charm-k8s-ingress

Merge ~mthaddon/charm-k8s-ingress/+git/charm-k8s-ingress:proxy-body-size-session-affinity into charm-k8s-ingress:master

Git
lp:~mthaddon/charm-k8s-ingress/+git/charm-k8s-ingress
proxy-body-size-session-affinity
Merge into master

Proposed by Tom Haddon on 2021-03-25

Status:	Merged
Approved by:	Jon Seager on 2021-03-25
Approved revision:	2b42bdb305509ca56758ba9774ea6d62824d7553
Merged at revision:	6ee4da1fce2b3fab9dda117d6f2385ae754910e0
Proposed branch:	~mthaddon/charm-k8s-ingress/+git/charm-k8s-ingress:proxy-body-size-session-affinity
Merge into:	charm-k8s-ingress:master
Diff against target:	123 lines (+65/-4) 3 files modified config.yaml (+10/-2) src/charm.py (+13/-1) tests/unit/test_charm.py (+42/-1)
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
🤖 prod-jenkaas-is (community)	continuous-integration		Approve on 2021-03-25
ingress-charmers		2021-03-25	Pending
Review via email: mp+400180@code.launchpad.net

Commit message

Add session affinity and max upload size as config options, standardise on dashes for config options rather than underscores

Revision history for this message

🤖 prod-jenkaas-is (prod-jenkaas-is) wrote on 2021-03-25:

A CI job is currently in progress. A follow up comment will be added when it completes.

Revision history for this message

🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote on 2021-03-25:

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message

🤖 prod-jenkaas-is (prod-jenkaas-is) wrote on 2021-03-25:

PASSED: Continuous integration, rev:2b42bdb305509ca56758ba9774ea6d62824d7553
https://jenkins.canonical.com/is/job/lp-charm-k8s-ingress-ci/6/
Executed test runs:
SUCCESS: https://jenkins.canonical.com/is/job/lp-charm-test/36/
None: https://jenkins.canonical.com/is/job/lp-update-mp/49328/

Click here to trigger a rebuild:
https://jenkins.canonical.com/is/job/lp-charm-k8s-ingress-ci/6//rebuild

review: Approve (continuous-integration)

Revision history for this message

🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote on 2021-03-25:

