LOG.warn(() -> PORT_NAME_PROPERTY + " is not set");
LOG.warn(() -> NON_DETERMINISTIC_PORT_MESSAGE);
port = ports.get(0);
}
}
if (port == null) {
return null;
}
final String host = KubernetesServiceInstanceMapper.createHost(service.getMetadata().getName(),

String host = KubernetesServiceInstanceMapper.createHost(service.getMetadata().getName(),
service.getMetadata().getNamespace(), properties.getClusterDomain());
final boolean secure = KubernetesServiceInstanceMapper.isSecure(service.getMetadata().getLabels(),
service.getMetadata().getAnnotations(), port.getName(), port.getPort());
return new DefaultKubernetesServiceInstance(meta.getUid(), meta.getName(), host, port.getPort(),
getServiceMetadata(service), secure);

boolean secure = secure(port, service);

return new DefaultKubernetesServiceInstance(metadata.getUid(), metadata.getName(), host, port.getPort(),
serviceMetadata(service), secure);
}

private Map<String, String> getServiceMetadata(V1Service service) {
final Map<String, String> serviceMetadata = new HashMap<>();
KubernetesDiscoveryProperties.Metadata metadataProps = this.discoveryProperties.metadata();
if (metadataProps.addLabels()) {
Map<String, String> labelMetadata = KubernetesServiceInstanceMapper
.getMapWithPrefixedKeys(service.getMetadata().getLabels(), metadataProps.labelsPrefix());
serviceMetadata.putAll(labelMetadata);
}
if (metadataProps.addAnnotations()) {
Map<String, String> annotationMetadata = KubernetesServiceInstanceMapper
.getMapWithPrefixedKeys(service.getMetadata().getAnnotations(), metadataProps.annotationsPrefix());
serviceMetadata.putAll(annotationMetadata);
}
private Map<String, String> serviceMetadata(V1Service service) {
V1ObjectMeta metadata = service.getMetadata();
V1ServiceSpec serviceSpec = service.getSpec();
ServiceMetadata serviceMetadata = new ServiceMetadata(metadata.getName(), metadata.getNamespace(),
serviceSpec.getType(), metadata.getLabels(), metadata.getAnnotations());

return DiscoveryClientUtils.serviceInstanceMetadata(PORTS_DATA, serviceMetadata, discoveryProperties);
}

private boolean secure(V1ServicePort port, V1Service service) {
V1ObjectMeta metadata = service.getMetadata();
ServicePortNameAndNumber portNameAndNumber = new ServicePortNameAndNumber(port.getPort(), port.getName());
Input input = new Input(portNameAndNumber, metadata.getName(), metadata.getLabels(), metadata.getAnnotations());
return resolver.resolve(input);
}

return serviceMetadata;
private void logWarning(String portNameFromProperties) {
LOG.warn(() -> "Did not find a port name that is equal to the value " + portNameFromProperties);
LOG.warn(() -> NON_DETERMINISTIC_PORT_MESSAGE);
}

}

This file was deleted.

Loading

0 comments on commit 180a98f

Please sign in to comment.