diff --git a/cmd/console.go b/cmd/console.go index b9ac1c6a9..8298489fe 100644 --- a/cmd/console.go +++ b/cmd/console.go @@ -36,13 +36,13 @@ func init() { log.Debug().Err(err).Send() } - consoleCmd.Flags().Uint16(configStructs.ProxyHubPortLabel, defaultTapConfig.Proxy.Hub.Port, "Provide a custom port for the Hub") - consoleCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Hub") + consoleCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the Kubeshark") + consoleCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Kubeshark") consoleCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark") } func runConsole() { - hubUrl := kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port) + hubUrl := kubernetes.GetHubUrl() response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl)) if err != nil || response.StatusCode != 200 { log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy...")) @@ -52,10 +52,10 @@ func runConsole() { interrupt := make(chan os.Signal, 1) signal.Notify(interrupt, os.Interrupt) - log.Info().Str("host", config.Config.Tap.Proxy.Host).Uint16("port", config.Config.Tap.Proxy.Hub.Port).Msg("Connecting to:") + log.Info().Str("host", config.Config.Tap.Proxy.Host).Str("url", hubUrl).Msg("Connecting to:") u := url.URL{ Scheme: "ws", - Host: fmt.Sprintf("%s:%d", config.Config.Tap.Proxy.Host, config.Config.Tap.Proxy.Hub.Port), + Host: fmt.Sprintf("%s:%d/api", config.Config.Tap.Proxy.Host, config.Config.Tap.Proxy.Front.Port), Path: "/scripts/logs", } headers := http.Header{} diff --git a/cmd/export.go b/cmd/export.go index 8f6e9a9a7..1de20c3db 100644 --- a/cmd/export.go +++ b/cmd/export.go @@ -8,7 +8,6 @@ import ( "time" "github.com/creasty/defaults" - "github.com/kubeshark/kubeshark/config" "github.com/kubeshark/kubeshark/config/configStructs" "github.com/kubeshark/kubeshark/internal/connect" "github.com/kubeshark/kubeshark/kubernetes" @@ -34,13 +33,13 @@ func init() { log.Debug().Err(err).Send() } - exportCmd.Flags().Uint16(configStructs.ProxyHubPortLabel, defaultTapConfig.Proxy.Hub.Port, "Provide a custom port for the Hub") - exportCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Hub") + exportCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the Kubeshark") + exportCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Kubeshark") exportCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark") } func runExport() { - hubUrl := kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port) + hubUrl := kubernetes.GetHubUrl() response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl)) if err != nil || response.StatusCode != 200 { log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy...")) @@ -58,6 +57,6 @@ func runExport() { } defer out.Close() - connector := connect.NewConnector(kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port), connect.DefaultRetries, connect.DefaultTimeout) + connector := connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout) connector.PostPcapsMerge(out) } diff --git a/cmd/pro.go b/cmd/pro.go index da0a0f66f..e996c669f 100644 --- a/cmd/pro.go +++ b/cmd/pro.go @@ -40,19 +40,19 @@ func init() { log.Debug().Err(err).Send() } - proCmd.Flags().Uint16(configStructs.ProxyHubPortLabel, defaultTapConfig.Proxy.Hub.Port, "Provide a custom port for the Hub") - proCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Hub") + proCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the Kubeshark") + proCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Kubeshark") } func acquireLicense() { - hubUrl := kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port) + hubUrl := kubernetes.GetHubUrl() response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl)) if err != nil || response.StatusCode != 200 { log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy...")) runProxy(false, true) } - connector = connect.NewConnector(kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port), connect.DefaultRetries, connect.DefaultTimeout) + connector = connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout) log.Info().Str("url", PRO_URL).Msg("Opening in the browser:") utils.OpenBrowser(PRO_URL) diff --git a/cmd/proxy.go b/cmd/proxy.go index f54beee6a..d5329cba0 100644 --- a/cmd/proxy.go +++ b/cmd/proxy.go @@ -24,8 +24,7 @@ func init() { log.Debug().Err(err).Send() } - proxyCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the front-end proxy/port-forward") - proxyCmd.Flags().Uint16(configStructs.ProxyHubPortLabel, defaultTapConfig.Proxy.Hub.Port, "Provide a custom port for the Hub proxy/port-forward") + proxyCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the proxy/port-forward") proxyCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the proxy/port-forward") proxyCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark") } diff --git a/cmd/proxyRunner.go b/cmd/proxyRunner.go index 2cc83818a..8e685c69b 100644 --- a/cmd/proxyRunner.go +++ b/cmd/proxyRunner.go @@ -63,38 +63,8 @@ func runProxy(block bool, noBrowser bool) { var establishedProxy bool - hubUrl := kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port) - response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl)) - if err == nil && response.StatusCode == 200 { - log.Info(). - Str("service", kubernetes.HubServiceName). - Int("port", int(config.Config.Tap.Proxy.Hub.Port)). - Msg("Found a running service.") - - okToOpen("Hub", hubUrl, true) - } else { - startProxyReportErrorIfAny( - kubernetesProvider, - ctx, - kubernetes.HubServiceName, - kubernetes.HubPodName, - configStructs.ProxyHubPortLabel, - config.Config.Tap.Proxy.Hub.Port, - configStructs.ContainerPort, - "/echo", - ) - connector := connect.NewConnector(hubUrl, connect.DefaultRetries, connect.DefaultTimeout) - if err := connector.TestConnection("/echo"); err != nil { - log.Error().Msg(fmt.Sprintf(utils.Red, "Couldn't connect to Hub.")) - return - } - - establishedProxy = true - okToOpen("Hub", hubUrl, true) - } - frontUrl := kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Front.Port) - response, err = http.Get(fmt.Sprintf("%s/", frontUrl)) + response, err := http.Get(fmt.Sprintf("%s/", frontUrl)) if err == nil && response.StatusCode == 200 { log.Info(). Str("service", kubernetes.FrontServiceName). diff --git a/cmd/scripts.go b/cmd/scripts.go index c7a77704d..c10e56bb3 100644 --- a/cmd/scripts.go +++ b/cmd/scripts.go @@ -34,8 +34,8 @@ func init() { log.Debug().Err(err).Send() } - scriptsCmd.Flags().Uint16(configStructs.ProxyHubPortLabel, defaultTapConfig.Proxy.Hub.Port, "Provide a custom port for the Hub") - scriptsCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Hub") + scriptsCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the Kubeshark") + scriptsCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Kubeshark") scriptsCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark") } @@ -45,14 +45,14 @@ func runScripts() { return } - hubUrl := kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port) + hubUrl := kubernetes.GetHubUrl() response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl)) if err != nil || response.StatusCode != 200 { log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy...")) runProxy(false, true) } - connector = connect.NewConnector(kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port), connect.DefaultRetries, connect.DefaultTimeout) + connector = connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout) watchScripts(true) } diff --git a/cmd/tap.go b/cmd/tap.go index ee03011d6..11711e09e 100644 --- a/cmd/tap.go +++ b/cmd/tap.go @@ -47,8 +47,7 @@ func init() { tapCmd.Flags().StringP(configStructs.DockerTagLabel, "t", defaultTapConfig.Docker.Tag, "The tag of the Docker images that are going to be pulled") tapCmd.Flags().String(configStructs.DockerImagePullPolicy, defaultTapConfig.Docker.ImagePullPolicy, "ImagePullPolicy for the Docker images") tapCmd.Flags().StringSlice(configStructs.DockerImagePullSecrets, defaultTapConfig.Docker.ImagePullSecrets, "ImagePullSecrets for the Docker images") - tapCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the front-end proxy/port-forward") - tapCmd.Flags().Uint16(configStructs.ProxyHubPortLabel, defaultTapConfig.Proxy.Hub.Port, "Provide a custom port for the Hub proxy/port-forward") + tapCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the proxy/port-forward") tapCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the proxy/port-forward") tapCmd.Flags().StringSliceP(configStructs.NamespacesLabel, "n", defaultTapConfig.Namespaces, "Namespaces selector") tapCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark") diff --git a/cmd/tapPcapRunner.go b/cmd/tapPcapRunner.go index 008730730..da7c6309d 100644 --- a/cmd/tapPcapRunner.go +++ b/cmd/tapPcapRunner.go @@ -506,7 +506,7 @@ func pcap(tarPath string) error { }, } - connector = connect.NewConnector(kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port), connect.DefaultRetries, connect.DefaultTimeout) + connector = connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout) connector.PostWorkerPodToHub(workerPod) // License @@ -515,7 +515,7 @@ func pcap(tarPath string) error { } log.Info(). - Str("url", kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port)). + Str("url", kubernetes.GetHubUrl()). Msg(fmt.Sprintf(utils.Green, "Hub is available at:")) url := kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Front.Port) diff --git a/cmd/tapRunner.go b/cmd/tapRunner.go index a6ff4b99f..037c1f250 100644 --- a/cmd/tapRunner.go +++ b/cmd/tapRunner.go @@ -65,7 +65,7 @@ func tap() { Str("limit", config.Config.Tap.StorageLimit). Msg(fmt.Sprintf("%s will store the traffic up to a limit (per node). Oldest TCP/UDP streams will be removed once the limit is reached.", misc.Software)) - connector = connect.NewConnector(kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port), connect.DefaultRetries, connect.DefaultTimeout) + connector = connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout) kubernetesProvider, err := getKubernetesProviderForCli(false, false) if err != nil { @@ -406,16 +406,6 @@ func watchHubEvents(ctx context.Context, kubernetesProvider *kubernetes.Provider } func postHubStarted(ctx context.Context, kubernetesProvider *kubernetes.Provider, cancel context.CancelFunc, update bool) { - startProxyReportErrorIfAny( - kubernetesProvider, - ctx, - kubernetes.HubServiceName, - kubernetes.HubPodName, - configStructs.ProxyHubPortLabel, - config.Config.Tap.Proxy.Hub.Port, - configStructs.ContainerPort, - "/echo", - ) if update { // Pod regex @@ -444,12 +434,6 @@ func postHubStarted(ctx context.Context, kubernetesProvider *kubernetes.Provider connector.PostScriptDone() } - if !update && !config.Config.Tap.Ingress.Enabled { - // Hub proxy URL - url := kubernetes.GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port) - log.Info().Str("url", url).Msg(fmt.Sprintf(utils.Green, "Hub is available at:")) - } - if config.Config.Scripting.Source != "" && config.Config.Scripting.WatchScripts { watchScripts(false) } diff --git a/helm-chart/templates/05-hub-service.yaml b/helm-chart/templates/05-hub-service.yaml index aa2d45c93..f2d529a77 100644 --- a/helm-chart/templates/05-hub-service.yaml +++ b/helm-chart/templates/05-hub-service.yaml @@ -19,5 +19,3 @@ spec: selector: app.kubeshark.co/app: hub type: ClusterIP -status: - loadBalancer: {} diff --git a/helm-chart/templates/06-front-deployment.yaml b/helm-chart/templates/06-front-deployment.yaml index b71c8a8b4..5998da290 100644 --- a/helm-chart/templates/06-front-deployment.yaml +++ b/helm-chart/templates/06-front-deployment.yaml @@ -27,7 +27,7 @@ spec: - name: REACT_APP_HUB_HOST value: ' ' - name: REACT_APP_HUB_PORT - value: '{{ .Values.tap.ingress.enabled | ternary "/api" (print ":" .Values.tap.proxy.hub.port) }}' + value: '{{ .Values.tap.ingress.enabled | ternary "/api" (print ":" .Values.tap.proxy.front.port "/api") }}' image: '{{ .Values.tap.docker.registry }}/front:{{ .Values.tap.docker.tag }}' imagePullPolicy: {{ .Values.tap.docker.imagepullpolicy }} name: kubeshark-front diff --git a/helm-chart/templates/07-front-service.yaml b/helm-chart/templates/07-front-service.yaml index 12bc721eb..51211cc9c 100644 --- a/helm-chart/templates/07-front-service.yaml +++ b/helm-chart/templates/07-front-service.yaml @@ -18,5 +18,3 @@ spec: selector: app.kubeshark.co/app: front type: ClusterIP -status: - loadBalancer: {} diff --git a/helm-chart/templates/10-ingress.yaml b/helm-chart/templates/10-ingress.yaml index 0ee7c7f9b..4ad91c053 100644 --- a/helm-chart/templates/10-ingress.yaml +++ b/helm-chart/templates/10-ingress.yaml @@ -4,7 +4,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: - nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.org/websocket-services: "kubeshark-front" {{- if .Values.tap.annotations }} {{- toYaml .Values.tap.annotations | nindent 4 }} {{- end }} @@ -23,13 +23,6 @@ spec: - host: {{ .Values.tap.ingress.host }} http: paths: - - backend: - service: - name: kubeshark-hub - port: - number: 80 - path: /api - pathType: Prefix - backend: service: name: kubeshark-front diff --git a/helm-chart/templates/11-nginx-config-map.yaml b/helm-chart/templates/11-nginx-config-map.yaml index 0732122fb..1cb8ca08d 100644 --- a/helm-chart/templates/11-nginx-config-map.yaml +++ b/helm-chart/templates/11-nginx-config-map.yaml @@ -13,12 +13,30 @@ data: {{- if .Values.tap.ipv6 }} listen [::]:80; {{- end }} - add_header Cache-Control no-cache; + access_log /dev/stdout; + error_log /dev/stdout; + + location /api { + rewrite ^/api(.*)$ $1 break; + proxy_pass http://kubeshark-hub; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $http_host; + proxy_set_header Upgrade websocket; + proxy_set_header Connection Upgrade; + proxy_set_header Authorization $http_authorization; + proxy_pass_header Authorization; + proxy_connect_timeout 4s; + proxy_read_timeout 120s; + proxy_send_timeout 12s; + proxy_pass_request_headers on; + } + location / { root /usr/share/nginx/html; index index.html index.htm; try_files $uri $uri/ /index.html; expires -1; + add_header Cache-Control no-cache; } error_page 500 502 503 504 /50x.html; location = /50x.html { diff --git a/helm-chart/templates/NOTES.txt b/helm-chart/templates/NOTES.txt index 3d2669987..446b5a749 100644 --- a/helm-chart/templates/NOTES.txt +++ b/helm-chart/templates/NOTES.txt @@ -3,19 +3,13 @@ Thank you for installing {{ title .Chart.Name }}. Your deployment has been successful. The release is named {{ .Release.Name }} and it has been deployed in the {{ .Release.Namespace }} namespace. {{- if .Values.tap.telemetry.enabled }} -Notice: Telemetry is enabled. Kubeshark will collect usage statistics. +Notice: Telemetry is enabled. Kubeshark will collect anonymous usage statistics. {{ end }} {{- if .Values.tap.ingress.enabled }} -{{ if not .Values.license -}} -warning: -> Ingress option enabled but license not set. The application should not work as expected. -> Get a license at https://console.kubeshark.co/ -{{- else }} You can now access the application through the following URL: http{{ if .Values.tap.ingress.tls }}s{{ end }}://{{ .Values.tap.ingress.host }} -{{- end -}} {{- else }} To access the application, follow these steps: diff --git a/kubernetes/proxy.go b/kubernetes/proxy.go index 7df22298e..72426bd84 100644 --- a/kubernetes/proxy.go +++ b/kubernetes/proxy.go @@ -72,6 +72,10 @@ func GetProxyOnPort(port uint16) string { return fmt.Sprintf("http://%s:%d", config.Config.Tap.Proxy.Host, port) } +func GetHubUrl() string { + return fmt.Sprintf("%s/api", GetProxyOnPort(config.Config.Tap.Proxy.Hub.Port)) +} + func getRerouteHttpHandlerSelfAPI(proxyHandler http.Handler, selfNamespace string, selfServiceName string) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Set("Access-Control-Allow-Origin", "*")