bahamut: go.aporeto.io/bahamut/gateway Index | Files

package gateway

import "go.aporeto.io/bahamut/gateway"

Index

Package Files

buffers.go errors.go extractors.go gateway.go interfaces.go limiter.go listener.go options.go rewriters.go utils.go

Variables

var ErrUpstreamerTooManyRequests = errors.New("Please retry in a moment")

ErrUpstreamerTooManyRequests can be returned to instruct the bahamut.Gateway to return to stop routing and return a a 429 Too Many Request error to the client.

type ErrorWriter Uses

type ErrorWriter func(w http.ResponseWriter, r *http.Request, eerr elemental.Error)

ErrorWriter is a function that can be used to return a standard formatted error to the client.

type Gateway Uses

type Gateway interface {
    Start()
    Stop()
}

A Gateway can be used as an api gateway.

func New Uses

func New(listenAddr string, upstreamer Upstreamer, options ...Option) (Gateway, error)

New returns a new Gateway.

type InterceptorAction Uses

type InterceptorAction int

A InterceptorAction represents the decision on how to continue handling the request

const (
    // InterceptorActionForward means the Gateway will continue forwarding the request.
    // In that case the Interceptor must only modify the request, and MUST NOT use
    // the HTTP response writer.
    InterceptorActionForward InterceptorAction = iota + 1

    // InterceptorActionForwardWS means the Gateway will continue forwarding the request as a websocket.
    // In that case the Interceptor must only modify the request, and MUST NOT use
    // the HTTP response writer.
    InterceptorActionForwardWS

    // InterceptorActionForwardDirect means the Gateway will continue forwarding the request directly.
    // In that case the Interceptor must only modify the request, and MUST NOT use
    // the HTTP response writer.
    InterceptorActionForwardDirect

    // InterceptorActionStop means the interceptor handled the request
    // and the gateway will not do anything more.
    InterceptorActionStop
)

type InterceptorFunc Uses

type InterceptorFunc func(w http.ResponseWriter, req *http.Request, ew ErrorWriter) (action InterceptorAction, upstream string, err error)

An InterceptorFunc is a function that can be used to intercept and request based on its prefix and apply custom operation and returns an InterceptorAction to tell the gateway it should proceed from there. If it returns an error, the error is returned to the client as an internal server error.

NOTE: It is not possible to rewrite the request. To do so, you can use a RequestRewriter.

type LatencyBasedUpstreamer Uses

type LatencyBasedUpstreamer interface {
    CollectLatency(address string, responseTime time.Duration)
    Upstreamer
}

A LatencyBasedUpstreamer is the interface that can circle back response time as an input for Upstreamer decision.

type Option Uses

type Option func(*gwconfig)

A Option represents possible options for the Gateway.

func OptionAdditionnalAllowedCORSOrigin Uses

func OptionAdditionnalAllowedCORSOrigin(origins []string) Option

OptionAdditionnalAllowedCORSOrigin sets allowed CORS origin. If set, the gateway will mirror whatever is in the upcoming request Origin header as long as there is a match.

func OptionAllowedCORSOrigin Uses

func OptionAllowedCORSOrigin(origin string) Option

OptionAllowedCORSOrigin sets allowed CORS origin. If set to empty, or "*", the gateway will mirror whatever is set in the upcoming request Origin header. This is not secure to be used in production when a browser is calling the gateway.

By default, it is set to "*"

func OptionBlockOpenTracingHeaders Uses

func OptionBlockOpenTracingHeaders(block bool) Option

OptionBlockOpenTracingHeaders configures if the gateway should strip any open tracing related header coming from the clients.

func OptionEnableMaintenance Uses

func OptionEnableMaintenance(enabled bool) Option

OptionEnableMaintenance enables the maintenance mode.

func OptionEnableProxyProtocol Uses

func OptionEnableProxyProtocol(enabled bool, subnet string) Option

OptionEnableProxyProtocol enables and configure the support for ProxyProtocol.

func OptionEnableTrace Uses

func OptionEnableTrace(enabled bool) Option

OptionEnableTrace enables deep oxy logging.

func OptionExposePrivateAPIs Uses

func OptionExposePrivateAPIs(enabled bool) Option

OptionExposePrivateAPIs configures if the gateway should expose the private apis.

func OptionHTTPTimeouts Uses

func OptionHTTPTimeouts(read, write, idle time.Duration, disableKeepAlive bool) Option

OptionHTTPTimeouts configures the HTTP timeouts.

func OptionMetricsManager Uses

func OptionMetricsManager(metricsManager bahamut.MetricsManager) Option

OptionMetricsManager registers set the MetricsManager to use. This will enable response time load balancing of endpoints.

func OptionRegisterExactInterceptor Uses

func OptionRegisterExactInterceptor(path string, f InterceptorFunc) Option

OptionRegisterExactInterceptor registers a given InterceptorFunc for the given path.

func OptionRegisterPrefixInterceptor Uses

func OptionRegisterPrefixInterceptor(prefix string, f InterceptorFunc) Option

OptionRegisterPrefixInterceptor registers a given InterceptorFunc for the given path prefix.

func OptionRegisterSuffixInterceptor Uses

func OptionRegisterSuffixInterceptor(prefix string, f InterceptorFunc) Option

OptionRegisterSuffixInterceptor registers a given InterceptorFunc for the given path suffix.

