mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-04-22 06:22:50 +08:00
57580afa74
* Fixed Format Issue for Kubernetes ServiceDiscoveryProvider * Fixes broken links (#858) * Fix link to issue 262 * Fixes broken link to issue 340 * Fixed broken link to issue 340 (#857) * Update information for Okta Authorization (#853) * +dynamic claim variables (#855) incl. tests * IOcelotPipelineBuilder.Use(): Return IOcelotPipelineBuilder (#875) Fixes ThreeMammals/Ocelot#685 * Fix UpstreamHost checking when reroutes duplicate validation (#864) * Format json in reame (#877) Format json file in AdministrationApi ReadMe * kubernetes use in cluster (#882) * refactor :kubernetes use in cluster * feat:delete KubeClient * add more flexible method to config ocelot pipeline (#880) * update k8s doc & samples (#885) * refactor :kubernetes use in cluster * feat:delete KubeClient * feat : update k8s doc & samples * Update kubernetes.rst * Fix/issue666 (#889) * cache key now can generate from query string for request with Get Methods and request content for requests with post methods * MD5Helper Added. OutputCacheMiddleware now can generate cache key using method, url and content * unit test created for CacheKeyGenerator * CacheKeyGenerator Registered in OcelotBuilder as singletone * Fix issue #890 IDefinedAggregator can't handle error codes from downstream requests (#892) * Release/13.2.0 (#834) * Fix formatting in getting started page (#752) * updated release docs (#745) * Update README.md (#756) Fixed typo "Ocleot" * Fixed typo there => their (#763) * Some Typo fixes (#765) * Typo algorythm => algorithm (#764) * Typo querystring => query string (#766) * Typo usual => usually (#767) * Typos (#768) * kubernetes provider (#772) * feat: Kubernetes ServiceDiscoveryProvider * 编写k8s测试例子 * feat:fix kube config * feat: remove port * feat : complete the k8s test * feat : add kubeserviceDiscovery test * feat : add kube provider unittest * feat :add kubetnetes docs how to use ocelot with kubetnetes docs * keep the configuration as simple as possible, no qos, no cache * fix: use http * add PollingKubeServiceDiscovery * feat : refactor logger * feat : add pollkube docs * feat:Remove unnecessary code * feat : code-block json * fix issue #661 for Advanced aggregations (#704) * Add Advanced Aggregation Feature * fix overwrite error * distinct data for better performance * remove constructor parameter * fix tests issue * fix tests * fix tests issue * Add UnitTest and AcceptanceTest * fix responseKeys typo * Update SimpleJsonResponseAggregator.cs * change port * Fix code example for SSL Errors (#780) DangerousAcceptAnyServerCertificateValidator has to be set to "true" to disable certification validation, not "false". * Changed wording for ease of reading (#776) Just some wording changes for clarification. * Ignore response content if null (fix #785) (#786) * fix bug #791 (#795) * Update loadbalancer.rst (#796) * UriBuilder - remove leading question mark #747 (#794) * Update qualityofservice.rst (#801) Tiny typo * K8s package (#804) * feat: Kubernetes ServiceDiscoveryProvider * 编写k8s测试例子 * feat:fix kube config * feat: remove port * feat : complete the k8s test * feat : add kubeserviceDiscovery test * feat : add kube provider unittest * feat :add kubetnetes docs how to use ocelot with kubetnetes docs * keep the configuration as simple as possible, no qos, no cache * fix: use http * add PollingKubeServiceDiscovery * feat : refactor logger * feat : add pollkube docs * feat:Remove unnecessary code * feat : code-block json * feat: publish package Ocelot.Provider.Kubernetes * Okta integration (#807) Okta integration * update cliamsParser (#798) * update cliamsParser * update using * IOcelotBuilder opens the IMvcCoreBuilder property for easy customization (#790) * IOcelotBuilder opens the IMvcCoreBuilder property for easy customization * Adjustment code * nuget package (#809) * feat: Kubernetes ServiceDiscoveryProvider * 编写k8s测试例子 * feat:fix kube config * feat: remove port * feat : complete the k8s test * feat : add kubeserviceDiscovery test * feat : add kube provider unittest * feat :add kubetnetes docs how to use ocelot with kubetnetes docs * keep the configuration as simple as possible, no qos, no cache * fix: use http * add PollingKubeServiceDiscovery * feat : refactor logger * feat : add pollkube docs * feat:Remove unnecessary code * feat : code-block json * feat: publish package Ocelot.Provider.Kubernetes * feat : nuget package * fix: Namesapce Spelling wrong * fix:Namesapce Spelling Wrong * Fix: errors when using rate limiting (#811) * Fix: errors when using rate limiting Add: QuotaExceededError class for requesting too much Add: QuotaExceededError error code Add: Add an error when limit is reached Reflact: Extract GetResponseMessage method for getting default or configured response message for requ * Fix: modify check_we_have_considered_all_errors_in_these_tests for adding a new OcelotErrorCode * added missing COPY csproj files (#821) * Add note on In-Process hosting (#816) When using ASP.NET Core 2.2 with In-Process hosting in IIS it's important to use .UseIIS() instead of .UseIISIntegration(). * Fix bug: (#810) If the registered Consul node is unexpectedly down and not restarted immediately, other services should continue to find the registered service. * Fixed Dockerfile (missing Kubernetes) * Revert "Fix bug: (#810)" (#823) This reverts commit 19c80afb05290fac3a144f652cd663c8b513a559. * remove duplicate `IHttpRequester` register (#819) * remove duplicate `IHttpRequester` register * reserve the first * fix HttpRequesterMiddleware does not call next bug (#830) call next so that we can do something with the response, such as add some custom header etc... * Removed Packing to fix issues, will be sorted out after create a nuget package on Nuget.Org (#831) * Allows access to unpass node (#825) * Fix bug: If the registered Consul node is unexpectedly down and not restarted immediately, other services should continue to find the registered service. * fix bug: If the registered Consul node is unexpectedly down and not restarted immediately, other services should continue to find the registered service. * Updated FluentValidations Nuget Package (#833) * Removed Warnings * Make the full DownstreamContext available to user defined aggregators This allows error codes to be handled
77 lines
3.3 KiB
ReStructuredText
77 lines
3.3 KiB
ReStructuredText
Kubernetes
|
|
==============
|
|
|
|
This feature was requested as part of `Issue 345 <https://github.com/ThreeMammals/Ocelot/issues/345>`_ . to add support for kubernetes's service discovery provider.
