n0r1skcom/border-controller
Nginx based ingress border controller with automatic reload based on Docker swam service discovery.
10K+
This is a Nginx based ingress border controller with automatic configuration reload based on Docker swarm DNS service discovery for on-premise, but not limited to, use.
The current problem in the Docker swarm infrastructure is, that the swarm mesh network does currently not support sticky connections. We know, that for example Traefik exists, which covers many if not all problems mentioned here. But currently, Traefik does not support TCP load balancing and you will have services, which are not using the HTTP protocol. Furthermore, there will be setups, where you won't let Traefik communicate with the Docker swarm manager.
Please don't get this wrong, but if Traefik has an error, Traefik can remove all your Docker stacks as it is communicating with the Docker swarm manager. We know, that it is only reading information from the Docker swarm service, but it can also send commands there if someone implements it. In our personal opinion, the Docker swarm DNS based service discovery is very useful to retrieve the backend ip address container information. This is, what our binary does.
Another thing is, that Nginx has a lot of configuration possibilities which you might like to have. Therefore this project is based on the Golang text template system. You can write whatever Nginx config you like and replace the backend information with data from the backends.
This project is far away from being perfect, nor does it reflect perfect written code. It just works and maybe there is someone out there who find it useful. For us it is also nice to have an interface to the PowerDNS API because an automatic registration of the ip address with the DNS server is extram helpful in a large environment where you have to manage more than two or three services. This project is limited to Docker swarm services!
Here is an example configuration.
debug: true
general:
check_intervall: 10
resources:
testcontexta:
context: /context/a
port: 8080
task_dns: tasks.testa.app
testcontextb:
context: /context/b
port: 9090
task_dns: tasks.testb.app
pdns:
api_url: https://your.pdns/api/v1/servers/localhost/zones
api_key: yourapikey
ip_address: 1.1.1.1
domain_prefix: funny
domain_zone: domain.com
If parameter is not provided, default value is set to false.
If parameter is not provided, default value set to 30 secons. Time duration is in seconds.
This configuration section is completely optional.
In the nginx.conf
you can do all configuration which is supported by Nginx. There are no restrictions.
worker_processes auto;
events {}
http {
upstream {{.testcontexta.Upstream}} {
hash $remote_addr;
{{range $index, $entry := .testcontexta.Servers}} server {{$entry.Server}}:{{$entry.Port}};
{{end}}
}
upstream {{.testcontextb.Upstream}} {
hash $remote_addr;
{{range $index, $entry := .testcontexta.Servers}} server {{$entry.Server}}:{{$entry.Port}};
{{end}}
}
server {
listen 80;
location / {
proxy_pass http://{{.testcontexta.Upstream}};
}
}
}
You can find the changelog information here.
1.2
docker pull n0r1skcom/border-controller