Skip to content

Commit

Permalink
closing off the admin interface
Browse files Browse the repository at this point in the history
  • Loading branch information
@driev
driev committed Sep 25, 2024
1 parent 41ae0e3 commit 1d3c244
Show file tree
Hide file tree
Showing 4 changed files with 180 additions and 12 deletions.
48 changes: 45 additions & 3 deletions scheduler/config/envoy-compose.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
# Base config for a split xDS management server on 9002, admin port on 9003
static_resources:
clusters:
- connect_timeout: 1s
Expand All @@ -14,6 +13,49 @@ static_resources:
port_value: 9002
http2_protocol_options: {}
name: xds_cluster
- connect_timeout: 0.250s
type: LOGICAL_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: admin_interface_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 9001
name: admin_interface_cluster
listeners:
- name: util_endpoint_listener
address:
socket_address:
address: 0.0.0.0
port_value: 9003
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: util_endpoint_http
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: local_admin_interface_route
virtual_hosts:
- name: admin_interface
domains: ["*"]
routes:
- match:
prefix: /stats
route:
cluster: admin_interface_cluster
- match:
prefix: /ready
route:
cluster: admin_interface_cluster
dynamic_resources:
cds_config:
resource_api_version: V3
Expand Down Expand Up @@ -53,5 +95,5 @@ admin:
access_log_path: /dev/null
address:
socket_address:
address: 0.0.0.0
port_value: 9003
address: 127.0.0.01
port_value: 9001
48 changes: 45 additions & 3 deletions scheduler/config/envoy-local.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
# Base config for a split xDS management server on 9002, admin port on 9003
static_resources:
clusters:
- connect_timeout: 1s
Expand All @@ -14,6 +13,49 @@ static_resources:
port_value: 9002
http2_protocol_options: {}
name: xds_cluster
- connect_timeout: 0.250s
type: LOGICAL_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: admin_interface_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 9001
name: admin_interface_cluster
listeners:
- name: util_endpoint_listener
address:
socket_address:
address: 0.0.0.0
port_value: 9003
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: util_endpoint_http
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: local_admin_interface_route
virtual_hosts:
- name: admin_interface
domains: ["*"]
routes:
- match:
prefix: /stats
route:
cluster: admin_interface_cluster
- match:
prefix: /ready
route:
cluster: admin_interface_cluster
dynamic_resources:
cds_config:
resource_api_version: V3
Expand Down Expand Up @@ -53,5 +95,5 @@ admin:
access_log_path: /dev/null
address:
socket_address:
address: 0.0.0.0
port_value: 9003
address: 127.0.0.01
port_value: 9001
48 changes: 45 additions & 3 deletions scheduler/config/envoy-tls.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
# Base config for a split xDS management server on 9002, admin port on 9003
static_resources:
clusters:
- connect_timeout: 1s
Expand Down Expand Up @@ -27,6 +26,49 @@ static_resources:
name: validation_context_sds
sds_config:
path: /etc/validation_context_sds_secret.yaml
- connect_timeout: 0.250s
type: LOGICAL_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: admin_interface_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 9001
name: admin_interface_cluster
listeners:
- name: util_endpoint_listener
address:
socket_address:
address: 0.0.0.0
port_value: 9003
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: util_endpoint_http
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: local_admin_interface_route
virtual_hosts:
- name: admin_interface
domains: ["*"]
routes:
- match:
prefix: /stats
route:
cluster: admin_interface_cluster
- match:
prefix: /ready
route:
cluster: admin_interface_cluster
dynamic_resources:
cds_config:
resource_api_version: V3
Expand Down Expand Up @@ -66,5 +108,5 @@ admin:
access_log_path: /dev/null
address:
socket_address:
address: 0.0.0.0
port_value: 9003
address: 127.0.0.01
port_value: 9001
48 changes: 45 additions & 3 deletions scheduler/config/envoy.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
# Base config for a split xDS management server on 9002, admin port on 9003
static_resources:
clusters:
- connect_timeout: 1s
Expand All @@ -14,6 +13,49 @@ static_resources:
port_value: 9002
http2_protocol_options: {}
name: xds_cluster
- connect_timeout: 0.250s
type: LOGICAL_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: admin_interface_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 127.0.0.1
port_value: 9001
name: admin_interface_cluster
listeners:
- name: util_endpoint_listener
address:
socket_address:
address: 0.0.0.0
port_value: 9003
filter_chains:
- filters:
- name: envoy.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: util_endpoint_http
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: local_admin_interface_route
virtual_hosts:
- name: admin_interface
domains: ["*"]
routes:
- match:
prefix: /stats
route:
cluster: admin_interface_cluster
- match:
prefix: /ready
route:
cluster: admin_interface_cluster
dynamic_resources:
cds_config:
resource_api_version: V3
Expand Down Expand Up @@ -53,5 +95,5 @@ admin:
access_log_path: /dev/null
address:
socket_address:
address: 0.0.0.0
port_value: 9003
address: 127.0.0.1
port_value: 9001

0 comments on commit 1d3c244

Please sign in to comment.