diff options
| author |   HuabingZhao <zhao.huabing@zte.com.cn> | 2016-08-25 10:17:35 +0800 |
|---|---|---|
| committer | HuabingZhao <zhao.huabing@zte.com.cn> | 2016-08-25 10:24:54 +0800 |
| commit | 8597cf5e116012c038e83f763a816ca106cad4d2 (patch) | |
| tree | 4f6671079047db1f565060dcce4bf2607856cf68 | |
| parent | eb9df7aa9e268192dd68a46af4576671b17adcf9 (diff) | |
Solve api gateway issue
Change-Id: I88fedc04faaf4d799b9dbf4c306aa073cabd6218
Signed-off-by: HuabingZhao <zhao.huabing@zte.com.cn>
31 files changed, 343 insertions, 1967 deletions
diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/mime.types b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/mime.types deleted file mode 100644 index 829e8ba..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/mime.types +++ /dev/null @@ -1,94 +0,0 @@ -# -# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -types { - text/html html htm shtml; - text/css css; - text/xml xml rss; - image/gif gif; - image/jpeg jpeg jpg; - application/x-javascript js; - application/atom+xml atom; - - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; - - image/png png; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/x-icon ico; - image/x-jng jng; - image/x-ms-bmp bmp; - image/svg+xml svg svgz; - - application/java-archive jar war ear; - application/json json; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.ms-excel xls; - application/vnd.ms-powerpoint ppt; - application/vnd.wap.wmlc wmlc; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/x-7z-compressed 7z; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/xhtml+xml xhtml; - application/zip zip; - - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream eot; - application/octet-stream iso img; - application/octet-stream msi msp msm; - application/ogg ogx; - - audio/midi mid midi kar; - audio/mpeg mpga mpega mp2 mp3 m4a; - audio/ogg oga ogg spx; - audio/x-realaudio ra; - audio/webm weba; - - video/3gpp 3gpp 3gp; - video/mp4 mp4; - video/mpeg mpeg mpg mpe; - video/ogg ogv; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; -}
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/nginx.conf b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/nginx.conf index 5c524fc..9a2db3f 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/nginx.conf +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/nginx.conf @@ -1,57 +1,227 @@ -# -# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -#user nobody; -worker_processes auto; -worker_rlimit_nofile 50000; - -error_log logs/error.log warn; -pid logs/nginx.pid; +#user xfs xfs; +worker_processes 1; + +error_log logs/error.log warn; +pid logs/nginx.pid; events { - #linux下打开提高性能 - #use epoll; - worker_connections 2048; - multi_accept on; + worker_connections 1024; } http { - server_tokens off; - include mime.types; - default_type text/html; + include mime.types; + + upstream iui { + server 127.0.0.1:8202; + } + + upstream nsoc { + server 127.0.0.1:8203; + } + + upstream roc { + server 127.0.0.1:8204; + } - #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - # '$status $body_bytes_sent "$http_referer" ' - # '"$http_user_agent" "$http_x_forwarded_for"'; + upstream umc { + server 127.0.0.1:8205; + } - #access_log logs/access.log main; - access_log off; + upstream ssh { + server 127.0.0.1:8209; + } - sendfile on; - tcp_nopush on; + upstream yamlparser { + server 127.0.0.1:8210; + } + + upstream dac { + server 127.0.0.1:8206; + } + + upstream cmcc { + server 127.0.0.1:8207; + } + + upstream tacker { + server 127.0.0.1:8208; + } + + upstream winery { + server 127.0.0.1:8080; + } + + upstream etsi { + server 127.0.0.1:8211; + } + + upstream openstackadapter { + server 127.0.0.1:8217; + } + + upstream vimadapter { + server 127.0.0.1:8218; + } + + upstream odlsdn { + server 127.0.0.1:8216; + } + # Basic Settings + default_type application/octet-stream; + sendfile on; + tcp_nopush on; + server_names_hash_bucket_size 128; keepalive_timeout 120s; - gzip on; + #the maximum allowed size of the client request body,current 10G + client_max_body_size 10240m; + client_body_buffer_size 128k; + + #set the time wait for connect to proxy_pass target,avoid waiting too long + proxy_connect_timeout 10s; + proxy_read_timeout 120s; + proxy_send_timeout 120s; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host:$server_port; + proxy_buffers 4 32k; + + #set the nginx_cache parameter + #proxy_cache_path temp/proxy_cache levels=1:2 keys_zone=nginx_cache:10m inactive=1d max_size=100m; + + # Logging + access_log off; - include ../msb-enabled/*.conf; - include ../sites-enabled/*.conf; - include ../sites-enabled-mount/*.conf; -} + # Lua settings + lua_package_path "$prefix/../lualib/?.lua;;"; + lua_package_cpath "$prefix/../lualib/?.so;;"; + + lua_shared_dict ceryx 10M; + lua_code_cache on; + + server { + listen 80; + default_type text/html; + + location = / { + rewrite ^ /iui/framework redirect; + } + + location = /openo { + rewrite ^ /iui/framework redirect; + } + + location = /iui/openo { + rewrite ^ /iui/framework redirect; + } + + location = /iui/framework/login.html { + access_by_lua_file luaext/iui_auth.lua; + proxy_pass http://iui; + } + + location = /api/uiframe/v1/login { + rewrite ^ /api/umcsm/v1/login break; + proxy_pass http://umc; + header_filter_by_lua_file luaext/login.lua; + } + + location = /api/uiframe/v1/loginOut { + access_by_lua_file luaext/logout.lua; + rewrite ^ /api/umcsm/v1/loginOut break; + proxy_pass http://umc; + } + + location = /api/hsif/v1/authentication { + access_by_lua_file luaext/make_authed.lua; + } + + location /iui { + access_by_lua_file luaext/iui_auth.lua; + proxy_pass http://iui; + } + + location ~ ^/api/(?:vim|nsoc)/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://nsoc; + } + + location = /api/nsoc/v1/vnfgrantinfo { + rewrite ^ /api/vim/v1/vnfgrantinfo break; + access_by_lua_file luaext/auth.lua; + proxy_pass http://nsoc; + } + + location /api/nsocnotification/v1 { + rewrite ^/api/nsocnotification/v1/(.*) /nsocnotification/v1/$1 break; + access_by_lua_file luaext/auth.lua; + proxy_pass http://nsoc; + } + + location ~ ^/api/(?:roc|rocnotification)/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://roc; + } + + location /api/uiframe/v1 { + rewrite ^/api/uiframe/v1/(.*) /api/umcsm/v1/$1 break; + access_by_lua_file luaext/iui_auth.lua; + proxy_pass http://umc; + } + + location ~ ^/api/umc(?:pm|fm|drill|sm|monitor)/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://umc; + } + + location ~ ^/api/ssh/v1 { + proxy_pass http://ssh; + } + + location ~ ^/api/yamlparser/v1 { + proxy_pass http://yamlparser; + } + + location ~ ^/api/(?:dac|dacnotification)/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://dac; + } + + location /api/cmccia/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://cmcc; + } + + location /api/tackeria/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://tacker; + } + + location /winery { + access_by_lua_file luaext/auth.lua; + proxy_pass http://winery; + } + + location = /api/microservices/v1/apiRoute { + access_by_lua_file luaext/auth.lua; + content_by_lua_file luaext/serviceaccess.lua; + } + + location /api/umcswagger/v1 { + rewrite ^/api/umcswagger/v1/(.*) /api/$1 break; + access_by_lua_file luaext/auth.lua; + proxy_pass http://umc; + } + + location /api/etsiia/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://etsi; + } -stream { - include ../stream-enabled/*; + location /api/odlsdnia/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://odlsdn; + } + } } diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/auth.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/auth.lua new file mode 100644 index 0000000..067c277 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/auth.lua @@ -0,0 +1,15 @@ +local cache = ngx.shared.ceryx +local client_ip = ngx.var.remote_addr +local host = ngx.var.host +if client_ip == '127.0.0.1' or client_ip == host or client_ip == ngx.var.server_addr then + return +end +local succ, err, forcible = cache:replace(client_ip, "place_holder", 3600) +if not succ then + if err == 'not found' then + ngx.log(ngx.WARN, "access record not found for "..client_ip) + ngx.exit(401) + else + ngx.log(ngx.WARN, err) + end +end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/msbinit.