From 8597cf5e116012c038e83f763a816ca106cad4d2 Mon Sep 17 00:00:00 2001 From: HuabingZhao Date: Thu, 25 Aug 2016 10:17:35 +0800 Subject: Solve api gateway issue Change-Id: I88fedc04faaf4d799b9dbf4c306aa073cabd6218 Signed-off-by: HuabingZhao --- .../resources/openresty/nginx/conf/mime.types | 94 ----- .../resources/openresty/nginx/conf/nginx.conf | 256 ++++++++++-- .../resources/openresty/nginx/luaext/auth.lua | 15 + .../openresty/nginx/luaext/conf/msbinit.lua | 44 --- .../openresty/nginx/luaext/conf/svcconf.lua | 34 -- .../resources/openresty/nginx/luaext/dao/dao.lua | 120 ------ .../openresty/nginx/luaext/dao/db_access.lua | 74 ---- .../openresty/nginx/luaext/dao/redis_db.lua | 193 --------- .../resources/openresty/nginx/luaext/iui_auth.lua | 41 ++ .../openresty/nginx/luaext/lib/tools/db_cache.lua | 54 --- .../openresty/nginx/luaext/lib/utils/log_util.lua | 28 -- .../openresty/nginx/luaext/lib/utils/svc_util.lua | 59 --- .../nginx/luaext/lib/utils/table_util.lua | 30 -- .../nginx/luaext/loadbalance/balancer.lua | 40 -- .../nginx/luaext/loadbalance/policy/roundrobin.lua | 60 --- .../openresty/nginx/luaext/log/logger.lua | 26 -- .../resources/openresty/nginx/luaext/login.lua | 9 + .../resources/openresty/nginx/luaext/logout.lua | 6 + .../openresty/nginx/luaext/make_authed.lua | 44 +++ .../nginx/luaext/rewrite/commonrewrite.lua | 155 -------- .../nginx/luaext/rewrite/customrewrite.lua | 208 ---------- .../openresty/nginx/luaext/serviceaccess.lua | 15 + .../openresty/nginx/luaext/vendor/shcache.lua | 440 --------------------- .../nginx/msb-enabled/location-ext-mount/README.md | 4 - .../nginx/msb-enabled/location-ext/README.md | 11 - .../resources/openresty/nginx/msb-enabled/msb.conf | 218 ---------- .../resources/openresty/nginx/openrestyService.exe | Bin 59392 -> 0 bytes .../resources/openresty/nginx/openrestyService.xml | 13 - .../openresty/nginx/sites-enabled-mount/README.md | 4 - .../openresty/nginx/sites-enabled/README.md | 15 - .../openresty/nginx/stream-enabled/placeholder.txt | 0 31 files changed, 343 insertions(+), 1967 deletions(-) delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/mime.types create mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/auth.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/msbinit.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/svcconf.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/dao.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/db_access.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/redis_db.lua create mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/iui_auth.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/tools/db_cache.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/log_util.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/svc_util.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/table_util.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/balancer.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/policy/roundrobin.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/log/logger.lua create mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/login.lua create mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/logout.lua create mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/make_authed.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/commonrewrite.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/customrewrite.lua create mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/serviceaccess.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/vendor/shcache.lua delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext-mount/README.md delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext/README.md delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/msb.conf delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.exe delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.xml delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled-mount/README.md delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled/README.md delete mode 100644 msb-core/openresty-ext/src/assembly/resources/openresty/nginx/stream-enabled/placeholder.txt diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/mime.types b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/mime.types deleted file mode 100644 index 829e8ba..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/mime.types +++ /dev/null @@ -1,94 +0,0 @@ -# -# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -types { - text/html html htm shtml; - text/css css; - text/xml xml rss; - image/gif gif; - image/jpeg jpeg jpg; - application/x-javascript js; - application/atom+xml atom; - - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; - - image/png png; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/x-icon ico; - image/x-jng jng; - image/x-ms-bmp bmp; - image/svg+xml svg svgz; - - application/java-archive jar war ear; - application/json json; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.ms-excel xls; - application/vnd.ms-powerpoint ppt; - application/vnd.wap.wmlc wmlc; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/x-7z-compressed 7z; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/xhtml+xml xhtml; - application/zip zip; - - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream eot; - application/octet-stream iso img; - application/octet-stream msi msp msm; - application/ogg ogx; - - audio/midi mid midi kar; - audio/mpeg mpga mpega mp2 mp3 m4a; - audio/ogg oga ogg spx; - audio/x-realaudio ra; - audio/webm weba; - - video/3gpp 3gpp 3gp; - video/mp4 mp4; - video/mpeg mpeg mpg mpe; - video/ogg ogv; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; -} \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/nginx.conf b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/nginx.conf index 5c524fc..9a2db3f 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/nginx.conf +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/conf/nginx.conf @@ -1,57 +1,227 @@ -# -# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -#user nobody; -worker_processes auto; -worker_rlimit_nofile 50000; - -error_log logs/error.log warn; -pid logs/nginx.pid; +#user xfs xfs; +worker_processes 1; + +error_log logs/error.log warn; +pid logs/nginx.pid; events { - #linux下打开提高性能 - #use epoll; - worker_connections 2048; - multi_accept on; + worker_connections 1024; } http { - server_tokens off; - include mime.types; - default_type text/html; + include mime.types; + + upstream iui { + server 127.0.0.1:8202; + } + + upstream nsoc { + server 127.0.0.1:8203; + } + + upstream roc { + server 127.0.0.1:8204; + } - #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - # '$status $body_bytes_sent "$http_referer" ' - # '"$http_user_agent" "$http_x_forwarded_for"'; + upstream umc { + server 127.0.0.1:8205; + } - #access_log logs/access.log main; - access_log off; + upstream ssh { + server 127.0.0.1:8209; + } - sendfile on; - tcp_nopush on; + upstream yamlparser { + server 127.0.0.1:8210; + } + + upstream dac { + server 127.0.0.1:8206; + } + + upstream cmcc { + server 127.0.0.1:8207; + } + + upstream tacker { + server 127.0.0.1:8208; + } + + upstream winery { + server 127.0.0.1:8080; + } + + upstream etsi { + server 127.0.0.1:8211; + } + + upstream openstackadapter { + server 127.0.0.1:8217; + } + + upstream vimadapter { + server 127.0.0.1:8218; + } + + upstream odlsdn { + server 127.0.0.1:8216; + } + # Basic Settings + default_type application/octet-stream; + sendfile on; + tcp_nopush on; + server_names_hash_bucket_size 128; keepalive_timeout 120s; - gzip on; + #the maximum allowed size of the client request body,current 10G + client_max_body_size 10240m; + client_body_buffer_size 128k; + + #set the time wait for connect to proxy_pass target,avoid waiting too long + proxy_connect_timeout 10s; + proxy_read_timeout 120s; + proxy_send_timeout 120s; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host:$server_port; + proxy_buffers 4 32k; + + #set the nginx_cache parameter + #proxy_cache_path temp/proxy_cache levels=1:2 keys_zone=nginx_cache:10m inactive=1d max_size=100m; + + # Logging + access_log off; - include ../msb-enabled/*.conf; - include ../sites-enabled/*.conf; - include ../sites-enabled-mount/*.conf; -} + # Lua settings + lua_package_path "$prefix/../lualib/?.lua;;"; + lua_package_cpath "$prefix/../lualib/?.so;;"; + + lua_shared_dict ceryx 10M; + lua_code_cache on; + + server { + listen 80; + default_type text/html; + + location = / { + rewrite ^ /iui/framework redirect; + } + + location = /openo { + rewrite ^ /iui/framework redirect; + } + + location = /iui/openo { + rewrite ^ /iui/framework redirect; + } + + location = /iui/framework/login.html { + access_by_lua_file luaext/iui_auth.lua; + proxy_pass http://iui; + } + + location = /api/uiframe/v1/login { + rewrite ^ /api/umcsm/v1/login break; + proxy_pass http://umc; + header_filter_by_lua_file luaext/login.lua; + } + + location = /api/uiframe/v1/loginOut { + access_by_lua_file luaext/logout.lua; + rewrite ^ /api/umcsm/v1/loginOut break; + proxy_pass http://umc; + } + + location = /api/hsif/v1/authentication { + access_by_lua_file luaext/make_authed.lua; + } + + location /iui { + access_by_lua_file luaext/iui_auth.lua; + proxy_pass http://iui; + } + + location ~ ^/api/(?:vim|nsoc)/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://nsoc; + } + + location = /api/nsoc/v1/vnfgrantinfo { + rewrite ^ /api/vim/v1/vnfgrantinfo break; + access_by_lua_file luaext/auth.lua; + proxy_pass http://nsoc; + } + + location /api/nsocnotification/v1 { + rewrite ^/api/nsocnotification/v1/(.*) /nsocnotification/v1/$1 break; + access_by_lua_file luaext/auth.lua; + proxy_pass http://nsoc; + } + + location ~ ^/api/(?:roc|rocnotification)/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://roc; + } + + location /api/uiframe/v1 { + rewrite ^/api/uiframe/v1/(.*) /api/umcsm/v1/$1 break; + access_by_lua_file luaext/iui_auth.lua; + proxy_pass http://umc; + } + + location ~ ^/api/umc(?:pm|fm|drill|sm|monitor)/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://umc; + } + + location ~ ^/api/ssh/v1 { + proxy_pass http://ssh; + } + + location ~ ^/api/yamlparser/v1 { + proxy_pass http://yamlparser; + } + + location ~ ^/api/(?:dac|dacnotification)/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://dac; + } + + location /api/cmccia/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://cmcc; + } + + location /api/tackeria/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://tacker; + } + + location /winery { + access_by_lua_file luaext/auth.lua; + proxy_pass http://winery; + } + + location = /api/microservices/v1/apiRoute { + access_by_lua_file luaext/auth.lua; + content_by_lua_file luaext/serviceaccess.lua; + } + + location /api/umcswagger/v1 { + rewrite ^/api/umcswagger/v1/(.*) /api/$1 break; + access_by_lua_file luaext/auth.lua; + proxy_pass http://umc; + } + + location /api/etsiia/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://etsi; + } -stream { - include ../stream-enabled/*; + location /api/odlsdnia/v1 { + access_by_lua_file luaext/auth.lua; + proxy_pass http://odlsdn; + } + } } diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/auth.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/auth.lua new file mode 100644 index 0000000..067c277 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/auth.lua @@ -0,0 +1,15 @@ +local cache = ngx.shared.ceryx +local client_ip = ngx.var.remote_addr +local host = ngx.var.host +if client_ip == '127.0.0.1' or client_ip == host or client_ip == ngx.var.server_addr then + return +end +local succ, err, forcible = cache:replace(client_ip, "place_holder", 3600) +if not succ then + if err == 'not found' then + ngx.log(ngx.WARN, "access record not found for "..client_ip) + ngx.exit(401) + else + ngx.log(ngx.WARN, err) + end +end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/msbinit.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/msbinit.lua deleted file mode 100644 index cf943c0..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/msbinit.lua +++ /dev/null @@ -1,44 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local modulename = "msbinit" -local _M = {} -_M._VERSION = '1.0.0' - -_M.systemConf = { - ["defaultport"] = "10080", - ["defaultprefix"] = "msb:routing", - ["enablefullsearch"] = true, --whether test against the custom services after common match processing - ["enablerefercheck"] = true, --whether use refer to test against the service names as the last solution - ["enableauthcheck"] = true, --whether add custom auth header or not - ["useconsultemplate"] = false --whether using consul template or not -} -_M.redisConf = { - ["host"] = "127.0.0.1", - ["port"] = 6379, - ["poolsize"] = 100, - ["idletimeout"] = 90000, - ["timeout"] = 1000, - ["dbid"] = 0 -} -_M.cacheConf = { - ["positive_ttl"] = 60, --shcache use,in seconds - ["negative_ttl"] = 2, --shcache use,in seconds - ["lru_ttl"] = 10 --in seconds -} -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/svcconf.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/svcconf.lua deleted file mode 100644 index df6356e..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/conf/svcconf.lua +++ /dev/null @@ -1,34 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local _M = {} -_M._VERSION = '1.0.0' - -_M.apiRelatedTypes = { - ["api"] = true, - ["admin"] = true, - ["apijson"] = true -} -_M.urlfieldMap = { - ["api"] = "url", - ["admin"] = "metricsUrl", - ["apijson"] = "apijson", - ["iui"] = "url", - ["custom"] = "url" -} -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/dao.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/dao.lua deleted file mode 100644 index fb47cca..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/dao.lua +++ /dev/null @@ -1,120 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - ---This module integrates the shcache with an abstraction for various databases(redis and so on) -local _M = {} -_M._VERSION = '1.0.0' - -local shcache = require("vendor.shcache") -local cjson = require "cjson" -local msbConf = require('conf.msbinit') - -local DB = require('dao.redis_db') -local options = msbConf.redisConf - -local cacheConf = msbConf.cacheConf -local positive_ttl = cacheConf.positive_ttl or 60 -local negative_ttl = cacheConf.negative_ttl or 2 - -local svc_shcache = ngx.shared.svc_cache - -local function load_serviceinfo(key) - - -- closure to perform external lookup to redis - local fetch_svcinfo_from_db = function () - local _db = DB:new(options) - return _db:getserviceinfo(key) - end - - local svcinfo_cache_table = shcache:new( - svc_shcache, - { external_lookup = fetch_svcinfo_from_db, - --encode = cmsgpack.pack, - encode = cjson.encode, - --decode = cmsgpack.unpack - decode = cjson.decode - }, - { positive_ttl = positive_ttl, -- default cache good data for 60s - negative_ttl = negative_ttl, -- default cache failed lookup for 5s - name = 'svcinfo_cache' -- "named" cache, useful for debug / report - } - ) - - local serviceinfo, from_cache = svcinfo_cache_table:load(key) - - return serviceinfo -end -_M.load_serviceinfo = load_serviceinfo - -local function load_backservers(keypattern) - - -- closure to perform external lookup to redis - local fetch_servers_from_db = function () - local _db = DB:new(options) - return _db:getbackservers(keypattern) - end - - local servers_cache_table = shcache:new( - svc_shcache, - { external_lookup = fetch_servers_from_db, - --encode = cmsgpack.pack, - encode = cjson.encode, - --decode = cmsgpack.unpack - decode = cjson.decode - }, - { positive_ttl = positive_ttl, -- default cache good data for 60s - negative_ttl = negative_ttl, -- default cache failed lookup for 5s - name = 'servers_cache' -- "named" cache, useful for debug / report - } - ) - - local servers_table, from_cache = servers_cache_table:load(keypattern) - - return servers_table -end -_M.load_backservers = load_backservers - - -local function load_customsvcnames(keypattern) - -- closure to perform external lookup to redis - local fetch_svcnames_from_db = function () - local _db = DB:new(options) - return _db:getcustomsvcnames(keypattern) - end - - local svcnames_cache_table = shcache:new( - svc_shcache, - { external_lookup = fetch_svcnames_from_db, - --encode = cmsgpack.pack, - encode = cjson.encode, - --decode = cmsgpack.unpack - decode = cjson.decode - }, - { positive_ttl = positive_ttl, -- default cache good data for 60s - negative_ttl = negative_ttl, -- default cache failed lookup for 5s - name = 'svcnames_cache' -- "named" cache, useful for debug / report - } - ) - - local service_names, from_cache = svcnames_cache_table:load(keypattern) - - return service_names -end -_M.load_customsvcnames = load_customsvcnames - -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/db_access.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/db_access.lua deleted file mode 100644 index 4848a09..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/db_access.lua +++ /dev/null @@ -1,74 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - --- unified layer to access back DB, using two levels of cache mechanism(LRUCache and shcache) -local _M = {} -_M._VERSION = '1.0.0' - -local cache = require('lib.tools.db_cache') -local dao = require('dao.dao') -local msbConf = require('conf.msbinit') - -local cacheConf = msbConf.cacheConf -local lru_ttl = cacheConf.lru_ttl or 10 - -function _M.load_serviceinfo(key) - local value, err - -- Try to get from cache - value = cache.get(key) - if not value then - -- Get from shcache or backend redis - value = dao.load_serviceinfo(key) - cache.set(key,value,lru_ttl) - end - if cache.is_empty(value) then - return nil - end - return value -end - -function _M.load_backservers(keypattern) - local value, err - -- Try to get from cache - value = cache.get(keypattern) - if not value then - -- Get from shcache or backend redis - value = dao.load_backservers(keypattern) - cache.set(keypattern,value,lru_ttl) - end - if cache.is_empty(value) then - return nil - end - return value -end - -function _M.load_customsvcnames(keypattern) - local value, err - -- Try to get from cache - value = cache.get(keypattern) - if not value then - -- Get from shcache or backend redis - value = dao.load_customsvcnames(keypattern) - cache.set(keypattern,value,lru_ttl) - end - if cache.is_empty(value) then - return nil - end - return value -end -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/redis_db.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/redis_db.lua deleted file mode 100644 index c5b75c6..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/dao/redis_db.lua +++ /dev/null @@ -1,193 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - --- the client for redis, include the connection pool management and api implements -local redis = require('resty.redis') -local tbl_util = require('lib.utils.table_util') - -local _M = { -} -_M._VERSION = '0.0.1' -_M._DESCRIPTION = 'msb_redis_module' - -local mt = { __index = _M } - -local tbl_insert = table.insert -local tbl_sort = table.sort -local tbl_isempty = tbl_util.isempty - -function _M.new(self, conf) - self.host = conf.host - self.port = conf.port - self.timeout = conf.timeout - self.dbid = conf.dbid - self.poolsize = conf.poolsize - self.idletimeout = conf.idletimeout - - local red = redis:new() - return setmetatable({redis = red}, mt) -end - -function _M.connectdb(self) - local host = self.host - local port = self.port - local dbid = self.dbid - local red = self.redis - - if not (host and port) then - return nil, 'no host:port avaliable provided' - end - - --set default value - if not dbid then dbid = 0 end - local timeout = self.timeout - if not timeout then - timeout = 1000 -- 1s - end - - red:set_timeout(timeout) - - local ok, err - if host and port then - ok, err = red:connect(host, port) - if ok then return red:select(dbid) end - end - - return ok, err -end - -function _M.keepalivedb(self) - local max_idle_timeout = self.idletimeout --ms - local pool_size = self.poolsize - - if not pool_size then pool_size = 100 end - if not max_idle_timeout then max_idle_timeout = 90000 end --90s - - local ok, err = self.redis:set_keepalive(max_idle_timeout, pool_size) - if not ok then - ngx.log(ngx.ERR, "redis pool keepalive error",err) - return - end - return -end - ---inner function,only used in this module -local function _hgetall(red,key) - local resp,err = red:hgetall(key) - --if not resp or next(resp) == nil then - if tbl_isempty(resp) then - return nil, "key "..key.." not found" - end - local hashinfo = red:array_to_hash(resp) - return hashinfo,nil -end - -function _M.getserviceinfo(self,key) - if not key then - return nil,'no key is provided' - end - local c, err = self:connectdb() - if not c then - return nil, err - end - - local red = self.redis - - local resp,err = red:hgetall(key) --the key will create dynamically - --if not resp or next(resp) == nil then - if tbl_isempty(resp) then - self:keepalivedb() - return nil, "key "..key.." not found" - end - - local serviceinfo = red:array_to_hash(resp) - - self:keepalivedb() - - return serviceinfo,nil -end - -function _M.getbackservers(self,keypattern) - if not keypattern then - return nil,'no keypattern is provided' - end - local c, err = self:connectdb() - if not c then - return nil, err - end - - local red = self.redis - - local resp, err = red:keys(keypattern) - if tbl_isempty(resp) then - self:keepalivedb() - return nil, "no server matched" - end - - local servers = {} - for i, v in ipairs(resp) do - local serverinfo,err = _hgetall(red,v) - if serverinfo then - tbl_insert(servers,serverinfo) - end - end - self:keepalivedb() - return servers,nil -end - -function _M.getcustomsvcnames(self,keypattern) - if not keypattern then - return nil,'no keypattern is provided' - end - local c, err = self:connectdb() - if not c then - return nil, err - end - - local red = self.redis - - local resp, err = red:keys(keypattern) - if tbl_isempty(resp) then - self:keepalivedb() - return {}, "no custome service name found" - end - - local svcnames = {} - --store svc names into the Set - local key_set={} - local name - for key, value in ipairs(resp) do - local m, err = ngx.re.match(value, "^.+:custom:([^:]+):.*", "o") - if m then - name = m[1] - key_set[name]=true - end - end - - for key,_ in pairs(key_set) do - tbl_insert(svcnames,key) - end - --sort the key_table in reverse order - tbl_sort(svcnames, function (a, b) - return a > b - end) - - self:keepalivedb() - return svcnames,nil -end -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/iui_auth.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/iui_auth.lua new file mode 100644 index 0000000..dd7b2ed --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/iui_auth.lua @@ -0,0 +1,41 @@ +local cache = ngx.shared.ceryx +local client_ip = ngx.var.remote_addr +local uri = ngx.var.uri +if uri == "/iui/framework/login.html" then + local value, flags = cache:get(client_ip) + if not value then + return + else + ngx.redirect("/iui/framework/main-page.html") + end +end + +local referer = ngx.var.http_referer +local refererList = { + "/iui/framework/login.html", + "/iui/framework/css/login.css", + "/iui/component/thirdparty/font%-awesome/css/font%-awesome.min.css", + "/iui/framework/css/style%-custom.css" +} +local function referer_matches(t, r) + for k,_ in pairs(t) do + if string.match(r, t[k]) then + return true + end + end + return false +end + +if referer and referer_matches(refererList, referer) then + return +end + +local succ, err, forcible = cache:replace(client_ip, "place_holder", 3600) +if not succ then + if err == 'not found' then + ngx.log(ngx.WARN, "access record not found for "..client_ip..",redirect to login page") + ngx.redirect("/iui/framework/login.html") + else + ngx.log(ngx.WARN, err) + end +end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/tools/db_cache.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/tools/db_cache.lua deleted file mode 100644 index 7f40590..