status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add TransparentProxy option to proxy definitions

This commit is contained in:
Freddy 2021-03-17 17:01:45 -06:00 committed by GitHub
parent c664938bae 4bdbcff9c0
commit 8207b832df
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
21 changed files with 539 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
agent/agent_endpoint_test.go
View File

@ -197,6 +197,7 @@ func TestAgent_Services_Sidecar(t *testing.T) {
Proxy: structs.ConnectProxyConfig{
DestinationServiceName: "db",
Upstreams: structs.TestUpstreams(t),
TransparentProxy: true,
},
}
a.State.AddService(srv1, "")
@ -396,7 +397,7 @@ func TestAgent_Service(t *testing.T) {
Service: "web-sidecar-proxy",
Port: 8000,
Proxy: expectProxy.ToAPI(),
ContentHash: "4c7d5f8d3748be6d",
ContentHash: "fa3af167b81f6721",
Weights: api.AgentWeights{
Passing: 1,
Warning: 1,
@ -410,7 +411,7 @@ func TestAgent_Service(t *testing.T) {
// Copy and modify
updatedResponse := *expectedResponse
updatedResponse.Port = 9999
updatedResponse.ContentHash = "713435ba1f5badcf"
updatedResponse.ContentHash = "c7739b50900c7483"
// Simple response for non-proxy service registered in TestAgent config
expectWebResponse := &api.AgentService{

1
agent/config/builder.go
View File

@ -1690,6 +1690,7 @@ func (b *builder) serviceProxyVal(v *ServiceProxy) *structs.ConnectProxyConfig {
Upstreams: b.upstreamsVal(v.Upstreams),
MeshGateway: b.meshGatewayConfVal(v.MeshGateway),
Expose: b.exposeConfVal(v.Expose),
TransparentProxy: boolVal(v.TransparentProxy),
}
}

4
agent/config/config.go
View File

@ -473,6 +473,10 @@ type ServiceProxy struct {
// Expose defines whether checks or paths are exposed through the proxy
Expose *ExposeConfig `mapstructure:"expose"`
// TransparentProxy toggles whether inbound and outbound traffic is being
// redirected to the proxy.
TransparentProxy *bool `mapstructure:"transparent_proxy"`
}
// Upstream represents a single upstream dependency for a service or proxy. It

31
agent/config/runtime_test.go
View File

@ -2582,6 +2582,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
}
]
},
"transparent_proxy": true,
"upstreams": [
{
"destination_name": "db",
@ -2617,7 +2618,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
protocol = "http"
}
]
},
}
transparent_proxy = true
upstreams = [
{
destination_name = "db"
@ -2657,6 +2659,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
},
},
},
TransparentProxy: true,
Upstreams: structs.Upstreams{
structs.Upstream{
DestinationType: "service",
@ -2711,6 +2714,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
}
]
},
"transparent_proxy": true,
"upstreams": [
{
"destination_name": "db",
@ -2746,7 +2750,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
protocol = "http"
}
]
},
}
transparent_proxy = true,
upstreams = [
{
destination_name = "db"
@ -2786,6 +2791,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
},
},
},
TransparentProxy: true,
Upstreams: structs.Upstreams{
structs.Upstream{
DestinationType: "service",
@ -3428,7 +3434,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
},
"mesh_gateway": {
"mode": "remote"
}
},
"transparent_proxy": true
}
]
}
@ -3447,6 +3454,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
mesh_gateway {
mode = "remote"
}
transparent_proxy = true
}
}`},
expected: func(rt *RuntimeConfig) {
@ -3465,6 +3473,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
MeshGateway: structs.MeshGatewayConfig{
Mode: structs.MeshGatewayModeRemote,
},
TransparentProxy: true,
},
}
},
@ -3486,7 +3495,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
},
"MeshGateway": {
"Mode": "remote"
}
},
"TransparentProxy": true
}
]
}
@ -3505,6 +3515,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
MeshGateway {
Mode = "remote"
}
TransparentProxy = true
}
}`},
expected: func(rt *RuntimeConfig) {
@ -3523,6 +3534,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
MeshGateway: structs.MeshGatewayConfig{
Mode: structs.MeshGatewayModeRemote,
},
TransparentProxy: true,
},
}
},
@ -3544,7 +3556,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
"external_sni": "abc-123",
"mesh_gateway": {
"mode": "remote"
}
},
"transparent_proxy": true
}
]
}
@ -3563,6 +3576,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
mesh_gateway {
mode = "remote"
}
transparent_proxy = true
}
}`},
expected: func(rt *RuntimeConfig) {
@ -3581,6 +3595,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
MeshGateway: structs.MeshGatewayConfig{
Mode: structs.MeshGatewayModeRemote,
},
TransparentProxy: true,
},
}
},
@ -3602,7 +3617,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
"ExternalSNI": "abc-123",
"MeshGateway": {
"Mode": "remote"
}
},
"TransparentProxy": true
}
]
}
@ -3621,6 +3637,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
MeshGateway {
Mode = "remote"
}
TransparentProxy = true
}
}`},
expected: func(rt *RuntimeConfig) {
@ -3639,6 +3656,7 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
MeshGateway: structs.MeshGatewayConfig{
Mode: structs.MeshGatewayModeRemote,
},
TransparentProxy: true,
},
}
},
@ -5464,6 +5482,7 @@ func TestLoad_FullConfig(t *testing.T) {
},
},
},
TransparentProxy: true,
},
Weights: &structs.Weights{
Passing: 1,

