feat: Separate networks per proxy (#82)

gonzalezzfelipe · web-flow · commit e286a6762fbc · 2025-05-15T11:56:22.000-03:00
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/bootstrap/main.tf b/bootstrap/main.tf
@@ -26,9 +26,12 @@ module "ogmios_v1_feature" {
   resources          = var.operator_resources
 }
 
-module "ogmios_v1_proxy" {
-  depends_on        = [kubernetes_namespace.namespace]
-  source            = "./proxy"
+module "ogmios_v1_proxies_blue" {
+  depends_on = [kubernetes_namespace.namespace]
+  source     = "./proxy"
+  for_each   = { for network in var.networks : "${network}" => network }
+
+  network           = each.network
   cloud_provider    = var.cloud_provider
   cluster_issuer    = var.cluster_issuer
   dns_zone          = var.dns_zone
@@ -37,14 +40,16 @@ module "ogmios_v1_proxy" {
   extra_annotations = var.proxy_blue_extra_annotations
   name              = var.proxy_blue_name
   namespace         = var.namespace
-  networks          = var.networks
   proxy_image_tag   = var.proxy_blue_image_tag
   replicas          = var.proxy_blue_replicas
 }
 
-module "ogmios_v1_proxy_green" {
-  depends_on        = [kubernetes_namespace.namespace]
-  source            = "./proxy"
+module "ogmios_v1_proxies_green" {
+  depends_on = [kubernetes_namespace.namespace]
+  source     = "./proxy"
+  for_each   = { for network in var.networks : "${network}" => network }
+
+  network           = each.network
   cloud_provider    = var.cloud_provider
   cluster_issuer    = var.cluster_issuer
   dns_zone          = var.dns_zone
@@ -53,7 +58,6 @@ module "ogmios_v1_proxy_green" {
   extra_annotations = var.proxy_green_extra_annotations
   name              = var.proxy_green_name
   namespace         = var.namespace
-  networks          = var.networks
   proxy_image_tag   = var.proxy_green_image_tag
   replicas          = var.proxy_green_replicas
 }
diff --git a/bootstrap/proxy/cert.tf b/bootstrap/proxy/cert.tf
@@ -1,15 +1,13 @@
 
 
 locals {
-  by_network = flatten([
-    for network in var.networks : [
-      for version in var.versions : "*.${network}-v${version}.${var.extension_name}.${var.dns_zone}"
-    ]
+  by_version = flatten([
+    for version in var.versions : "*.${var.network}-v${version}.${var.extension_name}.${var.dns_zone}"
   ])
 
   # Add the extra URL to the list of generated URLs
-  dns_names        = concat(local.by_network, ["*.${var.extension_name}.${var.dns_zone}"])
-  cert_secret_name = var.environment != null ? "${var.extension_name}-${var.environment}-wildcard-tls" : "${var.extension_name}-wildcard-tls"
+  dns_names        = concat(local.by_version, ["*.${var.extension_name}.${var.dns_zone}"])
+  cert_secret_name = var.environment != null ? "${var.extension_name}-${var.environment}-${var.network}-wildcard-tls" : "${var.extension_name}-${var.network}-wildcard-tls"
 }
 
 resource "kubernetes_manifest" "certificate_cluster_wildcard_tls" {
diff --git a/bootstrap/proxy/config.tf b/bootstrap/proxy/config.tf
@@ -1,5 +1,5 @@
 locals {
-  config_map_name = var.environment != null ? "${var.environment}-proxy-config" : "proxy-config"
+  config_map_name = var.environment != null ? "${var.environment}-proxy-${var.network}-config" : "proxy-${var.network}-config"
 
   tiers = [
     {
diff --git a/bootstrap/proxy/deployment.tf b/bootstrap/proxy/deployment.tf
@@ -46,6 +46,11 @@ resource "kubernetes_deployment_v1" "ogmios_proxy" {
             protocol       = "TCP"
           }
 
