Merge pull request emissary-ingress#5261 from emissary-ingress/alicew…

…asko/remove-docker-demo

kill docker demo mode

DevDocumentation/ARCHITECTURE.md

@@ -31,7 +31,7 @@ Check [this blog post](https://blog.getambassador.io/building-ambassador-an-open
 At the core of Emissary-ingress is Envoy Proxy which has very extensive configuration and extensions points. Getting this right can be challenging so Emissary-ingress provides Kubernetes Administrators and Developers a cloud-native way to configure Envoy using declarative yaml files. Here are the core components of Emissary-Ingress:
 
 - CRDs - extend K8s to enable Emissary-ingress's abstractions (*generated yaml*)
-- Apiext - A server that implements the Webhook Conversion interface for CRD's (**own container**)  
+- Apiext - A server that implements the Webhook Conversion interface for CRD's (**own container**)
 - Diagd - provides diagnostic ui, translates snapshots/ir into envoy configuration (*in-process*)
 - Ambex - gRPC server implementation of envoy xDS for dynamic envoy configration (*in-process*)
 - Envoy Proxy - Proxy that handles routing all user traffic (*in-process*)
@@ -51,7 +51,7 @@ The build system (`make`) uses [controller-gen](https://book.kubebuilder.io/refe
 
 ### Apiext
 
-Kubernetes provides the ability to have multiple versions of Custom Resources similiar to the core K8s resources but it is only capable of having a single `storage` version that is persisted in `etcd`. Custom Resource Definitions can define a `ConversionWebHook` that Kubernetes will call whenever it receives a version that is not the storage version. 
+Kubernetes provides the ability to have multiple versions of Custom Resources similiar to the core K8s resources but it is only capable of having a single `storage` version that is persisted in `etcd`. Custom Resource Definitions can define a `ConversionWebHook` that Kubernetes will call whenever it receives a version that is not the storage version.
 
 You can check the current storage version by looking at `pkg/getambassador.io/crds.yaml` and searching for the `storage: true` field and seeing which version is the storage version of the custom resource (*at the time of writing this it is `v2`*).
 
@@ -119,7 +119,6 @@ Here is a list of everything managed by the `entrypoint` binary. Each one is ind
 
 | Description                                                               |     Goroutine      |      OS.Exec       |
 | ------------------------------------------------------------------------- | :----------------: | :----------------: |
-| `demomode` (*if enabled*)                                                 | :white_check_mark: |                    |
 | `diagd` - admin ui & config processor                                     |                    | :white_check_mark: |
 | `ambex` - the Envoy ADS Server                                            | :white_check_mark: |                    |
 | `envoy` - proxy routing data                                              |                    | :white_check_mark: |
@@ -164,34 +163,34 @@ Provides two main functions:
 2. Processing Cluster changes into Envoy ready configuration
    1. This process has all the steps i'm outlining below
 
