diff --git a/agent/acl.go b/agent/acl.go index e08b5646a7..5502992160 100644 --- a/agent/acl.go +++ b/agent/acl.go @@ -43,19 +43,20 @@ func (a *Agent) vetServiceRegister(token string, service *structs.NodeService) e func (a *Agent) vetServiceRegisterWithAuthorizer(authz acl.Authorizer, service *structs.NodeService) error { var authzContext acl.AuthorizerContext - service.FillAuthzContext(&authzContext) + // Vet the service itself. + service.FillAuthzContext(&authzContext) if authz.ServiceWrite(service.Service, &authzContext) != acl.Allow { - serviceName := service.CompoundServiceName() - return acl.PermissionDenied("Missing service:write on %s", serviceName.String()) + return acl.PermissionDenied("Missing service:write on %s", + structs.ServiceIDString(service.Service, &service.EnterpriseMeta)) } // Vet any service that might be getting overwritten. if existing := a.State.Service(service.CompoundServiceID()); existing != nil { existing.FillAuthzContext(&authzContext) if authz.ServiceWrite(existing.Service, &authzContext) != acl.Allow { - serviceName := service.CompoundServiceName() - return acl.PermissionDenied("Missing service:write on %s", serviceName.String()) + return acl.PermissionDenied("Missing service:write on %s", + structs.ServiceIDString(service.Service, &service.EnterpriseMeta)) } } @@ -64,8 +65,8 @@ func (a *Agent) vetServiceRegisterWithAuthorizer(authz acl.Authorizer, service * if service.Kind == structs.ServiceKindConnectProxy { service.FillAuthzContext(&authzContext) if authz.ServiceWrite(service.Proxy.DestinationServiceName, &authzContext) != acl.Allow { - // TODO(partitions) fix this to include namespace and partition - return acl.PermissionDenied("Missing service:write on %s", service.Proxy.DestinationServiceName) + return acl.PermissionDenied("Missing service:write on %s", + structs.ServiceIDString(service.Proxy.DestinationServiceName, &service.EnterpriseMeta)) } } @@ -79,8 +80,8 @@ func (a *Agent) vetServiceUpdateWithAuthorizer(authz acl.Authorizer, serviceID s if existing := a.State.Service(serviceID); existing != nil { existing.FillAuthzContext(&authzContext) if authz.ServiceWrite(existing.Service, &authzContext) != acl.Allow { - serviceName := existing.CompoundServiceName() - return acl.PermissionDenied("Missing service:write on %s", serviceName.String()) + return acl.PermissionDenied("Missing service:write on %s", + structs.ServiceIDString(existing.Service, &existing.EnterpriseMeta)) } } else { return NotFoundError{Reason: fmt.Sprintf("Unknown service %q", serviceID)} @@ -90,18 +91,19 @@ func (a *Agent) vetServiceUpdateWithAuthorizer(authz acl.Authorizer, serviceID s } func (a *Agent) vetCheckRegisterWithAuthorizer(authz acl.Authorizer, check *structs.HealthCheck) error { - // TODO(partitions) - var authzContext acl.AuthorizerContext check.FillAuthzContext(&authzContext) + // Vet the check itself. if len(check.ServiceName) > 0 { if authz.ServiceWrite(check.ServiceName, &authzContext) != acl.Allow { - return acl.PermissionDenied("Missing service:write on %v", structs.ServiceIDString(check.ServiceName, &check.EnterpriseMeta)) + return acl.PermissionDenied("Missing service:write on %s", + structs.ServiceIDString(check.ServiceName, &check.EnterpriseMeta)) } } else { if authz.NodeWrite(a.config.NodeName, &authzContext) != acl.Allow { - return acl.PermissionDenied("Missing node:write on %s", structs.NodeNameString(a.config.NodeName, a.AgentEnterpriseMeta())) + return acl.PermissionDenied("Missing node:write on %s", + structs.NodeNameString(a.config.NodeName, a.AgentEnterpriseMeta())) } } @@ -109,11 +111,13 @@ func (a *Agent) vetCheckRegisterWithAuthorizer(authz acl.Authorizer, check *stru if existing := a.State.Check(check.CompoundCheckID()); existing != nil { if len(existing.ServiceName) > 0 { if authz.ServiceWrite(existing.ServiceName, &authzContext) != acl.Allow { - return acl.PermissionDenied("Missing service:write on %s", structs.ServiceIDString(existing.ServiceName, &existing.EnterpriseMeta)) + return acl.PermissionDenied("Missing service:write on %s", + structs.ServiceIDString(existing.ServiceName, &existing.EnterpriseMeta)) } } else { if authz.NodeWrite(a.config.NodeName, &authzContext) != acl.Allow { - return acl.PermissionDenied("Missing node:write on %s", structs.NodeNameString(a.config.NodeName, a.AgentEnterpriseMeta())) + return acl.PermissionDenied("Missing node:write on %s", + structs.NodeNameString(a.config.NodeName, a.AgentEnterpriseMeta())) } } } @@ -129,11 +133,13 @@ func (a *Agent) vetCheckUpdateWithAuthorizer(authz acl.Authorizer, checkID struc if existing := a.State.Check(checkID); existing != nil { if len(existing.ServiceName) > 0 { if authz.ServiceWrite(existing.ServiceName, &authzContext) != acl.Allow { - return acl.PermissionDenied("Missing service:write on %s", structs.ServiceIDString(existing.ServiceName, &existing.EnterpriseMeta)) + return acl.PermissionDenied("Missing service:write on %s", + structs.ServiceIDString(existing.ServiceName, &existing.EnterpriseMeta)) } } else { if authz.NodeWrite(a.config.NodeName, &authzContext) != acl.Allow { - return acl.PermissionDenied("Missing node:write on %s", structs.NodeNameString(a.config.NodeName, a.AgentEnterpriseMeta())) + return acl.PermissionDenied("Missing node:write on %s", + structs.NodeNameString(a.config.NodeName, a.AgentEnterpriseMeta())) } } } else { diff --git a/agent/agent_endpoint.go b/agent/agent_endpoint.go index 463ba87cec..310b6e1e37 100644 --- a/agent/agent_endpoint.go +++ b/agent/agent_endpoint.go @@ -306,7 +306,6 @@ func (s *HTTPHandlers) AgentServices(resp http.ResponseWriter, req *http.Request var token string s.parseToken(req, &token) - // TODO(partitions): should this default to the agent's partition? var entMeta structs.EnterpriseMeta if err := s.parseEntMetaNoWildcard(req, &entMeta); err != nil { return nil, err @@ -393,7 +392,6 @@ func (s *HTTPHandlers) AgentService(resp http.ResponseWriter, req *http.Request) var token string s.parseToken(req, &token) - // TODO(partitions): should this default to the agent's partition? var entMeta structs.EnterpriseMeta if err := s.parseEntMetaNoWildcard(req, &entMeta); err != nil { return nil, err @@ -470,7 +468,6 @@ func (s *HTTPHandlers) AgentChecks(resp http.ResponseWriter, req *http.Request) var token string s.parseToken(req, &token) - // TODO(partitions): should this default to the agent's partition? var entMeta structs.EnterpriseMeta if err := s.parseEntMetaNoWildcard(req, &entMeta); err != nil { return nil, err @@ -637,7 +634,6 @@ func (s *HTTPHandlers) AgentJoin(resp http.ResponseWriter, req *http.Request) (i wan := false if other := req.URL.Query().Get("wan"); other != "" { wan = true - // TODO(partitions) : block wan join } // Get the address @@ -722,7 +718,6 @@ func (s *HTTPHandlers) AgentRegisterCheck(resp http.ResponseWriter, req *http.Re var token string s.parseToken(req, &token) - // TODO(partitions): should this default to the agent's partition? var args structs.CheckDefinition if err := s.parseEntMetaNoWildcard(req, &args.EnterpriseMeta); err != nil { return nil, err @@ -794,7 +789,6 @@ func (s *HTTPHandlers) AgentDeregisterCheck(resp http.ResponseWriter, req *http. var token string s.parseToken(req, &token) - // TODO(partitions): should this default to the agent's partition? if err := s.parseEntMetaNoWildcard(req, &checkID.EnterpriseMeta); err != nil { return nil, err } @@ -887,7 +881,6 @@ func (s *HTTPHandlers) agentCheckUpdate(resp http.ResponseWriter, req *http.Requ var token string s.parseToken(req, &token) - // TODO(partitions): should this default to the agent's partition? if err := s.parseEntMetaNoWildcard(req, &cid.EnterpriseMeta); err != nil { return nil, err } @@ -963,7 +956,6 @@ func (s *HTTPHandlers) AgentHealthServiceByID(resp http.ResponseWriter, req *htt return nil, &BadRequestError{Reason: "Missing serviceID"} } - // TODO(partitions): should this default to the agent's partition? var entMeta structs.EnterpriseMeta if err := s.parseEntMetaNoWildcard(req, &entMeta); err != nil { return nil, err @@ -1022,7 +1014,6 @@ func (s *HTTPHandlers) AgentHealthServiceByName(resp http.ResponseWriter, req *h return nil, &BadRequestError{Reason: "Missing service Name"} } - // TODO(partitions): should this default to the agent's partition? var entMeta structs.EnterpriseMeta if err := s.parseEntMetaNoWildcard(req, &entMeta); err != nil { return nil, err @@ -1086,7 +1077,6 @@ func (s *HTTPHandlers) AgentRegisterService(resp http.ResponseWriter, req *http. var args structs.ServiceDefinition // Fixup the type decode of TTL or Interval if a check if provided. - // TODO(partitions): should this default to the agent's partition? if err := s.parseEntMetaNoWildcard(req, &args.EnterpriseMeta); err != nil { return nil, err } @@ -1253,7 +1243,6 @@ func (s *HTTPHandlers) AgentDeregisterService(resp http.ResponseWriter, req *htt var token string s.parseToken(req, &token) - // TODO(partitions): should this default to the agent's partition? if err := s.parseEntMetaNoWildcard(req, &sid.EnterpriseMeta); err != nil { return nil, err } @@ -1311,7 +1300,6 @@ func (s *HTTPHandlers) AgentServiceMaintenance(resp http.ResponseWriter, req *ht var token string s.parseToken(req, &token) - // TODO(partitions): should this default to the agent's partition? if err := s.parseEntMetaNoWildcard(req, &sid.EnterpriseMeta); err != nil { return nil, err } @@ -1369,6 +1357,7 @@ func (s *HTTPHandlers) AgentNodeMaintenance(resp http.ResponseWriter, req *http. // Get the provided token, if any, and vet against any ACL policies. var token string s.parseToken(req, &token) + authz, err := s.agent.delegate.ResolveTokenAndDefaultMeta(token, nil, nil) if err != nil { return nil, err @@ -1576,7 +1565,6 @@ func (s *HTTPHandlers) AgentConnectCALeafCert(resp http.ResponseWriter, req *htt } var qOpts structs.QueryOptions - // TODO(partitions): should this default to the agent's partition? if err := s.parseEntMetaNoWildcard(req, &args.EnterpriseMeta); err != nil { return nil, err } @@ -1632,7 +1620,6 @@ func (s *HTTPHandlers) AgentConnectAuthorize(resp http.ResponseWriter, req *http var authReq structs.ConnectAuthorizeRequest - // TODO(partitions): should this default to the agent's partition? if err := s.parseEntMetaNoWildcard(req, &authReq.EnterpriseMeta); err != nil { return nil, err } diff --git a/agent/consul/acl.go b/agent/consul/acl.go index 31626e52a5..d259437f7d 100644 --- a/agent/consul/acl.go +++ b/agent/consul/acl.go @@ -637,7 +637,6 @@ func (r *ACLResolver) resolvePoliciesForIdentity(identity structs.ACLIdentity) ( policies = append(policies, syntheticPolicies...) filtered := r.filterPoliciesByScope(policies) - // TODO(partitions,acls): filter these by the partition/namespace of the token trying to use them? return filtered, nil } diff --git a/agent/consul/acl_oss.go b/agent/consul/acl_oss.go index c42064fc1f..33b11a4160 100644 --- a/agent/consul/acl_oss.go +++ b/agent/consul/acl_oss.go @@ -4,9 +4,10 @@ package consul import ( + "github.com/hashicorp/go-hclog" + "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/structs" - "github.com/hashicorp/go-hclog" ) // EnterpriseACLResolverDelegate