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/msbinit.lua deleted file mode 100644 index cf943c0..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/msbinit.lua +++ /dev/null @@ -1,44 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local modulename = "msbinit" -local _M = {} -_M._VERSION = '1.0.0' - -_M.systemConf = { - ["defaultport"] = "10080", - ["defaultprefix"] = "msb:routing", - ["enablefullsearch"] = true, --whether test against the custom services after common match processing - ["enablerefercheck"] = true, --whether use refer to test against the service names as the last solution - ["enableauthcheck"] = true, --whether add custom auth header or not - ["useconsultemplate"] = false --whether using consul template or not -} -_M.redisConf = { - ["host"] = "127.0.0.1", - ["port"] = 6379, - ["poolsize"] = 100, - ["idletimeout"] = 90000, - ["timeout"] = 1000, - ["dbid"] = 0 -} -_M.cacheConf = { - ["positive_ttl"] = 60, --shcache use,in seconds - ["negative_ttl"] = 2, --shcache use,in seconds - ["lru_ttl"] = 10 --in seconds -} -return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/svcconf.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/svcconf.lua deleted file mode 100644 index df6356e..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/svcconf.lua +++ /dev/null @@ -1,34 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local _M = {}
-_M._VERSION = '1.0.0'
-
-_M.apiRelatedTypes = {
- ["api"] = true,
- ["admin"] = true,
- ["apijson"] = true
-}
-_M.urlfieldMap = {
- ["api"] = "url",
- ["admin"] = "metricsUrl",
- ["apijson"] = "apijson",
- ["iui"] = "url",
- ["custom"] = "url"
-}
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/dao.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/dao.lua deleted file mode 100644 index fb47cca..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/dao.lua +++ /dev/null @@ -1,120 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
---This module integrates the shcache with an abstraction for various databases(redis and so on)
-local _M = {}
-_M._VERSION = '1.0.0'
-
-local shcache = require("vendor.shcache")
-local cjson = require "cjson"
-local msbConf = require('conf.msbinit')
-
-local DB = require('dao.redis_db')
-local options = msbConf.redisConf
-
-local cacheConf = msbConf.cacheConf
-local positive_ttl = cacheConf.positive_ttl or 60
-local negative_ttl = cacheConf.negative_ttl or 2
-
-local svc_shcache = ngx.shared.svc_cache
-
-local function load_serviceinfo(key)
-
- -- closure to perform external lookup to redis
- local fetch_svcinfo_from_db = function ()
- local _db = DB:new(options)
- return _db:getserviceinfo(key)
- end
-
- local svcinfo_cache_table = shcache:new(
- svc_shcache,
- { external_lookup = fetch_svcinfo_from_db,
- --encode = cmsgpack.pack,
- encode = cjson.encode,
- --decode = cmsgpack.unpack
- decode = cjson.decode
- },
- { positive_ttl = positive_ttl, -- default cache good data for 60s
- negative_ttl = negative_ttl, -- default cache failed lookup for 5s
- name = 'svcinfo_cache' -- "named" cache, useful for debug / report
- }
- )
-
- local serviceinfo, from_cache = svcinfo_cache_table:load(key)
-
- return serviceinfo
-end
-_M.load_serviceinfo = load_serviceinfo
-
-local function load_backservers(keypattern)
-
- -- closure to perform external lookup to redis
- local fetch_servers_from_db = function ()
- local _db = DB:new(options)
- return _db:getbackservers(keypattern)
- end
-
- local servers_cache_table = shcache:new(
- svc_shcache,
- { external_lookup = fetch_servers_from_db,
- --encode = cmsgpack.pack,
- encode = cjson.encode,
- --decode = cmsgpack.unpack
- decode = cjson.decode
- },
- { positive_ttl = positive_ttl, -- default cache good data for 60s
- negative_ttl = negative_ttl, -- default cache failed lookup for 5s
- name = 'servers_cache' -- "named" cache, useful for debug / report
- }
- )
-
- local servers_table, from_cache = servers_cache_table:load(keypattern)
-
- return servers_table
-end
-_M.load_backservers = load_backservers
-
-
-local function load_customsvcnames(keypattern)
- -- closure to perform external lookup to redis
- local fetch_svcnames_from_db = function ()
- local _db = DB:new(options)
- return _db:getcustomsvcnames(keypattern)
- end
-
- local svcnames_cache_table = shcache:new(
- svc_shcache,
- { external_lookup = fetch_svcnames_from_db,
- --encode = cmsgpack.pack,
- encode = cjson.encode,
- --decode = cmsgpack.unpack
- decode = cjson.decode
- },
- { positive_ttl = positive_ttl, -- default cache good data for 60s
- negative_ttl = negative_ttl, -- default cache failed lookup for 5s
- name = 'svcnames_cache' -- "named" cache, useful for debug / report
- }
- )
-
- local service_names, from_cache = svcnames_cache_table:load(keypattern)
-
- return service_names
-end
-_M.load_customsvcnames = load_customsvcnames
-
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/db_access.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/db_access.lua deleted file mode 100644 index 4848a09..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/db_access.lua +++ /dev/null @@ -1,74 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
--- unified layer to access back DB, using two levels of cache mechanism(LRUCache and shcache)
-local _M = {}
-_M._VERSION = '1.0.0'
-
-local cache = require('lib.tools.db_cache')
-local dao = require('dao.dao')
-local msbConf = require('conf.msbinit')
-
-local cacheConf = msbConf.cacheConf
-local lru_ttl = cacheConf.lru_ttl or 10
-
-function _M.load_serviceinfo(key)
- local value, err
- -- Try to get from cache
- value = cache.get(key)
- if not value then
- -- Get from shcache or backend redis
- value = dao.load_serviceinfo(key)
- cache.set(key,value,lru_ttl)
- end
- if cache.is_empty(value) then
- return nil
- end
- return value
-end
-
-function _M.load_backservers(keypattern)
- local value, err
- -- Try to get from cache
- value = cache.get(keypattern)
- if not value then
- -- Get from shcache or backend redis
- value = dao.load_backservers(keypattern)
- cache.set(keypattern,value,lru_ttl)
- end
- if cache.is_empty(value) then
- return nil
- end
- return value
-end
-
-function _M.load_customsvcnames(keypattern)
- local value, err
- -- Try to get from cache
- value = cache.get(keypattern)
- if not value then
- -- Get from shcache or backend redis
- value = dao.load_customsvcnames(keypattern)
- cache.set(keypattern,value,lru_ttl)
- end
- if cache.is_empty(value) then
- return nil
- end
- return value
-end
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/redis_db.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/redis_db.lua deleted file mode 100644 index c5b75c6..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/redis_db.lua +++ /dev/null @@ -1,193 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
--- the client for redis, include the connection pool management and api implements
-local redis = require('resty.redis')
-local tbl_util = require('lib.utils.table_util')
-
-local _M = {
-}
-_M._VERSION = '0.0.1'
-_M._DESCRIPTION = 'msb_redis_module'
-
-local mt = { __index = _M }
-
-local tbl_insert = table.insert
-local tbl_sort = table.sort
-local tbl_isempty = tbl_util.isempty
-
-function _M.new(self, conf)
- self.host = conf.host
- self.port = conf.port
- self.timeout = conf.timeout
- self.dbid = conf.dbid
- self.poolsize = conf.poolsize
- self.idletimeout = conf.idletimeout
-
- local red = redis:new()
- return setmetatable({redis = red}, mt)
-end
-
-function _M.connectdb(self)
- local host = self.host
- local port = self.port
- local dbid = self.dbid
- local red = self.redis
-
- if not (host and port) then
- return nil, 'no host:port avaliable provided'
- end
-
- --set default value
- if not dbid then dbid = 0 end
- local timeout = self.timeout
- if not timeout then
- timeout = 1000 -- 1s
- end
-
- red:set_timeout(timeout)
-
- local ok, err