-  - receives "CONFIG" event and pushes on queue
-  - event queue loop listens for commands and pops them off
-  - on CONFIG event it calls back to emissary Snapshot Server to grab current snapshot stored in-memory
-  - It is serialized and stored in `/ambassador/snapshots/snapshot-tmp.yaml`.
-  - A SecretHandler and Config is initialized
-  - A ResourceFetcher (aka, parse the snapshot into an in-memory representation)
-  - Generate IR and envoy configs (load_ir function)
-    - Take each Resource generated in ResourceFetcher and add it to the Config object as strongly typed objects
-    - Store Config Object in `/ambassador/snapshots/aconf-tmp.json`
-    - Check Deltas for Mappings cach and determine if we needs to be reset
-    - Create IR with a Config, Cache, and invalidated items
-      - IR is generated which basically just converts our stuff to strongly typed generic "envoy" items (handling filters, clusters, listeners, removing duplicates, etc...)
-    - IR is updated in-memory for diagd process
-    - IR is persisted to temp storage in `/ambassador/snapshots/ir-tmp.json`
-    - generate envoy config from IR and cache
-    - Split envoy config into bootstrap config, ads_config and clustermap config
-    - Validate econfig
-    - Rotate Snapshots for each of the files `aconf`, `econf`, `ir`, `snapshot` that get persisted in the snapshot path `/ambassador/snapshots`.
-      - Rotating them allows for seeing the history of snapshots up to a limit and then they are dropped
-      - this also renames the `-tmp` files written above into 
-    - Persist bootstrap, envoy ads config and clustermap config to base directory:
-      - `/ambassador/bootstrap-ads.json` # this is used by envoy during startup to initial config itself and let it know about the static ADS Service
-      - `/ambassador/enovy/envoy.json` # this is used in `ambex` to generate the ADS snapshots along with the fastPath items
-      - `/ambassador/clustermap.json` # this might not be used either...
-    - Notify `envoy` and `ambex` that a new snapshot has been persisted using signal SIGHUP
-      - the Goroutine within `entrypoint` that starts up `envoy` is blocking waiting for this signal to start envoy
-      - the `ambex` process continuously listens for this signal and it triggers a configuration update for ambex.
-    - Update the appropriate status fields with metatdata by making calls to the `kubestatus` binary found in `cmd/kubestatus` which handles the communication to the cluster
+- receives "CONFIG" event and pushes on queue
+- event queue loop listens for commands and pops them off
+- on CONFIG event it calls back to emissary Snapshot Server to grab current snapshot stored in-memory
+- It is serialized and stored in `/ambassador/snapshots/snapshot-tmp.yaml`.
+- A SecretHandler and Config is initialized
+- A ResourceFetcher (aka, parse the snapshot into an in-memory representation)
+- Generate IR and envoy configs (load_ir function)
+  - Take each Resource generated in ResourceFetcher and add it to the Config object as strongly typed objects
+  - Store Config Object in `/ambassador/snapshots/aconf-tmp.json`
+  - Check Deltas for Mappings cach and determine if we needs to be reset
+  - Create IR with a Config, Cache, and invalidated items
+    - IR is generated which basically just converts our stuff to strongly typed generic "envoy" items (handling filters, clusters, listeners, removing duplicates, etc...)
+  - IR is updated in-memory for diagd process
+  - IR is persisted to temp storage in `/ambassador/snapshots/ir-tmp.json`
+  - generate envoy config from IR and cache
+  - Split envoy config into bootstrap config, ads_config and clustermap config
+  - Validate econfig
+  - Rotate Snapshots for each of the files `aconf`, `econf`, `ir`, `snapshot` that get persisted in the snapshot path `/ambassador/snapshots`.
+    - Rotating them allows for seeing the history of snapshots up to a limit and then they are dropped
+    - this also renames the `-tmp` files written above into
+  - Persist bootstrap, envoy ads config and clustermap config to base directory:
+    - `/ambassador/bootstrap-ads.json` # this is used by envoy during startup to initial config itself and let it know about the static ADS Service
+    - `/ambassador/enovy/envoy.json` # this is used in `ambex` to generate the ADS snapshots along with the fastPath items
+    - `/ambassador/clustermap.json` # this might not be used either...
+  - Notify `envoy` and `ambex` that a new snapshot has been persisted using signal SIGHUP
+    - the Goroutine within `entrypoint` that starts up `envoy` is blocking waiting for this signal to start envoy
+    - the `ambex` process continuously listens for this signal and it triggers a configuration update for ambex.
+  - Update the appropriate status fields with metatdata by making calls to the `kubestatus` binary found in `cmd/kubestatus` which handles the communication to the cluster
 
 ## Ambex
 
@@ -206,6 +205,7 @@ This is the gRPC server implementation of the envoy xDS v2 and v3 api's based on
 We maintain our own [fork](https://github.com/datawire/envoy) of Envoy that includes some additional commits for implementing some features in Emissary-Ingress.
 