stub diff --git a/agent/consul/leader.go b/agent/consul/leader.go index 8ee6f5a54c..f922a7c004 100644 --- a/agent/consul/leader.go +++ b/agent/consul/leader.go @@ -387,8 +387,6 @@ func (s *Server) initializeACLs(ctx context.Context) error { if s.InPrimaryDatacenter() { s.logger.Info("initializing acls") - // TODO(partitions): initialize acls in all of the partitions? - // Create/Upgrade the builtin global-management policy _, policy, err := s.fsm.State().ACLPolicyGetByID(nil, structs.ACLPolicyGlobalManagementID, structs.DefaultEnterpriseMetaInDefaultPartition()) if err != nil { @@ -965,8 +963,10 @@ func (s *Server) reconcileReaped(known map[string]struct{}, nodeEntMeta *structs func (s *Server) reconcileMember(member serf.Member) error { // Check if this is a member we should handle if !s.shouldHandleMember(member) { - // TODO(partition): log the partition name - s.logger.Warn("skipping reconcile of node", "member", member) + s.logger.Warn("skipping reconcile of node", + "member", member, + "partition", getSerfMemberEnterpriseMeta(member).PartitionOrDefault(), + ) return nil } defer metrics.MeasureSince([]string{"leader", "reconcileMember"}, time.Now()) @@ -986,8 +986,8 @@ func (s *Server) reconcileMember(member serf.Member) error { } if err != nil { s.logger.Error("failed to reconcile member", - // TODO(partition): log the partition name "member", member, + "partition", getSerfMemberEnterpriseMeta(member).PartitionOrDefault(), "error", err, ) @@ -1089,7 +1089,10 @@ func (s *Server) handleAliveMember(member serf.Member, nodeEntMeta *structs.Ente } } AFTER_CHECK: - s.logger.Info("member joined, marking health alive", "member", member.Name) + s.logger.Info("member joined, marking health alive", + "member", member.Name, + "partition", getSerfMemberEnterpriseMeta(member).PartitionOrDefault(), + ) // Register with the catalog. req := structs.RegisterRequest{ @@ -1131,12 +1134,13 @@ func (s *Server) handleFailedMember(member serf.Member, nodeEntMeta *structs.Ent } if node == nil { - s.logger.Info("ignoring failed event for member because it does not exist in the catalog", "member", member.Name) + s.logger.Info("ignoring failed event for member because it does not exist in the catalog", + "member", member.Name, + "partition", getSerfMemberEnterpriseMeta(member).PartitionOrDefault(), + ) return nil } - // TODO(partitions): get the ent meta by parsing serf tags - if node.Address == member.Addr.String() { // Check if the serfCheck is in the critical state _, checks, err := state.NodeChecks(nil, member.Name, nodeEntMeta) @@ -1149,7 +1153,10 @@ func (s *Server) handleFailedMember(member serf.Member, nodeEntMeta *structs.Ent } } } - s.logger.Info("member failed, marking health critical", "member", member.Name) + s.logger.Info("member failed, marking health critical", + "member", member.Name, + "partition", getSerfMemberEnterpriseMeta(member).PartitionOrDefault(), + ) // Register with the catalog req := structs.RegisterRequest{ @@ -1195,8 +1202,13 @@ func (s *Server) handleDeregisterMember(reason string, member serf.Member, nodeE // Do not deregister ourself. This can only happen if the current leader // is leaving. Instead, we should allow a follower to take-over and // deregister us later. + // + // TODO(partitions): check partitions here too? server names should be unique in general though if member.Name == s.config.NodeName { - s.logger.Warn("deregistering self should be done by follower", "name", s.config.NodeName) + s.logger.Warn("deregistering self should be done by follower", + "name", s.config.NodeName, + "partition", getSerfMemberEnterpriseMeta(member).PartitionOrDefault(), + ) return