Greymatter Version
v1.8.0
An application edge node is an instance of the greymatter data-plane proxy. Its role is to direct external traffic inside the mesh specific to your tenant project. We follow this pattern to treat mesh segmentation with highest priority.
Dashboard Metadata
For application edge nodes we typically use the fully qualified domain name (FQDN) for the API endpoints. For non-application edge nodes, these are typically relative paths from the greymatter core edge. This can be configured at the top level of the edge object like so:
Edge: gsl.#Service & {
// A context provides global information from globals.cue
// to your service definitions.
context: Edge.#NewContext & globals
name: "edge-$PROJECT_NAME"
display_name: "Edge $PROJECT_NAME"
version: "v1.7.4"
description: "EDIT ME: Edge ingress for $PROJECT_NAME"
api_endpoint: "http://\(context.globals.edge_host)/services/$PROJECT_NAME/\(name)/"
api_spec_endpoint: "http://\(context.globals.edge_host)/services/$PROJECT_NAME/\(name)/"
business_impact: "high"
...
Note because many services require an api_endpoint
and api_spec_endpoint
, we configure the edge_host
in the greymatter/globals.cue
file like so:
globals: gsl.#DefaultContext & {
edge_host: "my.project.lb.host"
}
UI Configuration
Application edge nodes require at least one route and upstream registered for service-discovery to function correctly. It is common practice to define a route at the "/"
path which directs traffic to the UI application of your project stack. This should be done in edge-$PROJECT_NAME
ingress listener.
ingress: {
// Edge -> HTTP ingress to your container
"edge-$PROJECT_NAME": {
gsl.#Service.#HTTPListener
gsl.#MTLSListener
port: 10809
routes: "/": {
upstreams: {
"local": {
instances: [
{ host: "0.0.0.0", port: 443 }, // host/port of your UI pod
]
}
}
}
}
}
Edge To Service Registration
If you’ve looked inside your <service.cue>
file previously during the Add Service tutorial, you probably noticed the edge
block found towards the bottom of the file.
We call this the Application Edge Node Registration Block. This configuration stanza serves as the glue between your projects dedicated edge node, and the data-plane instances paired with your custom services. You’ll want to note the path can be changed and TLS is pre-configured (meaning traffic is secured between edge -> service).
// route to service <app edge>/service
// Edge config for the Kiwi service.
// These configs are REQUIRED for your service to be accessible
// outside your cluster/mesh.
edge: {
edge_name: "edge-$PROJECT_NAME"
edge_ingress: "edge-$PROJECT_NAME"
routes: "/services/$PROJECT_NAME/kiwi": upstreams: "\(name)": {
gsl.#MTLSUpstream
}
}
This configuration block denotes that when a request is made to the application edge node at the URI path of /services/$PROJECT_NAME/kiwi
, traffic will be routed to the kiwi
data-plane proxy.