- if host and port then
- ok, err = red:connect(host, port)
- if ok then return red:select(dbid) end
- end
-
- return ok, err
-end
-
-function _M.keepalivedb(self)
- local max_idle_timeout = self.idletimeout --ms
- local pool_size = self.poolsize
-
- if not pool_size then pool_size = 100 end
- if not max_idle_timeout then max_idle_timeout = 90000 end --90s
-
- local ok, err = self.redis:set_keepalive(max_idle_timeout, pool_size)
- if not ok then
- ngx.log(ngx.ERR, "redis pool keepalive error",err)
- return
- end
- return
-end
-
---inner function,only used in this module
-local function _hgetall(red,key)
- local resp,err = red:hgetall(key)
- --if not resp or next(resp) == nil then
- if tbl_isempty(resp) then
- return nil, "key "..key.." not found"
- end
- local hashinfo = red:array_to_hash(resp)
- return hashinfo,nil
-end
-
-function _M.getserviceinfo(self,key)
- if not key then
- return nil,'no key is provided'
- end
- local c, err = self:connectdb()
- if not c then
- return nil, err
- end
-
- local red = self.redis
-
- local resp,err = red:hgetall(key) --the key will create dynamically
- --if not resp or next(resp) == nil then
- if tbl_isempty(resp) then
- self:keepalivedb()
- return nil, "key "..key.." not found"
- end
-
- local serviceinfo = red:array_to_hash(resp)
-
- self:keepalivedb()
-
- return serviceinfo,nil
-end
-
-function _M.getbackservers(self,keypattern)
- if not keypattern then
- return nil,'no keypattern is provided'
- end
- local c, err = self:connectdb()
- if not c then
- return nil, err
- end
-
- local red = self.redis
-
- local resp, err = red:keys(keypattern)
- if tbl_isempty(resp) then
- self:keepalivedb()
- return nil, "no server matched"
- end
-
- local servers = {}
- for i, v in ipairs(resp) do
- local serverinfo,err = _hgetall(red,v)
- if serverinfo then
- tbl_insert(servers,serverinfo)
- end
- end
- self:keepalivedb()
- return servers,nil
-end
-
-function _M.getcustomsvcnames(self,keypattern)
- if not keypattern then
- return nil,'no keypattern is provided'
- end
- local c, err = self:connectdb()
- if not c then
- return nil, err
- end
-
- local red = self.redis
-
- local resp, err = red:keys(keypattern)
- if tbl_isempty(resp) then
- self:keepalivedb()
- return {}, "no custome service name found"
- end
-
- local svcnames = {}
- --store svc names into the Set
- local key_set={}
- local name
- for key, value in ipairs(resp) do
- local m, err = ngx.re.match(value, "^.+:custom:([^:]+):.*", "o")
- if m then
- name = m[1]
- key_set[name]=true
- end
- end
-
- for key,_ in pairs(key_set) do
- tbl_insert(svcnames,key)
- end
- --sort the key_table in reverse order
- tbl_sort(svcnames, function (a, b)
- return a > b
- end)
-
- self:keepalivedb()
- return svcnames,nil
-end
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/iui_auth.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/iui_auth.lua new file mode 100644 index 0000000..dd7b2ed --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/iui_auth.lua @@ -0,0 +1,41 @@ +local cache = ngx.shared.ceryx +local client_ip = ngx.var.remote_addr +local uri = ngx.var.uri +if uri == "/iui/framework/login.html" then + local value, flags = cache:get(client_ip) + if not value then + return + else + ngx.redirect("/iui/framework/main-page.html") + end +end + +local referer = ngx.var.http_referer +local refererList = { + "/iui/framework/login.html", + "/iui/framework/css/login.css", + "/iui/component/thirdparty/font%-awesome/css/font%-awesome.min.css", + "/iui/framework/css/style%-custom.css" +} +local function referer_matches(t, r) + for k,_ in pairs(t) do + if string.match(r, t[k]) then + return true + end + end + return false +end + +if referer and referer_matches(refererList, referer) then + return +end + +local succ, err, forcible = cache:replace(client_ip, "place_holder", 3600) +if not succ then + if err == 'not found' then + ngx.log(ngx.WARN, "access record not found for "..client_ip..",redirect to login page") + ngx.redirect("/iui/framework/login.html") + else + ngx.log(ngx.WARN, err) + end +end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/tools/db_cache.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/tools/db_cache.lua deleted file mode 100644 index 7f40590..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/tools/db_cache.lua +++ /dev/null @@ -1,54 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
--- db cache over LRUCache, used within one worker processes
-local _M = {}
-_M._VERSION = '1.0.0'
-
-local lrucache = require "resty.lrucache"
-
-local EMPTY_DATA = '_EMPTY_'
-
--- we need to initialize the cache on the lua module level so that
--- it can be shared by all the requests served by each nginx worker process:
-local cache,err = lrucache.new(200) -- allow up to 200 items in the cache
-if not cache then
- return ngx.log(ngx.ERR,"failed to create the cache: " .. (err or "unknown"))
-end
-
-function _M.get(key)
- return cache:get(key)
-end
-
-function _M.set(key,value)
- return _M:set(key, value, nil)
-end
-
-function _M.set(key,value,ttl)
- if not value then
- value = EMPTY_DATA
- end
- return cache:set(key, value, ttl)
-end
-
--- check if the data returned by get() is considered empty
-function _M.is_empty(data)
- return data == EMPTY_DATA
-end
-
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/log_util.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/log_util.lua deleted file mode 100644 index 67b0e26..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/log_util.lua +++ /dev/null @@ -1,28 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local _M = {}
-_M._VERSION = '1.0.0'
-
-function _M.log(k, v)
- --if empty,initialize it
- if not ngx.ctx.logtbl then ngx.ctx.logtbl = {} end
- ngx.ctx.logtbl[k] = v
-end
-
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/svc_util.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/svc_util.lua deleted file mode 100644 index 224b321..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/svc_util.lua +++ /dev/null @@ -1,59 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local _M = {}
-_M._VERSION = '1.0.0'
-
-local tbl_util = require('lib.utils.table_util')
-local msbConf= require('conf.msbinit')
-local log_util = require('lib.utils.log_util')
-local tbl_isempty = tbl_util.isempty
-local enableauthcheck = msbConf.systemConf.enableauthcheck
-local log = log_util.log
-
-function _M.isactive(svcinfo)
- if tbl_isempty(svcinfo) then
- return false
- end
- if svcinfo["status"] == "1" then
- return true
- else
- return false
- end
-end
-
-function _M.isautodiscover(svcinfo)
- if tbl_isempty(svcinfo) then
- return false
- end
- if svcinfo["autoDiscover"] == "1" then
- return true
- else
- return false
- end
-end
-
-function _M.setauthheader(svcinfo)
- --if auth check enabled and this service is inter-system then add sth
- if enableauthcheck and svcinfo["visualRange"] == "0" then
- ngx.req.set_header("Z-EXTENT", "C012089CF43DE687B23B2C0176B344EE")
- log("add Z-EXTENT",true)
- end
-end
-
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/table_util.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/table_util.lua deleted file mode 100644 index c1ddbfe..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/table_util.lua +++ /dev/null @@ -1,30 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local _M = {}
-_M._VERSION = '1.0.0'
-
-function _M.isempty(t)
- if t == nil or next(t) == nil then
- return true
- else
- return false
- end
-end
-
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/balancer.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/balancer.lua deleted file mode 100644 index ffd9f0a..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/balancer.lua +++ /dev/null @@ -1,40 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local b = require "ngx.balancer"
-local policymodule = require "loadbalance.policy.roundrobin"
-local log_util = require('lib.utils.log_util')
-
-local ngx_ctx = ngx.ctx
-local log = log_util.log
-
-local doservernil = function()
- ngx.status = ngx.HTTP_NOT_FOUND
- ngx.say("no on-line server found!")
