diff --git a/command/connect/envoy/bootstrap_tpl.go b/command/connect/envoy/bootstrap_tpl.go index 9c3f38ee02..6cb238d49a 100644 --- a/command/connect/envoy/bootstrap_tpl.go +++ b/command/connect/envoy/bootstrap_tpl.go @@ -14,6 +14,9 @@ type BootstrapTplArgs struct { // the agent to deliver the correct configuration. ProxyID string + // NodeName is the name of the node on which the proxy service instance is registered. + NodeName string + // ProxySourceService is the Consul service name to report for this proxy // instance's source service label. For sidecars it should be the // Proxy.DestinationServiceName. For gateways and similar it is the service @@ -140,6 +143,9 @@ const bootstrapTemplate = `{ "cluster": "{{ .ProxyCluster }}", "id": "{{ .ProxyID }}", "metadata": { + {{- if .NodeName }} + "node_name": "{{ .NodeName }}", + {{- end }} "namespace": "{{if ne .Namespace ""}}{{ .Namespace }}{{else}}default{{end}}", "partition": "{{if ne .Partition ""}}{{ .Partition }}{{else}}default{{end}}" } diff --git a/command/connect/envoy/envoy.go b/command/connect/envoy/envoy.go index 61ace0fadd..8b86aac1dd 100644 --- a/command/connect/envoy/envoy.go +++ b/command/connect/envoy/envoy.go @@ -41,6 +41,7 @@ type cmd struct { meshGateway bool gateway string proxyID string + nodeName string sidecarFor string adminAccessLogPath string adminBind string @@ -81,6 +82,9 @@ func (c *cmd) init() { c.flags.StringVar(&c.proxyID, "proxy-id", os.Getenv("CONNECT_PROXY_ID"), "The proxy's ID on the local agent.") + c.flags.StringVar(&c.nodeName, "node-name", "", + "[Experimental] The node name where the proxy service is registered. It requires proxy-id to be specified. ") + // Deprecated in favor of `gateway` c.flags.BoolVar(&c.meshGateway, "mesh-gateway", false, "Configure Envoy as a Mesh Gateway.") @@ -231,6 +235,12 @@ func (c *cmd) Run(args []string) int { } func (c *cmd) run(args []string) int { + + if c.nodeName != "" && c.proxyID == "" { + c.UI.Error("'-node-name' requires '-proxy-id'") + return 1 + } + // Fixup for deprecated mesh-gateway flag if c.meshGateway && c.gateway != "" { c.UI.Error("The mesh-gateway flag is deprecated and cannot be used alongside the gateway flag") @@ -297,6 +307,10 @@ func (c *cmd) run(args []string) int { } if c.register { + if c.nodeName != "" { + c.UI.Error("'-register' cannot be used with '-node-name'") + return 1 + } if c.gateway == "" { c.UI.Error("Auto-Registration can only be used for gateways") return 1 @@ -478,6 +492,7 @@ func (c *cmd) templateArgs() (*BootstrapTplArgs, error) { GRPC: xdsAddr, ProxyCluster: cluster, ProxyID: c.proxyID, + NodeName: c.nodeName, ProxySourceService: proxySourceService, AgentCAPEM: caPEM, AdminAccessLogPath: adminAccessLogPath, @@ -501,6 +516,67 @@ func (c *cmd) generateConfig() ([]byte, error) { var bsCfg BootstrapConfig + // Fetch any customization from the registration + var svcProxyConfig *api.AgentServiceConnectProxyConfig + var serviceName, ns, partition, datacenter string + if c.nodeName == "" { + svc, _, err := c.client.Agent().Service(c.proxyID, nil) + if err != nil { + return nil, fmt.Errorf("failed fetch proxy config from local agent: %s", err) + } + svcProxyConfig = svc.Proxy + serviceName = svc.Service + ns = svc.Namespace + partition = svc.Partition + datacenter = svc.Datacenter + } else { + filter := fmt.Sprintf("ID == %q", c.proxyID) + svcList, _, err := c.client.Catalog().NodeServiceList(c.nodeName, &api.QueryOptions{Filter: filter}) + if err != nil { + return nil, fmt.Errorf("failed to fetch proxy config from catalog for node %q: %w", c.nodeName, err) + } + if len(svcList.Services) != 1 { + return nil, fmt.Errorf("expected to find only one proxy service with ID: %q", c.proxyID) + } + svcProxyConfig = svcList.Services[0].Proxy + serviceName = svcList.Services[0].Service + ns = svcList.Services[0].Namespace + partition = svcList.Services[0].Partition + datacenter = svcList.Node.Datacenter + c.gatewayKind = svcList.Services[0].Kind + } + if svcProxyConfig == nil { + return nil, errors.New("service is not a Connect proxy or gateway") + } + + if svcProxyConfig.DestinationServiceName != "" { + // Override cluster now we know the actual service