mirror of https://github.com/status-im/consul.git
Tweak the Lambda Envoy configuration generated by the serverless patcher
- Move from `strip_matching_host_port` to `strip_any_host_port` - Remove `auto_host_rewrite` since it conflicts with `strip_any_host_port`
This commit is contained in:
parent
26cfbc70b0
commit
5682f3ce1f
|
@ -0,0 +1,3 @@
|
||||||
|
```release-note:feature
|
||||||
|
xds: Add the ability to invoke AWS Lambdas through terminating gateways.
|
||||||
|
```
|
|
@ -80,6 +80,15 @@ func TestServerlessPluginFromSnapshot(t *testing.T) {
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "routes",
|
||||||
|
key: xdscommon.RouteType,
|
||||||
|
sorter: func(msgs []proto.Message) func(int, int) bool {
|
||||||
|
return func(i, j int) bool {
|
||||||
|
return msgs[i].(*envoy_listener_v3.Listener).Name < msgs[j].(*envoy_listener_v3.Listener).Name
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, entity := range entities {
|
for _, entity := range entities {
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
envoy_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
|
envoy_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
|
||||||
envoy_endpoint_v3 "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3"
|
envoy_endpoint_v3 "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3"
|
||||||
envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
|
envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
|
||||||
|
envoy_route_v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
|
||||||
envoy_lambda_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/aws_lambda/v3"
|
envoy_lambda_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/http/aws_lambda/v3"
|
||||||
envoy_http_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3"
|
envoy_http_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/network/http_connection_manager/v3"
|
||||||
envoy_tls_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
|
envoy_tls_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
|
||||||
|
@ -78,6 +79,28 @@ func (p lambdaPatcher) CanPatch(kind api.ServiceKind) bool {
|
||||||
return kind == p.kind
|
return kind == p.kind
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (p lambdaPatcher) PatchRoute(route *envoy_route_v3.RouteConfiguration) (*envoy_route_v3.RouteConfiguration, bool, error) {
|
||||||
|
if p.kind != api.ServiceKindTerminatingGateway {
|
||||||
|
return route, false, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, virtualHost := range route.VirtualHosts {
|
||||||
|
for _, route := range virtualHost.Routes {
|
||||||
|
action, ok := route.Action.(*envoy_route_v3.Route_Route)
|
||||||
|
|
||||||
|
if !ok {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
// When auto_host_rewrite is set it conflicts with strip_any_host_port
|
||||||
|
// on the http_connection_manager filter.
|
||||||
|
action.Route.HostRewriteSpecifier = nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return route, true, nil
|
||||||
|
}
|
||||||
|
|
||||||
func (p lambdaPatcher) PatchCluster(c *envoy_cluster_v3.Cluster) (*envoy_cluster_v3.Cluster, bool, error) {
|
func (p lambdaPatcher) PatchCluster(c *envoy_cluster_v3.Cluster) (*envoy_cluster_v3.Cluster, bool, error) {
|
||||||
transportSocket, err := makeUpstreamTLSTransportSocket(&envoy_tls_v3.UpstreamTlsContext{
|
transportSocket, err := makeUpstreamTLSTransportSocket(&envoy_tls_v3.UpstreamTlsContext{
|
||||||
Sni: "*.amazonaws.com",
|
Sni: "*.amazonaws.com",
|
||||||
|
@ -160,7 +183,9 @@ func (p lambdaPatcher) PatchFilter(filter *envoy_listener_v3.Filter) (*envoy_lis
|
||||||
httpFilter,
|
httpFilter,
|
||||||
{Name: "envoy.filters.http.router"},
|
{Name: "envoy.filters.http.router"},
|
||||||
}
|
}
|
||||||
config.StripMatchingHostPort = true
|
config.StripPortMode = &envoy_http_v3.HttpConnectionManager_StripAnyHostPort{
|
||||||
|
StripAnyHostPort: true,
|
||||||
|
}
|
||||||
newFilter, err := makeFilter("envoy.filters.network.http_connection_manager", config)
|
newFilter, err := makeFilter("envoy.filters.network.http_connection_manager", config)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return filter, false, errors.New("error making new filter")
|
return filter, false, errors.New("error making new filter")
|
||||||
|
|
|
@ -3,6 +3,7 @@ package serverlessplugin
|
||||||
import (
|
import (
|
||||||
envoy_cluster_v3 "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3"
|
envoy_cluster_v3 "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3"
|
||||||
envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
|
envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
|
||||||
|
envoy_route_v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
|
||||||
|
|
||||||
"github.com/hashicorp/consul/agent/xds/xdscommon"
|
"github.com/hashicorp/consul/agent/xds/xdscommon"
|
||||||
"github.com/hashicorp/consul/api"
|
"github.com/hashicorp/consul/api"
|
||||||
|
@ -15,6 +16,11 @@ type patcher interface {
|
||||||
// CanPatch determines if the patcher can mutate resources for the given api.ServiceKind
|
// CanPatch determines if the patcher can mutate resources for the given api.ServiceKind
|
||||||
CanPatch(api.ServiceKind) bool
|
CanPatch(api.ServiceKind) bool
|
||||||
|
|
||||||
|
// patchRoute patches a route to include the custom Envoy configuration
|
||||||
|
// PatchCluster patches a cluster to include the custom Envoy configuration
|
||||||
|
// required to integrate with the serverless integration.
