Skip to content

Commit

Permalink
Merge branch 'master' into my_branch
Browse files Browse the repository at this point in the history
  • Loading branch information
@stone4774
stone4774 authored May 7, 2020
2 parents e0580aa + 0068f28 commit 4cc6c9d
Show file tree
Hide file tree
Showing 11 changed files with 704 additions and 46 deletions.
97 changes: 53 additions & 44 deletions apisix/plugins/cors.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,30 @@ local _M = {
schema = schema,
}

local function create_mutiple_origin_cache(conf)
if not str_find(conf.allow_origins, ",", 1, true) then
return nil
end
local origin_cache = {}
local iterator, err = re_gmatch(conf.allow_origins, "([^,]+)", "jiox")
if not iterator then
core.log.error("match origins failed: ", err)
return nil
end
while true do
local origin, err = iterator()
if err then
core.log.error("iterate origins failed: ", err)
return nil
end
if not origin then
break
end
origin_cache[origin[0]] = true
end
return origin_cache
end

function _M.check_schema(conf)
local ok, err = core.schema.check(schema, conf)
if not ok then
Expand All @@ -85,63 +109,48 @@ function _M.check_schema(conf)
return true
end

function _M.access(conf, ctx)
local function set_cors_headers(conf, ctx)
local allow_methods = conf.allow_methods
if allow_methods == "**" then
allow_methods = "GET,POST,PUT,DELETE,PATCH,HEAD,OPTIONS,CONNECT,TRACE"
end

ngx.header["Access-Control-Allow-Origin"] = ctx.cors_allow_origins
ngx.header["Access-Control-Allow-Methods"] = allow_methods
ngx.header["Access-Control-Allow-Headers"] = conf.allow_headers
ngx.header["Access-Control-Max-Age"] = conf.max_age
if conf.allow_credential then
ngx.header["Access-Control-Allow-Credentials"] = true
end
ngx.header["Access-Control-Expose-Headers"] = conf.expose_headers
end

function _M.rewrite(conf, ctx)
local allow_origins = conf.allow_origins
local req_origin = core.request.header(ctx, "Origin")
if allow_origins == "**" then
allow_origins = ngx.var.http_origin or '*'
allow_origins = req_origin or '*'
end
local multiple_origin, err = core.lrucache.plugin_ctx(plugin_name, ctx,
create_mutiple_origin_cache, conf)
if err then
return 500, {message = "get mutiple origin cache failed: " .. err}
end
if str_find(allow_origins, ",", 1, true) then
local finded = false
local iterator, err = re_gmatch(allow_origins, "([^,]+)", "jiox")
if not iterator then
return 500, {message = "match origins failed", error = err}
end
while true do
local origin, err = iterator()
if err then
return 500, {message = "iterate origins failed", error = err}
end
if not origin then
break
end

if origin[0] == ngx.var.http_origin then
allow_origins = origin[0]
finded = true
break
end
end
if not finded then
if multiple_origin then
if multiple_origin[req_origin] then
allow_origins = req_origin
else
return
end
end

ctx.cors_allow_origins = allow_origins
set_cors_headers(conf, ctx)

if ctx.var.request_method == "OPTIONS" then
return 200
end
end

function _M.header_filter(conf, ctx)
if not ctx.cors_allow_origins then
-- no origin matched, don't add headers
return
end

local allow_methods = conf.allow_methods
if allow_methods == "**" then
allow_methods = "GET,POST,PUT,DELETE,PATCH,HEAD,OPTIONS,CONNECT,TRACE"
end

ngx.header["Access-Control-Allow-Origin"] = ctx.cors_allow_origins
ngx.header["Access-Control-Allow-Methods"] = allow_methods
ngx.header["Access-Control-Allow-Headers"] = conf.allow_headers
ngx.header["Access-Control-Expose-Headers"] = conf.expose_headers
ngx.header["Access-Control-Max-Age"] = conf.max_age
if conf.allow_credential then
ngx.header["Access-Control-Allow-Credentials"] = true
end
end

return _M
104 changes: 104 additions & 0 deletions apisix/plugins/syslog.lua
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
--
-- Licensed to the Apache Software Foundation (ASF) under one or more
-- contributor license agreements. See the NOTICE file distributed with
-- this work for additional information regarding copyright ownership.
-- The ASF licenses this file to You under the Apache License, Version 2.0
-- (the "License"); you may not use this file except in compliance with
-- the License. You may obtain a copy of the License at
--
-- http://www.apache.org/licenses/LICENSE-2.0
--
-- Unless required by applicable law or agreed to in writing, software
-- distributed under the License is distributed on an "AS IS" BASIS,
-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-- See the License for the specific language governing permissions and
-- limitations under the License.
--
local core = require("apisix.core")
local log_util = require("apisix.utils.log-util")
local logger_socket = require("resty.logger.socket")
local plugin_name = "syslog"
local ngx = ngx

local schema = {
type = "object",
properties = {
host = {type = "string"},
port = {type = "integer"},
flush_limit = {type = "integer", minimum = 1, default = 4096},
drop_limit = {type = "integer", default = 1048576},
timeout = {type = "integer", minimum = 1, default = 3},
sock_type = {type = "string", default = "tcp"},
max_retry_times = {type = "integer", minimum = 1, default = 3},
retry_interval = {type = "integer", minimum = 10, default = 100},
pool_size = {type = "integer", minimum = 5, default = 5},
tls = {type = "boolean", default = false},
},
required = {"host", "port"}
}

local lrucache = core.lrucache.new({
ttl = 300, count = 512
})

local _M = {
version = 0.1,
priority = 401,
name = plugin_name,
schema = schema,
}

function _M.check_schema(conf)
return core.schema.check(schema, conf)
end

function _M.flush_syslog(logger)
local ok, err = logger:flush(logger)
if not ok then
core.log.error("failed to flush message:", err)
end
end