+          env {
+            name  = "NETWORK"
+            value = var.network
+          }
+
           env {
             name  = "PROXY_NAMESPACE"
             value = var.namespace
diff --git a/bootstrap/proxy/main.tf b/bootstrap/proxy/main.tf
@@ -1,6 +1,6 @@
 locals {
-  name = var.name
-  role = "proxy"
+  name = var.name != null ? var.name : "proxy-${var.network}"
+  role = "proxy-${var.network}"
 
   prometheus_port = 9187
   prometheus_addr = "0.0.0.0:${local.prometheus_port}"
@@ -12,7 +12,7 @@ locals {
 
 variable "name" {
   type    = string
-  default = "proxy"
+  default = null
 }
 
 // blue - green
@@ -72,9 +72,8 @@ variable "extension_name" {
   type = string
 }
 
-variable "networks" {
-  type    = list(string)
-  default = ["mainnet", "preprod", "preview", "vector-testnet"]
+variable "network" {
+  type = string
 }
 
 variable "versions" {
diff --git a/proxy/Cargo.toml b/proxy/Cargo.toml
@@ -17,6 +17,7 @@ hyper-util = { version = "0.1.3", features = ["full"] }
 leaky-bucket = "1.0.1"
 prometheus = "0.13.3"
 regex = "1.10.3"
+reqwest = { version = "0.11.23", features = ["json"] }
 thiserror = "1.0.56"
 tokio = { version = "1.35.1", features = ["full"] }
 tokio-tungstenite = "0.21.0"
diff --git a/proxy/src/config.rs b/proxy/src/config.rs
@@ -11,11 +11,16 @@ pub struct Config {
     pub ogmios_dns: String,
     pub ssl_crt_path: PathBuf,
     pub ssl_key_path: PathBuf,
+    pub network: String,
+
+    // Health endpoint
+    pub health_poll_interval: std::time::Duration,
 }
 
 impl Config {
     pub fn new() -> Self {
         Self {
+            network: env::var("NETWORK").expect("NETWORK must be set"),
             proxy_addr: env::var("PROXY_ADDR").expect("PROXY_ADDR must be set"),
             proxy_namespace: env::var("PROXY_NAMESPACE").unwrap_or("ftr-ogmios-v1".into()),
             proxy_tiers_path: env::var("PROXY_TIERS_PATH")
@@ -41,6 +46,21 @@ impl Config {
                 .parse()
                 .expect("OGMIOS_PORT must a number"),
             ogmios_dns: env::var("OGMIOS_DNS").expect("OGMIOS_DNS must be set"),
+            health_poll_interval: env::var("HEALTH_POLL_INTERVAL")
+                .map(|v| {
+                    Duration::from_secs(
+                        v.parse::<u64>()
+                            .expect("HEALTH_POLL_INTERVAL must be a number in seconds. eg: 2"),
+                    )
+                })
+                .unwrap_or(Duration::from_secs(10)),
         }
     }
+
+    pub fn instance(&self, version: &str) -> String {
+        format!(
+            "ogmios-{}-{}.{}:{}",
+            self.network, version, self.ogmios_dns, self.ogmios_port
+        )
+    }
 }
diff --git a/proxy/src/health.rs b/proxy/src/health.rs
@@ -0,0 +1,55 @@
+use std::sync::Arc;
+use tracing::{error, info, warn};
+
+use crate::State;
+
+async fn get_health(state: &State) -> bool {
+    let client = match reqwest::Client::builder().build() {
+        Ok(client) => client,
+        Err(err) => {
+            warn!(error = err.to_string(), "Failed to build reqwest client");
+            return false;
+        }
+    };
+
+    let response = match client
+        .get(format!("http://{}/health", state.config.instance("6")))
+        .send()
+        .await
+    {
+        Ok(response) => response,
+        Err(err) => {
+            warn!(error = err.to_string(), "Failed to perform health request");
+            return false;
+        }
+    };
+
+    let status = response.status();
+    if status.is_client_error() || status.is_server_error() {
+        error!(status = status.to_string(), "Health request failed");
+        return false;
+    }
+
+    status == 200
+}
+
+async fn update_health(state: &State) {
+    let current_health = *state.upstream_health.read().await;
+
+    let new_health = get_health(state).await;
+
+    match (current_health, new_health) {
+        (false, true) => info!("Upstream is now healthy, ready to proxy requests."),
+        (true, false) => warn!("Upstream is now deamed unhealthy."),
+        _ => {}
+    }
+
+    *state.upstream_health.write().await = new_health;
+}
+
+pub async fn start(state: Arc<State>) {
+    loop {
+        update_health(&state).await;
+        tokio::time::sleep(state.config.health_poll_interval).await;
+    }
+}
diff --git a/proxy/src/main.rs b/proxy/src/main.rs
@@ -15,6 +15,7 @@ use tracing::Level;
 
