This is an automated email from the ASF dual-hosted git repository.
alinsran pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-ingress-controller.git
The following commit(s) were added to refs/heads/master by this push:
new dc8b6621 feat: add Unix socket support for inter-container
communication (#2587)
dc8b6621 is described below
commit dc8b66214663ba534575aa1be8167786d01df613
Author: AlinsRan <[email protected]>
AuthorDate: Tue Sep 30 15:02:19 2025 +0800
feat: add Unix socket support for inter-container communication (#2587)
---
internal/adc/client/executor.go | 30 +++++++++++++++++++++++++-----
test/e2e/framework/manifests/ingress.yaml | 23 +++++++++++++----------
2 files changed, 38 insertions(+), 15 deletions(-)
diff --git a/internal/adc/client/executor.go b/internal/adc/client/executor.go
index c5e16b54..bda6c7d7 100644
--- a/internal/adc/client/executor.go
+++ b/internal/adc/client/executor.go
@@ -24,6 +24,7 @@ import (
"errors"
"fmt"
"io"
+ "net"
"net/http"
"os"
"os/exec"
@@ -227,13 +228,32 @@ type HTTPADCExecutor struct {
serverURL string
}
-// NewHTTPADCExecutor creates a new HTTPADCExecutor with the specified ADC
Server URL
+// NewHTTPADCExecutor creates a new HTTPADCExecutor with the specified ADC
Server URL.
+// serverURL can be "http(s)://host:port" or "unix:///path/to/socket" or
"unix:/path/to/socket".
func NewHTTPADCExecutor(serverURL string, timeout time.Duration)
*HTTPADCExecutor {
+ httpClient := &http.Client{
+ Timeout: timeout,
+ }
+
+ if strings.HasPrefix(serverURL, "unix:") {
+ var socketPath string
+ if strings.HasPrefix(serverURL, "unix:///") {
+ socketPath = strings.TrimPrefix(serverURL, "unix://")
+ } else {
+ socketPath = strings.TrimPrefix(serverURL, "unix:")
+ }
+ transport := &http.Transport{
+ DialContext: func(ctx context.Context, _, _ string)
(net.Conn, error) {
+ return (&net.Dialer{}).DialContext(ctx, "unix",
socketPath)
+ },
+ }
+ httpClient.Transport = transport
+ serverURL = "http://unix";
+ }
+
return &HTTPADCExecutor{
- httpClient: &http.Client{
- Timeout: timeout,
- },
- serverURL: serverURL,
+ httpClient: httpClient,
+ serverURL: serverURL,
}
}
diff --git a/test/e2e/framework/manifests/ingress.yaml
b/test/e2e/framework/manifests/ingress.yaml
index 2324d4dd..e44cf1b0 100644
--- a/test/e2e/framework/manifests/ingress.yaml
+++ b/test/e2e/framework/manifests/ingress.yaml
@@ -356,6 +356,8 @@ spec:
app: apisix-ingress-controller
control-plane: controller-manager
spec:
+ securityContext:
+ fsGroup: 2000
containers:
- image: apache/apisix-ingress-controller:dev
env:
@@ -367,10 +369,14 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.name
+ - name: ADC_SERVER_URL
+ value: "unix:/sockets/adc.sock"
volumeMounts:
- name: ingress-config
mountPath: /app/conf/config.yaml
subPath: config.yaml
+ - name: socket-volume
+ mountPath: /sockets
{{ if .WebhookEnable -}}
- name: webhook-certs
mountPath: /tmp/certs
@@ -395,12 +401,7 @@ spec:
path: /readyz
port: 8081
initialDelaySeconds: 5
- periodSeconds: 10
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
+ periodSeconds: 10
- image: ghcr.io/api7/adc:dev
env:
- name: ADC_RUNNING_MODE
@@ -413,13 +414,10 @@ spec:
args:
- "server"
- "--listen"
- - "http://127.0.0.1:3000";
+ - "unix:/sockets/adc.sock"
- "--listen-status"
- "3001"
ports:
- - name: http
- containerPort: 3000
- protocol: TCP
- name: http-status
containerPort: 3001
protocol: TCP
@@ -436,10 +434,15 @@ spec:
port: 3001
initialDelaySeconds: 5
periodSeconds: 5
+ volumeMounts:
+ - name: socket-volume
+ mountPath: /sockets
volumes:
- name: ingress-config
configMap:
name: ingress-config
+ - name: socket-volume
+ emptyDir: {}
{{ if .WebhookEnable -}}
- name: webhook-certs
secret:
