docs: update config deployment
This commit is contained in:
Jonas Kaninda
@@ -58,7 +58,6 @@ It's designed to be straightforward and efficient, offering features, like:
|
|||||||
- Limit HTTP methods allowed for a particular route.
|
- Limit HTTP methods allowed for a particular route.
|
||||||
|
|
||||||
### Todo:
|
### Todo:
|
||||||
- [ ] Load Balancing Healthcheck, disable unavailable servers
|
|
||||||
- [ ] Blocklist IP address middleware
|
- [ ] Blocklist IP address middleware
|
||||||
- [ ] Distributed Rate Limiting for In-Memory client IP based across multiple instances using Redis
|
- [ ] Distributed Rate Limiting for In-Memory client IP based across multiple instances using Redis
|
||||||
|
|
||||||
|
|||||||
@@ -33,7 +33,7 @@ metadata:
|
|||||||
data:
|
data:
|
||||||
goma.yml: |
|
goma.yml: |
|
||||||
# Goma Gateway configurations
|
# Goma Gateway configurations
|
||||||
version: 0.1.7
|
version: 1.0
|
||||||
gateway:
|
gateway:
|
||||||
# Proxy write timeout
|
# Proxy write timeout
|
||||||
writeTimeout: 15
|
writeTimeout: 15
|
||||||
@@ -47,6 +47,7 @@ data:
|
|||||||
sslKeyFile: ''#key.pem
|
sslKeyFile: ''#key.pem
|
||||||
# Proxy rate limit, it's In-Memory IP based
|
# Proxy rate limit, it's In-Memory IP based
|
||||||
rateLimit: 0
|
rateLimit: 0
|
||||||
|
logLevel: info # debug, trace, off
|
||||||
accessLog: "/dev/Stdout"
|
accessLog: "/dev/Stdout"
|
||||||
errorLog: "/dev/stderr"
|
errorLog: "/dev/stderr"
|
||||||
## Enable, disable routes health check
|
## Enable, disable routes health check
|
||||||
@@ -78,10 +79,10 @@ data:
|
|||||||
##### Define routes
|
##### Define routes
|
||||||
routes:
|
routes:
|
||||||
# Example of a route | 1
|
# Example of a route | 1
|
||||||
- name: Public # Name is optional
|
- path: /
|
||||||
|
name: Public # Name is optional
|
||||||
# host Domain/host based request routing
|
# host Domain/host based request routing
|
||||||
host: "" # Host is optional
|
hosts: [] # Hosts are optional
|
||||||
path: /public
|
|
||||||
## Rewrite a request path
|
## Rewrite a request path
|
||||||
# e.g rewrite: /store to /
|
# e.g rewrite: /store to /
|
||||||
rewrite: /
|
rewrite: /
|
||||||
@@ -92,8 +93,6 @@ data:
|
|||||||
# [X-Forwarded-Host, X-Forwarded-For, Host, Scheme ]
|
# [X-Forwarded-Host, X-Forwarded-For, Host, Scheme ]
|
||||||
# It will not match the backend route, by default, it's disabled
|
# It will not match the backend route, by default, it's disabled
|
||||||
disableHeaderXForward: false
|
disableHeaderXForward: false
|
||||||
# Internal health check
|
|
||||||
healthCheck: '' #/internal/health/ready
|
|
||||||
# Route Cors, global cors will be overridden by route
|
# Route Cors, global cors will be overridden by route
|
||||||
cors:
|
cors:
|
||||||
# Route Origins Cors, route will override global cors origins
|
# Route Origins Cors, route will override global cors origins
|
||||||
@@ -113,17 +112,27 @@ data:
|
|||||||
middlewares:
|
middlewares:
|
||||||
- api-forbidden-paths
|
- api-forbidden-paths
|
||||||
# Example of a route | 2
|
# Example of a route | 2
|
||||||
- name: Basic auth
|
- path: /protected
|
||||||
path: /protected
|
name: Basic auth
|
||||||
rewrite: /
|
rewrite: /
|
||||||
destination: https://example.com
|
destination: ''
|
||||||
methods: []
|
backends:
|
||||||
|
- https://example.com
|
||||||
|
- https://example2.com
|
||||||
|
methods:
|
||||||
|
- GET
|
||||||
|
# Route healthcheck
|
||||||
healthCheck:
|
healthCheck:
|
||||||
|
path: /health/live
|
||||||
|
interval: 30s
|
||||||
|
timeout: 10s
|
||||||
|
healthyStatuses:
|
||||||
|
- 200
|
||||||
|
- 404
|
||||||
cors: {}
|
cors: {}
|
||||||
middlewares:
|
middlewares:
|
||||||
- api-forbidden-paths
|
- api-forbidden-paths
|
||||||
- basic-auth
|
- basic-auth
|
||||||
|
|
||||||
#Defines proxy middlewares
|
#Defines proxy middlewares
|
||||||
# middleware name must be unique
|
# middleware name must be unique
|
||||||
middlewares:
|
middlewares:
|
||||||
@@ -176,6 +185,46 @@ data:
|
|||||||
- /api-docs/*
|
- /api-docs/*
|
||||||
- /internal/*
|
- /internal/*
|