 mod auth;
 mod config;
+mod health;
 mod limiter;
 mod metrics;
 mod proxy;
@@ -34,8 +35,9 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
 
     let metrics = metrics::start(state.clone());
     let proxy_server = proxy::start(state.clone());
+    let healthloop = health::start(state.clone());
 
-    tokio::join!(metrics, proxy_server);
+    tokio::join!(metrics, proxy_server, healthloop);
 
     Ok(())
 }
@@ -47,6 +49,7 @@ pub struct State {
     consumers: RwLock<HashMap<String, Consumer>>,
     tiers: RwLock<HashMap<String, Tier>>,
     limiter: RwLock<HashMap<String, Vec<Arc<RateLimiter>>>>,
+    upstream_health: RwLock<bool>,
 }
 impl State {
     pub fn try_new() -> Result<Self, Box<dyn Error>> {
@@ -64,6 +67,7 @@ impl State {
             consumers,
             tiers,
             limiter,
+            upstream_health: RwLock::new(false),
         })
     }
 
diff --git a/proxy/src/proxy.rs b/proxy/src/proxy.rs
@@ -97,7 +97,7 @@ async fn handle(
     state: Arc<State>,
 ) -> Result<ProxyResponse, hyper::Error> {
     match (hyper_req.method(), hyper_req.uri().path()) {
-        (&Method::GET, "/healthz") => handle_healthz().await,
+        (&Method::GET, "/healthz") => handle_healthz(&state).await,
         _ => {
             let proxy_req_result = ProxyRequest::new(&mut hyper_req, &state).await;
             if proxy_req_result.is_none() {
@@ -281,11 +281,18 @@ async fn handle_websocket(
     Ok(res)
 }
 
-async fn handle_healthz() -> Result<ProxyResponse, hyper::Error> {
-    Ok(Response::builder()
-        .status(StatusCode::OK)
-        .body(full("pong"))
-        .unwrap())
+async fn handle_healthz(state: &State) -> Result<ProxyResponse, hyper::Error> {
+    if *state.upstream_health.read().await {
+        Ok(Response::builder()
+            .status(StatusCode::OK)
+            .body(full("OK"))
+            .unwrap())
+    } else {
+        Ok(Response::builder()
+            .status(StatusCode::BAD_GATEWAY)
+            .body(full(""))
+            .unwrap())
+    }
 }
 
 #[derive(Debug, Clone)]
@@ -332,10 +339,12 @@ impl ProxyRequest {
             .unwrap_or_default();
 
         let consumer = state.get_consumer(&token).await?;
-        let instance = format!(
-            "ogmios-{}-{}.{}:{}",
-            consumer.network, consumer.version, state.config.ogmios_dns, state.config.ogmios_port
-        );
+
+        if consumer.network != state.config.network {
+            return None;
+        }
+
+        let instance = state.config.instance(&consumer.version);
 
         Some(Self {
             namespace,

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`locals {`
`2`		`- config_map_name = var.environment != null ? "${var.environment}-proxy-config" : "proxy-config"`
	`2`	`+ config_map_name = var.environment != null ? "${var.environment}-proxy-${var.network}-config" : "proxy-${var.network}-config"`
`3`	`3`
`4`	`4`	`tiers = [`
`5`	`5`	`{`