From d36c2f3102042784793a24b45f341ccaa8aff86d Mon Sep 17 00:00:00 2001
From: mike12345567 <me@michaeldrury.co.uk>
Date: Tue, 5 Jan 2021 16:04:12 +0000
Subject: [PATCH] Initial state of swapping to envoy from nginx, this isn't
 fully functional, still need to make the builder use it and need to get URL
 re-writing working.

---
 ...docker-compose.yml => docker-compose.yaml} | 23 +++--
 hosting/envoy.yaml                            | 91 +++++++++++++++++++
 hosting/hosting.properties                    |  1 +
 hosting/nginx.conf                            | 64 -------------
 4 files changed, 105 insertions(+), 74 deletions(-)
 rename hosting/{docker-compose.yml => docker-compose.yaml} (84%)
 create mode 100644 hosting/envoy.yaml
 delete mode 100644 hosting/nginx.conf

diff --git a/hosting/docker-compose.yml b/hosting/docker-compose.yaml
similarity index 84%
rename from hosting/docker-compose.yml
rename to hosting/docker-compose.yaml
index 65d89d2b0f..184e340ce4 100644
--- a/hosting/docker-compose.yml
+++ b/hosting/docker-compose.yaml
@@ -6,13 +6,13 @@ services:
     volumes: 
       - ./server:/app
     ports:
-      - "${APP_PORT}:${APP_PORT}"
+      - "${APP_PORT}:4002"
     environment:
       SELF_HOSTED: 1 
       COUCH_DB_URL: http://${COUCH_DB_USER}:${COUCH_DB_PASSWORD}@couchdb-service:5984
       BUDIBASE_ENVIRONMENT: ${BUDIBASE_ENVIRONMENT}
       LOGO_URL: ${LOGO_URL}
-      PORT: ${APP_PORT}
+      PORT: 4002
       HOSTING_URL: ${HOSTING_URL}
       MINIO_PORT: ${MINIO_PORT}
       JWT_SECRET: ${JWT_SECRET}
@@ -22,19 +22,18 @@ services:
   worker-service:
     build: ./worker
     ports:
-      - "${WORKER_PORT}:${WORKER_PORT}"
+      - "${WORKER_PORT}:4003"
     environment:
       SELF_HOSTED: 1,
       DEPLOYMENT_API_KEY: ${WORKER_API_KEY}
-      PORT: ${WORKER_PORT}
+      PORT: 4003
       MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY}
       MINIO_SECRET_KEY: ${MINIO_SECRET_KEY}
-      RAW_MINIO_URL: http://nginx-service:5001
+      RAW_MINIO_URL: http://minio-service:9000
       COUCH_DB_USERNAME: ${COUCH_DB_USER}
       COUCH_DB_PASSWORD: ${COUCH_DB_PASSWORD}
       RAW_COUCH_DB_URL: http://couchdb-service:5984
     depends_on:
-      - nginx-service
       - minio-service
       - couch-init
 
@@ -54,14 +53,18 @@ services:
       timeout: 20s
       retries: 3
 
-  nginx-service:
-    image: nginx:1.19.2-alpine
+  proxy-service:
+    image: envoyproxy/envoy:v1.16-latest
     volumes:
-      - ./nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./envoy.yaml:/etc/envoy/envoy.yaml
     ports:
-      - "${MINIO_PORT}:5001"
+      - "${MAIN_PORT}:10000"
+      - "9901:9901"
     depends_on:
       - minio-service
+      - worker-service
+      - app-service
+      - couchdb-service
 
