WebSocket support in NGINX (#1439)

* Open port in Dockerfile
* Added the BIGCHAINDB_WS_FRONTEND_PORT and BIGCHAINDB_WS_BACKEND_PORT as parameters.

k8s/nginx/container/Dockerfile

@@ -7,5 +7,5 @@ RUN apt-get update \
     && apt-get clean
 COPY nginx.conf.template /etc/nginx/nginx.conf
 COPY nginx_entrypoint.bash /
-EXPOSE 80 443 27017
+EXPOSE 80 81 443 444 27017
 ENTRYPOINT ["/nginx_entrypoint.bash"]

k8s/nginx/container/README.md

@@ -40,6 +40,8 @@ docker run \
 --env "BIGCHAINDB_FRONTEND_PORT=<port where nginx listens for BigchainDB connections>" \
 --env "BIGCHAINDB_BACKEND_HOST=<ip/hostname of instance where BigchainDB is running>" \
 --env "BIGCHAINDB_BACKEND_PORT=<port where BigchainDB is listening for connections>" \
+--env "BIGCHAINDB_WS_BACKEND_PORT=<port where BigchainDB is listening for websocket connections>" \
+--env "BIGCHAINDB_WS_FRONTEND_PORT=<port where nginx listens for BigchainDB WebSocket connections>" \
 --env "MONGODB_WHITELIST=<a ':' separated list of IPs that can connect to MongoDB>" \
 --env "DNS_SERVER=<ip of the dns server>" \
 --name=ngx \
@@ -59,6 +61,8 @@ docker run \
 --env "BIGCHAINDB_FRONTEND_PORT=80" \
 --env "BIGCHAINDB_BACKEND_HOST=localhost" \
 --env "BIGCHAINDB_BACKEND_PORT=9984" \
+--env="BIGCHAINDB_WS_FRONTEND_PORT=81" \
+--env="BIGCHAINDB_WS_BACKEND_PORT=9985" \
 --env "MONGODB_WHITELIST=192.168.0.0/16:10.0.2.0/24" \
 --name=ngx \
 --publish=80:80 \
@@ -67,3 +71,8 @@ docker run \
 bigchaindb/nginx
 ```
 
+### Note:
+You can test the WebSocket server by using 
+[wsc](https://slack-redir.net/link?url=https%3A%2F%2Fwww.npmjs.com%2Fpackage%2Fwsc) tool with a command like:
+`wsc -er ws://localhost:9985/api/v1/streams/valid_tx`.
+

k8s/nginx/container/nginx.conf.template

@@ -63,6 +63,26 @@ http {
       proxy_pass http://$bdb_backend:BIGCHAINDB_BACKEND_PORT;
     }
   }
+
+  server {
+    listen BIGCHAINDB_WS_FRONTEND_PORT;
+    underscores_in_headers on;
+
+    # keepalive connection settings
+    keepalive_timeout 20s;
+
+    # `slowloris` attack mitigation settings
+    client_body_timeout 10s;
+    client_header_timeout 10s;
+
+    location /api/v1/streams/ {
+      proxy_read_timeout 300s;
+      proxy_pass http://$bdb_backend:BIGCHAINDB_WS_BACKEND_PORT;
+      proxy_http_version 1.1;
+      proxy_set_header Upgrade $http_upgrade;
+      proxy_set_header Connection "upgrade";
+    }
+  }
 }
 
 # NGINX stream block for TCP and UDP proxies

k8s/nginx/container/nginx_entrypoint.bash

@@ -7,6 +7,8 @@ mongo_backend_port=`printenv MONGODB_BACKEND_PORT`
 bdb_frontend_port=`printenv BIGCHAINDB_FRONTEND_PORT`
 bdb_backend_host=`printenv BIGCHAINDB_BACKEND_HOST`
 bdb_backend_port=`printenv BIGCHAINDB_BACKEND_PORT`
+bdb_ws_frontend_port=`printenv BIGCHAINDB_WS_FRONTEND_PORT`
+bdb_ws_backend_port=`printenv BIGCHAINDB_WS_BACKEND_PORT`
 mongo_whitelist=`printenv MONGODB_WHITELIST`
 dns_server=`printenv DNS_SERVER`
 
@@ -17,6 +19,8 @@ if [[ -z "${mongo_frontend_port}" || \
     -z "${bdb_frontend_port}" || \
     -z "${bdb_backend_host}" || \
     -z "${bdb_backend_port}" || \
+    -z "${bdb_ws_backend_port}" || \
+    -z "${bdb_ws_frontend_port}" || \
     -z "${dns_server}" ]] ; then
   echo "Invalid environment settings detected. Exiting!"
   exit 1
@@ -31,6 +35,8 @@ sed -i "s|MONGODB_BACKEND_PORT|${mongo_backend_port}|g" $NGINX_CONF_FILE
 sed -i "s|BIGCHAINDB_FRONTEND_PORT|${bdb_frontend_port}|g" $NGINX_CONF_FILE
 sed -i "s|BIGCHAINDB_BACKEND_HOST|${bdb_backend_host}|g" $NGINX_CONF_FILE
 sed -i "s|BIGCHAINDB_BACKEND_PORT|${bdb_backend_port}|g" $NGINX_CONF_FILE
+sed -i "s|BIGCHAINDB_WS_FRONTEND_PORT|${bdb_ws_frontend_port}|g" $NGINX_CONF_FILE
+sed -i "s|BIGCHAINDB_WS_BACKEND_PORT|${bdb_ws_backend_port}|g" $NGINX_CONF_FILE
 sed -i "s|DNS_SERVER|${dns_server}|g" $NGINX_CONF_FILE
 
 # populate the whitelist in the conf file as per MONGODB_WHITELIST env var