nil } @@ -1218,7 +1230,11 @@ func (s *Server) handleDeregisterMember(reason string, member serf.Member, nodeE } // Deregister the node - s.logger.Info("deregistering member", "member", member.Name, "reason", reason) + s.logger.Info("deregistering member", + "member", member.Name, + "partition", getSerfMemberEnterpriseMeta(member).PartitionOrDefault(), + "reason", reason, + ) req := structs.DeregisterRequest{ Datacenter: s.config.Datacenter, Node: member.Name, diff --git a/agent/consul/prepared_query/template.go b/agent/consul/prepared_query/template.go index 89974d2369..dfe96f1420 100644 --- a/agent/consul/prepared_query/template.go +++ b/agent/consul/prepared_query/template.go @@ -90,7 +90,6 @@ func Compile(query *structs.PreparedQuery) (*CompiledTemplate, error) { // prefix it will be expected to run with. The results might not make // sense and create a valid service to lookup, but it should render // without any errors. - // TODO(partitions) should this have a partition on it? if _, err = ct.Render(ct.query.Name, structs.QuerySource{}); err != nil { return nil, err } @@ -158,7 +157,6 @@ func (ct *CompiledTemplate) Render(name string, source structs.QuerySource) (*st Type: ast.TypeString, Value: source.Segment, }, - // TODO(partitions): should NodePartition be projected here? }, FuncMap: map[string]ast.Function{ "match": match, diff --git a/agent/consul/state/catalog.go b/agent/consul/state/catalog.go index 31bef38e3b..8f4b07c2e4 100644 --- a/agent/consul/state/catalog.go +++ b/agent/consul/state/catalog.go @@ -128,18 +128,33 @@ func (s *Store) EnsureRegistration(idx uint64, req *structs.RegisterRequest) err return tx.Commit() } -func (s *Store) ensureCheckIfNodeMatches(tx WriteTxn, idx uint64, preserveIndexes bool, node string, check *structs.HealthCheck) error { - // TODO(partitions): do we have to check partition here? probably not - if check.Node != node { +func (s *Store) ensureCheckIfNodeMatches( + tx WriteTxn, + idx uint64, + preserveIndexes bool, + node string, + nodePartition string, + check *structs.HealthCheck, +) error { + if check.Node != node || !structs.EqualPartitions(nodePartition, check.PartitionOrDefault()) { return fmt.Errorf("check node %q does not match node %q", - check.Node, node) + printNodeName(check.Node, check.PartitionOrDefault()), + printNodeName(node, nodePartition), + ) } if err := s.ensureCheckTxn(tx, idx, preserveIndexes, check); err != nil { - return fmt.Errorf("failed inserting check: %s on node %q", err, check.Node) + return fmt.Errorf("failed inserting check on node %q: %v", printNodeName(check.Node, check.PartitionOrDefault()), err) } return nil } +func printNodeName(nodeName, partition string) string { + if structs.IsDefaultPartition(partition) { + return nodeName + } + return partition + "/" + nodeName +} + // ensureRegistrationTxn is used to make sure a node, service, and check // registration is performed within a single transaction to avoid race // conditions on state updates. @@ -205,12 +220,12 @@ func (s *Store) ensureRegistrationTxn(tx WriteTxn, idx uint64, preserveIndexes b // Add the checks, if any. if req.Check != nil { - if err := s.ensureCheckIfNodeMatches(tx, idx, preserveIndexes, req.Node, req.Check); err != nil { + if err := s.ensureCheckIfNodeMatches(tx, idx, preserveIndexes, req.Node, req.PartitionOrDefault(), req.Check); err != nil { return err } } for _, check := range req.Checks { - if err := s.ensureCheckIfNodeMatches(tx, idx, preserveIndexes, req.Node, check); err != nil { + if err := s.ensureCheckIfNodeMatches(tx, idx, preserveIndexes, req.Node, req.PartitionOrDefault(), check); err != nil { return err } } @@ -526,9 +541,6 @@ func (s *Store) DeleteNode(idx uint64, nodeName string, entMeta *structs.Enterpr tx := s.db.WriteTxn(idx) defer tx.Abort() - // TODO(partition): double check all freshly modified state store functions - // that take an ent meta do this trick - // TODO: accept non-pointer value if entMeta == nil { entMeta = structs.NodeEnterpriseMetaInDefaultPartition() diff --git a/agent/proxycfg/connect_proxy.go b/agent/proxycfg/connect_proxy.go index c4eeaee732..39509a989c 100644 --- a/agent/proxycfg/connect_proxy.go +++ b/agent/proxycfg/connect_proxy.go @@ -78,9 +78,6 @@ func (s *handlerConnectProxy) initialize(ctx context.Context) (ConfigSnapshot, e return snap, err } - // default the namespace to the namespace of this proxy service - currentNamespace := s.proxyID.NamespaceOrDefault() - if s.proxyCfg.Mode == structs.ProxyModeTransparent { // When in transparent proxy we will infer upstreams from intentions with this source err := s.cache.Notify(ctx, cachetype.IntentionUpstreamsName, &structs.ServiceSpecificRequest{ @@ -131,15 +128,15 @@ func (s *handlerConnectProxy) initialize(ctx context.Context) (ConfigSnapshot, e continue } - ns := currentNamespace - if u.DestinationNamespace != "" { - ns = u.DestinationNamespace - } - + // Default the partition and namespace to the namespace of this proxy service. partition := s.proxyID.PartitionOrDefault() if u.DestinationPartition != "" { partition = u.DestinationPartition } + ns := s.proxyID.NamespaceOrDefault() + if u.DestinationNamespace != "" { + ns = u.DestinationNamespace + } cfg, err := parseReducedUpstreamConfig(u.Config) if err != nil { diff --git a/agent/proxycfg/manager_test.go b/agent/proxycfg/manager_test.go index 6410dc852f..9e659b5f0d 100644 --- a/agent/proxycfg/manager_test.go +++ b/agent/proxycfg/manager_test.go @@ -18,6 +18,7 @@ import ( "github.com/hashicorp/consul/agent/rpcclient/health" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/agent/token" + "github.com/hashicorp/consul/api" "github.com/hashicorp/consul/sdk/testutil" ) @@ -103,6 +104,7 @@ func TestManager_BasicLifecycle(t *testing.T) { upstreams := structs.TestUpstreams(t) for i := range upstreams { upstreams[i].DestinationNamespace = structs.IntentionDefaultNamespace + upstreams[i].DestinationPartition = api.PartitionDefaultName } webProxy := &structs.NodeService{ Kind: structs.ServiceKindConnectProxy, diff --git a/agent/proxycfg/state.go b/agent/proxycfg/state.go index 237279b997..0b535d0e49 100644 --- a/agent/proxycfg/state.go +++ b/agent/proxycfg/state.go @@ -113,13 +113,17 @@ func copyProxyConfig(ns *structs.NodeService) (structs.ConnectProxyConfig, error // we can safely modify these since we just copied them for idx := range proxyCfg.Upstreams { us := &proxyCfg.Upstreams[idx] - if us.DestinationType != structs.UpstreamDestTypePreparedQuery && us.DestinationNamespace == "" { + if us.DestinationType != structs.UpstreamDestTypePreparedQuery { // default the upstreams target namespace and partition to those of the proxy // doing this here prevents needing much more complex logic a bunch of other // places and makes tracking these upstreams simpler as we can dedup them // with the maps tracking upstream ids being watched. - proxyCfg.Upstreams[idx].DestinationNamespace = ns.EnterpriseMeta.NamespaceOrDefault() - proxyCfg.Upstreams[idx].DestinationPartition = ns.EnterpriseMeta.PartitionOrDefault() + if us.DestinationPartition == "" { + proxyCfg.Upstreams[idx].DestinationPartition = ns.EnterpriseMeta.PartitionOrDefault() + } + if us.DestinationNamespace == "" { + proxyCfg.Upstreams[idx].DestinationNamespace = ns.EnterpriseMeta.NamespaceOrDefault() + } } } diff --git a/agent/structs/connect_proxy_config.go