Change successfully merged at revision 6ee4da1fce2b3fab9dda117d6f2385ae754910e0

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Tom Haddon

ingress-charmers

 diff --git a/config.yaml b/config.yaml
 index e9d5df8..d432fc6 100644
 --- a/config.yaml
 +++ b/config.yaml
@@ -5,6 +5,10 @@ options:
      default: ""
      description: k8s config. If you're using microk8s, this should be the output of `microk8s config`.
      type: string
++  max-body-size:
++    default: 20
++    description: Max allowed body-size (for file uploads) in megabytes, set to 0 to disable limits.
++    type: int
    service-hostname:
      default: ""
      description: The hostname of the service to create an ingress for.
@@ -21,7 +25,11 @@ options:
      default: 0
      description: The port of the service to create an ingress for.
      type: int
--  tls_secret_name:
++  session-cookie-max-age:
++    default: 0
++    description: The max age to configure a session cookie for. Leaving unset or setting to 0 will disable session cookies and cookie-based affinity.
++    type: int
++  tls-secret-name:
      default: ""
--    description: The name of the TLS secret to use. Leaving this empty will configure an Ingress with TLS disabled.
++    description: The name of the TLS secret to use. Leaving this empty will configure an ingress with TLS disabled.
      type: string
 diff --git a/src/charm.py b/src/charm.py
 index 7639bdb..b014c67 100755
 --- a/src/charm.py
 +++ b/src/charm.py
@@ -122,8 +122,20 @@ class CharmK8SIngressCharm(CharmBase):
+         )
          annotations = {
              "nginx.ingress.kubernetes.io/rewrite-target": "/",
++            "nginx.ingress.kubernetes.io/proxy-body-size": "{}m".format(self.config["max-body-size"]),
+         }
--        tls_secret_name = self.config.get("tls_secret_name")
++        if self.config["session-cookie-max-age"]:
++            annotations["nginx.ingress.kubernetes.io/affinity"] = "cookie"
++            annotations["nginx.ingress.kubernetes.io/affinity-mode"] = "balanced"
++            annotations["nginx.ingress.kubernetes.io/session-cookie-change-on-failure"] = "true"
++            annotations["nginx.ingress.kubernetes.io/session-cookie-max-age"] = "{}".format(
++                self.config["session-cookie-max-age"]
++            )
++            annotations["nginx.ingress.kubernetes.io/session-cookie-name"] = "{}_AFFINITY".format(
++                self.config["service-name"].upper()
++            )
++            annotations["nginx.ingress.kubernetes.io/session-cookie-samesite"] = "Lax"
++        tls_secret_name = self.config["tls-secret-name"]
          if tls_secret_name:
              spec.tls = kubernetes.client.NetworkingV1beta1IngressTLS(
                  hosts=[self.config["service-hostname"]],
 diff --git a/tests/unit/test_charm.py b/tests/unit/test_charm.py
 index 2d335c7..a7062ae 100644
 --- a/tests/unit/test_charm.py
 +++ b/tests/unit/test_charm.py
@@ -64,6 +64,7 @@ class TestCharm(unittest.TestCase):
              metadata=kubernetes.client.V1ObjectMeta(
                  name="gunicorn-ingress",
                  annotations={
++                    "nginx.ingress.kubernetes.io/proxy-body-size": "20m",
                      "nginx.ingress.kubernetes.io/rewrite-target": "/",
                      "nginx.ingress.kubernetes.io/ssl-redirect": "false",
                  },
@@ -95,6 +96,7 @@ class TestCharm(unittest.TestCase):
              metadata=kubernetes.client.V1ObjectMeta(
                  name="gunicorn-ingress",
                  annotations={
++                    "nginx.ingress.kubernetes.io/proxy-body-size": "20m",
                      "nginx.ingress.kubernetes.io/rewrite-target": "/",
                  },
              ),
@@ -121,7 +123,46 @@ class TestCharm(unittest.TestCase):
                  ),
              ),
+         )
--        self.harness.update_config({"tls_secret_name": "gunicorn_tls"})
++        self.harness.update_config({"tls-secret-name": "gunicorn_tls"})
++        self.assertEqual(self.harness.charm._get_k8s_ingress(), expected)
++        # Test max_body_size and session-cookie-max-age config options.
++        self.harness.update_config({"tls-secret-name": "", "max-body-size": 0, "session-cookie-max-age": 3600})
++        expected = kubernetes.client.NetworkingV1beta1Ingress(
++            api_version="networking.k8s.io/v1beta1",
++            kind="Ingress",
++            metadata=kubernetes.client.V1ObjectMeta(
++                name="gunicorn-ingress",
++                annotations={
++                    "nginx.ingress.kubernetes.io/affinity": "cookie",
++                    "nginx.ingress.kubernetes.io/affinity-mode": "balanced",
++                    "nginx.ingress.kubernetes.io/proxy-body-size": "0m",
++                    "nginx.ingress.kubernetes.io/rewrite-target": "/",
++                    "nginx.ingress.kubernetes.io/session-cookie-change-on-failure": "true",
++                    "nginx.ingress.kubernetes.io/session-cookie-max-age": "3600",
++                    "nginx.ingress.kubernetes.io/session-cookie-name": "GUNICORN_AFFINITY",
++                    "nginx.ingress.kubernetes.io/session-cookie-samesite": "Lax",
++                    "nginx.ingress.kubernetes.io/ssl-redirect": "false",
++                },
++            ),
++            spec=kubernetes.client.NetworkingV1beta1IngressSpec(
++                rules=[
++                    kubernetes.client.NetworkingV1beta1IngressRule(
++                        host="foo.internal",
++                        http=kubernetes.client.NetworkingV1beta1HTTPIngressRuleValue(
++                            paths=[
++                                kubernetes.client.NetworkingV1beta1HTTPIngressPath(
++                                    path="/",
++                                    backend=kubernetes.client.NetworkingV1beta1IngressBackend(
++                                        service_port=80,
++                                        service_name="gunicorn-service",
++                                    ),
++                                )
++                            ]
++                        ),
++                    )
++                ]
++            ),
++        )
          self.assertEqual(self.harness.charm._get_k8s_ingress(), expected)
      def test_get_k8s_service(self):

charm-k8s-ingress

Merge ~mthaddon/charm-k8s-ingress/+git/charm-k8s-ingress:proxy-body-size-session-affinity into charm-k8s-ingress:master

Commit message

Description of the change

Preview Diff

Subscribers