func OptionServerTLSConfig Uses

func OptionServerTLSConfig(tlsConfig *tls.Config) Option

OptionServerTLSConfig sets the tls.Config to use for the front end server.

func OptionSetCustomRequestRewriter Uses

func OptionSetCustomRequestRewriter(r RequestRewriter) Option

OptionSetCustomRequestRewriter sets a custom RequestRewriter.

func OptionSetCustomResponseRewriter Uses

func OptionSetCustomResponseRewriter(r ResponseRewriter) Option

OptionSetCustomResponseRewriter sets a custom ResponseRewriter.

func OptionSourceRateLimiting Uses

func OptionSourceRateLimiting(rps rate.Limit, burst int) Option

OptionSourceRateLimiting sets the rate limit for a single source. If OptionSourceRateLimiting option is used, this option has no effect.

func OptionSourceRateLimitingDynamic Uses

func OptionSourceRateLimitingDynamic(rateExtractor RateExtractor) Option

OptionSourceRateLimitingDynamic sets the RateExtractor to use to dynamically set the rates for a uniquely identified client. If this option is used, OptionSourceRateLimiting has no effect.

func OptionSourceRateLimitingSourceExtractor Uses

func OptionSourceRateLimitingSourceExtractor(sourceExtractor SourceExtractor) Option

OptionSourceRateLimitingSourceExtractor configures a custom SourceExtractor to decide how to uniquely identify a client. The default one uses a hash of the authorization header. Passing nil will reset to the default source extractor.

func OptionTCPClientMaxConnections Uses

func OptionTCPClientMaxConnections(maxConnections int) Option

OptionTCPClientMaxConnections sets the maximum number of TCP connections a client can do at the same time. 0 means no limit. If the sourceExtractor is nil, the default one will be used, which uses the request's RemoteAddr as token.

func OptionTCPClientMaxConnectionsSourceExtractor Uses

func OptionTCPClientMaxConnectionsSourceExtractor(sourceExtractor SourceExtractor) Option

OptionTCPClientMaxConnectionsSourceExtractor sets the source extractor to use to uniquely identify a client TCP connection. The default one uses the http.Request RemoteAddr property. Passing nil will reset to the default source extractor.

func OptionTCPGlobalRateLimiting Uses

func OptionTCPGlobalRateLimiting(cps rate.Limit, burst int) Option

OptionTCPGlobalRateLimiting enables and configures the TCP rate limiter to the rate of the total number of TCP connection the gateway handle.

func OptionTrustForwardHeader Uses

func OptionTrustForwardHeader(trust bool) Option

OptionTrustForwardHeader configures if the gateway should strip the X-Forwarded-For and X-Real-IP header or not.

func OptionUpstreamConfig Uses

func OptionUpstreamConfig(
    upstreamMaxConnsPerHost int,
    upstreamMaxIdleConns int,
    upstreamMaxIdleConnsPerHost int,
    upstreamTLSHandshakeTimeout time.Duration,
    upstreamIdleConnTimeout time.Duration,
    upstreamCircuitBreakerCond string,
    useHTTP2 bool,
) Option

OptionUpstreamConfig configures the connections to the upstream backends.

func OptionUpstreamTLSConfig Uses

func OptionUpstreamTLSConfig(tlsConfig *tls.Config) Option

OptionUpstreamTLSConfig sets the tls.Config to use for the upstream servers.

func OptionUpstreamURLScheme Uses

func OptionUpstreamURLScheme(scheme string) Option

OptionUpstreamURLScheme sets the URL scheme to use to connect to the upstreams. default is https.

type RateExtractor Uses

type RateExtractor interface {

    // ExtractRates will be called to decide what would be the rate to
    // given a request.
    ExtractRates(r *http.Request) (rate.Limit, int, error)
}

A RateExtractor is used to decide rates per token. This allows to perform advanced computation to determine how to rate limit one unique client.

type RequestRewriter Uses

type RequestRewriter func(req *http.Request, private bool) error

A RequestRewriter can be used to rewrite the request before it is sent to the upstream. The private parameter tells if the gateway is configured or not to serve the private APIs.

type ResponseRewriter Uses

type ResponseRewriter func(*http.Response) error

A ResponseRewriter can be used to rewrite the response before it is sent back to the client

type SourceExtractor Uses

type SourceExtractor interface {

    // ExtractSource will be called to decide what would be the rate to
    // given a request.
    ExtractSource(req *http.Request) (token string, err error)
}

A SourceExtractor is used to extract a token (or key) used to keep track of a single source.

type Upstreamer Uses

type Upstreamer interface {

    // Upstream is called by the bahamut.Gateway for each incoming request
    // in order to find which upstream to forward the request to, based
    // on the incoming http.Request and any other details the implementation
    // whishes to. Needless to say, it must be fast or it would severely degrade
    // the performances of the bahamut.Gateway.
    //
    // The request state must not be changed from this function.
    //
    // The returned upstream is a string in the form "https://10.3.19.4".
    // If it is empty, the bahamut.Gayeway will return a
    // 503 Service Unavailable error.
    //
    // If Upstream returns an error, the bahamut.Gayeway will check for a
    // known ErrUpstreamerX and will act accordingly. Otherwise it will
    // return the error as a 500 Internal Server Error.
    Upstream(req *http.Request) (upstream string, err error)
}

An Upstreamer is the interface that can compute upstreams.

Package gateway imports 30 packages (graph). Updated 2020-11-30. Refresh now. Tools for package owners.