1
agent/config/testdata/full-config.hcl vendored
View File

@ -582,6 +582,7 @@ services = [
}
]
}
transparent_proxy = true
}
},
{

1
agent/config/testdata/full-config.json vendored
View File

@ -563,6 +563,7 @@
}
]
},
"transparent_proxy": true,
"upstreams": [
{
"destination_name": "KPtAj2cb",

4
agent/consul/config_endpoint.go
View File

@ -357,6 +357,7 @@ func (c *ConfigEntry) ResolveServiceConfig(args *structs.ServiceConfigRequest, r
reply.ProxyConfig = mapCopy.(map[string]interface{})
reply.MeshGateway = proxyConf.MeshGateway
reply.Expose = proxyConf.Expose
reply.TransparentProxy = proxyConf.TransparentProxy
// Extract the global protocol from proxyConf for upstream configs.
rawProtocol := proxyConf.Config["protocol"]
@ -395,6 +396,9 @@ func (c *ConfigEntry) ResolveServiceConfig(args *structs.ServiceConfigRequest, r
}
reply.ProxyConfig["protocol"] = serviceConf.Protocol
}
if serviceConf.TransparentProxy {
reply.TransparentProxy = serviceConf.TransparentProxy
}
}
// First collect all upstreams into a set of seen upstreams.