b/agent/structs/connect_proxy_config.go index 5cf553e67b..6fd67343fa 100644 --- a/agent/structs/connect_proxy_config.go +++ b/agent/structs/connect_proxy_config.go @@ -547,6 +547,25 @@ func (u *Upstream) String() string { return u.Identifier() } +// Identifier returns a string representation that uniquely identifies the +// upstream in a canonical but human readable way. +func (us *Upstream) Identifier() string { + name := us.enterpriseIdentifierPrefix() + us.DestinationName + typ := us.DestinationType + + if us.Datacenter != "" { + name += "?dc=" + us.Datacenter + } + + // Service is default type so never prefix it. This is more readable and long + // term it is the only type that matters so we can drop the prefix and have + // nicer naming in metrics etc. + if typ == "" || typ == UpstreamDestTypeService { + return name + } + return typ + ":" + name +} + // UpstreamFromAPI is a helper for converting api.Upstream to Upstream. func UpstreamFromAPI(u api.Upstream) Upstream { return Upstream{ diff --git a/agent/structs/connect_proxy_config_oss.go b/agent/structs/connect_proxy_config_oss.go index 21dead1e7a..61bd2e3936 100644 --- a/agent/structs/connect_proxy_config_oss.go +++ b/agent/structs/connect_proxy_config_oss.go @@ -13,24 +13,6 @@ func (us *Upstream) DestinationID() ServiceID { } } -// Identifier returns a string representation that uniquely identifies the -// upstream in a canonical but human readable way. -func (us *Upstream) Identifier() string { - name := us.DestinationName - typ := us.DestinationType - - if typ != UpstreamDestTypePreparedQuery && us.DestinationNamespace != "" && us.DestinationNamespace != IntentionDefaultNamespace { - name = us.DestinationNamespace + "/" + us.DestinationName - } - if us.Datacenter != "" { - name += "?dc=" + us.Datacenter - } - - // Service is default type so never prefix it. This is more readable and long - // term it is the only type that matters so we can drop the prefix and have - // nicer naming in metrics etc. - if typ == "" || typ == UpstreamDestTypeService { - return name - } - return typ + ":" + name +func (us *Upstream) enterpriseIdentifierPrefix() string { + return "" } diff --git a/agent/structs/structs.go b/agent/structs/structs.go index cd7733b9b1..de6a177e95 100644 --- a/agent/structs/structs.go +++ b/agent/structs/structs.go @@ -422,7 +422,6 @@ type RegisterRequest struct { // node portion of this update will not apply. SkipNodeUpdate bool - // TODO(partitions): ensure the partition part is used for node reg // EnterpriseMeta is the embedded enterprise metadata EnterpriseMeta `hcl:",squash" mapstructure:",squash"` @@ -469,11 +468,10 @@ func (r *RegisterRequest) ChangesNode(node *Node) bool { // If a ServiceID is provided, any associated Checks with that service // are also deregistered. type DeregisterRequest struct { - Datacenter string - Node string - ServiceID string - CheckID types.CheckID - // TODO(partitions): ensure the partition part is used for node reg + Datacenter string + Node string + ServiceID string + CheckID types.CheckID EnterpriseMeta `hcl:",squash" mapstructure:",squash"` WriteRequest } @@ -916,7 +914,6 @@ type ServiceNode struct { ServiceProxy ConnectProxyConfig ServiceConnect ServiceConnect - // TODO(partitions): ensure that Node+Service are both in the same Partition EnterpriseMeta `hcl:",squash" mapstructure:",squash" bexpr:"-"` RaftIndex `bexpr:"-"` @@ -1125,7 +1122,6 @@ type NodeService struct { // somewhere this is used in API output. LocallyRegisteredAsSidecar bool `json:"-" bexpr:"-"` - // TODO(partitions): ensure that Node+Service are both in the same Partition EnterpriseMeta `hcl:",squash" mapstructure:",squash" bexpr:"-"` RaftIndex `bexpr:"-"`