Rainbond , as a cloud native application management platform, is born with a distributed gateway rbd-gateway that guides north-south network traffic.Different from the general Ingress configuration, users need to define their own domain name experience. Rainbond's gateway policy can automatically generate a domain name access policy with one click, and users can immediately access the business system deployed on Rainbond through this domain name.This user experience is very friendly in development and testing scenarios. This article explains in detail how this mechanism is implemented. :::
Gateway and Ingress
The Rainbond team developed a high-performance distributed gateway component rbd-gateway, which acts as an Ingress Controller inside the cluster to handle the north-south traffic of the cluster.It supports both L4 and L7 layer protocols, as well as advanced functions such as one-click opening of WebSocket.When using it, a detail function point is very useful, that is, a domain name address that can be accessed can be generated with one click.
The format of this domain name is as follows：
- servicePort: the target port name corresponding to the access policy
- service_alias: the alias of the current service component5
: the alias of the current<servicePort><service_alias><tenant_name>.cn: PAN domain name of the current cluster
In fact, this routing rule is defined by the corresponding ingress and service in Kubernetes.The entire access link can be summarized as the following figure：
Turning on the external service switch is equivalent to automatically generating the following resources：
service_alias : gr49d848
port: 172 cp
ports name 5000
- host: 5000.gr49d848.2c9v614j.17a4cc.grapps.cn
Automatically generate domain names
For most developers, domain names are a scarce resource. How to allocate domain names for their vast Ingress rules is a very troublesome thing.After all, only when you have your own domain name can you completely control the rules of its resolution and avoid endless modifications to the
Most Kubernetes management tools on the market can generate Service and Ingress resources in a semi-automatic way.This semi-automatic method specifically allows the user to input the necessary information on the graphical UI interface, and then the management tool generates the corresponding yaml configuration file and loads it into Kubernetes.But for the configured domain name, few tools can achieve the same experience as Rainbond.
The key to achieving this excellent experience lies in the use of analytic domain names.
The simplest and clearest explanation of the PAN domain name is that any domain name whose：matches the rule
*.mydomain.com can be resolved to the same IP address.In the current usage scenario, we only need to resolve the ubiquitous domain name
*.17a4cc.grapps.cn to the IP address of the server where the rbd-gateway is located, and then we can configure a domain name that conforms to the rules for
Ingress rule at will.
Rainbond combines the
Ingress rule with the pan-analytic domain name at the product design level, and automatically generates a globally unique domain name for each service port.When the cluster is installed, the resolution record is automatically registered with the public network DNS server. After the cluster is installed, all the generated domain names can be resolved by the public network. As long as the PC client can use the public network DNS service, it can be Parse the domain name and access the specified service port.
Rainbond distinguishes different clusters through different third-level domain names (such as
17a4ccin the current scenario).This involves a feature of the pan-analytics domain name. The resolution record of the sub-level domain name has a higher priority than the resolution record of the parent domain name.
// For two-level pan Resolution Domain Name Registration Resolution Record
*.grapps.cn = Resolution Record Registration => 220.127.116.11
*.17a4cc.grapps.cn = Resolution Record Registration => 18.104.22.168
// Client parsing result
abc.grapps.cn = parsing IP address=> 22.214.171.124
abc. def.grapps.cn = resolve IP address => 126.96.36.199
abc.17a4cc.grapps.cn = resolve IP address => 188.8.131.52 // The resolution record of *.17a4cc.grapps.cn is preferred