name + args.ProxyCluster = svcProxyConfig.DestinationServiceName + args.ProxySourceService = svcProxyConfig.DestinationServiceName + } else { + // Set the source service name from the proxy's own registration + args.ProxySourceService = serviceName + } + + // In most cases where namespaces and partitions are enabled they will already be set + // correctly because the http client that fetched this will provide them explicitly. + // However, if these arguments were not provided, they will be empty even + // though Namespaces and Partitions are actually being used. + // Overriding them ensures that we always set the Namespace and Partition args + // if the cluster is using them. This prevents us from defaulting to the "default" + // when a non-default partition or namespace was inferred from the ACL token. + if ns != "" { + args.Namespace = ns + } + if partition != "" { + args.Partition = partition + } + + if datacenter != "" { + // The agent will definitely have the definitive answer here. + args.Datacenter = datacenter + } + // Setup ready listener for ingress gateway to pass healthcheck if c.gatewayKind == api.ServiceKindIngressGateway { lanAddr := c.lanAddress.String() @@ -512,46 +588,9 @@ func (c *cmd) generateConfig() ([]byte, error) { bsCfg.ReadyBindAddr = lanAddr } - // Fetch any customization from the registration - svc, _, err := c.client.Agent().Service(c.proxyID, nil) - if err != nil { - return nil, fmt.Errorf("failed fetch proxy config from local agent: %s", err) - } - if svc.Proxy == nil { - return nil, errors.New("service is not a Connect proxy or gateway") - } - - if svc.Proxy.DestinationServiceName != "" { - // Override cluster now we know the actual service name - args.ProxyCluster = svc.Proxy.DestinationServiceName - args.ProxySourceService = svc.Proxy.DestinationServiceName - } else { - // Set the source service name from the proxy's own registration - args.ProxySourceService = svc.Service - } - - // In most cases where namespaces and partitions are enabled they will already be set - // correctly because the http client that fetched this will provide them explicitly. - // However, if these arguments were not provided, they will be empty even - // though Namespaces and Partitions are actually being used. - // Overriding them ensures that we always set the Namespace and Partition args - // if the cluster is using them. This prevents us from defaulting to the "default" - // when a non-default partition or namespace was inferred from the ACL token. - if svc.Namespace != "" { - args.Namespace = svc.Namespace - } - if svc.Partition != "" { - args.Partition = svc.Partition - } - - if svc.Datacenter != "" { - // The agent will definitely have the definitive answer here. - args.Datacenter = svc.Datacenter - } - if !c.disableCentralConfig { // Parse the bootstrap config - if err := mapstructure.WeakDecode(svc.Proxy.Config, &bsCfg); err != nil { + if err := mapstructure.WeakDecode(svcProxyConfig.Config, &bsCfg); err != nil { return nil, fmt.Errorf("failed parsing Proxy.Config: %s", err) } } diff --git a/command/connect/envoy/envoy_test.go b/command/connect/envoy/envoy_test.go index a419569dff..0e29a69342 100644 --- a/command/connect/envoy/envoy_test.go +++ b/command/connect/envoy/envoy_test.go @@ -55,6 +55,11 @@ func TestEnvoyGateway_Validation(t *testing.T) { []string{""}, "No proxy ID specified", }, + { + "-register with nodename", + []string{"-register", "-proxy-id", "gw-svc-id", "-node-name", "gw-node"}, + "'-register' cannot be used with '-node-name'", + }, } for _, tc := range cases { @@ -130,6 +135,11 @@ func TestGenerateConfig(t *testing.T) { Env: []string{}, WantErr: "No proxy ID specified", }, + { + Name: "node-name without proxy-id", + Flags: []string{"-node-name", "test-node"}, + WantErr: "'-node-name' requires '-proxy-id'", + }, { Name: "defaults", Flags: []string{"-proxy-id", "test-proxy"}, @@ -151,6 +161,28 @@ func TestGenerateConfig(t *testing.T) { PrometheusScrapePath: "/metrics", }, }, + { + Name: "defaults-nodemeta", + Flags: []string{"-proxy-id", "test-proxy", "-node-name", "test-node"}, + WantArgs: BootstrapTplArgs{ + ProxyCluster: "test-proxy", + ProxyID: "test-proxy", + NodeName: "test-node", + // We don't know this til after the lookup so it will be empty in the + // initial args call we are testing here. + ProxySourceService: "", + GRPC: GRPC{ + AgentAddress: "127.0.0.1", + AgentPort: "8502", // Note this is the gRPC port + }, + AdminAccessLogPath: "/dev/null", + AdminBindAddress: "127.0.0.1", + AdminBindPort: "19000", + LocalAgentClusterName: xds.LocalAgentClusterName, + PrometheusBackendPort: "", + PrometheusScrapePath: "/metrics", + }, + }, { Name: "prometheus-metrics", Flags: []string{"-proxy-id", "test-proxy", @@ -764,6 +796,24 @@ func TestGenerateConfig(t *testing.T) { PrometheusScrapePath: "/metrics", }, }, + { + Name: "ingress-gateway-nodemeta", + Flags: []string{"-proxy-id", "ingress-gateway-1", "-node-name", "test-node"}, + WantArgs: BootstrapTplArgs{ + ProxyCluster: "ingress-gateway-1", + ProxyID: "ingress-gateway-1", + NodeName: "test-node", + GRPC: GRPC{ + AgentAddress: "127.0.0.1", + AgentPort: "8502", + }, + AdminAccessLogPath: "/dev/null", + AdminBindAddress: "127.0.0.1", + AdminBindPort: "19000", + LocalAgentClusterName: xds.LocalAgentClusterName, + PrometheusScrapePath: "/metrics", + }, + }, { Name: "ingress-gateway-address-specified", Flags: []string{"-proxy-id", "ingress-gateway", "-gateway", "ingress", "-address", "1.2.3.4:7777"}, @@ -1011,7 +1061,8 @@ func TestEnvoy_GatewayRegistration(t *testing.T) { } // testMockAgent combines testMockAgentProxyConfig and testMockAgentSelf, -// routing /agent/service/... requests to testMockAgentProxyConfig and +// routing /agent/service/... requests to testMockAgentProxyConfig, +// routing /catalog/node-services/... requests to testMockCatalogNodeServiceList // routing /agent/self requests to testMockAgentSelf. func testMockAgent(tc generateConfigTestCase) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { @@ -1022,6 +1073,8 @@ func testMockAgent(tc generateConfigTestCase) http.HandlerFunc { testMockAgentProxyConfig(tc.ProxyConfig, tc.NamespacesEnabled)(w, r) case strings.Contains(r.URL.Path, "/agent/self"): testMockAgentSelf(tc.XDSPort, tc.AgentSelf110)(w, r) + case strings.Contains(r.URL.Path, "/catalog/node-services"): + testMockCatalogNodeServiceList()(w, r) default: http.NotFound(w, r) } @@ -1090,7 +1143,7 @@ func testMockAgentProxyConfig(cfg map[string]interface{}, namespacesEnabled bool // Parse the proxy-id from the end of the URL (blindly assuming it's correct // format) proxyID := strings.TrimPrefix(r.URL.Path, "/v1/agent/service/") - serviceID := strings.TrimSuffix(proxyID, "-sidecar-proxy") + serviceID := strings.TrimSuffix(proxyID, "-proxy") svc := api.AgentService{ Kind: api.ServiceKindConnectProxy, @@ -1119,6 +1172,48 @@ func testMockAgentProxyConfig(cfg map[string]interface{}, namespacesEnabled bool } } +func testMockCatalogNodeServiceList() http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + quotedProxyID := strings.TrimPrefix(r.URL.Query().Get("filter"), "ID == ") + proxyID := quotedProxyID[1 : len(quotedProxyID)-1] + serviceID := strings.TrimSuffix(proxyID, "-proxy") + + var svcKind api.ServiceKind + if strings.Contains(proxyID, "ingress-gateway") { + svcKind = api.ServiceKindIngressGateway + } else { + svcKind = api.ServiceKindConnectProxy + } + + var svcProxy api.AgentServiceConnectProxyConfig + if svcKind == api.ServiceKindConnectProxy { + svcProxy = api.AgentServiceConnectProxyConfig{ + DestinationServiceName: serviceID, + DestinationServiceID: serviceID, + } + } + svc := api.AgentService{ + Kind: svcKind, + ID: proxyID, + Service: proxyID, + Proxy: &svcProxy, + } + + nodeSvc := api.CatalogNodeServiceList{ + Node: &api.Node{Datacenter: "dc1"}, + Services: []*api.AgentService{&svc}, + } + + cfgJSON, err := json.Marshal(nodeSvc) + if err != nil { + w.WriteHeader(500) + w.Write([]byte(err.Error())) + return + } + w.Write(cfgJSON) + } +} + func TestEnvoyCommand_canBindInternal(t *testing.T) { t.Parallel() type testCheck struct { diff --git a/command/connect/envoy/testdata/CONSUL_HTTP_ADDR-with-https-scheme-enables-tls.golden b/command/connect/envoy/testdata/CONSUL_HTTP_ADDR-with-https-scheme-enables-tls.golden index e9560a50c7..cfa96e5ef0 100644 --- a/command/connect/envoy/testdata/CONSUL_HTTP_ADDR-with-https-scheme-enables-tls.golden +++ b/command/connect/envoy/testdata/CONSUL_HTTP_ADDR-with-https-scheme-enables-tls.