-- log phase in APISIX
function _M.log(conf)
local entry = log_util.get_full_log(ngx)

if not entry.route_id then
core.log.error("failed to obtain the route id for sys logger")
return
end

-- fetch api_ctx
local api_ctx = ngx.ctx.api_ctx
if not api_ctx then
core.log.error("invalid api_ctx cannot proceed with sys logger plugin")
return core.response.exit(500)
end

-- fetch it from lrucache
local logger, err = lrucache(api_ctx.conf_type .. "#" .. api_ctx.conf_id, api_ctx.conf_version,
logger_socket.new, logger_socket, {
host = conf.host,
port = conf.port,
flush_limit = conf.flush_limit,
drop_limit = conf.drop_limit,
timeout = conf.timeout,
sock_type = conf.sock_type,
max_retry_times = conf.max_retry_times,
retry_interval = conf.retry_interval,
pool_size = conf.pool_size,
tls = conf.tls,
})

if not logger then
core.log.error("failed when initiating the sys logger processor", err)
end

-- reuse the logger object
local ok, err = logger:log(core.json.encode(entry))
if not ok then
core.log.error("failed to log message", err)
end
end

return _M
1 change: 1 addition & 0 deletions conf/config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@ plugins: # plugin list
- kafka-logger
- cors
- consumer-restriction
- syslog
- batch-requests
stream_plugins:
- mqtt-proxy
2 changes: 1 addition & 1 deletion dashboard
Submodule dashboard updated from cfb3ee to 329b09
105 changes: 105 additions & 0 deletions doc/plugins/syslog-cn.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
<!--
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
-->

# 摘要
- [**定义**](#name)
- [**属性列表**](#attributes)
- [**如何开启**](#how-to-enable)
- [**测试插件**](#test-plugin)
- [**禁用插件**](#disable-plugin)


## 定义

`sys` 是一个将Log data请求推送到Syslog的插件。

这将提供将Log数据请求作为JSON对象发送的功能。

## 属性列表

|属性名称 |必选项 |描述|
|--------- |-------- |-----------|
|host |必要的 |IP地址或主机名。|
|port |必要的 |目标上游端口。|
|timeout |可选的 |上游发送数据超时。|
|tls |可选的 |布尔值,用于控制是否执行SSL验证。|
|flush_limit |可选的 |如果缓冲的消息的大小加上当前消息的大小达到(> =)此限制(以字节为单位),则缓冲的日志消息将被写入日志服务器。默认为4096(4KB)。|
|drop_limit |可选的 |如果缓冲的消息的大小加上当前消息的大小大于此限制(以字节为单位),则由于缓冲区大小有限,当前的日志消息将被丢弃。默认drop_limit为1048576(1MB)。|
|sock_type|可选的 |用于传输层的IP协议类型。可以是“ tcp”或“ udp”。默认值为“ tcp”。|
|max_retry_times|可选的 |连接到日志服务器失败或将日志消息发送到日志服务器失败后的最大重试次数。|
|retry_interval|可选的 |重试连接到日志服务器或重试向日志服务器发送日志消息之前的时间延迟(以毫秒为单位),默认为100(0.1s)。|
|pool_size |可选的 |sock:keepalive使用的Keepalive池大小。默认为10。|

## 如何开启

1. 下面例子展示了如何为指定路由开启 `sys-logger` 插件的。

```shell
curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"username": "foo",
"plugins": {
"plugins": {
"syslog": {
"host" : "127.0.0.1",
"port" : 5044,
"flush_limit" : 1
}
},
"upstream": {
"type": "roundrobin",
"nodes": {
"127.0.0.1:1980": 1
}
},
"uri": "/hello"
}
}'
```

## 测试插件

* 成功的情况:

```shell
$ curl -i http://127.0.0.1:9080/hello
HTTP/1.1 200 OK
...
hello, world
```

## 禁用插件


想要禁用“sys-logger”插件,是非常简单的,将对应的插件配置从json配置删除,就会立即生效,不需要重新启动服务:

```shell
$ curl http://127.0.0.1:2379/apisix/admin/routes/1 -X PUT -d value='
{
"methods": ["GET"],
"uri": "/hello",
"plugins": {},
"upstream": {
"type": "roundrobin",
"nodes": {
"127.0.0.1:1980": 1
}
}
}'
```
Loading

0 comments on commit 4cc6c9d

Please sign in to comment.