   couchdb-service:
     image: apache/couchdb:3.0
diff --git a/hosting/envoy.yaml b/hosting/envoy.yaml
new file mode 100644
index 0000000000..f9bbc49025
--- /dev/null
+++ b/hosting/envoy.yaml
@@ -0,0 +1,91 @@
+admin:
+  access_log_path: /tmp/admin_access.log
+  address:
+    socket_address: { address: 0.0.0.0, port_value: 9901 }
+
+static_resources:
+  listeners:
+  - name: main_listener
+    address:
+      socket_address: { address: 0.0.0.0, port_value: 10000 }
+    filter_chains:
+    - filters:
+      - name: envoy.filters.network.http_connection_manager
+        typed_config:
+          "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+          stat_prefix: ingress_http
+          codec_type: auto
+          route_config:
+            name: local_route
+            virtual_hosts:
+            - name: local_services
+              domains: ["*"]
+              routes:
+              - match: { prefix: "/app" }
+                route: { cluster: app-service }
+              - match: { prefix: "/obj" }
+                route: { cluster: minio-service }
+              - match: { prefix: "/worker" }
+                route: { cluster: worker-service }
+              - match: { prefix: "/db" }
+                route: { cluster: couchdb-service }
+          http_filters:
+          - name: envoy.filters.http.router
+
+  clusters:
+  - name: app-service
+    connect_timeout: 0.25s
+    type: strict_dns
+    lb_policy: round_robin
+    load_assignment:
+      cluster_name: app-service
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address: 
+                address: app-service
+                port_value: 4002
+
+  - name: minio-service
+    connect_timeout: 0.25s
+    type: strict_dns
+    lb_policy: round_robin
+    load_assignment:
+      cluster_name: minio-service
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: minio-service
+                port_value: 9000
+
+  - name: worker-service
+    connect_timeout: 0.25s
+    type: strict_dns
+    lb_policy: round_robin
+    load_assignment:
+      cluster_name: worker-service
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address: 
+                address: worker-service
+                port_value: 4003
+
+  - name: couchdb-service
+    connect_timeout: 0.25s
+    type: strict_dns
+    lb_policy: round_robin
+    load_assignment:
+      cluster_name: couchdb-service
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: couchdb-service
+                port_value: 5984
+
diff --git a/hosting/hosting.properties b/hosting/hosting.properties
index 35df12f07b..4f57f0278d 100644
--- a/hosting/hosting.properties
+++ b/hosting/hosting.properties
@@ -6,6 +6,7 @@ WORKER_API_KEY=budibase
 BUDIBASE_ENVIRONMENT=PRODUCTION
 HOSTING_URL=http://localhost
 LOGO_URL=https://logoipsum.com/logo/logo-15.svg
+MAIN_PORT=10000
 APP_PORT=4002
 WORKER_PORT=4003
 MINIO_PORT=4004
diff --git a/hosting/nginx.conf b/hosting/nginx.conf
deleted file mode 100644
index 4782d7a0b1..0000000000
--- a/hosting/nginx.conf
+++ /dev/null
@@ -1,64 +0,0 @@
-
-user  nginx;
-worker_processes  auto;
-
-error_log  /var/log/nginx/error.log warn;
-pid        /var/run/nginx.pid;
-
-
-events {
-    worker_connections  1024;
-}
-
-
-http {
-    include       /etc/nginx/mime.types;
-    default_type  application/octet-stream;
-
-    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-                      '$status $body_bytes_sent "$http_referer" '
-                      '"$http_user_agent" "$http_x_forwarded_for"';
-
-    access_log  /var/log/nginx/access.log  main;
-
-    sendfile        on;
-    #tcp_nopush     on;
-
-    keepalive_timeout  65;
-
-    #gzip  on;
-
-    # include /etc/nginx/conf.d/*.conf;
-
-    upstream minio {
-        # if adding more minio services to cluster add them here
-        server minio-service:9000;
-    }
-
-    server {
-        listen       5001;
-        listen  [::]:5001;
-        server_name  localhost;
-
-         # To allow special characters in headers
-         ignore_invalid_headers off;
-         client_max_body_size 100m;
-         # To disable buffering
-         proxy_buffering off;
-
-        location / {
-            proxy_set_header Host $http_host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto $scheme;
-
-            proxy_connect_timeout 300;
-            # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
-            proxy_http_version 1.1;
-            proxy_set_header Connection "";
-            chunked_transfer_encoding off;
-
-            proxy_pass http://minio;
-        }
-    }
-}