 Envoy does all the heavy-lifting
+
 - does all routing, filtering, TLS termination, metrics collection, tracing, etc...
 - It is bootstraps from the output of diagd
 - It is dynamically updated using the xDS services and specifically the ADS service

DevDocumentation/DEVELOPING.md

@@ -538,7 +538,7 @@ If you do not have envoy in your path already, the entrypoint will use
 docker to run it. At the moment this is untested for macs which probably
 means it is broken since localhost communication does not work by
 default on macs. This can be made to work as soon an intrepid volunteer
-with a mac reaches out to me ([email protected]).
+with a mac reaches out to me (<[email protected]>).
 
 #### Shutting up the pod labels error
 
@@ -648,7 +648,7 @@ that Ambassador works with as JSON.  It works from an input which can
 be either a single file or a directory full of files in the following
 formats:
 
-- raw Ambassador resources like you'll find in the `demo/config` directory; or
+- raw Ambassador resources; or
 - an annotated Kubernetes resources like you'll find in `/tmp/k8s-AmbassadorTest.yaml` after running `make test`; or
 - a `watt` snapshot like you'll find in the `$AMBASSADOR_CONFIG_BASE_DIR/snapshots/snapshot.yaml` (which is a JSON file, I know, it's misnamed).
 

build-aux/Dockerfile

@@ -110,7 +110,6 @@ RUN mkdir -p /ambassador/sidecars && \
     ln -s /buildroot/ambassador/python/kubewatch.py /ambassador/kubewatch.py
 
 # These will be extracted into the optimized image later
-ADD demo demo
 ADD manifests/emissary/emissary-crds.yaml.in manifests/emissary/emissary-crds.yaml
 
 ########################################
@@ -155,12 +154,8 @@ RUN cd /buildroot/ambassador/python && python setup.py install
 RUN python -m pip uninstall -y pip
 RUN find / \( -iname '*sqlite*' -o -iname '*gdbm*' -o -iname '*smtplib*' -o -iname '*piptools*' -o -iname '*pip_tools*' -o -iname '*ensurepip*' \) -exec rm -rf -- '{}' \+
 
-# Configuration, Docker demo stuff, the AES WebUI. The /ambassador bit changes
-# in post-install so it's always stale. But it's pretty small, so it's not too
-# bad to re-push every time.
+# Configuration
 COPY --from=artifacts /ambassador /ambassador
-COPY --from=artifacts /buildroot/ambassador/demo/config /ambassador/ambassador-demo-config
-COPY --from=artifacts /buildroot/ambassador/demo/services /ambassador/demo-services
 
 # Fix permissions to allow correctly running as a non root user
 # XXX: We could combine everything into one tree in the builder, fix permissions

cmd/entrypoint/entrypoint.go

@@ -95,16 +95,6 @@ func Main(ctx context.Context, Version string, args ...string) error {
 	os.Unsetenv("AGENT_SERVICE")
 	dlog.Infof(ctx, "Started Ambassador (Version %s)", Version)
 
-	demoMode := false
-
-	// XXX Yes, this is a disgusting hack. We can switch to a legit argument
-	// parser later, when we have a second argument.
-	if (len(args) == 1) && (args[0] == "--demo") {
-		// Demo mode!
-		dlog.Infof(ctx, "DEMO MODE")
-		demoMode = true
-	}
-
 	clusterID := GetClusterID(ctx)
 	os.Setenv("AMBASSADOR_CLUSTER_ID", clusterID)
 	dlog.Infof(ctx, "AMBASSADOR_CLUSTER_ID=%s", clusterID)
@@ -142,15 +132,8 @@ func Main(ctx context.Context, Version string, args ...string) error {
 		HardShutdownTimeout:  10 * time.Second,
 	})
 
