wireapp · jschaul · Jan 4, 2022 · Jan 3, 2022 · Jan 3, 2022 · Jan 4, 2022
@@ -1,5 +1,6 @@
 **/.*
 **/dist
+**/dist-buildah
 **/target
 **/*.aci
 **/*.tgz

@@ -8,7 +8,7 @@ DOCKER_TAG            ?= $(USER)
 # default helm chart version must be 0.0.42 for local development (because 42 is the answer to the universe and everything)
 HELM_SEMVER           ?= 0.0.42
 # The list of helm charts needed for integration tests on kubernetes
-CHARTS_INTEGRATION    := wire-server databases-ephemeral fake-aws nginx-ingress-controller nginx-ingress-services wire-server-metrics fluent-bit kibana
+CHARTS_INTEGRATION    := wire-server databases-ephemeral fake-aws nginx-ingress-controller nginx-ingress-services wire-server-metrics fluent-bit kibana sftd
 # The list of helm charts to publish on S3
 # FUTUREWORK: after we "inline local subcharts",
 # (e.g. move charts/brig to charts/wire-server/brig)

@@ -0,0 +1 @@
+SFTD chart: provide a /sft_servers_all.json url that can be used by brig to populate /calls/config/v2
@@ -17,4 +17,8 @@ data:
         proxy_pass http://$1.{{ include "sftd.fullname" . }}.${POD_NAMESPACE}.svc.cluster.local:8585/$2;
       }
 
+      location ~ ^/sft_servers_all.json$ {
+        root /etc/wire/sftd-disco/;
+      }
+
     }
@@ -26,7 +26,20 @@ spec:
         - name: nginx-config
           configMap:
             name: {{ include "sftd.fullname" . }}-join-call
+        - name: sftd-disco
+          emptyDir: {}
       containers:
+        - name: sftd-disco
+          image: quay.io/wire/sftd_disco:wip-2 # TODO configure + version
+          volumeMounts:
+          - name: sftd-disco
+            mountPath: /etc/wire/sftd-disco
+            readOnly: false
+          command:
+            - "/bin/sh"
+            - "-c"
+            - |
+              /usr/bin/sftd_disco.sh _sft._tcp.{{ include "sftd.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
         - name: nginx
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
@@ -50,6 +63,9 @@ spec:
             - mountPath: /etc/nginx/conf.d/default.conf.template
               name: nginx-config
               subPath: default.conf.template
+            - name: sftd-disco
+              mountPath: /etc/wire/sftd-disco
+              readOnly: true
           env:
             - name: POD_NAMESPACE
               valueFrom:

@@ -25,3 +25,7 @@ spec:
             backend:
               serviceName: "{{ include "sftd.fullname" . }}-join-call"
               servicePort: http
+          - path: /sft_servers_all.json
+            backend:
+              serviceName: "{{ include "sftd.fullname" . }}-join-call"
+              servicePort: http
@@ -1,4 +1,4 @@
-FROM alpine:3.12.3
+FROM alpine:3.15.0
 
 RUN apk add --no-cache curl bash openssl bind-tools
 

@@ -1,6 +1,6 @@
 # nginz-disco
 
-Due to nginx not supporting DNS names for its list of upstream servers (unless you pay extra), the nginz-disco container is a simple bash script to do DNS lookups and write the resulting IPs to a file. Nginz reloads on changes to this file. 
+Due to nginx not supporting DNS names for its list of upstream servers (unless you pay extra), the nginz-disco container is a simple bash script to do DNS lookups and write the resulting IPs to a file. Nginz reloads on changes to this file.
 
-This is useful as a sidecar container to nginz in kubernetes. See also [wire-server-deploy/nginz](https://github.com/wireapp/wire-server-deploy/charts/nginz/) <!-- todo: this link is broken >
+This is useful as a sidecar container to nginz in kubernetes. See also [the nginz helm chart](https://github.com/wireapp/wire-server/tree/develop/charts/nginz/)
 
@@ -0,0 +1,7 @@
+FROM alpine:3.15.0
+
+RUN apk add --no-cache curl bash openssl bind-tools jq
+
+COPY tools/sftd_disco/sftd_disco.sh /usr/bin/sftd_disco.sh
+
+ENTRYPOINT ["/usr/bin/sftd_disco.sh"]
@@ -0,0 +1,6 @@
+.PHONY: docker
+
+DOCKER_TAG = wip-2
+
+docker:
+	docker build -t quay.io/wire/sftd_disco:$(DOCKER_TAG) -f Dockerfile ../..
@@ -0,0 +1,5 @@
+# sftd-disco
+
+This DISCOvery docker image/bash script converts the result from an SRV DNS lookup of a kubernetes service to a file which can be served by nginx or similar.
+
+This is useful as a sidecar container to the sftd chart in kubernetes to expose the full list of running sftd servers in cases where sftd runs independently from other backend services. See also [the sftd helm chart](https://github.com/wireapp/wire-server/tree/develop/charts/sftd/)
@@ -0,0 +1,77 @@
+#!/usr/bin/env bash
+
+set -eo pipefail
+exec 2>&1
+
+# Assumes /etc/wire/sftd-disco/ directory exists.
+
+USAGE="example usage: $0 _sft._tcp.wire-server-sftd.wire.svc.cluster.local"
+srv_name=${1?$USAGE}
+
+old="/etc/wire/sftd-disco/sft_servers_all.json"
+new="${old}.new"
+
+function valid_entry() {
+    local line=$1
+    # TODO sanity check that this is real dig output
+    return 0
+}
+
+function valid_url() {
+    local url=$1
+    #TODO basic sanity check
+    return 0
+}
+
+# for a given SRV record
+# 1. lookup the record
+# 2. for each entry: extract host and port and call 'curl host:port/sft/url'
+# 4. save the resulting URLs as a json array to a file
+# this file can then be served from nginx running besides sft
+function upstream() {
+    name=$1
+    port=${2:-'8585'}
+    entries=$(dig +short +retries=3 +search SRV ${name} | sort)
+    unset servers
+    comma=""
+    IFS=$'\n'
+    for entry in ${entries[@]}; do
+        if valid_entry "$entry"; then
+            sft_host_port=$(echo "$entry" | awk '{print $4":"$3}')
+            sft_url=$(curl -s http://$sft_host_port/sft/url | xargs)
+            if valid_url "$sft_url"; then
+                servers+=(${comma}'"'${sft_url}'"')
+                comma=","
+            fi
+        fi
+    done
+    if [ -n "$servers" ]; then
+        echo '{"sft_servers_all": ['${servers[@]}']}' | jq >${new}
+    else
+        printf "" >>${new}
+    fi
+}
+
+function routing_disco() {
+    srv_name=$1
+    ivl=$(echo | awk '{ srand(); printf("%f", 2.5 + rand() * 1.5) }')
+
+    [[ -f $old ]] || touch -d "1970-01-01" $old
+
+    echo "" >${new}
+    upstream "$srv_name"
+
+    diff -q $old $new || {
+        echo upstream change found, replacing $old with $new
+        mv $new $old
+    }
+
+    rm -f $new
+
+    echo done, sleeping $ivl
+    sleep $ivl
+}
+
+while true; do
+    routing_disco $srv_name
+done
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		SFTD chart: provide a /sft_servers_all.json url that can be used by brig to populate /calls/config/v2