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/tools/db_cache.lua +++ /dev/null @@ -1,54 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - --- db cache over LRUCache, used within one worker processes -local _M = {} -_M._VERSION = '1.0.0' - -local lrucache = require "resty.lrucache" - -local EMPTY_DATA = '_EMPTY_' - --- we need to initialize the cache on the lua module level so that --- it can be shared by all the requests served by each nginx worker process: -local cache,err = lrucache.new(200) -- allow up to 200 items in the cache -if not cache then - return ngx.log(ngx.ERR,"failed to create the cache: " .. (err or "unknown")) -end - -function _M.get(key) - return cache:get(key) -end - -function _M.set(key,value) - return _M:set(key, value, nil) -end - -function _M.set(key,value,ttl) - if not value then - value = EMPTY_DATA - end - return cache:set(key, value, ttl) -end - --- check if the data returned by get() is considered empty -function _M.is_empty(data) - return data == EMPTY_DATA -end - -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/log_util.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/log_util.lua deleted file mode 100644 index 67b0e26..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/log_util.lua +++ /dev/null @@ -1,28 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local _M = {} -_M._VERSION = '1.0.0' - -function _M.log(k, v) - --if empty,initialize it - if not ngx.ctx.logtbl then ngx.ctx.logtbl = {} end - ngx.ctx.logtbl[k] = v -end - -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/svc_util.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/svc_util.lua deleted file mode 100644 index 224b321..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/svc_util.lua +++ /dev/null @@ -1,59 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local _M = {} -_M._VERSION = '1.0.0' - -local tbl_util = require('lib.utils.table_util') -local msbConf= require('conf.msbinit') -local log_util = require('lib.utils.log_util') -local tbl_isempty = tbl_util.isempty -local enableauthcheck = msbConf.systemConf.enableauthcheck -local log = log_util.log - -function _M.isactive(svcinfo) - if tbl_isempty(svcinfo) then - return false - end - if svcinfo["status"] == "1" then - return true - else - return false - end -end - -function _M.isautodiscover(svcinfo) - if tbl_isempty(svcinfo) then - return false - end - if svcinfo["autoDiscover"] == "1" then - return true - else - return false - end -end - -function _M.setauthheader(svcinfo) - --if auth check enabled and this service is inter-system then add sth - if enableauthcheck and svcinfo["visualRange"] == "0" then - ngx.req.set_header("Z-EXTENT", "C012089CF43DE687B23B2C0176B344EE") - log("add Z-EXTENT",true) - end -end - -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/table_util.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/table_util.lua deleted file mode 100644 index c1ddbfe..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/lib/utils/table_util.lua +++ /dev/null @@ -1,30 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local _M = {} -_M._VERSION = '1.0.0' - -function _M.isempty(t) - if t == nil or next(t) == nil then - return true - else - return false - end -end - -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/balancer.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/balancer.lua deleted file mode 100644 index ffd9f0a..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/balancer.lua +++ /dev/null @@ -1,40 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local b = require "ngx.balancer" -local policymodule = require "loadbalance.policy.roundrobin" -local log_util = require('lib.utils.log_util') - -local ngx_ctx = ngx.ctx -local log = log_util.log - -local doservernil = function() - ngx.status = ngx.HTTP_NOT_FOUND - ngx.say("no on-line server found!") - return ngx.exit(ngx.status) -end - -local servers = ngx_ctx.backservers -local svckeypattern = ngx_ctx.svcserverpattern -local server,err = policymodule.get_backserver(servers,svckeypattern) -if not server then - doservernil() -end ---b.set_current_peer(server["ip"]..":"..server["port"]) -b.set_current_peer(server["ip"],server["port"]) -log("upstreamserver",server["ip"]..":"..server["port"]) \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/policy/roundrobin.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/policy/roundrobin.lua deleted file mode 100644 index 986d04e..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/loadbalance/policy/roundrobin.lua +++ /dev/null @@ -1,60 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local _M = {} -_M._VERSION = '1.0.0' - -local tbl_util = require('lib.utils.table_util') -local tbl_isempty = tbl_util.isempty - -function _M.get_backserver(servers,svckey) - if tbl_isempty(servers) then return nil,"input server list is empty" end - - local length = #servers - if length==1 then - -- return it directly if there is only one server - return servers[1],nil - end - - local resty_lock = require "resty.lock" - local roundrobin_cache = ngx.shared.rr_cache - - --step1:acquire lock - local opts = {["timeout"] = 0.002,["exptime"] = 0.05}--this can be set using the conf file - local rrlock = resty_lock:new("rr_locks",opts) - local elapsed, err = rrlock:lock(svckey) - if not elapsed then - --return fail("failed to acquire the lock: ", err) - end - --step2:lock successfully acquired!incr the index - local index, err = roundrobin_cache:get(svckey) - if not index then - index = 0 - end - index = index%length+1 - - --step3:update the shm cache with the new index - roundrobin_cache:set(svckey,index) - - --step4:release the lock - local ok, err = rrlock:unlock() - - return servers[index],nil -end - -return _M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/log/logger.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/log/logger.lua deleted file mode 100644 index 86452ef..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/log/logger.lua +++ /dev/null @@ -1,26 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local cjson = require "cjson" - -local ngx_ctx = ngx.ctx - -if ngx_ctx.logtbl then - local jsonData = cjson.encode(ngx_ctx.logtbl) - ngx.log(ngx.WARN, string.gsub(jsonData,"\\/","/")) -end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/login.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/login.lua new file mode 100644 index 0000000..7d6bfd8 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/login.lua @@ -0,0 +1,9 @@ +local h = ngx.resp.get_headers() +if h["openoauth"] and h["openoauth"] == "true" then + local cache = ngx.shared.ceryx + local client_ip = ngx.var.remote_addr + local succ, err, forcible = cache:set(client_ip, "place_holder", 3600) + if not succ then + ngx.log(ngx.WARN, err) + end +end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/logout.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/logout.lua new file mode 100644 index 0000000..e23f787 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/logout.lua @@ -0,0 +1,6 @@ +local cache = ngx.shared.ceryx +local client_ip = ngx.var.remote_addr +local succ, err, forcible = cache:delete(client_ip) +if not succ then + ngx.log(ngx.WARN, err) +end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/make_authed.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/make_authed.lua new file mode 100644 index 0000000..c4c2d78 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/make_authed.lua @@ -0,0 +1,44 @@ +function ipValidator(ip) + local chunks = {ip:match("(%d+)%.(%d+)%.(%d+)%.(%d+)")} + if #chunks == 4 then + for _,v in pairs(chunks) do + if tonumber(v) > 255 then return R.STRING end + end + return true + end + local chunks = {ip:match(("([a-fA-F0-9]*):"):rep(8):gsub(":$","$"))} + if #chunks == 8 then + for _,v in pairs(chunks) do + if #v > 0 and tonumber(v, 16) > 65535 then return R.STRING end + end + return true + end + return false +end + +if ngx.req.get_method() == "POST" then + ngx.req.read_body() + local body = ngx.req.get_body_data() + local json = require('cjson') + local tab = json.decode(body) + local ip = tab["passIp"] + if not ip then + ngx.log(ngx.WARN, "ip is nil.") + ngx.exit(500) + end + if ipValidator(ip) then + local cache = ngx.shared.ceryx + local succ, err, forcible = cache:set(ip, "place_holder", 3600) + if not succ then + ngx.log(ngx.WARN, err) + ngx.exit(500) + end + else + ngx.log(ngx.WARN, "not a valid ip.") + ngx.exit(500) + end + ngx.exit(201) +else + ngx.log(ngx.WARN, "not a POST request.") + ngx.exit(500) +end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/commonrewrite.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/commonrewrite.lua deleted file mode 100644 index c57880d..