- return ngx.exit(ngx.status)
-end
-
-local servers = ngx_ctx.backservers
-local svckeypattern = ngx_ctx.svcserverpattern
-local server,err = policymodule.get_backserver(servers,svckeypattern)
-if not server then
- doservernil()
-end
---b.set_current_peer(server["ip"]..":"..server["port"])
-b.set_current_peer(server["ip"],server["port"])
-log("upstreamserver",server["ip"]..":"..server["port"])
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/policy/roundrobin.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/policy/roundrobin.lua deleted file mode 100644 index 986d04e..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/policy/roundrobin.lua +++ /dev/null @@ -1,60 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local _M = {}
-_M._VERSION = '1.0.0'
-
-local tbl_util = require('lib.utils.table_util')
-local tbl_isempty = tbl_util.isempty
-
-function _M.get_backserver(servers,svckey)
- if tbl_isempty(servers) then return nil,"input server list is empty" end
-
- local length = #servers
- if length==1 then
- -- return it directly if there is only one server
- return servers[1],nil
- end
-
- local resty_lock = require "resty.lock"
- local roundrobin_cache = ngx.shared.rr_cache
-
- --step1:acquire lock
- local opts = {["timeout"] = 0.002,["exptime"] = 0.05}--this can be set using the conf file
- local rrlock = resty_lock:new("rr_locks",opts)
- local elapsed, err = rrlock:lock(svckey)
- if not elapsed then
- --return fail("failed to acquire the lock: ", err)
- end
- --step2:lock successfully acquired!incr the index
- local index, err = roundrobin_cache:get(svckey)
- if not index then
- index = 0
- end
- index = index%length+1
-
- --step3:update the shm cache with the new index
- roundrobin_cache:set(svckey,index)
-
- --step4:release the lock
- local ok, err = rrlock:unlock()
-
- return servers[index],nil
-end
-
-return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/log/logger.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/log/logger.lua deleted file mode 100644 index 86452ef..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/log/logger.lua +++ /dev/null @@ -1,26 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local cjson = require "cjson"
-
-local ngx_ctx = ngx.ctx
-
-if ngx_ctx.logtbl then
- local jsonData = cjson.encode(ngx_ctx.logtbl)
- ngx.log(ngx.WARN, string.gsub(jsonData,"\\/","/"))
-end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/login.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/login.lua new file mode 100644 index 0000000..7d6bfd8 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/login.lua @@ -0,0 +1,9 @@ +local h = ngx.resp.get_headers() +if h["openoauth"] and h["openoauth"] == "true" then + local cache = ngx.shared.ceryx + local client_ip = ngx.var.remote_addr + local succ, err, forcible = cache:set(client_ip, "place_holder", 3600) + if not succ then + ngx.log(ngx.WARN, err) + end +end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/logout.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/logout.lua new file mode 100644 index 0000000..e23f787 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/logout.lua @@ -0,0 +1,6 @@ +local cache = ngx.shared.ceryx +local client_ip = ngx.var.remote_addr +local succ, err, forcible = cache:delete(client_ip) +if not succ then + ngx.log(ngx.WARN, err) +end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/make_authed.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/make_authed.lua new file mode 100644 index 0000000..c4c2d78 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/make_authed.lua @@ -0,0 +1,44 @@ +function ipValidator(ip)
+ local chunks = {ip:match("(%d+)%.(%d+)%.(%d+)%.(%d+)")}
+ if #chunks == 4 then
+ for _,v in pairs(chunks) do
+ if tonumber(v) > 255 then return R.STRING end
+ end
+ return true
+ end
+ local chunks = {ip:match(("([a-fA-F0-9]*):"):rep(8):gsub(":$","$"))}
+ if #chunks == 8 then
+ for _,v in pairs(chunks) do
+ if #v > 0 and tonumber(v, 16) > 65535 then return R.STRING end
+ end
+ return true
+ end
+ return false
+end
+
+if ngx.req.get_method() == "POST" then
+ ngx.req.read_body()
+ local body = ngx.req.get_body_data()
+ local json = require('cjson')
+ local tab = json.decode(body)
+ local ip = tab["passIp"]
+ if not ip then
+ ngx.log(ngx.WARN, "ip is nil.")
+ ngx.exit(500)
+ end
+ if ipValidator(ip) then
+ local cache = ngx.shared.ceryx
+ local succ, err, forcible = cache:set(ip, "place_holder", 3600)
+ if not succ then
+ ngx.log(ngx.WARN, err)
+ ngx.exit(500)
+ end
+ else
+ ngx.log(ngx.WARN, "not a valid ip.")
+ ngx.exit(500)
+ end
+ ngx.exit(201)
+else
+ ngx.log(ngx.WARN, "not a POST request.")
+ ngx.exit(500)
+end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/commonrewrite.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/commonrewrite.lua deleted file mode 100644 index c57880d..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/commonrewrite.lua +++ /dev/null @@ -1,155 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local msbConf = require('conf.msbinit')
-local svcConf = require('conf.svcconf')
-local dbclient = require('dao.db_access')
-local tbl_util = require('lib.utils.table_util')
-local svc_util = require('lib.utils.svc_util')
-local log_util = require('lib.utils.log_util')
-
-local tbl_concat = table.concat
-local tbl_isempty = tbl_util.isempty
-local svc_isactive = svc_util.isactive
-local svc_setauthheader = svc_util.setauthheader
-local svc_isautodiscover = svc_util.isautodiscover
-
-local str_sub = string.sub
-local str_len = string.len
-local str_low = string.lower
-local ngx_var = ngx.var
-local ngx_ctx = ngx.ctx
-local log = log_util.log
-
-local defaultport = msbConf.systemConf.defaultport
-local defaultprefix = msbConf.systemConf.defaultprefix
-local enablefullsearch = msbConf.systemConf.enablefullsearch
-local useconsultemplate = msbConf.systemConf.useconsultemplate
-local apiRelatedTypes = svcConf.apiRelatedTypes
-local urlfieldMap = svcConf.urlfieldMap
-
-local donotfound = function()
- if enablefullsearch then
- -- test against the custom services after the commonrewrite phase
- ngx.status = ngx.HTTP_GONE
- else
- ngx.status = ngx.HTTP_NOT_FOUND
- ngx.say("service info not found!")
