This type abstracts the function_query type and introduces an
interface for testing and substitution.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
Enables publishing to various topics according to annotations
on the functions. The function cache is moved up one level so
that it can be shared between the scale from zero code and the
queue proxy.
Unit tests added for new internal methods.
Tested e2e with arkade and the newest queue-worker and RC
gateway image with two queues and an annotation on one of the
functions of com.openfaas.queue. It worked as expected including
with multiple namespace support.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
Propagates the context to upstream requests so that
cancellation can cascade.
Closes: #1501 by @SpaWn2KiLl which was not signed-off.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
* This experimental patch records metrics as invocations start
so that the metrics can be used to make better scale to zero
decisions in faas-idler.
Tested with Kubernetes on a single-node cluster, metrics
reported as expected. Existing metrics still report.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
Allows alerts to trigger functions to scale when they
also have an optional namespace set.
Tested e2e with Kubernetes 1.15 and a non-default namespace.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
When coupled with the latest version of faas-netes, the gateway
can now invoke, query and deploy functions into alternative
namespaces.
Tested e2e by creating a namespace "fn" and deploying, then
invoking a function deployed there and in the default namespace.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
This patch enables the use-case for multiple namepsaces by
allowing a dot to be used in the function name.
dep has been run to update OpenFaaS projects and also to
prune unused files.
Tested by doing a build.
Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
With this change /system/info endpoint is going to give
information about the platform architecture it is running on
(arm64, armhf, x86_64)
Signed-off-by: Ivana Yovcheva (VMware) <iyovcheva@vmware.com>
**What**
- Use NotImplemented when we get a 404 from the log provider. When we
get a 200, process the log request, as normal. For all other status
codes, return a sever error with a message stating that the
response was unexpected. The message will contain the original status
code to assist with debugging
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Fix missing imports since my ide forgot to add the "time" package
- Update the tests to accept the handler timeout duration
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Pass the writetimeout to the logs handler to set the context timeout
of the log stream.
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Add test to verify that the log proxy shutsdown correctly when the
client cancels
- Add test to verify that the log proxy shutsdown correctly when the
logs provider closes the connection
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
**What**
- Implement log handler method that will hijack the connection and clear
timeouts to allow long lived streams
- Proxies requests to the logs provider and returns the response
unmodified
Signed-off-by: Lucas Roesler <roesler.lucas@gmail.com>
This corrects an issue where the error body was being hidden
for the external auth handler. It also adds the ca-certs into
the runtime Docker image for when the gateway is calling an
external plugin exposed over HTTPS.
Tested with OAuth2 plugin.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
Fixes issue by adding unit test to make sure the body from
the plugin is written correctly and proxied to the client.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
Fix for external auth wrapper handler. Written by introducing
a broken unit test. Whenever the auth plugin returns a request
as not authorized, we must pass back any headers set by the
plugin.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
Fixes issue found in e2e testing where the headers were not
being passed to the basic-auth-plugin. This change makes sure
the upstream check gets all headers copied in before making
the call.
Tested with negative unit tests before writing fix.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
An explicit timeout is passed to the handler and a new unit test
proves that the functionality is in place. A additional return
statement was needed in the handler as pointed out by
@stefanprodan.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
This commit adds an external auth handler which can be used to
wrap existing handlers, so that they delegate their requests
to an upstream URL before allowing a request to pass through
to an upstream API.
New handler tested with unit tests.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
Requested by @LucasRoesler - removes headers detailed in HTTP
spec which are not supposed to be forwarded by proxies or
gateways.
Signed-off-by: Alex Ellis <alexellis2@gmail.com>
- max_conns / idle / per host are now read from env-vars and have
defaults set to 1024 for both values
- logging / metrics are collected in the client transaction
rather than via defer (this may impact throughput)
- function cache moved to use RWMutex to try to improve latency
around locking when updating cache
- logging message added to show latency in running GetReplicas
because this was observed to increase in a linear fashion under
high concurrency
- changes tested against 3-node bare-metal 1.13 K8s cluster
with kubeadm
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
- due to what appears to be a frequent issue with the Go HTTP
client some tweaks were needed to the HTTP client used for
reverse proxying to prevent CoreDNS from rejecting connections.
The following PRs / commits implement similar changes in
Prometheus and Minio.
https://github.com/prometheus/prometheus/pull/3592https://github.com/minio/minio/pull/5860
Under a 3-node (1-master) kubeadm cluster running on bare
metal with Ubuntu 18.04 I was able to send 100k requests
with 1000 being concurrent with no errors being returned
by hey.
```
hey -n 100000 -c 1000 -m=POST -d="hi" \
http://192.168.0.26:31112/function/go-echo
```
The go-echo function is based upon the golang-http
template in the function store using the of-watchdog.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
- the order of http_requests_total was shown to be incorrect in
testing. This fixes the order as per
http_request_duration_seconds.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
- according to discussion in #1013 all unicode characters are
valid label values - this commit allows the original path to be
retained.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
- instruments async handler for report and for queueing async
requests
- make MustRegister only ever run once to prevent sync issues
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
- extracting this package means it can be used in other components
such as the asynchronous nats-queue-worker which may need to
invoke functions which are scaled down to zero replicas.
Ref: https://github.com/openfaas/nats-queue-worker/issues/32
Tested on Docker Swarm for scaling up, already scaled and not
found error.
Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
