feat: proxy bootstrapping from configuration

misc/k8s/README.md

@@ -4,63 +4,65 @@
 
 1. Generate the Docker configuration to enable image builds with Kaniko and communicate with reg.cadoles.com
 
-    ```shell
-    docker login reg.cadoles.com
-    mkdir -p misc/k8s/kustomization/base/secrets/dockerconfig
-    docker --config misc/k8s/kustomization/base/secrets/dockerconfig login reg.cadoles.com
-    mv misc/k8s/kustomization/base/secrets/dockerconfig/config.json misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson
-    mkdir -p misc/k8s/kustomization/overlays/dev/secrets/dockerconfig
-    cp misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson misc/k8s/kustomization/overlays/dev/secrets/dockerconfig/.dockerconfigjson
-    ```
+   ```shell
+   docker login reg.cadoles.com
+   mkdir -p misc/k8s/kustomization/base/secrets/dockerconfig
+   docker --config misc/k8s/kustomization/base/secrets/dockerconfig login reg.cadoles.com
+   mv misc/k8s/kustomization/base/secrets/dockerconfig/config.json misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson
+   mkdir -p misc/k8s/kustomization/overlays/dev/secrets/dockerconfig
+   cp misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson misc/k8s/kustomization/overlays/dev/secrets/dockerconfig/.dockerconfigjson
+   ```
 
 ## Getting started with Kind
 
 1. Create your [Kind](https://kind.sigs.k8s.io/) cluster
 
-    ```shell
-    kind create cluster --config misc/k8s/kind/bouncer-cluster.yaml
-    ```
+   ```shell
+   kind create cluster --config misc/k8s/kind/bouncer-cluster.yaml
+   ```
 
 2. Deploy required operators
 
-    ```shell
-    kubectl apply -k misc/k8s/kind/cluster --server-side
-    ```
+   ```shell
+   kubectl apply -k misc/k8s/kind/cluster --server-side
+   ```
 
 3. Deploy your Bouncer development environment
 
-    ```shell
-    skaffold dev -p dev --cleanup=false --default-repo reg.cadoles.com/<YOUR_PERSONNAL_USER_NAME>
-    ```
+   ```shell
+   skaffold dev -p dev --cleanup=false --default-repo reg.cadoles.com/<YOUR_PERSONNAL_USER_NAME>
+   ```
 
 ## Testing
 
+Bouncer will automatically create proxies based on the files present in the `misc/k8s/kustomization/overlays/dev/files/bouncer/bootstrap.d` folder.
+
+By default, with you host web browser, open http://localhost:9000, you should see the Cadoles website.
+
+### Using the admin API
+
 1. Open shell in bouncer-admin pod
 
-    ```shell
-    kubectl exec -it -n bouncer-dev bouncer-admin-<suffix> -- /bin/sh
-    ```
+   ```shell
+   kubectl exec -it -n bouncer-dev bouncer-admin-<suffix> -- /bin/sh
+   ```
 
 2. Create an authentication token
 
-    ```shell
-    bouncer --config /etc/bouncer/config.yml auth create-token --role writer --subject $(whoami) > .bouncer-token
-    ```
+   ```shell
+   bouncer --config /etc/bouncer/config.yml auth create-token --role writer --subject $(whoami) > .bouncer-token
+   ```
 
 3. Create a proxy and enable it
 
-    ```shell
-    bouncer admin proxy create --proxy-to https://www.cadoles.com --proxy-name cadoles
-    bouncer admin proxy update --proxy-name cadoles --proxy-enabled=true
-    ```
-
-4. With you host web browser, open http://localhost:9000, you should see the Cadoles website.
+   ```shell
+   bouncer admin proxy query
+   ```
 