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -155,11 +155,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/access-log-path.golden b/command/connect/envoy/testdata/access-log-path.golden index b47c55f636..a874cb698e 100644 --- a/command/connect/envoy/testdata/access-log-path.golden +++ b/command/connect/envoy/testdata/access-log-path.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/custom-bootstrap.golden b/command/connect/envoy/testdata/custom-bootstrap.golden index fa7e553988..59bc467f6b 100644 --- a/command/connect/envoy/testdata/custom-bootstrap.golden +++ b/command/connect/envoy/testdata/custom-bootstrap.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy" }, "custom_field": "foo" diff --git a/command/connect/envoy/testdata/defaults-nodemeta.golden b/command/connect/envoy/testdata/defaults-nodemeta.golden new file mode 100644 index 0000000000..62adc0032f --- /dev/null +++ b/command/connect/envoy/testdata/defaults-nodemeta.golden @@ -0,0 +1,193 @@ +{ + "admin": { + "access_log_path": "/dev/null", + "address": { + "socket_address": { + "address": "127.0.0.1", + "port_value": 19000 + } + } + }, + "node": { + "cluster": "test", + "id": "test-proxy", + "metadata": { + "node_name": "test-node", + "namespace": "default", + "partition": "default" + } + }, + "static_resources": { + "clusters": [ + { + "name": "local_agent", + "ignore_health_on_host_removal": false, + "connect_timeout": "1s", + "type": "STATIC", + "http2_protocol_options": {}, + "loadAssignment": { + "clusterName": "local_agent", + "endpoints": [ + { + "lbEndpoints": [ + { + "endpoint": { + "address": { + "socket_address": { + "address": "127.0.0.1", + "port_value": 8502 + } + } + } + } + ] + } + ] + } + } + ] + }, + "stats_config": { + "stats_tags": [ + { + "regex": "^cluster\\.(?:passthrough~)?((?:([^.]+)~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.custom_hash" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:([^.]+)\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.service_subset" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.service" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.namespace" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:([^.]+)\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.partition" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.datacenter" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.routing_type" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.([^.]+)\\.consul\\.)", + "tag_name": "consul.destination.trust_domain" + }, + { + "regex": "^cluster\\.(?:passthrough~)?(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.target" + }, + { + "regex": "^cluster\\.(?:passthrough~)?(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+)\\.consul\\.)", + "tag_name": "consul.destination.full_target" + }, + { + "regex": "^(?:tcp|http)\\.upstream\\.(([^.]+)(?:\\.[^.]+)?(?:\\.[^.]+)?\\.[^.]+\\.)", + "tag_name": "consul.upstream.service" + }, + { + "regex": "^(?:tcp|http)\\.upstream\\.([^.]+(?:\\.[^.]+)?(?:\\.[^.]+)?\\.([^.]+)\\.)", + "tag_name": "consul.upstream.datacenter" + }, + { + "regex": "^(?:tcp|http)\\.upstream\\.([^.]+(?:\\.([^.]+))?(?:\\.[^.]+)?\\.[^.]+\\.)", + "tag_name": "consul.upstream.namespace" + }, + { + "regex": "^(?:tcp|http)\\.upstream\\.([^.]+(?:\\.[^.]+)?(?:\\.([^.]+))?\\.[^.]+\\.)", + "tag_name": "consul.upstream.partition" + }, + { + "regex": "^cluster\\.((?:([^.]+)~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.custom_hash" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:([^.]+)\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.service_subset" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.service" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.namespace" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.datacenter" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.[^.]+\\.consul\\.)", + "tag_name": "consul.routing_type" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.([^.]+)\\.consul\\.)", + "tag_name": "consul.trust_domain" + }, + { + "regex": "^cluster\\.