- end
- return ngx.exit(ngx.status)
-end
-
----------------------------------------------------------------
---preCheck:
--- determine whether it is websocket request
--- and do internal redirect
----------------------------------------------------------------
-local http_upgrade = ngx_var.http_upgrade
-if(ngx_var.websocket_internal_redirect == "on") and http_upgrade and str_low(http_upgrade) == "websocket" then
- ngx.log(ngx.ERR, "Websocket request and redirect to @commonwebsocket")
- return ngx.exec("@commonwebsocket");
-end
-
----------------------------------------------------------------
---step0:Preparation
--- svc_info_key
--- svc_server_keypattern
----------------------------------------------------------------
-local svc_name = ngx_var.svc_name
-local req_res = ngx_var.req_res
-local svc_type = ngx_var.svc_type
-
-local sys_prefix = ""
-local server_port = ngx_var.server_port
-if(server_port == defaultport) then
- sys_prefix = defaultprefix
-else
- sys_prefix = server_port
-end
-
-local svc_info_key = ""
-local svc_server_keypattern = ""
-local upstream_name_consultemplate = ""
-if(apiRelatedTypes[svc_type]) then
- -- process version info first
- local version1 = ngx_var.svc_version1
- local version2 = ngx_var.svc_version2
- local version = ""
- -- check version info appearing befor or after
- if(not version2) then version2 = "" end --convert nil to empty sting avoiding throw error
- if(not version1 or version1 == "") then
- version = version2
- else
- version = version1
- req_res = version2..req_res
- end
- -- remove the slash in front of the version (e.g. /V1.0)
- local svc_version=str_sub(version,2,str_len(version))
- svc_info_key = tbl_concat({sys_prefix,"api",svc_name,svc_version,"info"},":")
- svc_server_keypattern = tbl_concat({sys_prefix,"api",svc_name,svc_version,"lb:server*"},":")
- upstream_name_consultemplate = svc_name
-else
- svc_info_key = tbl_concat({sys_prefix,"iui",svc_name,"info"},":")
- svc_server_keypattern = tbl_concat({sys_prefix,"iui",svc_name,"lb:server*"},":")
- upstream_name_consultemplate = "IUI_"..svc_name
-end
-
----------------------------------------------------------------
---step1:query the service info from share memory or back db
--- svcinfo: the requested service information
----------------------------------------------------------------
-local svcinfo = dbclient.load_serviceinfo(svc_info_key)
-if not svc_isactive(svcinfo) then
- donotfound()
-end
-
-local svc_url = svcinfo[urlfieldMap[svc_type]]
-if not svc_url then
- donotfound()
-end
-
----------------------------------------------------------------
---step2:rewrite the request uri using the svcinfo
----------------------------------------------------------------
-local rewrited_uri = svc_url..req_res
---special handling: avoid throws internal error when it is empty
-if (rewrited_uri == "") then rewrited_uri = "/" end
-ngx.req.set_uri(rewrited_uri)
-
-log("matchedservice",svc_name)
-log("rewrited_uri",rewrited_uri)
----------------------------------------------------------------
---step2.1:if this service is inter-system,add custom http header
----------------------------------------------------------------
-svc_setauthheader(svcinfo)
-
----------------------------------------------------------------
---step3:process the proxy upstream part
--- con1-using consul template:set the upstream name
--- con2-using msb balancer:query the server list and store in the ctx
----------------------------------------------------------------
-if useconsultemplate and svc_isautodiscover(svcinfo) then
- ngx_var.backend = upstream_name_consultemplate
-else
- local backservers = dbclient.load_backservers(svc_server_keypattern)
- if tbl_isempty(backservers) then
- donotfound()
- end
- ngx_ctx.backservers = backservers
- ngx_ctx.svcserverpattern = svc_server_keypattern
-end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/customrewrite.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/customrewrite.lua deleted file mode 100644 index 564a52a..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/customrewrite.lua +++ /dev/null @@ -1,208 +0,0 @@ ---[[
-
- Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE)
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
---]]
-
-local msbConf = require('conf.msbinit')
-local svcConf = require('conf.svcconf')
-local dbclient = require('dao.db_access')
-local tbl_util = require('lib.utils.table_util')
-local svc_util = require('lib.utils.svc_util')
-local log_util = require('lib.utils.log_util')
-
-local tbl_concat = table.concat
-local tbl_isempty = tbl_util.isempty
-local svc_isactive = svc_util.isactive
-local svc_setauthheader = svc_util.setauthheader
-local svc_isautodiscover = svc_util.isautodiscover
-local str_sub = string.sub
-local str_len = string.len
-local str_low = string.lower
-local ngx_var = ngx.var
-local ngx_ctx = ngx.ctx
-local log = log_util.log
-
-local defaultport = msbConf.systemConf.defaultport
-local defaultprefix = msbConf.systemConf.defaultprefix
-local enablerefercheck = msbConf.systemConf.enablerefercheck
-local useconsultemplate = msbConf.systemConf.useconsultemplate
-local urlfieldMap = svcConf.urlfieldMap
-
-local donotfound = function()
- ngx.status = ngx.HTTP_NOT_FOUND
- ngx.say("service info not found!")
- return ngx.exit(ngx.status)
-end
-
----------------------------------------------------------------
---preCheck:
--- determine whether it is websocket request
--- and do internal redirect
----------------------------------------------------------------
-local http_upgrade = ngx_var.http_upgrade
-if(ngx_var.websocket_internal_redirect == "on") and http_upgrade and str_low(http_upgrade)== "websocket" then
- ngx.log(ngx.ERR, "Websocket request and redirect to @customwebsocket")
- return ngx.exec("@customwebsocket");
-end
-
----------------------------------------------------------------
---step0:Preparation
--- svcnames:service names registered under this port
----------------------------------------------------------------
-local sys_prefix = ""
-local server_port = ngx_var.server_port
-if(server_port == defaultport) then
- sys_prefix = defaultprefix
-else
- sys_prefix = server_port
-end
-
-local custom_svc_keypattern = tbl_concat({sys_prefix,"custom","*"},":")
-
-local get_svcinfokey_custom = function(svcname)
- return tbl_concat({sys_prefix,"custom",svcname,"info"},":")
-end
-
-local get_svcserverpattern_custom = function(svcname)
- return tbl_concat({sys_prefix,"custom",svcname,"lb:server*"},":")
-end
-
-local svcnames,err = dbclient.load_customsvcnames(custom_svc_keypattern)
-if not svcnames then
- donotfound()
-end
-
----------------------------------------------------------------
---step1:run the match process(check whether the request
--- match the name in the svcnames one by one)
--- and return the matched serice info
----------------------------------------------------------------
-local req_res = ngx_var.uri
-local svc_type = ngx_var.svc_type
-local matchedsvcname
-local svcinfo
---add by wangyg:20160418 special handler for refer
-local matched_usingrefer = false
---end of add by wangyg:20160418 special handler for refer
-for _, svcname in ipairs(svcnames) do
- if (svcname == "/") then
- local svc_info_key = get_svcinfokey_custom(svcname)
- local svc_info,err = dbclient.load_serviceinfo(svc_info_key)
- if svc_info and svc_isactive(svc_info)then
- matchedsvcname = svcname
- svcinfo = svc_info
- break
- end
- end
- local from, to, err = ngx.re.find(req_res, "^"..svcname.."(/(.*))?$", "jo")
- --check whether svcname is the prefix of the req uri
- if from then
- local svc_info_key = get_svcinfokey_custom(svcname)
- local svc_info,err = dbclient.load_serviceinfo(svc_info_key)
- if svc_info and svc_isactive(svc_info) then
- matchedsvcname = svcname
- svcinfo = svc_info
- break
- end
- else
- --do nothing
- end
-end
----------------------------------------------------------------
---step1.1:additional process,test against the refer
--- similar to step1
----------------------------------------------------------------