99
agent/consul/config_endpoint_test.go
View File

@ -893,6 +893,105 @@ func TestConfigEntry_ResolveServiceConfig(t *testing.T) {
require.Equal(map[string]interface{}{"foo": 1}, proxyConf.Config)
}
func TestConfigEntry_ResolveServiceConfig_TransparentProxy(t *testing.T) {
if testing.Short() {
t.Skip("too slow for testing.Short")
}
t.Parallel()
tt := []struct {
name string
entries []structs.ConfigEntry
request structs.ServiceConfigRequest
proxyCfg structs.ConnectProxyConfig
expect structs.ServiceConfigResponse
}{
{
name: "from proxy-defaults",
entries: []structs.ConfigEntry{
&structs.ProxyConfigEntry{
Kind: structs.ProxyDefaults,
Name: structs.ProxyConfigGlobal,
TransparentProxy: true,
},
},
request: structs.ServiceConfigRequest{
Name: "foo",
Datacenter: "dc1",
},
expect: structs.ServiceConfigResponse{
TransparentProxy: true,
},
},
{
name: "from service-defaults",
entries: []structs.ConfigEntry{
&structs.ServiceConfigEntry{
Kind: structs.ServiceDefaults,
Name: "foo",
TransparentProxy: true,
},
},
request: structs.ServiceConfigRequest{
Name: "foo",
Datacenter: "dc1",
},
expect: structs.ServiceConfigResponse{
TransparentProxy: true,
},
},
{
name: "service-defaults overrides proxy-defaults",
entries: []structs.ConfigEntry{
&structs.ProxyConfigEntry{
Kind: structs.ProxyDefaults,
Name: structs.ProxyConfigGlobal,
TransparentProxy: false,
},
&structs.ServiceConfigEntry{
Kind: structs.ServiceDefaults,
Name: "foo",
TransparentProxy: true,
},
},
request: structs.ServiceConfigRequest{
Name: "foo",
Datacenter: "dc1",
},
expect: structs.ServiceConfigResponse{
TransparentProxy: true,
},
},
}
for _, tc := range tt {
t.Run(tc.name, func(t *testing.T) {
dir1, s1 := testServer(t)
defer os.RemoveAll(dir1)
defer s1.Shutdown()
codec := rpcClient(t, s1)
defer codec.Close()
// Boostrap the config entries
idx := uint64(1)
for _, conf := range tc.entries {
require.NoError(t, s1.fsm.State().EnsureConfigEntry(idx, conf))
idx++
}
var out structs.ServiceConfigResponse
require.NoError(t, msgpackrpc.CallWithCodec(codec, "ConfigEntry.ResolveServiceConfig", &tc.request, &out))
// Don't know what this is deterministically, so we grab it from the response
tc.expect.QueryMeta = out.QueryMeta
require.Equal(t, tc.expect, out)
})
}
}
func TestConfigEntry_ResolveServiceConfig_Upstreams(t *testing.T) {
if testing.Short() {
t.Skip("too slow for testing.Short")

65
agent/service_manager.go
View File

@ -376,39 +376,78 @@ func mergeServiceConfig(defaults *structs.ServiceConfigResponse, service *struct
if ns.Proxy.MeshGateway.Mode == structs.MeshGatewayModeDefault {
ns.Proxy.MeshGateway.Mode = defaults.MeshGateway.Mode
}
if !ns.Proxy.TransparentProxy {
ns.Proxy.TransparentProxy = defaults.TransparentProxy
}
// Merge upstream defaults if there were any returned
// remoteUpstreams contains synthetic Upstreams generated from central config (service-defaults.UpstreamConfigs).
remoteUpstreams := make(map[structs.ServiceID]structs.Upstream)
for _, us := range defaults.UpstreamIDConfigs {
parsed, err := structs.ParseUpstreamConfig(us.Config)
if err != nil {
return nil, fmt.Errorf("failed to parse upstream config map for %s: %v", us.Upstream.String(), err)
}
// Delete the mesh gateway key since this is the only place it is read from an opaque map.
// Later reads use Proxy.MeshGateway.
// Note that we use the "mesh_gateway" key and not other variants like "MeshGateway" because
// UpstreamConfig.MergeInto and ResolveServiceConfig only use "mesh_gateway".
delete(us.Config, "mesh_gateway")
remoteUpstreams[us.Upstream] = structs.Upstream{
DestinationNamespace: us.Upstream.NamespaceOrDefault(),
DestinationName: us.Upstream.ID,
Config: us.Config,
MeshGateway: parsed.MeshGateway,
CentrallyConfigured: true,
}
}
// localUpstreams stores the upstreams seen from the local registration so that we can merge in the synthetic entries.
// In TransparentProxy mode ns.Proxy.Upstreams will likely be empty because users do not need to define upstreams explicitly.
// So to store upstream-specific flags from central config, we add entries to ns.Proxy.Upstream with those values.
localUpstreams := make(map[structs.ServiceID]struct{})
// Merge upstream defaults into the local registration
for i := range ns.Proxy.Upstreams {
// Get a pointer not a value copy of the upstream struct
us := &ns.Proxy.Upstreams[i]
if us.DestinationType != "" && us.DestinationType != structs.UpstreamDestTypeService {
continue
}
localUpstreams[us.DestinationID()] = struct{}{}
usCfg, ok := defaults.UpstreamIDConfigs.GetUpstreamConfig(us.DestinationID())
usCfg, ok := remoteUpstreams[us.DestinationID()]
if !ok {
// No config defaults to merge
continue
}
// MeshGateway mode is fetched separately since it is a first class field and not read from us.Config
parsed, err := structs.ParseUpstreamConfig(usCfg)
if err != nil {
return nil, fmt.Errorf("failed to parse upstream config map for %s: %v", us.Identifier(), err)
}
// The local upstream config mode has the highest precedence, so only overwrite when it's set to the default
if us.MeshGateway.Mode == structs.MeshGatewayModeDefault {
us.MeshGateway.Mode = parsed.MeshGateway.Mode
us.MeshGateway.Mode = usCfg.MeshGateway.Mode
}
// Delete the mesh gateway key since this is the only place it is read from an opaque map.
delete(usCfg, "mesh_gateway")
// Merge in everything else that is read from the map
if err := mergo.Merge(&us.Config, usCfg); err != nil {
if err := mergo.Merge(&us.Config, usCfg.Config); err != nil {
return nil, err
}
}
// Ensure upstreams present in central config are represented in the local configuration.
// This does not apply outside of TransparentProxy mode because in that situation every upstream needs to be defined
// explicitly and locally with a local bind port.
if ns.Proxy.TransparentProxy {
for id, remote := range remoteUpstreams {
if _, ok := localUpstreams[id]; ok {
// Remote upstream is already present locally
continue
}
ns.Proxy.Upstreams = append(ns.Proxy.Upstreams, remote)
}
}
return ns, err
}