(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.target" + }, + { + "regex": "^cluster\\.(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+)\\.consul\\.)", + "tag_name": "consul.full_target" + }, + { + "tag_name": "local_cluster", + "fixed_value": "test" + }, + { + "tag_name": "consul.source.service", + "fixed_value": "test" + }, + { + "tag_name": "consul.source.namespace", + "fixed_value": "default" + }, + { + "tag_name": "consul.source.partition", + "fixed_value": "default" + }, + { + "tag_name": "consul.source.datacenter", + "fixed_value": "dc1" + } + ], + "use_all_default_tags": true + }, + "dynamic_resources": { + "lds_config": { + "ads": {}, + "resource_api_version": "V3" + }, + "cds_config": { + "ads": {}, + "resource_api_version": "V3" + }, + "ads_config": { + "api_type": "DELTA_GRPC", + "transport_api_version": "V3", + "grpc_services": { + "initial_metadata": [ + { + "key": "x-consul-token", + "value": "" + } + ], + "envoy_grpc": { + "cluster_name": "local_agent" + } + } + } + } +} + diff --git a/command/connect/envoy/testdata/defaults.golden b/command/connect/envoy/testdata/defaults.golden index 19f44d5473..1c3b452ff6 100644 --- a/command/connect/envoy/testdata/defaults.golden +++ b/command/connect/envoy/testdata/defaults.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/deprecated-grpc-addr-config.golden b/command/connect/envoy/testdata/deprecated-grpc-addr-config.golden index c4b70fa7f5..f59a782edc 100644 --- a/command/connect/envoy/testdata/deprecated-grpc-addr-config.golden +++ b/command/connect/envoy/testdata/deprecated-grpc-addr-config.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/existing-ca-file.golden b/command/connect/envoy/testdata/existing-ca-file.golden index 62c65881b9..ff09458487 100644 --- a/command/connect/envoy/testdata/existing-ca-file.golden +++ b/command/connect/envoy/testdata/existing-ca-file.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -155,11 +155,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/existing-ca-path.golden b/command/connect/envoy/testdata/existing-ca-path.golden index d0de2eae0a..a9fc080fd5 100644 --- a/command/connect/envoy/testdata/existing-ca-path.golden +++ b/command/connect/envoy/testdata/existing-ca-path.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -155,11 +155,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/extra_-multiple.golden b/command/connect/envoy/testdata/extra_-multiple.golden index 3d1fb43d58..b0689e23b7 100644 --- a/command/connect/envoy/testdata/extra_-multiple.golden +++ b/command/connect/envoy/testdata/extra_-multiple.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -164,11 +164,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/extra_-single.golden b/command/connect/envoy/testdata/extra_-single.golden index 56c2f480d3..6a33f0c29b 100644 --- a/command/connect/envoy/testdata/extra_-single.golden +++ b/command/connect/envoy/testdata/extra_-single.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -155,11 +155,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/grpc-addr-env.golden b/command/connect/envoy/testdata/grpc-addr-env.golden index c4b70fa7f5..f59a782edc 100644 --- a/command/connect/envoy/testdata/grpc-addr-env.golden +++ b/command/connect/envoy/testdata/grpc-addr-env.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/grpc-addr-flag.golden b/command/connect/envoy/testdata/grpc-addr-flag.golden index c4b70fa7f5..f59a782edc 100644 --- a/command/connect/envoy/testdata/grpc-addr-flag.golden +++ b/command/connect/envoy/testdata/grpc-addr-flag.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/grpc-addr-unix.golden b/command/connect/envoy/testdata/grpc-addr-unix.golden index e92d848462..4386445f8b 100644 --- a/command/connect/envoy/testdata/grpc-addr-unix.golden +++ b/command/connect/envoy/testdata/grpc-addr-unix.