---add by wangyg:20160418 special handler for refer
-if not matchedsvcname and enablerefercheck then
- local refer = ngx_var.http_referer
- if(refer and refer~="") then
- for _, svcname in ipairs(svcnames) do
- local urlreg ="^(https://|http://|)(([1-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))\\.)(([0-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))\\.){2}([1-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))(:\\d{1,5})?"..svcname.."(/(.*))?$";
- local from, to, err = ngx.re.find(refer, urlreg, "jo")
- ----check whether svcname is the prefix of the req refer
- if from then
- local svc_info_key = get_svcinfokey_custom(svcname)
- local svc_info,err = dbclient.load_serviceinfo(svc_info_key)
- if svc_info and svc_isactive(svc_info) then
- matchedsvcname = svcname
- svcinfo = svc_info
- matched_usingrefer = true
- break
- end
- end
- end
- end
-end
---end of add by wangyg:20160418 special handler for refer
-
-if not matchedsvcname or tbl_isempty(svcinfo) then
- donotfound()
-end
-
-local svc_url = svcinfo[urlfieldMap[svc_type]]
-if not svc_url then
- donotfound()
-end
-
----------------------------------------------------------------
---step2:rewrite the request uri using the svcinfo
----------------------------------------------------------------
-local rewrited_uri =""
-if (matchedsvcname == "/") then
- --special handling: if "/" matched, contact directly
- rewrited_uri = svc_url..req_res
-else
- --rewrited_uri = ngx.re.sub(req_res, "^"..matchedsvcname.."(.*)", svc_url.."$1", "o")
- local newuri,n,err = ngx.re.sub(req_res, "^"..matchedsvcname.."(/.*)?", svc_url.."$1", "o")
- --add by wangyg:20160418 special handler for refer
- if(n==0 and matched_usingrefer) then newuri = svc_url..req_res end --special handling if matched using refer
- --end of add by wangyg:20160418 special handler for refer
- rewrited_uri = newuri
-end
-if (rewrited_uri == "") then rewrited_uri = "/" end --avoid throws internal error when it is empty
-ngx.req.set_uri(rewrited_uri)
-
---set the matched service info,used in the proxy_redirect directive
-ngx_var.svc_name = matchedsvcname
-ngx_var.svc_url = svc_url
-
---log the route info
-log("matchedservice",matchedsvcname)
-if(matched_usingrefer) then log("matched_usingrefer",true) end
-log("rewrited_uri",rewrited_uri)
-
----------------------------------------------------------------
---step2.1:if this service is inter-system,add custom http header
----------------------------------------------------------------
-svc_setauthheader(svcinfo)
-
----------------------------------------------------------------
---step3:process the proxy upstream part
--- con1-using consul template:set the upstream name
--- con2-using msb balancer:query the backserver list and store in the ctx
----------------------------------------------------------------
-if useconsultemplate and svc_isautodiscover(svcinfo) then
- --FIX ME:if svcname contains "/", the upstream name may be illegal
- ngx_var.backend = ngx.re.sub(matchedsvcname, "^/(.*)", "$1", "o")
-else
- local svc_server_keypattern = get_svcserverpattern_custom(matchedsvcname)
- local backservers,err = dbclient.load_backservers(svc_server_keypattern)
- if tbl_isempty(backservers) then
- donotfound()
- end
- ngx_ctx.backservers = backservers
- ngx_ctx.svcserverpattern = svc_server_keypattern
-end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/serviceaccess.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/serviceaccess.lua new file mode 100644 index 0000000..1118341 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/serviceaccess.lua @@ -0,0 +1,15 @@ +if ngx.req.get_method() == "GET" then
+ local services = {
+ {serviceName="odlsdnia",apiJson="/api/odlsdnia/v1/swagger.json"},
+ {serviceName="roc",apiJson="/api/roc/v1/swagger.json"},
+ {serviceName="tackeria",apiJson="/api/tackeria/v1/swagger.json"},
+ {serviceName="etsi",apiJson="/api/etsiia/v1/swagger.json"}
+ }
+ local cjson = require "cjson"
+ local jsonData = cjson.encode(services)
+ jsonData = string.gsub(jsonData,"\\/","/")
+ ngx.print(jsonData)
+else
+ ngx.log(ngx.WARN, "not a GET request.")
+ ngx.exit(500)
+end
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/vendor/shcache.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/vendor/shcache.lua deleted file mode 100644 index 32a9b6c..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/vendor/shcache.lua +++ /dev/null @@ -1,440 +0,0 @@ --- Copyright (C) 2013 Matthieu Tourne --- @author Matthieu Tourne <matthieu@cloudflare.com> - --- small overlay over shdict, smart cache load mechanism - -local M = {} - -local resty_lock = require("resty.lock") - -local DEBUG = false - --- defaults in secs -local DEFAULT_POSITIVE_TTL = 10 -- cache for, successful lookup -local DEFAULT_NEGATIVE_TTL = 2 -- cache for, failed lookup -local DEFAULT_ACTUALIZE_TTL = 2 -- stale data, actualize data for - --- default lock options, in secs -local function _get_default_lock_options() - return { - exptime = 1, -- max wait if failing to call unlock() - timeout = 0.5, -- max waiting time of lock() - max_step = 0.1, -- max sleeping interval - } -end - -local function prequire(m) - local ok, err_or_module = pcall(require, m) - if not ok then - return nil, err_or_module - end - return err_or_module -end - -local conf = prequire("conf") -if conf then - DEFAULT_NEGATIVE_TTL = conf.DEFAULT_NEGATIVE_TTL or DEFAULT_NEGATIVE_TTL - DEFAULT_ACTUALIZE_TTL = conf.DEFAULT_ACTUALIZE_TTL or DEFAULT_ACTUALIZE_TTL -end - -local band = bit.band -local bor = bit.bor -local st_format = string.format - --- there are only really 5 states total - -- is_stale is_neg is_from_cache -local MISS_STATE = 0 -- 0 0 0 -local HIT_POSITIVE_STATE = 1 -- 0 0 1 -local HIT_NEGATIVE_STATE = 3 -- 0 1 1 -local STALE_POSITIVE_STATE = 5 -- 1 0 1 - --- stale negative doesn't really make sense, use HIT_NEGATIVE instead --- local STALE_NEGATIVE_STATE = 7 -- 1 1 1 - --- xor to set -local NEGATIVE_FLAG = 2 -local STALE_FLAG = 4 - -local STATES = { - [MISS_STATE] = 'MISS', - [HIT_POSITIVE_STATE] = 'HIT', - [HIT_NEGATIVE_STATE] = 'HIT_NEGATIVE', - [STALE_POSITIVE_STATE] = 'STALE', - -- [STALE_NEGATIVE_STATE] = 'STALE_NEGATIVE', -} - -local function get_status(flags) - return STATES[flags] or st_format('UNDEF (0x%x)', flags) -end - -local EMPTY_DATA = '_EMPTY_' - --- install debug functions -if DEBUG then - local resty_lock_lock = resty_lock.lock - - resty_lock.lock = function (...) - local _, key = unpack({...}) - print("lock key: ", tostring(key)) - return resty_lock_lock(...) - end - - local resty_lock_unlock = resty_lock.unlock - - resty_lock.unlock = function (...) - print("unlock") - return resty_lock_unlock(...) - end -end - - --- store the object in the context --- useful for debugging and tracking cache status -local function _store_object(self, name) - if DEBUG then - print('storing shcache: ', name, ' into ngx.ctx') - end - - local ngx_ctx = ngx.ctx - - if not ngx_ctx.shcache then - ngx_ctx.shcache = {} - end - ngx_ctx.shcache[name] = self -end - -local obj_mt = { - __index = M, -} - --- default function for callbacks.encode / decode. -local function _identity(data) - return data -end - --- shdict: ngx.shared.DICT, created by the lua_shared_dict directive --- callbacks: see shcache state machine for user defined functions --- * callbacks.external_lookup is required --- * callbacks.encode : optional encoding before saving to shmem --- * callbacks.decode : optional decoding when retreiving from shmem --- opts: --- * opts.positive_ttl : save a valid external loookup for, in seconds --- * opts.positive_ttl : save a invalid loookup for, in seconds --- * opts.actualize_ttl : re-actualize a stale record for, in seconds --- * opts.lock_options : set option to lock see : http://github.com/agentzh/lua-resty-lock --- for more details. --- * opts.locks_shdict : specificy the name of the shdict containing the locks --- (useful if you might have locks key collisions) --- uses "locks" by default. --- * opts.name : if shcache