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/commonrewrite.lua +++ /dev/null @@ -1,155 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local msbConf = require('conf.msbinit') -local svcConf = require('conf.svcconf') -local dbclient = require('dao.db_access') -local tbl_util = require('lib.utils.table_util') -local svc_util = require('lib.utils.svc_util') -local log_util = require('lib.utils.log_util') - -local tbl_concat = table.concat -local tbl_isempty = tbl_util.isempty -local svc_isactive = svc_util.isactive -local svc_setauthheader = svc_util.setauthheader -local svc_isautodiscover = svc_util.isautodiscover - -local str_sub = string.sub -local str_len = string.len -local str_low = string.lower -local ngx_var = ngx.var -local ngx_ctx = ngx.ctx -local log = log_util.log - -local defaultport = msbConf.systemConf.defaultport -local defaultprefix = msbConf.systemConf.defaultprefix -local enablefullsearch = msbConf.systemConf.enablefullsearch -local useconsultemplate = msbConf.systemConf.useconsultemplate -local apiRelatedTypes = svcConf.apiRelatedTypes -local urlfieldMap = svcConf.urlfieldMap - -local donotfound = function() - if enablefullsearch then - -- test against the custom services after the commonrewrite phase - ngx.status = ngx.HTTP_GONE - else - ngx.status = ngx.HTTP_NOT_FOUND - ngx.say("service info not found!") - end - return ngx.exit(ngx.status) -end - ---------------------------------------------------------------- ---preCheck: --- determine whether it is websocket request --- and do internal redirect ---------------------------------------------------------------- -local http_upgrade = ngx_var.http_upgrade -if(ngx_var.websocket_internal_redirect == "on") and http_upgrade and str_low(http_upgrade) == "websocket" then - ngx.log(ngx.ERR, "Websocket request and redirect to @commonwebsocket") - return ngx.exec("@commonwebsocket"); -end - ---------------------------------------------------------------- ---step0:Preparation --- svc_info_key --- svc_server_keypattern ---------------------------------------------------------------- -local svc_name = ngx_var.svc_name -local req_res = ngx_var.req_res -local svc_type = ngx_var.svc_type - -local sys_prefix = "" -local server_port = ngx_var.server_port -if(server_port == defaultport) then - sys_prefix = defaultprefix -else - sys_prefix = server_port -end - -local svc_info_key = "" -local svc_server_keypattern = "" -local upstream_name_consultemplate = "" -if(apiRelatedTypes[svc_type]) then - -- process version info first - local version1 = ngx_var.svc_version1 - local version2 = ngx_var.svc_version2 - local version = "" - -- check version info appearing befor or after - if(not version2) then version2 = "" end --convert nil to empty sting avoiding throw error - if(not version1 or version1 == "") then - version = version2 - else - version = version1 - req_res = version2..req_res - end - -- remove the slash in front of the version (e.g. /V1.0) - local svc_version=str_sub(version,2,str_len(version)) - svc_info_key = tbl_concat({sys_prefix,"api",svc_name,svc_version,"info"},":") - svc_server_keypattern = tbl_concat({sys_prefix,"api",svc_name,svc_version,"lb:server*"},":") - upstream_name_consultemplate = svc_name -else - svc_info_key = tbl_concat({sys_prefix,"iui",svc_name,"info"},":") - svc_server_keypattern = tbl_concat({sys_prefix,"iui",svc_name,"lb:server*"},":") - upstream_name_consultemplate = "IUI_"..svc_name -end - ---------------------------------------------------------------- ---step1:query the service info from share memory or back db --- svcinfo: the requested service information ---------------------------------------------------------------- -local svcinfo = dbclient.load_serviceinfo(svc_info_key) -if not svc_isactive(svcinfo) then - donotfound() -end - -local svc_url = svcinfo[urlfieldMap[svc_type]] -if not svc_url then - donotfound() -end - ---------------------------------------------------------------- ---step2:rewrite the request uri using the svcinfo ---------------------------------------------------------------- -local rewrited_uri = svc_url..req_res ---special handling: avoid throws internal error when it is empty -if (rewrited_uri == "") then rewrited_uri = "/" end -ngx.req.set_uri(rewrited_uri) - -log("matchedservice",svc_name) -log("rewrited_uri",rewrited_uri) ---------------------------------------------------------------- ---step2.1:if this service is inter-system,add custom http header ---------------------------------------------------------------- -svc_setauthheader(svcinfo) - ---------------------------------------------------------------- ---step3:process the proxy upstream part --- con1-using consul template:set the upstream name --- con2-using msb balancer:query the server list and store in the ctx ---------------------------------------------------------------- -if useconsultemplate and svc_isautodiscover(svcinfo) then - ngx_var.backend = upstream_name_consultemplate -else - local backservers = dbclient.load_backservers(svc_server_keypattern) - if tbl_isempty(backservers) then - donotfound() - end - ngx_ctx.backservers = backservers - ngx_ctx.svcserverpattern = svc_server_keypattern -end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/customrewrite.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/customrewrite.lua deleted file mode 100644 index 564a52a..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/rewrite/customrewrite.lua +++ /dev/null @@ -1,208 +0,0 @@ ---[[ - - Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ---]] - -local msbConf = require('conf.msbinit') -local svcConf = require('conf.svcconf') -local dbclient = require('dao.db_access') -local tbl_util = require('lib.utils.table_util') -local svc_util = require('lib.utils.svc_util') -local log_util = require('lib.utils.log_util') - -local tbl_concat = table.concat -local tbl_isempty = tbl_util.isempty -local svc_isactive = svc_util.isactive -local svc_setauthheader = svc_util.setauthheader -local svc_isautodiscover = svc_util.isautodiscover -local str_sub = string.sub -local str_len = string.len -local str_low = string.lower -local ngx_var = ngx.var -local ngx_ctx = ngx.ctx -local log = log_util.log - -local defaultport = msbConf.systemConf.defaultport -local defaultprefix = msbConf.systemConf.defaultprefix -local enablerefercheck = msbConf.systemConf.enablerefercheck -local useconsultemplate = msbConf.systemConf.useconsultemplate -local urlfieldMap = svcConf.urlfieldMap - -local donotfound = function() - ngx.status = ngx.HTTP_NOT_FOUND - ngx.say("service info not found!") - return ngx.exit(ngx.status) -end - ---------------------------------------------------------------- ---preCheck: --- determine whether it is websocket request --- and do internal redirect ---------------------------------------------------------------- -local http_upgrade = ngx_var.http_upgrade -if(ngx_var.websocket_internal_redirect == "on") and http_upgrade and str_low(http_upgrade)== "websocket" then - ngx.log(ngx.ERR, "Websocket request and redirect to @customwebsocket") - return ngx.exec("@customwebsocket"); -end - ---------------------------------------------------------------- ---step0:Preparation --- svcnames:service names registered under this port ---------------------------------------------------------------- -local sys_prefix = "" -local server_port = ngx_var.server_port -if(server_port == defaultport) then - sys_prefix = defaultprefix -else - sys_prefix = server_port -end - -local custom_svc_keypattern = tbl_concat({sys_prefix,"custom","*"},":") - -local get_svcinfokey_custom = function(svcname) - return tbl_concat({sys_prefix,"custom",svcname,"info"},":") -end - -local get_svcserverpattern_custom = function(svcname) - return tbl_concat({sys_prefix,"custom",svcname,"lb:server*"},":") -end - -local svcnames,err = dbclient.load_customsvcnames(custom_svc_keypattern) -if not svcnames then - donotfound() -end - ---------------------------------------------------------------- ---step1:run the match process(check whether the request --- match the name in the svcnames one by one) --- and return the matched serice info ---------------------------------------------------------------- -local req_res = ngx_var.uri -local svc_type = ngx_var.svc_type -local matchedsvcname -local svcinfo ---add by wangyg:20160418 special handler for refer -local matched_usingrefer = false ---end of add by wangyg:20160418 special handler for refer -for _, svcname in ipairs(svcnames) do - if (svcname == "/") then - local svc_info_key = get_svcinfokey_custom(svcname) - local svc_info,err = dbclient.load_serviceinfo(svc_info_key) - if svc_info and svc_isactive(svc_info)then - matchedsvcname = svcname - svcinfo = svc_info - break - end - end - local from, to, err = ngx.re.find(req_res, "^"..svcname.."