-	// Demo mode: start the demo services. Starting the demo stuff first is
-	// kind of important: it's nice to give them a chance to start running before
-	// Ambassador really gets running.
-	if demoMode {
-		bootDemoMode(ctx, group, ambwatch)
-	}
-
 	group.Go("diagd", func(ctx context.Context) error {
-		cmd := subcommand(ctx, "diagd", GetDiagdArgs(ctx, demoMode)...)
+		cmd := subcommand(ctx, "diagd", GetDiagdArgs(ctx)...)
 		if envbool("DEV_SHUTUP_DIAGD") {
 			cmd.Stdout = nil
 			cmd.Stderr = nil
@@ -186,13 +169,11 @@ func Main(ctx context.Context, Version string, args ...string) error {
 		})
 	}
 
-	if !demoMode {
-		group.Go("watcher", func(ctx context.Context) error {
-			// We need to pass the AmbassadorWatcher to this (Kubernetes/Consul) watcher, so
-			// that it can tell the AmbassadorWatcher when snapshots are posted.
-			return WatchAllTheThings(ctx, ambwatch, snapshot, fastpathCh, clusterID, Version)
-		})
-	}
+	group.Go("watcher", func(ctx context.Context) error {
+		// We need to pass the AmbassadorWatcher to this (Kubernetes/Consul) watcher, so
+		// that it can tell the AmbassadorWatcher when snapshots are posted.
+		return WatchAllTheThings(ctx, ambwatch, snapshot, fastpathCh, clusterID, Version)
+	})
 
 	// Finally, fire up the health check handler.
 	group.Go("healthchecks", func(ctx context.Context) error {

cmd/entrypoint/env.go

@@ -75,24 +75,6 @@ func GetAppDir() string {
 	return env("APPDIR", GetAmbassadorRoot())
 }
 
-// GetConfigDir returns the path to the directory we should check for
-// filesystem config.
-func GetConfigDir(demoMode bool) string {
-	// XXX There was no way to override the config dir via the environment in
-	// entrypoint.sh.
-	configDir := env("AMBASSADOR_CONFIG_DIR", path.Join(GetAmbassadorConfigBaseDir(), "ambassador-config"))
-
-	if demoMode {
-		// There is _intentionally_ no way to override the demo-mode config directory,
-		// and it is _intentionally_ based on the root directory rather than on
-		// AMBASSADOR_CONFIG_BASE_DIR: it's baked into a specific location during
-		// the build process.
-		configDir = path.Join(GetAmbassadorRoot(), "ambassador-demo-config")
-	}
-
-	return configDir
-}
-
 // ConfigIsPresent checks to see if any configuration is actually present
 // in the given configdir.
 func ConfigIsPresent(ctx context.Context, configDir string) bool {
@@ -191,7 +173,7 @@ func IsEnvoyAvailable() bool {
 	return err == nil
 }
 
-func GetDiagdFlags(ctx context.Context, demoMode bool) []string {
+func GetDiagdFlags(ctx context.Context) []string {
 	result := []string{"--notices", path.Join(GetAmbassadorConfigBaseDir(), "notices.json")}
 
 	if isDebug("diagd") {
@@ -206,7 +188,7 @@ func GetDiagdFlags(ctx context.Context, demoMode bool) []string {
 	// XXX: this was not in entrypoint.sh
 	result = append(result, "--port", GetDiagdBindPort())
 
-	cdir := GetConfigDir(demoMode)
+	cdir := env("AMBASSADOR_CONFIG_DIR", path.Join(GetAmbassadorConfigBaseDir(), "ambassador-config"))
 
 	if (cdir != "") && ConfigIsPresent(ctx, cdir) {
 		result = append(result, "--config-path", cdir)
@@ -225,14 +207,14 @@ func GetDiagdFlags(ctx context.Context, demoMode bool) []string {
 	return result
 }
 
-func GetDiagdArgs(ctx context.Context, demoMode bool) []string {
+func GetDiagdArgs(ctx context.Context) []string {
 	return append(
 		[]string{
 			GetSnapshotDir(),
 			GetEnvoyBootstrapFile(),
 			GetEnvoyConfigFile(),
 		},
-		GetDiagdFlags(ctx, demoMode)...,
+		GetDiagdFlags(ctx)...,
 	)
 }