object is named, it will automatically --- register itself in ngx.ctx.shcache (useful for logging). -local function new(self, shdict, callbacks, opts) - if not shdict then - return nil, "shdict does not exist" - end - - -- check that callbacks.external_lookup is set - if not callbacks or not callbacks.external_lookup then - return nil, "no external_lookup function defined" - end - - if not callbacks.encode then - callbacks.encode = _identity - end - - if not callbacks.decode then - callbacks.decode = _identity - end - - local opts = opts or {} - - -- merge default lock options with the ones passed to new() - local lock_options = _get_default_lock_options() - if opts.lock_options then - for k, v in pairs(opts.lock_options) do - lock_options[k] = v - end - end - - local name = opts.name - - local obj = { - shdict = shdict, - callbacks = callbacks, - - positive_ttl = opts.positive_ttl or DEFAULT_POSITIVE_TTL, - negative_ttl = opts.negative_ttl or DEFAULT_NEGATIVE_TTL, - - -- ttl to actualize stale data to - actualize_ttl = opts.actualize_ttl or DEFAULT_ACTUALIZE_TTL, - - lock_options = lock_options, - - locks_shdict = opts.lock_shdict or "locks", - - -- STATUS -- - - from_cache = false, - cache_status = 'UNDEF', - cache_state = MISS_STATE, - lock_status = 'NO_LOCK', - - -- shdict:set() pushed out another value - forcible_set = false, - - -- cache hit on second attempt (post lock) - hit2 = false, - - name = name, - } - - local locks = ngx.shared[obj.locks_shdict] - - -- check for existence, locks is not directly used - if not locks then - ngx.log(ngx.CRIT, 'shared mem locks is missing.\n', - '## add to you lua conf: lua_shared_dict locks 5M; ##') - return nil - end - - local self = setmetatable(obj, obj_mt) - - -- if the shcache object is named - -- keep track of the object in the context - -- (useful for gathering stats at log phase) - if name then - _store_object(self, name) - end - - return self -end -M.new = new - --- acquire a lock -local function _get_lock(self) - local lock = self.lock - if not lock then - lock = resty_lock:new(self.locks_shdict, self.lock_options) - self.lock = lock - end - return lock -end - --- remove the lock if there is any -local function _unlock(self) - local lock = self.lock - if lock then - local ok, err = lock:unlock() - if not ok then - ngx.log(ngx.ERR, "failed to unlock :" , err) - end - self.lock = nil - end -end - -local function _return(self, data, flags) - -- make sure we remove the locks if any before returning data - _unlock(self) - - -- set cache status - local cache_status = get_status(self.cache_state) - - if cache_status == 'MISS' and not data then - cache_status = 'NO_DATA' - end - - self.cache_status = cache_status - - return data, self.from_cache -end - -local function _set(self, ...) - if DEBUG then - local key, data, ttl, flags = unpack({...}) - print("saving key: ", key, ", for: ", ttl) - end - - local ok, err, forcible = self.shdict:set(...) - - self.forcible_set = forcible - - if not ok then - local key, data, ttl, flags = unpack({...}) - ngx.log(ngx.ERR, 'failed to set key: ', key, ', err: ', err) - end - - return ok -end - --- check if the data returned by :get() is considered empty -local function _is_empty(data, flags) - return flags and band(flags, NEGATIVE_FLAG) and data == EMPTY_DATA -end - --- save positive, encode the data if needed before :set() -local function _save_positive(self, key, data) - if DEBUG then - print("key: ", key, ". save positive, ttl: ", self.positive_ttl) - end - data = self.callbacks.encode(data) - return _set(self, key, data, self.positive_ttl, HIT_POSITIVE_STATE) -end - --- save negative, no encoding required (no data actually saved) -local function _save_negative(self, key) - if DEBUG then - print("key: ", key, ". save negative, ttl: ", self.negative_ttl) - end - return _set(self, key, EMPTY_DATA, self.negative_ttl, HIT_NEGATIVE_STATE) -end - --- save actualize, will boost a stale record to a live one -local function _save_actualize(self, key, data, flags) - local new_flags = bor(flags, STALE_FLAG) - - if DEBUG then - print("key: ", key, ". save actualize, ttl: ", self.actualize_ttl, - ". new state: ", get_status(new_flags)) - end - - _set(self, key, data, self.actualize_ttl, new_flags) - return new_flags -end - -local function _process_cached_data(self, data, flags) - if DEBUG then - print("data: ", data, st_format(", flags: %x", flags)) - end - - self.cache_state = flags - self.from_cache = true - - if _is_empty(data, flags) then - -- empty cached data - return nil - else - return self.callbacks.decode(data) - end -end - --- wrapper to get data from the shdict -local function _get(self, key) - -- always call get_stale() as it does not free element - -- like get does on each call - local data, flags, stale = self.shdict:get_stale(key) - - if data and stale then - if DEBUG then - print("found stale data for key : ", key) - end - - self.stale_data = { data, flags } - - return nil, nil - end - - return data, flags -end - -local function _get_stale(self) - local stale_data = self.stale_data - if stale_data then - return unpack(stale_data) - end - - return nil, nil -end - -local function load(self, key) - -- start: check for existing cache - local data, flags = _get(self, key) - - -- hit: process_cache_hit - if data then - data = _process_cached_data(self, data, flags) - return _return(self, data) - end - - -- miss: set lock - - -- lock: set a lock before performing external lookup - local lock = _get_lock(self) - local elapsed, err = lock:lock(key) - - if not elapsed then - -- failed to acquire lock, still proceed normally to external_lookup - -- unlock() might fail. - ngx.log(ngx.ERR, "failed to acquire the lock: ", err) - self.lock_status = 'ERROR' - -- _unlock won't try to unlock() without a valid lock - self.lock = nil - else - -- lock acquired successfuly - - if elapsed > 0 then - - -- elapsed > 0 => waited lock (other thread might have :set() the data) - -- (more likely to get a HIT on cache_load 2) - self.lock_status = 'WAITED' - - else - - -- elapsed == 0 => immediate lock - -- it is less likely to get a HIT on cache_load 2 - -- but still perform it (race condition cases) - self.lock_status = 'IMMEDIATE' - end - - -- perform cache_load 2 - data, flags = _get(self, key) - if data then - -- hit2 : process cache hit - - self.hit2 = true - - -- unlock before de-serializing cached data - _unlock(self) - data = _process_cached_data(self, data, flags) - return _return(self, data) - end - - -- continue to external lookup - end - - -- perform external lookup - data, err = self.callbacks.external_lookup() - - if data then - -- succ: save positive and return the data - - _save_positive(self, key, data) - return _return(self, data) - else - ngx.log(ngx.WARN, 'external lookup failed: ', err) - end - - -- external lookup failed - -- attempt to load stale data - data, flags = _get_stale(self) - if data and not _is_empty(data, flags) then - -- hit_stale + valid (positive) data - - flags = _save_actualize(self, key, data, flags) - -- unlock before de-serializing data - _unlock(self) - data = _process_cached_data(self, data, flags) - return _return(self, data) - end - - if DEBUG and data then - -- there is data, but it failed _is_empty() => stale negative data - print('STALE_NEGATIVE data => cache as a new HIT_NEGATIVE') - end - - -- nothing has worked, save negative and return empty - _save_negative(self, key) - return _return(self, nil) -end -M.load = load - -return M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext-mount/README.md b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext-mount/README.md deleted file mode 100644 index ce00b06..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext-mount/README.md +++ /dev/null @@ -1,4 +0,0 @@ -README -=============== -Similar to the location-ext directory,but it's just a placeholder folder. -The folder may always be empty and you attach an external folder found outside the container or the virtual machine at the directory.
