Rainbond as a cloud native application management platform, is born with a distributed gateway rbd-gateway that guides north-south network traffic. Different from the general Ingress configuration, users need to define their own domain name experience. Rainbond's gateway policy can automatically generate a domain name access policy with one click, and users can immediately access the business system deployed on Rainbond through this domain name. This experience is very friendly in development and testing scenarios. This article explains in detail how this mechanism is implemented.
Gateway and Ingress
The Rainbond team has developed a high-performance distributed gateway component rbd-gateway, which serves as the Ingress Controller within the cluster to handle the north-south traffic of the cluster. It supports both L4 and L7 layer protocols, as well as one-click opening of advanced functions such as WebSocket. When using it, a detailed function point is very easy to use, that is, a domain name address that can be accessed can be generated with one click.
The format of this domain name is explained in detail as follows:
http://<servicePort>.<service_alias>.<tenant_name>.17a4cc.grapps.cn/
- servicePort: 访问策略对应的目标端口名称
- service_alias: 当前服务组件的别名
- tenant_name: 当前团队的别名
- .17a4cc.grapps.cn: 当前集群的泛解析域名In fact, this routing rule is defined by the corresponding ingress and service in Kubernetes. The entire access link can be summarized as the following figure:
Enabling the external service switch is equivalent to automatically generating the following resources:
apiVersion: v1
kind: Service
metadata:
labels:
creator: Rainbond
event_id: ""
name: gr49d848ServiceOUT
port_protocol: http
protocol: http
rainbond.com/tolerate-unready-endpoints: "true"
service_alias: gr49d848
service_port: "5000"
service_type: outer
tenant_name: 2c9v614j
name: service-8965-5000out
namespace: 3be96e95700a480c9b37c6ef5daf3566
spec:
clusterIP: 172.21.7.172
ports:
- name: tcp-5000
port: 5000
protocol: TCP
targetPort: 5000
selector:
name: gr49d848
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/weight: "100"
generation: 1
labels:
creator: Rainbond
service_alias: gr49d848
tenant_name: 2c9v614j
name: 3cf8d6bd89250eda87ac127c49694a05
namespace: 3be96e95700a480c9b37c6ef5daf3566
spec:
rules:
- host: 5000.gr49d848.2c9v614j.17a4cc.grapps.cn
http:
paths:
- backend:
serviceName: service-8965-5000out
servicePort: 5000
path: /
status:
loadBalancer: {}Automatically generate domain names
For most developers, domain names are considered a scarce resource. How to assign domain names to their vast Ingress rules is a headache. After all, only when you have your own domain name can you completely control its parsing rules and avoid endless modification of the /etc/hosts file.
Most Kubernetes management tools on the market can generate Service and Ingress resources in a semi-automatic manner. This semi-automatic method specifically refers to allowing users to enter the necessary information on the graphical UI interface, and then the corresponding yaml configuration file is generated by the management tool and loaded into Kubernetes. But for the configured domain name, few tools can achieve the same experience as Rainbond.
The key to achieving this excellent experience lies in the use of pan-resolution domain names.
*.mydomain.com explanation of the pan-resolution domain name is: any domain name that conforms to the rule 061c2e33ab5e9e can be resolved to the same IP address. In the current usage scenario, we only need to resolve the pan-resolution domain name *.17a4cc.grapps.cn to the IP address of the server where the rbd-gateway is located, and then we can freely configure a domain name that meets the rules Ingress rule
Ingress rule and pan-resolution domain names at the product design level to automatically generate a globally unique domain name for each service port. And when the cluster is installed, the resolution record is automatically registered with the public network DNS server. After the cluster is installed, all the domain names generated can be resolved by the public network, as long as the PC client can use the public network DNS service. Resolve the domain name and access the specified service port.
Rainbond distinguishes different clusters through different third-level domain names (such as 17a4cc This involves a feature of the pan-resolution domain name, the resolution record of the child domain name has a higher priority than the resolution record of the parent domain name.
===========================================
// 对两级泛解析域名注册解析记录
*.grapps.cn =解析记录注册=> 1.1.1.1
*.17a4cc.grapps.cn =解析记录注册=> 2.2.2.2
===========================================
===========================================
// 客户端解析结果
abc.grapps.cn =解析 IP 地址=> 1.1.1.1
abc.def.grapps.cn =解析 IP 地址=> 1.1.1.1
abc.17a4cc.grapps.cn =解析 IP 地址=> 2.2.2.2 // 优先使用 *.17a4cc.grapps.cn 的解析记录Rainbond is an open source cloud-native application management platform. It is simple to use, does not need to understand containers and Kubernetes, supports the management of multiple Kubernetes clusters, and provides full lifecycle management of enterprise applications. Its functions include application development environment, application market, and micro Service architecture, application continuous delivery, application operation and maintenance, application-level multi-cloud management, etc.
Github:https://github.com/goodrain/rainbond
Official website: https://www.rainbond.com?channel=sf
WeChat group: please search and add group assistant WeChat wylhzmyj
31096419 group: please search for Dingding group number 061c2e33ab6059
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。