||||||
- /actuator/*
|
- /actuator/*
|
||||||
|
- name: oauth-google
|
||||||
|
type: oauth
|
||||||
|
paths:
|
||||||
|
- /protected
|
||||||
|
- /example-of-oauth
|
||||||
|
rule:
|
||||||
|
clientId: xxx
|
||||||
|
clientSecret: xxx
|
||||||
|
provider: google
|
||||||
|
endpoint:
|
||||||
|
userInfoUrl: ""
|
||||||
|
redirectUrl: http://localhost:8080/callback
|
||||||
|
redirectPath: ""
|
||||||
|
cookiePath: ""
|
||||||
|
scopes:
|
||||||
|
- https://www.googleapis.com/auth/userinfo.email
|
||||||
|
- https://www.googleapis.com/auth/userinfo.profile
|
||||||
|
state: randomStateString
|
||||||
|
jwtSecret: your-strong-jwt-secret | It's optional
|
||||||
|
- name: oauth-authentik
|
||||||
|
type: oauth
|
||||||
|
paths:
|
||||||
|
- /protected
|
||||||
|
- /example-of-oauth
|
||||||
|
rule:
|
||||||
|
clientId: xxx
|
||||||
|
clientSecret: xxx
|
||||||
|
provider: custom
|
||||||
|
endpoint:
|
||||||
|
authUrl: https://authentik.example.com/application/o/authorize/
|
||||||
|
tokenUrl: https://authentik.example.com/application/o/token/
|
||||||
|
userInfoUrl: https://authentik.example.com/application/o/userinfo/
|
||||||
|
redirectUrl: http://localhost:8080/callback
|
||||||
|
redirectPath: ""
|
||||||
|
cookiePath: ""
|
||||||
|
scopes:
|
||||||
|
- email
|
||||||
|
- openid
|
||||||
|
state: randomStateString
|
||||||
|
jwtSecret: your-strong-jwt-secret | It's optional
|
||||||
```
|
```
|
||||||
## 3. Create Kubernetes deployment
|
## 3. Create Kubernetes deployment
|
||||||
|
|
||||||
|
|||||||
@@ -20,8 +20,8 @@ gateway:
|
|||||||
methods: []
|
methods: []
|
||||||
healthCheck:
|
healthCheck:
|
||||||
path: "/health/live"
|
path: "/health/live"
|
||||||
interval: 30 # in Seconds
|
interval: 30s
|
||||||
timeout: 10 # in Seconds
|
timeout: 10s
|
||||||
healthyStatuses: [200,404] # Healthy statuses
|
healthyStatuses: [200,404] # Healthy statuses
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|||||||
@@ -8,7 +8,9 @@ nav_order: 4
|
|||||||
|
|
||||||
# Load Balancing
|
# Load Balancing
|
||||||
|
|
||||||
Goma Gateway supports rund robim load blancing
|
Goma Gateway supports round-robin algorithm load balancing.
|
||||||
|
|
||||||
|
It comes with an integrated load balancing backends healthcheck.
|
||||||
|
|
||||||
```yaml
|
```yaml
|
||||||
version: 1.0
|
version: 1.0
|
||||||
@@ -23,8 +25,8 @@ gateway:
|
|||||||
methods: []
|
methods: []
|
||||||
healthCheck:
|
healthCheck:
|
||||||
path: "/"
|
path: "/"
|
||||||
interval: 0
|
interval: 30s
|
||||||
timeout: 0
|
timeout: 10s
|
||||||
healthyStatuses: [200,404]
|
healthyStatuses: [200,404]
|
||||||
## destination: will be override by backends
|
## destination: will be override by backends
|
||||||
destination: ""
|
destination: ""
|
||||||
|
|||||||
@@ -28,3 +28,7 @@ GOMA_LOG_LEVEL=trace
|
|||||||
### When using a configuration file
|
### When using a configuration file
|
||||||
|
|
||||||
Edit the Goma settings and set `logLevel: trace`.
|
Edit the Goma settings and set `logLevel: trace`.
|
||||||
|
|
||||||
|
### Disable logging
|
||||||
|
|
||||||
|
To disable logs, you need to set `logLevel: off`, it will turn off logs
|
||||||
@@ -96,8 +96,8 @@ data:
|
|||||||
# Route healthcheck
|
# Route healthcheck
|
||||||
healthCheck:
|
healthCheck:
|
||||||
path: /health/live
|
path: /health/live
|
||||||
interval: 30
|
interval: 30s
|
||||||
timeout: 10
|
timeout: 10s
|
||||||
healthyStatuses:
|
healthyStatuses:
|
||||||
- 200
|
- 200
|
||||||
- 404
|
- 404
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ gateway:
|
|||||||
sslKeyFile: ''#key.pem
|
sslKeyFile: ''#key.pem
|
||||||
# Proxy rate limit, it's In-Memory IP based
|
# Proxy rate limit, it's In-Memory IP based
|
||||||
rateLimit: 0
|
rateLimit: 0
|
||||||
logLevel: info # debug, trace
|
logLevel: info # debug, trace, off
|
||||||
accessLog: "/dev/Stdout"
|
accessLog: "/dev/Stdout"
|
||||||
errorLog: "/dev/stderr"
|
errorLog: "/dev/stderr"
|
||||||
## Enable, disable routes health check
|
## Enable, disable routes health check
|
||||||
|
|||||||
Reference in New Issue
Block a user