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext/README.md b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext/README.md deleted file mode 100644 index 58310a7..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext/README.md +++ /dev/null @@ -1,11 +0,0 @@ -README -=============== - -The directory to store configuration files that extends locations of the default listening server(e.g 10080). -The config file must be a *.conf file. For example: -#testlocation.conf -~~~ -location = /test { - echo "test ok"; -} -~~~
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/msb.conf b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/msb.conf deleted file mode 100644 index 3a64ff9..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/msb.conf +++ /dev/null @@ -1,218 +0,0 @@ -# -# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -#the maximum allowed size of the client request body,current 10G -client_max_body_size 10240m; -client_body_buffer_size 128k; - -#set conf for proxy pass -proxy_connect_timeout 10s; -proxy_read_timeout 120s; -proxy_send_timeout 120s; -proxy_set_header X-Real-IP $remote_addr; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header Host $host:$server_port; -proxy_buffers 4 16k; - -#set the nginx_cache parameter -proxy_cache_path temp/proxy_cache levels=1:2 keys_zone=nginx_cache:100m inactive=1d max_size=1g; -proxy_cache_key $host$uri$is_args$args; -proxy_cache_revalidate on; -proxy_cache_min_uses 3; -proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; -proxy_cache_lock on; - -# Lua settings -lua_package_path "$prefix/../lualib/?.lua;$prefix/luaext/?.lua;;"; -lua_package_cpath "$prefix/../lualib/?.so;;"; -lua_shared_dict rr_cache 1M; -lua_shared_dict rr_locks 100k; - -lua_shared_dict svc_cache 5M; -lua_shared_dict locks 200k; - -lua_code_cache on; - -# Basic reverse proxy server processor -upstream defaultbackend { - server 0.0.0.1; - balancer_by_lua_file luaext/loadbalance/balancer.lua; - #keepalive 10; -} - -server { - listen 10080; - default_type text/html; - - # the flag identify whether to check doing internal redirect or not - set $websocket_internal_redirect "on"; - - location = /msb { - #try_files $uri @defaulthomepage; - rewrite ^ /iui/microservices/default.html redirect; - } - - location = /iui/microservices { - try_files $uri @addslash; - } - - location @addslash { - return 302 $scheme://$http_host$uri/; - } - - location @defaulthomepage { - return 302 $scheme://$http_host/iui/microservices/default.html; - } - - error_page 410 = @commonnotfound; - - location @commonnotfound { - set $svc_type "custom"; - set $svc_name ""; - set $svc_url ""; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/customrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name; - } - - location @customwebsocket { - set $websocket_internal_redirect "off"; - #set header for websocket - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $host:$server_port; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/customrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - } - - location @commonwebsocket { - set $websocket_internal_redirect "off"; - #set header for websocket - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $host:$server_port; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/commonrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - } - - location / { - set $svc_type "custom"; - set $svc_name ""; - set $svc_url ""; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/customrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name; - } - - location ~ ^/(api|admin|apijson)(/[Vv]\d+(?:\.\d+)*)?/([^/]+)(/[Vv]\d+(?:\.\d+)*)?(.*) { - set $svc_type $1; - set $svc_name $3; - set $svc_version1 $2; - set $svc_version2 $4; - set $req_res $5; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/commonrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - } - - location ~* ^/iui/([^/]+)(.*)\.(png|jpg|jpeg|gif|ico|bmp|woff)$ { - set $svc_type "iui"; - set $svc_name $1; - set $req_res $2.$3; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/commonrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_cache nginx_cache; - add_header X-Cache-Status $upstream_cache_status; - proxy_pass http://$backend; - } - - location ~ ^/iui/([^/]+)(.*) { - set $svc_type "iui"; - set $svc_name $1; - set $req_res $2; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/commonrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - } - - location ~* \.(?:png|jpg|jpeg|gif|ico|bmp|woff)$ { - set $svc_type "custom"; - set $svc_name ""; - set $svc_url ""; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/customrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_cache nginx_cache; - add_header X-Cache-Status $upstream_cache_status; - proxy_pass http://$backend; - proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name; - } - - location = /favicon.ico { - log_not_found off; - } - include ../msb-enabled/location-ext/*.conf; - include ../msb-enabled/location-ext-mount/*.conf; -}
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.exe b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.exe Binary files differdeleted file mode 100644 index c6e8fc2..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.exe +++ /dev/null diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.xml b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.xml deleted file mode 100644 index ced7188..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.xml +++ /dev/null @@ -1,13 +0,0 @@ -<service>
- <id>msb_openresty</id>
- <name>msb_openresty</name>
- <description>This service runs openresty.</description>
- <workingdirectory>%BASE%</workingdirectory>
- <env name="RUNHOME" value="%BASE%"/>
- <executable>nginx.exe</executable>
- <stopexecutable>nginx.exe</stopexecutable>
- <stopargument>-s</stopargument>
- <stopargument>stop</stopargument>
- <logmode>rotate</logmode>
- <!-- stopparentprocessfirst>true</stopparentprocessfirst -->
-</service>
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled-mount/README.md b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled-mount/README.md deleted file mode 100644 index 6b443bc..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled-mount/README.md +++ /dev/null @@ -1,4 +0,0 @@ -README -=============== -Similar to the sites-enabled directory,but it's just a placeholder folder. -The folder may always be empty and you attach an external folder found outside the container or the virtual machine at the directory.
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled/README.md b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled/README.md deleted file mode 100644 index d57d687..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled/README.md +++ /dev/null @@ -1,15 +0,0 @@ -README -=============== - -The directory to store configuration files that configs another server except the default listening server(e.g 10080). -The config file must be a *.conf file. For example: -#server1.conf -~~~ -server { - listen 20080; - - location =/info { - echo "another server 20080"; - } -} -~~~
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/stream-enabled/placeholder.txt b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/stream-enabled/placeholder.txt deleted file mode 100644 index e69de29..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/stream-enabled/placeholder.txt +++ /dev/null |