|
|
|
|
The first thing you need to do is install the NuGet package that provides kubernetes support in Ocelot.
|
|
|
|
``Install-Package Ocelot.Provider.Kubernetes``
|
|
|
|
Then add the following to your ConfigureServices method.
|
|
|
|
.. code-block:: csharp
|
|
|
|
s.AddOcelot()
|
|
.AddKubernetes();
|
|
|
|
If you have services deployed in kubernetes you will normally use the naming service to access them. Default usePodServiceAccount = True, which means that ServiceAccount using Pod to access the service of the k8s cluster needs to be ServiceAccount based on RABC authorization
|
|
|
|
.. code-block::csharp
|
|
public static class OcelotBuilderExtensions
|
|
{
|
|
public static IOcelotBuilder AddKubernetes(this IOcelotBuilder builder, bool usePodServiceAccount = true);
|
|
}
|
|
|
|
You can replicate a Permissive. Using RBAC role bindings.
|
|
`Permissive RBAC Permissions <https://kubernetes.io/docs/reference/access-authn-authz/rbac/#permissive-rbac-permissions>`_, k8s api server and token will read from pod .
|
|
|
|
.. code-block::json
|
|
kubectl create clusterrolebinding permissive-binding --clusterrole=cluster-admin --user=admin --user=kubelet --group=system:serviceaccounts
|
|
|
|
The following example shows how to set up a ReRoute that will work in kubernetes. The most important thing is the ServiceName which is made up of the
|
|
kubernetes service name. We also need to set up the ServiceDiscoveryProvider in GlobalConfiguration. The example here shows a typical configuration.
|
|
|
|
|
|
.. code-block:: json
|
|
|
|
{
|
|
"ReRoutes": [
|
|
{
|
|
"DownstreamPathTemplate": "/api/values",
|
|
"DownstreamScheme": "http",
|
|
"UpstreamPathTemplate": "/values",
|
|
"ServiceName": "downstreamservice",
|
|
"UpstreamHttpMethod": [ "Get" ]
|
|
}
|
|
],
|
|
"GlobalConfiguration": {
|
|
"ServiceDiscoveryProvider": {
|
|
"Host": "192.168.0.13",
|
|
"Port": 443,
|
|
"Token": "txpc696iUhbVoudg164r93CxDTrKRVWG",
|
|
"Namespace": "dev",
|
|
"Type": "kube"
|
|
}
|
|
}
|
|
}
|
|
Service deployment in Namespace Dev , ServiceDiscoveryProvider type is kube, you also can set pollkube ServiceDiscoveryProvider type.
|
|
Note: Host、 Port and Token are no longer in use。
|
|
|
|
You use Ocelot to poll kubernetes for latest service information rather than per request. If you want to poll kubernetes for the latest services rather than per request (default behaviour) then you need to set the following configuration.
|
|
|
|
.. code-block:: json
|
|
|
|
"ServiceDiscoveryProvider": {
|
|
"Host": "192.168.0.13",
|
|
"Port": 443,
|
|
"Token": "txpc696iUhbVoudg164r93CxDTrKRVWG",
|
|
"Namespace": "dev",
|
|
"Type": "pollkube"
|
|
"PollingInterval": 100
|
|
}
|
|
|
|
The polling interval is in milliseconds and tells Ocelot how often to call kubernetes for changes in service configuration.
|
|
|
|
Please note there are tradeoffs here. If you poll kubernetes it is possible Ocelot will not know if a service is down depending on your polling interval and you might get more errors than if you get the latest services per request. This really depends on how volatile your services are. I doubt it will matter for most people and polling may give a tiny performance improvement over calling kubernetes per request.
|
|
There is no way for Ocelot to work these out for you.
|