119
agent/service_manager_test.go
View File

@ -922,6 +922,125 @@ func Test_mergeServiceConfig_UpstreamOverrides(t *testing.T) {
},
},
},
{
name: "remote upstream config expands local upstream list in tproxy mode",
args: args{
defaults: &structs.ServiceConfigResponse{
UpstreamIDConfigs: structs.OpaqueUpstreamConfigs{
{
Upstream: structs.ServiceID{
ID: "zap",
EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
},
Config: map[string]interface{}{
"protocol": "grpc",
},
},
},
},
service: &structs.NodeService{
ID: "foo-proxy",
Service: "foo-proxy",
Proxy: structs.ConnectProxyConfig{
DestinationServiceName: "foo",
DestinationServiceID: "foo",
TransparentProxy: true,
Upstreams: structs.Upstreams{
structs.Upstream{
DestinationNamespace: "default",
DestinationName: "zip",
LocalBindPort: 8080,
Config: map[string]interface{}{
"protocol": "http",
},
},
},
},
},
},
want: &structs.NodeService{
ID: "foo-proxy",
Service: "foo-proxy",
Proxy: structs.ConnectProxyConfig{
DestinationServiceName: "foo",
DestinationServiceID: "foo",
TransparentProxy: true,
Upstreams: structs.Upstreams{
structs.Upstream{
DestinationNamespace: "default",
DestinationName: "zip",
LocalBindPort: 8080,
Config: map[string]interface{}{
"protocol": "http",
},
},
structs.Upstream{
DestinationNamespace: "default",
DestinationName: "zap",
Config: map[string]interface{}{
"protocol": "grpc",
},
CentrallyConfigured: true,
},
},
},
},
},
{
name: "remote upstream config not added to local upstream list outside of tproxy mode",
args: args{
defaults: &structs.ServiceConfigResponse{
UpstreamIDConfigs: structs.OpaqueUpstreamConfigs{
{
Upstream: structs.ServiceID{
ID: "zap",
EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
},
Config: map[string]interface{}{
"protocol": "grpc",
},
},
},
},
service: &structs.NodeService{
ID: "foo-proxy",
Service: "foo-proxy",
Proxy: structs.ConnectProxyConfig{
DestinationServiceName: "foo",
DestinationServiceID: "foo",
TransparentProxy: false,
Upstreams: structs.Upstreams{
structs.Upstream{
DestinationNamespace: "default",
DestinationName: "zip",
LocalBindPort: 8080,
Config: map[string]interface{}{
"protocol": "http",
},
},
},
},
},
},
want: &structs.NodeService{
ID: "foo-proxy",
Service: "foo-proxy",
Proxy: structs.ConnectProxyConfig{
DestinationServiceName: "foo",
DestinationServiceID: "foo",
Upstreams: structs.Upstreams{
structs.Upstream{
DestinationNamespace: "default",
DestinationName: "zip",
LocalBindPort: 8080,
Config: map[string]interface{}{
"protocol": "http",
},
},
},
},
},
},
{
name: "upstream mode from remote defaults overrides local default",
args: args{