(/(.*))?$", "jo") - --check whether svcname is the prefix of the req uri - if from then - local svc_info_key = get_svcinfokey_custom(svcname) - local svc_info,err = dbclient.load_serviceinfo(svc_info_key) - if svc_info and svc_isactive(svc_info) then - matchedsvcname = svcname - svcinfo = svc_info - break - end - else - --do nothing - end -end ---------------------------------------------------------------- ---step1.1:additional process,test against the refer --- similar to step1 ---------------------------------------------------------------- ---add by wangyg:20160418 special handler for refer -if not matchedsvcname and enablerefercheck then - local refer = ngx_var.http_referer - if(refer and refer~="") then - for _, svcname in ipairs(svcnames) do - local urlreg ="^(https://|http://|)(([1-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))\\.)(([0-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))\\.){2}([1-9]|([1-9]\\d)|(1\\d\\d)|(2([0-4]\\d|5[0-5])))(:\\d{1,5})?"..svcname.."(/(.*))?$"; - local from, to, err = ngx.re.find(refer, urlreg, "jo") - ----check whether svcname is the prefix of the req refer - if from then - local svc_info_key = get_svcinfokey_custom(svcname) - local svc_info,err = dbclient.load_serviceinfo(svc_info_key) - if svc_info and svc_isactive(svc_info) then - matchedsvcname = svcname - svcinfo = svc_info - matched_usingrefer = true - break - end - end - end - end -end ---end of add by wangyg:20160418 special handler for refer - -if not matchedsvcname or tbl_isempty(svcinfo) then - donotfound() -end - -local svc_url = svcinfo[urlfieldMap[svc_type]] -if not svc_url then - donotfound() -end - ---------------------------------------------------------------- ---step2:rewrite the request uri using the svcinfo ---------------------------------------------------------------- -local rewrited_uri ="" -if (matchedsvcname == "/") then - --special handling: if "/" matched, contact directly - rewrited_uri = svc_url..req_res -else - --rewrited_uri = ngx.re.sub(req_res, "^"..matchedsvcname.."(.*)", svc_url.."$1", "o") - local newuri,n,err = ngx.re.sub(req_res, "^"..matchedsvcname.."(/.*)?", svc_url.."$1", "o") - --add by wangyg:20160418 special handler for refer - if(n==0 and matched_usingrefer) then newuri = svc_url..req_res end --special handling if matched using refer - --end of add by wangyg:20160418 special handler for refer - rewrited_uri = newuri -end -if (rewrited_uri == "") then rewrited_uri = "/" end --avoid throws internal error when it is empty -ngx.req.set_uri(rewrited_uri) - ---set the matched service info,used in the proxy_redirect directive -ngx_var.svc_name = matchedsvcname -ngx_var.svc_url = svc_url - ---log the route info -log("matchedservice",matchedsvcname) -if(matched_usingrefer) then log("matched_usingrefer",true) end -log("rewrited_uri",rewrited_uri) - ---------------------------------------------------------------- ---step2.1:if this service is inter-system,add custom http header ---------------------------------------------------------------- -svc_setauthheader(svcinfo) - ---------------------------------------------------------------- ---step3:process the proxy upstream part --- con1-using consul template:set the upstream name --- con2-using msb balancer:query the backserver list and store in the ctx ---------------------------------------------------------------- -if useconsultemplate and svc_isautodiscover(svcinfo) then - --FIX ME:if svcname contains "/", the upstream name may be illegal - ngx_var.backend = ngx.re.sub(matchedsvcname, "^/(.*)", "$1", "o") -else - local svc_server_keypattern = get_svcserverpattern_custom(matchedsvcname) - local backservers,err = dbclient.load_backservers(svc_server_keypattern) - if tbl_isempty(backservers) then - donotfound() - end - ngx_ctx.backservers = backservers - ngx_ctx.svcserverpattern = svc_server_keypattern -end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/serviceaccess.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/serviceaccess.lua new file mode 100644 index 0000000..1118341 --- /dev/null +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/serviceaccess.lua @@ -0,0 +1,15 @@ +if ngx.req.get_method() == "GET" then + local services = { + {serviceName="odlsdnia",apiJson="/api/odlsdnia/v1/swagger.json"}, + {serviceName="roc",apiJson="/api/roc/v1/swagger.json"}, + {serviceName="tackeria",apiJson="/api/tackeria/v1/swagger.json"}, + {serviceName="etsi",apiJson="/api/etsiia/v1/swagger.json"} + } + local cjson = require "cjson" + local jsonData = cjson.encode(services) + jsonData = string.gsub(jsonData,"\\/","/") + ngx.print(jsonData) +else + ngx.log(ngx.WARN, "not a GET request.") + ngx.exit(500) +end \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/vendor/shcache.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/vendor/shcache.lua deleted file mode 100644 index 32a9b6c..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/vendor/shcache.lua +++ /dev/null @@ -1,440 +0,0 @@ --- Copyright (C) 2013 Matthieu Tourne --- @author Matthieu Tourne - --- small overlay over shdict, smart cache load mechanism - -local M = {} - -local resty_lock = require("resty.lock") - -local DEBUG = false - --- defaults in secs -local DEFAULT_POSITIVE_TTL = 10 -- cache for, successful lookup -local DEFAULT_NEGATIVE_TTL = 2 -- cache for, failed lookup -local DEFAULT_ACTUALIZE_TTL = 2 -- stale data, actualize data for - --- default lock options, in secs -local function _get_default_lock_options() - return { - exptime = 1, -- max wait if failing to call unlock() - timeout = 0.5, -- max waiting time of lock() - max_step = 0.1, -- max sleeping interval - } -end - -local function prequire(m) - local ok, err_or_module = pcall(require, m) - if not ok then - return nil, err_or_module - end - return err_or_module -end - -local conf = prequire("conf") -if conf then - DEFAULT_NEGATIVE_TTL = conf.DEFAULT_NEGATIVE_TTL or DEFAULT_NEGATIVE_TTL - DEFAULT_ACTUALIZE_TTL = conf.DEFAULT_ACTUALIZE_TTL or DEFAULT_ACTUALIZE_TTL -end - -local band = bit.band -local bor = bit.bor -local st_format = string.format - --- there are only really 5 states total - -- is_stale is_neg is_from_cache -local MISS_STATE = 0 -- 0 0 0 -local HIT_POSITIVE_STATE = 1 -- 0 0 1 -local HIT_NEGATIVE_STATE = 3 -- 0 1 1 -local STALE_POSITIVE_STATE = 5 -- 1 0 1 - --- stale negative doesn't really make sense, use HIT_NEGATIVE instead --- local STALE_NEGATIVE_STATE = 7 -- 1 1 1 - --- xor to set -local NEGATIVE_FLAG = 2 -local STALE_FLAG = 4 - -local STATES = { - [MISS_STATE] = 'MISS', - [HIT_POSITIVE_STATE] = 'HIT', - [HIT_NEGATIVE_STATE] = 'HIT_NEGATIVE', - [STALE_POSITIVE_STATE] = 'STALE', - -- [STALE_NEGATIVE_STATE] = 'STALE_NEGATIVE', -} - -local function get_status(flags) - return STATES[flags] or st_format('UNDEF (0x%x)', flags) -end - -local EMPTY_DATA = '_EMPTY_' - --- install debug functions -if DEBUG then - local resty_lock_lock = resty_lock.lock - - resty_lock.lock = function (...) - local _, key = unpack({...