|
||||||
|
PatchRoute(*envoy_route_v3.RouteConfiguration) (*envoy_route_v3.RouteConfiguration, bool, error)
|
||||||
|
|
||||||
// PatchCluster patches a cluster to include the custom Envoy configuration
|
// PatchCluster patches a cluster to include the custom Envoy configuration
|
||||||
// required to integrate with the serverless integration.
|
// required to integrate with the serverless integration.
|
||||||
PatchCluster(*envoy_cluster_v3.Cluster) (*envoy_cluster_v3.Cluster, bool, error)
|
PatchCluster(*envoy_cluster_v3.Cluster) (*envoy_cluster_v3.Cluster, bool, error)
|
||||||
|
|
|
@ -5,6 +5,7 @@ import (
|
||||||
|
|
||||||
envoy_cluster_v3 "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3"
|
envoy_cluster_v3 "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3"
|
||||||
envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
|
envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
|
||||||
|
envoy_route_v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
|
||||||
"github.com/golang/protobuf/proto"
|
"github.com/golang/protobuf/proto"
|
||||||
"github.com/hashicorp/go-multierror"
|
"github.com/hashicorp/go-multierror"
|
||||||
|
|
||||||
|
@ -30,6 +31,7 @@ func MutateIndexedResources(resources *xdscommon.IndexedResources, config xdscom
|
||||||
for _, indexType := range []string{
|
for _, indexType := range []string{
|
||||||
xdscommon.ClusterType,
|
xdscommon.ClusterType,
|
||||||
xdscommon.ListenerType,
|
xdscommon.ListenerType,
|
||||||
|
xdscommon.RouteType,
|
||||||
} {
|
} {
|
||||||
for nameOrSNI, msg := range resources.Index[indexType] {
|
for nameOrSNI, msg := range resources.Index[indexType] {
|
||||||
switch resource := msg.(type) {
|
switch resource := msg.(type) {
|
||||||
|
@ -58,6 +60,21 @@ func MutateIndexedResources(resources *xdscommon.IndexedResources, config xdscom
|
||||||
resources.Index[xdscommon.ListenerType][nameOrSNI] = newListener
|
resources.Index[xdscommon.ListenerType][nameOrSNI] = newListener
|
||||||
}
|
}
|
||||||
|
|
||||||
|
case *envoy_route_v3.RouteConfiguration:
|
||||||
|
patcher := getPatcherBySNI(config, config.Kind, nameOrSNI)
|
||||||
|
if patcher == nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
newRoute, patched, err := patcher.PatchRoute(resource)
|
||||||
|
if err != nil {
|
||||||
|
resultErr = multierror.Append(resultErr, fmt.Errorf("error patching route: %w", err))
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
if patched {
|
||||||
|
resources.Index[xdscommon.RouteType][nameOrSNI] = newRoute
|
||||||
|
}
|
||||||
|
|
||||||
default:
|
default:
|
||||||
resultErr = multierror.Append(resultErr, fmt.Errorf("unsupported type was skipped: %T", resource))
|
resultErr = multierror.Append(resultErr, fmt.Errorf("unsupported type was skipped: %T", resource))
|
||||||
}
|
}
|
||||||
|
|
|
@ -211,7 +211,7 @@
|
||||||
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"stripMatchingHostPort": true
|
"stripAnyHostPort": true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
|
30
agent/xds/testdata/serverless_plugin/routes/lambda-terminating-gateway.envoy-1-20-x.golden
vendored
Normal file
30
agent/xds/testdata/serverless_plugin/routes/lambda-terminating-gateway.envoy-1-20-x.golden
vendored
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{
|
||||||
|
"versionInfo": "00000001",
|
||||||
|
"resources": [
|
||||||
|
{
|
||||||
|
"@type": "type.googleapis.com/envoy.config.route.v3.RouteConfiguration",
|
||||||
|
"name": "web.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul",
|
||||||
|
"virtualHosts": [
|
||||||
|
{
|
||||||
|
"name": "web.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul",
|
||||||
|
"domains": [
|
||||||
|
"*"
|
||||||
|
],
|
||||||
|
"routes": [
|
||||||
|
{
|
||||||
|
"match": {
|
||||||
|
"prefix": "/"
|
||||||
|
},
|
||||||
|
"route": {
|
||||||
|
"cluster": "web.default.dc1.internal.11111111-2222-3333-4444-555555555555.consul"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"validateClusters": true
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"typeUrl": "type.googleapis.com/envoy.config.route.v3.RouteConfiguration",
|
||||||
|
"nonce": "00000001"
|
||||||
|
}
|
Loading…
Reference in New Issue