 ## Benchmarking
 
 You can use [`siege`](https://github.com/JoeDog/siege) to benchmark your instance with the Cadoles proxy.
 
 ```shell
-BASE_URL=http://localhost:9000 make siege 
+BASE_URL=http://localhost:9000 make siege
 ```
-

misc/k8s/kustomization/base/resources/bouncer-admin/files/config.yml

@@ -4,19 +4,19 @@ admin:
     port: 8081
   cors:
     allowedOrigins:
-    - http://localhost:3001
+      - http://localhost:3001
     allowCredentials: true
     allowMethods:
-    - POST
-    - GET
-    - PUT
-    - DELETE
+      - POST
+      - GET
+      - PUT
+      - DELETE
     allowedHeaders:
-    - Origin
-    - Accept
-    - Content-Type
-    - Authorization
-    - Sentry-Trace
+      - Origin
+      - Accept
+      - Content-Type
+      - Authorization
+      - Sentry-Trace
     debug: false
   auth:
     issuer: http://127.0.0.1:8081
@@ -28,9 +28,13 @@ admin:
 
 redis:
   addresses:
-  - rfs-bouncer-redis:${RFS_BOUNCER_REDIS_SERVICE_PORT}
+    - rfs-bouncer-redis:${RFS_BOUNCER_REDIS_SERVICE_PORT}
   master: mymaster
 
 logger:
-  level: 2
+  level: ${BOUNCER_LOG_LEVEL}
   format: human
+
+bootstrap:
+  dir: /etc/bouncer/bootstrap.d
+  lockTimeout: 30s

misc/k8s/kustomization/base/resources/bouncer-admin/kustomization.yaml

@@ -2,11 +2,15 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
-- ./resources/service.yaml
-- ./resources/deployment.yaml
+  - ./resources/service.yaml
+  - ./resources/deployment.yaml
 
 configMapGenerator:
-- name: bouncer-admin-config
-  files:
-  - ./files/config.yml
-  - ./files/admin-key.json
+  - name: bouncer-admin-config
+    files:
+      - ./files/config.yml
+      - ./files/admin-key.json
+  - name: bouncer-admin-bootstrap
+  - name: bouncer-admin-env
+    literals:
+      - BOUNCER_LOG_LEVEL=2

misc/k8s/kustomization/base/resources/bouncer-admin/resources/deployment.yaml

@@ -17,18 +17,35 @@ spec:
         io.kompose.service: bouncer-admin
     spec:
       containers:
-      - name: bouncer-admin
-        image: reg.cadoles.com/cadoles/bouncer:v2024.2.5-1602626
-        command: ["bouncer", "--debug", "-c", "/etc/bouncer/config.yml", "server", "admin", "run"]
-        imagePullPolicy: Always
-        resources: {}
-        ports:
         - name: bouncer-admin
-          containerPort: 8081
-        volumeMounts:
-        - mountPath: /etc/bouncer/
-          name: bouncer-admin-config
+          image: bouncer
+          command:
+            [
+              "bouncer",
+              "--debug",
+              "-c",
+              "/etc/bouncer/config.yml",
+              "server",
+              "admin",
+              "run",
+            ]
+          imagePullPolicy: Always
+          resources: {}
+          ports:
+            - name: bouncer-admin
+              containerPort: 8081
+          envFrom:
+            - configMapRef:
+                name: bouncer-admin-env
+          volumeMounts:
+            - mountPath: /etc/bouncer/
+              name: bouncer-admin-config
+            - mountPath: /etc/bouncer/bootstrap.d
+              name: bouncer-admin-bootstrap
       volumes:
-      - name: bouncer-admin-config
-        configMap:
-          name: bouncer-admin-config
+        - name: bouncer-admin-config
+          configMap:
+            name: bouncer-admin-config
+        - name: bouncer-admin-bootstrap
+          configMap:
+            name: bouncer-admin-bootstrap

misc/k8s/kustomization/base/resources/bouncer-server/files/config.yml

@@ -14,9 +14,9 @@ layers:
 