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -141,11 +141,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/ingress-gateway-nodemeta.golden b/command/connect/envoy/testdata/ingress-gateway-nodemeta.golden new file mode 100644 index 0000000000..45a024653f --- /dev/null +++ b/command/connect/envoy/testdata/ingress-gateway-nodemeta.golden @@ -0,0 +1,282 @@ +{ + "admin": { + "access_log_path": "/dev/null", + "address": { + "socket_address": { + "address": "127.0.0.1", + "port_value": 19000 + } + } + }, + "node": { + "cluster": "ingress-gateway-1", + "id": "ingress-gateway-1", + "metadata": { + "node_name": "test-node", + "namespace": "default", + "partition": "default" + } + }, + "static_resources": { + "clusters": [ + { + "name": "local_agent", + "ignore_health_on_host_removal": false, + "connect_timeout": "1s", + "type": "STATIC", + "http2_protocol_options": {}, + "loadAssignment": { + "clusterName": "local_agent", + "endpoints": [ + { + "lbEndpoints": [ + { + "endpoint": { + "address": { + "socket_address": { + "address": "127.0.0.1", + "port_value": 8502 + } + } + } + } + ] + } + ] + } + }, + { + "name": "self_admin", + "ignore_health_on_host_removal": false, + "connect_timeout": "5s", + "type": "STATIC", + "http_protocol_options": {}, + "loadAssignment": { + "clusterName": "self_admin", + "endpoints": [ + { + "lbEndpoints": [ + { + "endpoint": { + "address": { + "socket_address": { + "address": "127.0.0.1", + "port_value": 19000 + } + } + } + } + ] + } + ] + } + } + ], + "listeners": [ + { + "name": "envoy_ready_listener", + "address": { + "socket_address": { + "address": "127.0.0.1", + "port_value": 8443 + } + }, + "filter_chains": [ + { + "filters": [ + { + "name": "envoy.filters.network.http_connection_manager", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", + "stat_prefix": "envoy_ready", + "codec_type": "HTTP1", + "route_config": { + "name": "self_admin_route", + "virtual_hosts": [ + { + "name": "self_admin", + "domains": [ + "*" + ], + "routes": [ + { + "match": { + "path": "/ready" + }, + "route": { + "cluster": "self_admin", + "prefix_rewrite": "/ready" + } + }, + { + "match": { + "prefix": "/" + }, + "direct_response": { + "status": 404 + } + } + ] + } + ] + }, + "http_filters": [ + { + "name": "envoy.filters.http.router", + "typedConfig": { + "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" + } + } + ] + } + } + ] + } + ] + } + ] + }, + "stats_config": { + "stats_tags": [ + { + "regex": "^cluster\\.(?:passthrough~)?((?:([^.]+)~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.custom_hash" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:([^.]+)\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.service_subset" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.service" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.namespace" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:([^.]+)\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.partition" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.datacenter" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.routing_type" + }, + { + "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.([^.]+)\\.consul\\.)", + "tag_name": "consul.destination.trust_domain" + }, + { + "regex": "^cluster\\.(?:passthrough~)?(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.destination.target" + }, + { + "regex": "^cluster\\.(?:passthrough~)?(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+)\\.consul\\.)", + "tag_name": "consul.destination.full_target" + }, + { + "regex": "^(?:tcp|http)\\.upstream\\.(([^.]+)(?:\\.[^.]+)?(?:\\.[^.]+)?\\.[^.]+\\.)", + "tag_name": "consul.upstream.service" + }, + { + "regex": "^(?:tcp|http)\\.upstream\\.([^.]+(?:\\.[^.]+)?(?:\\.[^.]+)?\\.([^.]+)\\.)", + "tag_name": "consul.upstream.datacenter" + }, + { + "regex": "^(?:tcp|http)\\.upstream\\.([^.]+(?:\\.([^.]+))?(?:\\.[^.]+)?\\.[^.]+\\.)", + "tag_name": "consul.upstream.namespace" + }, + { + "regex": "^(?:tcp|http)\\.upstream\\.([^.]+(?:\\.[^.]+)?(?:\\.([^.]+))?\\.[^.]+\\.)", + "tag_name": "consul.upstream.partition" + }, + { + "regex": "^cluster\\.((?:([^.]+)~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.custom_hash" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:([^.]+)\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.service_subset" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.service" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.namespace" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.datacenter" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.