Fix for wildcard routes taking precedence over other routes #19076
Conversation
openshift-ci-robot
added
the
size/XS
jmprusi
changed the title
|
/retest |
|
@openshift/networking PTAL |
images/router/haproxy/reload-haproxy
Outdated
| for mapfile in "$haproxy_conf_dir"/*.map; do | ||
| sort -r "$mapfile" -o "$mapfile" | ||
| grep -v -F '^[^\.]*\' "$mapfile" | sort -r -o /tmp/"$mapfile" | ||
| grep -F '^[^\.]*\' "$mapfile" >> /tmp/"$mapfile" |
There was a problem hiding this comment.
Sort it as well ala:
grep -F '^[^\.]*\' "$mapfile" | sort -r >> "/tmp/$mapfile"
images/router/haproxy/reload-haproxy
Outdated
| grep -v -F '^[^\.]*\' "$mapfile" | sort -r -o /tmp/"$mapfile" | ||
| grep -F '^[^\.]*\' "$mapfile" >> /tmp/"$mapfile" | ||
| cp /tmp/"$mapfile" "$haproxy_conf_dir"/"$mapfile" | ||
| rm /tmp/"$mapfile" |
There was a problem hiding this comment.
Could use: mv -f "/tmp/$mapfile" "$haproxy_conf_dir/$mapfile" to collapse the 2 commands.
To avoid having wildcard routes (type: Subdomain) override other routes, we first sort the non-wildcard routes and then we append the wildcard routes at the end of the file.
openshift-ci-robot
added
lgtm
|
/approve |
|
/retest |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jmprusi, knobunc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
This is reporting errors when I look at the logs: It looks like this has a break in it, I'm going to revert until we know for sure what is wrong. |
|
Why is this sorting being done in the reload function and not in where we generate the map files in the first place? |
|
So its failing because the file name is fully qualified -- needs a and do the same for all the other references. As re: the sorting @smarterclayton think that was just done from the start as we needed to reverse sort it for the longest path match on routes. This is so we match on the longest path first. |
|
Doing it in bash is very ugly. It is also coupling the generation logic to
the reload logic.
On Mar 30, 2018, at 12:25 AM, Ram Ranganathan <[email protected]> wrote:
So its failing because the file name is fully qualified -- needs a basename
$mapfile for the name in the temp directory (the temp file created for
this). Doh, I completed missed that.
So changes needed ala:
fname=$(basename "$mapfile") grep -v -F '^[^\.]*\' "$mapfile" | sort -r -o
"/tmp/$fname"
`
and do the same for all the other references.
@jmprusi <https://github.com/jmprusi> fyi ↑
As re: the sorting @smarterclayton <https://github.com/smarterclayton>
think that was just done from the start as we needed to reverse sort it for
the longest path match on routes. This is so we match on the longest path
first.
We could well sort in the template but it would still need like a two step
process to do and would be further complicated with this case of doing like
a regular route and then a wildcard sort.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#19076 (comment)>,
or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ABG_p9t7Iu0D73xsrUSEdaffU-0IgbUmks5tjbOwgaJpZM4S4wrq>
.
|
|
@smarterclayton well the template router is "sorta" (qualified) agnostic to the type of proxy underneath it. Could well do it in go code via something like a pre-processor run before the reload script is called (in the router/template code) but it would still have to be haproxy specific. |
|
It sounds like a new helper. The router is agnostic but our helpers aren’t
always.
On Mar 30, 2018, at 3:17 PM, Ram Ranganathan <[email protected]> wrote:
@smarterclayton <https://github.com/smarterclayton> well the template
router is "sorta" (qualified) agnostic to the type of proxy underneath it.
Could well do it in go code via something like a pre-processor run before
the reload script is called (in the router/template code) but it would
still have to be haproxy specific.
We also don't pass the router type to the infra command which we'd need
since we now would have to set up the pre-processor for a haproxy specific
router type, so it means some migration for existing router deployments.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#19076 (comment)>,
or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ABG_p0izCsWcajhYHJWNq-5Zd2-wu1foks5tjoTmgaJpZM4S4wrq>
.
|
|
@smarterclayton @ramr should I open a new PR with the proper fixes (sorry) ? Created a new PR with the required fixes: |
|
@jmprusi Sorry for the delayed response - was traveling. So what @smarterclayton mentioned was using a new helper to do the sort. I'll work on this later this week. |
|
Yeah I would really prefer that biz logic that is required for the template
like a sort be a helper rather than bash inside of the reload script.
…On Mon, Apr 2, 2018 at 2:55 PM, Ram Ranganathan ***@***.***> wrote:
@jmprusi <https://github.com/jmprusi> Sorry for the delayed response -
was traveling. So what @smarterclayton <https://github.com/smarterclayton>
mentioned was using a new helper to do the sort. I'll work on this later
this week.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#19076 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABG_p2GykrWiqCtnQwaSvunynvR90o_Kks5tknQzgaJpZM4S4wrq>
.
|
…ldcard routes don't take precedence over routes that start with a number. Based on discussions in PR openshift#19076 to fix issue openshift#16724
…ldcard routes don't take precedence over routes that start with a number. Based on discussions in PR openshift#19076 to fix issue openshift#16724
…ldcard routes don't take precedence over routes that start with a number. Make the template processing follow a particular order (based on file name), so that we can use temporary files to write map data and subsequently sort into the actual config map file. Fixup helper to also sort cert_config but non-grouped to keep existing behavior (backward compatibility). Based on discussions in PR openshift#19076 to fix issue openshift#16724
…ldcard routes don't take precedence over routes that start with a number. Make the template processing follow a particular order (based on file name), so that we can use temporary files to write map data and subsequently sort into the actual config map file. Fixup helper to also sort cert_config but non-grouped to keep existing behavior (backward compatibility). Based on discussions in PR openshift#19076 to fix issue openshift#16724
To avoid wildcard routes (type: Subdomain) overriding other routes that start with a number,
we first sort the non-wildcard routes and then we append the wildcard routes at the end of the file.
Related: #16724