nginx simplify: (#259)

- add custom init script for ./docker-entrypoint.d/ to setup resolver from local /etc/resolv.conf - custom init script also removes default.conf, and removes minio route if NO_MINIO_ROUTE=1 is set - assign template vars to nginx vars to avoid conflicts when interpolating - k8s: remove initContainers and volumes, now handled via custom init script in image
2022-06-13 11:53:15 -07:00 · 2022-06-13 11:53:15 -07:00 · 68ec582f73
commit 68ec582f73
parent d16c22f45a
5 changed files with 29 additions and 37 deletions
--- a/chart/templates/frontend.yaml
+++ b/chart/templates/frontend.yaml
@ -30,36 +30,10 @@ spec:
        nodeType: {{ .Values.main_node_type }}
      {{- end }}

-      volumes:
-        - name: nginx-resolver
-          emptyDir: {}
-
-        - name: nginx-extra-includes
-          emptyDir: {}
-
-      initContainers:
-        - name: init-nginx
-          image: {{ .Values.nginx_image }}
-          command: ["/bin/sh"]
-          args: ["-c", "echo resolver $(awk 'BEGIN{ORS=\" \"} $1==\"nameserver\" {print $2}' /etc/resolv.conf) valid=30s \";\" > /etc/nginx/resolvers/resolvers.conf"]
-          volumeMounts:
-            - name: nginx-resolver
-              mountPath: /etc/nginx/resolvers/
-
      containers:
        - name: nginx
          image: {{ .Values.nginx_image }}
          imagePullPolicy: {{ .Values.nginx_pull_policy }}
-          volumeMounts:
-            - name: nginx-resolver
-              mountPath: /etc/nginx/resolvers/
-              readOnly: true
-
-            # adding to override /etc/nginx/includes/locations.conf with empty dir for now
-            - name: nginx-extra-includes
-              mountPath: /etc/nginx/includes/
-              readOnly: true
-
          env:
            - name: BACKEND_HOST
              value: {{ .Values.name }}-backend
@ -70,6 +44,9 @@ spec:
            - name: CRAWLER_SVC_SUFFIX
              value: ".crawl-$crawl"

+            - name: NO_MINIO_ROUTE
+              value: "1"
+
          resources:
            limits:
              cpu: {{ .Values.nginx_limits_cpu }}
--- a/frontend/00-default-override-resolver-config.sh
+++ b/frontend/00-default-override-resolver-config.sh
@ -0,0 +1,14 @@
+#!/bin/bash
+
+# remove old config
+rm /etc/nginx/conf.d/default.conf
+
+if [ "$NO_MINIO_ROUTE" == "1" ]; then
+  echo "clearning out minio route"
+  echo "" > /etc/nginx/includes/minio.conf
+fi
+
+mkdir -p /etc/nginx/resolvers/
+echo resolver $(awk 'BEGIN{ORS=" "} $1=="nameserver" {print $2}' /etc/resolv.conf) valid=30s ";" > /etc/nginx/resolvers/resolvers.conf
+
+cat /etc/nginx/resolvers/resolvers.conf
--- a/frontend/Dockerfile
+++ b/frontend/Dockerfile
@ -35,11 +35,7 @@ COPY --from=build /app/dist /usr/share/nginx/html

 COPY ./nginx.conf /etc/nginx/nginx.conf
 COPY ./frontend.conf.template /etc/nginx/templates/
+COPY ./minio.conf /etc/nginx/includes/

-# default docker resolver, overridden in k8s
-RUN rm /etc/nginx/conf.d/*; \
-    mkdir -p /etc/nginx/includes/; \
-    mkdir -p /etc/nginx/resolvers; echo "resolver 127.0.0.11;" > /etc/nginx/resolvers/resolvers.conf
-    #mkdir -p /etc/nginx/resolvers; echo "" > /etc/nginx/resolvers/resolvers.conf
+ADD ./00-default-override-resolver-config.sh ./docker-entrypoint.d/

-COPY ./locations.conf /etc/nginx/includes/
--- a/frontend/frontend.conf.template
+++ b/frontend/frontend.conf.template
@ -42,9 +42,12 @@ server {
      set $crawl $2;
      set $num $3;
      set $auth_bearer $arg_auth_bearer;
+      set $svc_suffix "${CRAWLER_SVC_SUFFIX}";
+      set $fqdn_suffix "${CRAWLER_FQDN_SUFFIX}";
+
      auth_request  /access_check;

-      proxy_pass http://crawl-$crawl-$num${CRAWLER_SVC_SUFFIX}${CRAWLER_FQDN_SUFFIX}:9037/ws;
+      proxy_pass http://crawl-$crawl-$num$svc_suffix$fqdn_suffix:9037/ws;
      proxy_set_header Host "localhost";

      proxy_http_version 1.1;
@ -63,10 +66,11 @@ server {
      set $browserid $1;
      set $auth_bearer $arg_auth_bearer;
      set $archive $arg_aid;
+      set $fqdn_suffix "${CRAWLER_FQDN_SUFFIX}";
+
      auth_request  /access_check_profiles;

-      #proxy_pass http://$browser_ip:9222/$2/page/$3;
-      proxy_pass http://browser-$browserid-0.browser-$browserid${CRAWLER_FQDN_SUFFIX}:9222/$2/page/$3;
+      proxy_pass http://browser-$browserid-0.browser-$browserid$fqdn_suffix:9222/$2/page/$3;
      proxy_set_header Host "localhost";

      proxy_http_version 1.1;
@ -83,8 +87,9 @@ server {

    location ~* /loadbrowser/([^/]+)/(.*) {
      set $browserid $1;
-      #proxy_pass http://$browser_ip:9222/$2;
-      proxy_pass http://browser-$browserid-0.browser-$browserid${CRAWLER_FQDN_SUFFIX}:9222/$2;
+      set $fqdn_suffix "${CRAWLER_FQDN_SUFFIX}";
+
+      proxy_pass http://browser-$browserid-0.browser-$browserid$fqdn_suffix:9222/$2;
      proxy_set_header Host "localhost";

      proxy_http_version 1.1;
--- a/frontend/locations.conf
+++ b/frontend/locations.conf