3
agent/structs/config_entry.go
View File

@ -84,6 +84,7 @@ type ServiceConfigEntry struct {
Protocol string
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
Expose ExposeConfig `json:",omitempty"`
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
ExternalSNI string `json:",omitempty" alias:"external_sni"`
@ -216,6 +217,7 @@ type ProxyConfigEntry struct {
Config map[string]interface{}
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
Expose ExposeConfig `json:",omitempty"`
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
Meta map[string]string `json:",omitempty"`
EnterpriseMeta `hcl:",squash" mapstructure:",squash"`
@ -839,6 +841,7 @@ type ServiceConfigResponse struct {
UpstreamIDConfigs OpaqueUpstreamConfigs
MeshGateway MeshGatewayConfig `json:",omitempty"`
Expose ExposeConfig `json:",omitempty"`
TransparentProxy bool `json:",omitempty"`
QueryMeta
}

15
agent/structs/connect_proxy_config.go
View File

@ -118,6 +118,10 @@ type ConnectProxyConfig struct {
// Expose defines whether checks or paths are exposed through the proxy
Expose ExposeConfig `json:",omitempty"`
// TransparentProxy toggles whether inbound and outbound traffic is being
// redirected to the proxy.
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
}
func (t *ConnectProxyConfig) UnmarshalJSON(data []byte) (err error) {
@ -128,6 +132,7 @@ func (t *ConnectProxyConfig) UnmarshalJSON(data []byte) (err error) {
LocalServiceAddressSnake string `json:"local_service_address"`
LocalServicePortSnake int `json:"local_service_port"`
MeshGatewaySnake MeshGatewayConfig `json:"mesh_gateway"`
TransparentProxySnake bool `json:"transparent_proxy"`
*Alias
}{
@ -151,6 +156,9 @@ func (t *ConnectProxyConfig) UnmarshalJSON(data []byte) (err error) {
if t.MeshGateway.Mode == "" {
t.MeshGateway.Mode = aux.MeshGatewaySnake.Mode
}
if !t.TransparentProxy {
t.TransparentProxy = aux.TransparentProxySnake
}
return nil
@ -183,6 +191,7 @@ func (c *ConnectProxyConfig) ToAPI() *api.AgentServiceConnectProxyConfig {
Upstreams: c.Upstreams.ToAPI(),
MeshGateway: c.MeshGateway.ToAPI(),
Expose: c.Expose.ToAPI(),
TransparentProxy: c.TransparentProxy,
}
}
@ -256,6 +265,10 @@ type Upstream struct {
// an ingress gateway. This cannot and should not be set by a user, it is
// used internally to store the association of hosts to an upstream service.
IngressHosts []string `json:"-" bexpr:"-"`
// CentrallyConfigured indicates whether the upstream was defined in a proxy
// instance registration or whether it was generated from a config entry.
CentrallyConfigured bool `json:",omitempty" bexpr:"-"`
}
func (t *Upstream) UnmarshalJSON(data []byte) (err error) {
@ -312,7 +325,7 @@ func (u *Upstream) Validate() error {
return fmt.Errorf("upstream destination name cannot be empty")
}
if u.LocalBindPort == 0 {
if u.LocalBindPort == 0 && !u.CentrallyConfigured {
return fmt.Errorf("upstream local bind port cannot be zero")
}
return nil