}) - print("lock key: ", tostring(key)) - return resty_lock_lock(...) - end - - local resty_lock_unlock = resty_lock.unlock - - resty_lock.unlock = function (...) - print("unlock") - return resty_lock_unlock(...) - end -end - - --- store the object in the context --- useful for debugging and tracking cache status -local function _store_object(self, name) - if DEBUG then - print('storing shcache: ', name, ' into ngx.ctx') - end - - local ngx_ctx = ngx.ctx - - if not ngx_ctx.shcache then - ngx_ctx.shcache = {} - end - ngx_ctx.shcache[name] = self -end - -local obj_mt = { - __index = M, -} - --- default function for callbacks.encode / decode. -local function _identity(data) - return data -end - --- shdict: ngx.shared.DICT, created by the lua_shared_dict directive --- callbacks: see shcache state machine for user defined functions --- * callbacks.external_lookup is required --- * callbacks.encode : optional encoding before saving to shmem --- * callbacks.decode : optional decoding when retreiving from shmem --- opts: --- * opts.positive_ttl : save a valid external loookup for, in seconds --- * opts.positive_ttl : save a invalid loookup for, in seconds --- * opts.actualize_ttl : re-actualize a stale record for, in seconds --- * opts.lock_options : set option to lock see : http://github.com/agentzh/lua-resty-lock --- for more details. --- * opts.locks_shdict : specificy the name of the shdict containing the locks --- (useful if you might have locks key collisions) --- uses "locks" by default. --- * opts.name : if shcache object is named, it will automatically --- register itself in ngx.ctx.shcache (useful for logging). -local function new(self, shdict, callbacks, opts) - if not shdict then - return nil, "shdict does not exist" - end - - -- check that callbacks.external_lookup is set - if not callbacks or not callbacks.external_lookup then - return nil, "no external_lookup function defined" - end - - if not callbacks.encode then - callbacks.encode = _identity - end - - if not callbacks.decode then - callbacks.decode = _identity - end - - local opts = opts or {} - - -- merge default lock options with the ones passed to new() - local lock_options = _get_default_lock_options() - if opts.lock_options then - for k, v in pairs(opts.lock_options) do - lock_options[k] = v - end - end - - local name = opts.name - - local obj = { - shdict = shdict, - callbacks = callbacks, - - positive_ttl = opts.positive_ttl or DEFAULT_POSITIVE_TTL, - negative_ttl = opts.negative_ttl or DEFAULT_NEGATIVE_TTL, - - -- ttl to actualize stale data to - actualize_ttl = opts.actualize_ttl or DEFAULT_ACTUALIZE_TTL, - - lock_options = lock_options, - - locks_shdict = opts.lock_shdict or "locks", - - -- STATUS -- - - from_cache = false, - cache_status = 'UNDEF', - cache_state = MISS_STATE, - lock_status = 'NO_LOCK', - - -- shdict:set() pushed out another value - forcible_set = false, - - -- cache hit on second attempt (post lock) - hit2 = false, - - name = name, - } - - local locks = ngx.shared[obj.locks_shdict] - - -- check for existence, locks is not directly used - if not locks then - ngx.log(ngx.CRIT, 'shared mem locks is missing.\n', - '## add to you lua conf: lua_shared_dict locks 5M; ##') - return nil - end - - local self = setmetatable(obj, obj_mt) - - -- if the shcache object is named - -- keep track of the object in the context - -- (useful for gathering stats at log phase) - if name then - _store_object(self, name) - end - - return self -end -M.new = new - --- acquire a lock -local function _get_lock(self) - local lock = self.lock - if not lock then - lock = resty_lock:new(self.locks_shdict, self.lock_options) - self.lock = lock - end - return lock -end - --- remove the lock if there is any -local function _unlock(self) - local lock = self.lock - if lock then - local ok, err = lock:unlock() - if not ok then - ngx.log(ngx.ERR, "failed to unlock :" , err) - end - self.lock = nil - end -end - -local function _return(self, data, flags) - -- make sure we remove the locks if any before returning data - _unlock(self) - - -- set cache status - local cache_status = get_status(self.cache_state) - - if cache_status == 'MISS' and not data then - cache_status = 'NO_DATA' - end - - self.cache_status = cache_status - - return data, self.from_cache -end - -local function _set(self, ...) - if DEBUG then - local key, data, ttl, flags = unpack({...}) - print("saving key: ", key, ", for: ", ttl) - end - - local ok, err, forcible = self.shdict:set(...) - - self.forcible_set = forcible - - if not ok then - local key, data, ttl, flags = unpack({...}) - ngx.log(ngx.ERR, 'failed to set key: ', key, ', err: ', err) - end - - return ok -end - --- check if the data returned by :get() is considered empty -local function _is_empty(data, flags) - return flags and band(flags, NEGATIVE_FLAG) and data == EMPTY_DATA -end - --- save positive, encode the data if needed before :set() -local function _save_positive(self, key, data) - if DEBUG then - print("key: ", key, ". save positive, ttl: ", self.positive_ttl) - end - data = self.callbacks.encode(data) - return _set(self, key, data, self.positive_ttl, HIT_POSITIVE_STATE) -end - --- save negative, no encoding required (no data actually saved) -local function _save_negative(self, key) - if DEBUG then - print("key: ", key, ". save negative, ttl: ", self.negative_ttl) - end - return _set(self, key, EMPTY_DATA, self.negative_ttl, HIT_NEGATIVE_STATE) -end - --- save actualize, will boost a stale record to a live one -local function _save_actualize(self, key, data, flags) - local new_flags = bor(flags, STALE_FLAG) - - if DEBUG then - print("key: ", key, ". save actualize, ttl: ", self.actualize_ttl, - ". new state: ", get_status(new_flags)) - end - - _set(self, key, data, self.actualize_ttl, new_flags) - return new_flags -end - -local function _process_cached_data(self, data, flags) - if DEBUG then - print("data: ", data, st_format(", flags: %x", flags)) - end - - self.cache_state = flags - self.from_cache = true - - if _is_empty(data, flags) then - -- empty cached data - return nil - else - return self.callbacks.decode(data) - end -end - --- wrapper to get data from the shdict -local function _get(self, key) - -- always call get_stale() as it does not free element - -- like get does on each call - local data, flags, stale = self.shdict:get_stale(key) - - if data and stale then - if DEBUG then - print("found stale data for key : ", key) - end - - self.stale_data = { data, flags } - - return nil, nil - end - - return data, flags -end - -local function _get_stale(self) - local stale_data = self.stale_data - if stale_data then - return unpack(stale_data) - end - - return nil, nil -end - -local function load(self, key) - -- start: check for existing cache - local data, flags = _get(self, key) - - -- hit: process_cache_hit - if data then - data = _process_cached_data(self, data, flags) - return _return(self, data) - end - - -- miss: set lock - - -- lock: set a lock before performing external lookup - local lock = _get_lock(self) - local elapsed, err = lock:lock(key) - - if not elapsed then - -- failed to acquire lock, still proceed normally to external_lookup - -- unlock() might fail. - ngx.log(ngx.ERR, "failed to acquire the lock: ", err) - self.lock_status = 'ERROR' - -- _unlock won't try to unlock() without a valid lock - self.lock = nil - else - -- lock acquired successfuly - - if elapsed > 0 then - - -- elapsed > 0 => waited lock (other thread might have :set() the data) - -- (more likely to get a HIT on cache_load 2) - self.lock_status = 'WAITED' - - else - - -- elapsed == 0 => immediate lock - -- it is less likely to get a HIT on cache_load 2 - -- but still perform it (race condition cases) - self.lock_status = 'IMMEDIATE' - end - - -- perform cache_load 2 - data, flags = _get(self, key) - if data then - -- hit2 : process cache hit - - self.hit2 = true - - -- unlock before de-serializing cached data - _unlock(self) - data = _process_cached_data(self, data, flags) - return _return(self, data) - end - - -- continue to external lookup - end - - -- perform external lookup - data, err = self.callbacks.external_lookup() - - if data then - -- succ: save positive and return the data - - _save_positive(self, key, data) - return _return(self, data) - else - ngx.log(ngx.WARN, 'external lookup failed: ', err) - end - - -- external lookup failed - -- attempt to load stale data - data, flags = _get_stale(self) - if data and not _is_empty(data, flags) then - -- hit_stale + valid (positive) data - - flags = _save_actualize(self, key, data, flags) - -- unlock before de-serializing data - _unlock(self) - data = _process_cached_data(self, data, flags) - return _return(self, data) - end - - if DEBUG and data then - -- there is data, but it failed _is_empty() => stale negative data - print('STALE_NEGATIVE data => cache as a new HIT_NEGATIVE') - end - - -- nothing has worked, save negative and return empty - _save_negative(self, key) - return _return(self, nil) -end -M.load = load - -return M \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext-mount/README.md b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext-mount/README.md deleted file mode 100644 index ce00b06..