[^.]+\\.consul\\.)", + "tag_name": "consul.routing_type" + }, + { + "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.([^.]+)\\.consul\\.)", + "tag_name": "consul.trust_domain" + }, + { + "regex": "^cluster\\.(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)", + "tag_name": "consul.target" + }, + { + "regex": "^cluster\\.(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+)\\.consul\\.)", + "tag_name": "consul.full_target" + }, + { + "tag_name": "local_cluster", + "fixed_value": "ingress-gateway-1" + }, + { + "tag_name": "consul.source.service", + "fixed_value": "ingress-gateway-1" + }, + { + "tag_name": "consul.source.namespace", + "fixed_value": "default" + }, + { + "tag_name": "consul.source.partition", + "fixed_value": "default" + }, + { + "tag_name": "consul.source.datacenter", + "fixed_value": "dc1" + } + ], + "use_all_default_tags": true + }, + "dynamic_resources": { + "lds_config": { + "ads": {}, + "resource_api_version": "V3" + }, + "cds_config": { + "ads": {}, + "resource_api_version": "V3" + }, + "ads_config": { + "api_type": "DELTA_GRPC", + "transport_api_version": "V3", + "grpc_services": { + "initial_metadata": [ + { + "key": "x-consul-token", + "value": "" + } + ], + "envoy_grpc": { + "cluster_name": "local_agent" + } + } + } + } +} + diff --git a/command/connect/envoy/testdata/prometheus-metrics.golden b/command/connect/envoy/testdata/prometheus-metrics.golden index 333f9872dc..004ed74896 100644 --- a/command/connect/envoy/testdata/prometheus-metrics.golden +++ b/command/connect/envoy/testdata/prometheus-metrics.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -231,11 +231,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/stats-config-override.golden b/command/connect/envoy/testdata/stats-config-override.golden index cfe5d91332..62c8901258 100644 --- a/command/connect/envoy/testdata/stats-config-override.golden +++ b/command/connect/envoy/testdata/stats-config-override.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", diff --git a/command/connect/envoy/testdata/token-arg.golden b/command/connect/envoy/testdata/token-arg.golden index e1be2a292e..c5a54a8717 100644 --- a/command/connect/envoy/testdata/token-arg.golden +++ b/command/connect/envoy/testdata/token-arg.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/token-env.golden b/command/connect/envoy/testdata/token-env.golden index e1be2a292e..c5a54a8717 100644 --- a/command/connect/envoy/testdata/token-env.golden +++ b/command/connect/envoy/testdata/token-env.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/token-file-arg.golden b/command/connect/envoy/testdata/token-file-arg.golden index e1be2a292e..c5a54a8717 100644 --- a/command/connect/envoy/testdata/token-file-arg.golden +++ b/command/connect/envoy/testdata/token-file-arg.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/token-file-env.golden b/command/connect/envoy/testdata/token-file-env.golden index e1be2a292e..c5a54a8717 100644 --- a/command/connect/envoy/testdata/token-file-env.golden +++ b/command/connect/envoy/testdata/token-file-env.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/xds-addr-config.golden b/command/connect/envoy/testdata/xds-addr-config.golden index c4b70fa7f5..f59a782edc 100644 --- a/command/connect/envoy/testdata/xds-addr-config.golden +++ b/command/connect/envoy/testdata/xds-addr-config.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -142,11 +142,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace", diff --git a/command/connect/envoy/testdata/zipkin-tracing-config.golden b/command/connect/envoy/testdata/zipkin-tracing-config.golden index 2fa890b8ff..8c84471a31 100644 --- a/command/connect/envoy/testdata/zipkin-tracing-config.golden +++ b/command/connect/envoy/testdata/zipkin-tracing-config.golden @@ -9,7 +9,7 @@ } }, "node": { - "cluster": "test-proxy", + "cluster": "test", "id": "test-proxy", "metadata": { "namespace": "default", @@ -166,11 +166,11 @@ }, { "tag_name": "local_cluster", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.service", - "fixed_value": "test-proxy" + "fixed_value": "test" }, { "tag_name": "consul.source.namespace",