 redis:
   addresses:
-  - rfs-bouncer-redis:${RFS_BOUNCER_REDIS_SERVICE_PORT}
+    - rfs-bouncer-redis:${RFS_BOUNCER_REDIS_SERVICE_PORT}
   master: mymaster
 
 logger:
-  level: 2
+  level: ${BOUNCER_LOG_LEVEL}
   format: human

misc/k8s/kustomization/base/resources/bouncer-server/kustomization.yaml

@@ -2,10 +2,13 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
-- ./resources/service.yaml
-- ./resources/deployment.yaml
+  - ./resources/service.yaml
+  - ./resources/deployment.yaml
 
 configMapGenerator:
-- name: bouncer-server-config
-  files:
-  - ./files/config.yml
+  - name: bouncer-server-config
+    files:
+      - ./files/config.yml
+  - name: bouncer-server-env
+    literals:
+      - BOUNCER_LOG_LEVEL=2

misc/k8s/kustomization/base/resources/bouncer-server/resources/deployment.yaml

@@ -17,18 +17,29 @@ spec:
         io.kompose.service: bouncer-server
     spec:
       containers:
-      - name: bouncer-server
-        image: reg.cadoles.com/cadoles/bouncer:v2024.2.5-1602626
-        command: ["bouncer", "-c", "/etc/bouncer/config.yml", "server", "proxy", "run"]
-        imagePullPolicy: Always
-        resources: {}
-        ports:
         - name: bouncer-server
-          containerPort: 8080
-        volumeMounts:
-        - mountPath: /etc/bouncer/
-          name: bouncer-server-config
+          image: bouncer
+          command:
+            [
+              "bouncer",
+              "-c",
+              "/etc/bouncer/config.yml",
+              "server",
+              "proxy",
+              "run",
+            ]
+          imagePullPolicy: Always
+          envFrom:
+            - configMapRef:
+                name: bouncer-server-env
+          resources: {}
+          ports:
+            - name: bouncer-server
+              containerPort: 8080
+          volumeMounts:
+            - mountPath: /etc/bouncer/
+              name: bouncer-server-config
       volumes:
-      - name: bouncer-server-config
-        configMap:
-          name: bouncer-server-config
+        - name: bouncer-server-config
+          configMap:
+            name: bouncer-server-config

misc/k8s/kustomization/overlays/dev/files/bouncer/bootstrap.d/cadoles.yml

@@ -0,0 +1,11 @@
+from: ["*"]
+to: https://www.cadoles.com
+enabled: true
+weight: 0
+layers:
+  my-queue:
+    type: queue
+    enabled: true
+    weight: 0
+    options:
+      capacity: 10

misc/k8s/kustomization/overlays/dev/kustomization.yaml

@@ -3,16 +3,30 @@ kind: Kustomization
 namespace: bouncer-dev
 
 resources:
-- ../../base
+  - ../../base
 
 secretGenerator:
-- files:
-  - secrets/dockerconfig/.dockerconfigjson
-  name: regcred-dev
-  type: kubernetes.io/dockerconfigjson
+  - files:
+      - secrets/dockerconfig/.dockerconfigjson
+    name: regcred-dev
+    type: kubernetes.io/dockerconfigjson
 
 patches:
-- path: patches/add-registry-pull-secret.patch.yaml
-  target:
-    kind: Deployment
-    version: v1
+  - path: patches/add-registry-pull-secret.patch.yaml
+    target:
+      kind: Deployment
+      version: v1
+
+configMapGenerator:
+  - name: bouncer-admin-bootstrap
+    behavior: merge
+    files:
+      - ./files/bouncer/bootstrap.d/cadoles.yml
+  - name: bouncer-admin-env
+    behavior: merge
+    literals:
+      - BOUNCER_LOG_LEVEL=0
+  - name: bouncer-server-env
+    behavior: merge
+    literals:
+      - BOUNCER_LOG_LEVEL=0