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext-mount/README.md +++ /dev/null @@ -1,4 +0,0 @@ -README -=============== -Similar to the location-ext directory,but it's just a placeholder folder. -The folder may always be empty and you attach an external folder found outside the container or the virtual machine at the directory. \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext/README.md b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext/README.md deleted file mode 100644 index 58310a7..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/location-ext/README.md +++ /dev/null @@ -1,11 +0,0 @@ -README -=============== - -The directory to store configuration files that extends locations of the default listening server(e.g 10080). -The config file must be a *.conf file. For example: -#testlocation.conf -~~~ -location = /test { - echo "test ok"; -} -~~~ \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/msb.conf b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/msb.conf deleted file mode 100644 index 3a64ff9..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/msb-enabled/msb.conf +++ /dev/null @@ -1,218 +0,0 @@ -# -# Copyright (C) 2016 ZTE, Inc. and others. All rights reserved. (ZTE) -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -#the maximum allowed size of the client request body,current 10G -client_max_body_size 10240m; -client_body_buffer_size 128k; - -#set conf for proxy pass -proxy_connect_timeout 10s; -proxy_read_timeout 120s; -proxy_send_timeout 120s; -proxy_set_header X-Real-IP $remote_addr; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header Host $host:$server_port; -proxy_buffers 4 16k; - -#set the nginx_cache parameter -proxy_cache_path temp/proxy_cache levels=1:2 keys_zone=nginx_cache:100m inactive=1d max_size=1g; -proxy_cache_key $host$uri$is_args$args; -proxy_cache_revalidate on; -proxy_cache_min_uses 3; -proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; -proxy_cache_lock on; - -# Lua settings -lua_package_path "$prefix/../lualib/?.lua;$prefix/luaext/?.lua;;"; -lua_package_cpath "$prefix/../lualib/?.so;;"; -lua_shared_dict rr_cache 1M; -lua_shared_dict rr_locks 100k; - -lua_shared_dict svc_cache 5M; -lua_shared_dict locks 200k; - -lua_code_cache on; - -# Basic reverse proxy server processor -upstream defaultbackend { - server 0.0.0.1; - balancer_by_lua_file luaext/loadbalance/balancer.lua; - #keepalive 10; -} - -server { - listen 10080; - default_type text/html; - - # the flag identify whether to check doing internal redirect or not - set $websocket_internal_redirect "on"; - - location = /msb { - #try_files $uri @defaulthomepage; - rewrite ^ /iui/microservices/default.html redirect; - } - - location = /iui/microservices { - try_files $uri @addslash; - } - - location @addslash { - return 302 $scheme://$http_host$uri/; - } - - location @defaulthomepage { - return 302 $scheme://$http_host/iui/microservices/default.html; - } - - error_page 410 = @commonnotfound; - - location @commonnotfound { - set $svc_type "custom"; - set $svc_name ""; - set $svc_url ""; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/customrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name; - } - - location @customwebsocket { - set $websocket_internal_redirect "off"; - #set header for websocket - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $host:$server_port; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/customrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - } - - location @commonwebsocket { - set $websocket_internal_redirect "off"; - #set header for websocket - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $host:$server_port; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/commonrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - } - - location / { - set $svc_type "custom"; - set $svc_name ""; - set $svc_url ""; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/customrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name; - } - - location ~ ^/(api|admin|apijson)(/[Vv]\d+(?:\.\d+)*)?/([^/]+)(/[Vv]\d+(?:\.\d+)*)?(.*) { - set $svc_type $1; - set $svc_name $3; - set $svc_version1 $2; - set $svc_version2 $4; - set $req_res $5; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/commonrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - } - - location ~* ^/iui/([^/]+)(.*)\.(png|jpg|jpeg|gif|ico|bmp|woff)$ { - set $svc_type "iui"; - set $svc_name $1; - set $req_res $2.$3; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/commonrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_cache nginx_cache; - add_header X-Cache-Status $upstream_cache_status; - proxy_pass http://$backend; - } - - location ~ ^/iui/([^/]+)(.*) { - set $svc_type "iui"; - set $svc_name $1; - set $req_res $2; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/commonrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_pass http://$backend; - } - - location ~* \.(?:png|jpg|jpeg|gif|ico|bmp|woff)$ { - set $svc_type "custom"; - set $svc_name ""; - set $svc_url ""; - set $backend "defaultbackend"; - - #rewrite by the lua file - rewrite_by_lua_file luaext/rewrite/customrewrite.lua; - #log by the lua file - log_by_lua_file luaext/log/logger.lua; - - proxy_cache nginx_cache; - add_header X-Cache-Status $upstream_cache_status; - proxy_pass http://$backend; - proxy_redirect http://$host:$server_port$svc_url http://$host:$server_port$svc_name; - } - - location = /favicon.ico { - log_not_found off; - } - include ../msb-enabled/location-ext/*.conf; - include ../msb-enabled/location-ext-mount/*.conf; -} \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.exe b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.exe deleted file mode 100644 index c6e8fc2..0000000 Binary files a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.exe and /dev/null differ diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.xml b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.xml deleted file mode 100644 index ced7188..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/openrestyService.xml +++ /dev/null @@ -1,13 +0,0 @@ - - msb_openresty - msb_openresty - This service runs openresty. - %BASE% - - nginx.exe - nginx.exe - -s - stop - rotate - - \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled-mount/README.md b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled-mount/README.md deleted file mode 100644 index 6b443bc..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled-mount/README.md +++ /dev/null @@ -1,4 +0,0 @@ -README -=============== -Similar to the sites-enabled directory,but it's just a placeholder folder. -The folder may always be empty and you attach an external folder found outside the container or the virtual machine at the directory. \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled/README.md b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled/README.md deleted file mode 100644 index d57d687..0000000 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/sites-enabled/README.md +++ /dev/null @@ -1,15 +0,0 @@ -README -=============== - -The directory to store configuration files that configs another server except the default listening server(e.g 10080). -The config file must be a *.conf file. For example: -#server1.conf -~~~ -server { - listen 20080; - - location =/info { - echo "another server 20080"; - } -} -~~~ \ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/stream-enabled/placeholder.txt b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/stream-enabled/placeholder.txt deleted file mode 100644 index e69de29..0000000 -- cgit 1.2.3-korg