5
agent/structs/structs_filtering_test.go
View File

@ -207,6 +207,11 @@ var expectedFieldConfigConnectProxyConfig bexpr.FieldConfigurations = bexpr.Fiel
StructFieldName: "Expose",
SubFields: expectedFieldConfigExposeConfig,
},
"TransparentProxy": &bexpr.FieldConfiguration{
StructFieldName: "TransparentProxy",
CoerceFn: bexpr.CoerceBool,
SupportedOperations: []bexpr.MatchOperator{bexpr.MatchEqual, bexpr.MatchNotEqual},
},
}
var expectedFieldConfigServiceConnect bexpr.FieldConfigurations = bexpr.FieldConfigurations{

2
api/agent.go
View File

@ -122,6 +122,7 @@ type AgentServiceConnectProxyConfig struct {
Upstreams []Upstream `json:",omitempty"`
MeshGateway MeshGatewayConfig `json:",omitempty"`
Expose ExposeConfig `json:",omitempty"`
TransparentProxy bool `json:",omitempty"`
}
const (
@ -407,6 +408,7 @@ type Upstream struct {
LocalBindPort int `json:",omitempty"`
Config map[string]interface{} `json:",omitempty" bexpr:"-"`
MeshGateway MeshGatewayConfig `json:",omitempty"`
CentrallyConfigured bool `json:",omitempty" bexpr:"-"`
}
// Agent can be used to query the Agent endpoints

4
api/agent_test.go
View File

@ -437,6 +437,7 @@ func TestAPI_AgentServices_ExternalConnectProxy(t *testing.T) {
Port: 8001,
Proxy: &AgentServiceConnectProxyConfig{
DestinationServiceName: "foo",
TransparentProxy: true,
},
}
if err := agent.ServiceRegister(reg); err != nil {
@ -453,6 +454,9 @@ func TestAPI_AgentServices_ExternalConnectProxy(t *testing.T) {
if _, ok := services["foo-proxy"]; !ok {
t.Fatalf("missing proxy service: %v", services)
}
if !services["foo-proxy"].Proxy.TransparentProxy {
t.Fatalf("expected transparent proxy mode to be enabled")
}
if err := agent.ServiceDeregister("foo"); err != nil {
t.Fatalf("err: %v", err)

2
api/config_entry.go
View File

@ -174,6 +174,7 @@ type ServiceConfigEntry struct {
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
Connect ConnectConfiguration `json:",omitempty"`
Expose ExposeConfig `json:",omitempty"`
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
ExternalSNI string `json:",omitempty" alias:"external_sni"`
Meta map[string]string `json:",omitempty"`
CreateIndex uint64
@ -211,6 +212,7 @@ type ProxyConfigEntry struct {
Config map[string]interface{} `json:",omitempty"`
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
Expose ExposeConfig `json:",omitempty"`
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
Meta map[string]string `json:",omitempty"`
CreateIndex uint64
ModifyIndex uint64

6
api/config_entry_test.go
View File

@ -296,7 +296,8 @@ func TestDecodeConfigEntry(t *testing.T) {
},
"MeshGateway": {
"Mode": "remote"
}
},
"TransparentProxy": true
}
`,
expect: &ProxyConfigEntry{
@ -316,6 +317,7 @@ func TestDecodeConfigEntry(t *testing.T) {
MeshGateway: MeshGatewayConfig{
Mode: MeshGatewayModeRemote,
},
TransparentProxy: true,
},
},
{
@ -333,6 +335,7 @@ func TestDecodeConfigEntry(t *testing.T) {
"MeshGateway": {
"Mode": "remote"
},
"TransparentProxy": true,
"Connect": {
"UpstreamConfigs": {
"redis": {
@ -377,6 +380,7 @@ func TestDecodeConfigEntry(t *testing.T) {
MeshGateway: MeshGatewayConfig{
Mode: MeshGatewayModeRemote,
},
TransparentProxy: true,
Connect: ConnectConfiguration{
UpstreamConfigs: map[string]UpstreamConfig{
"redis": {

15
command/config/write/config_write_test.go
View File

@ -181,6 +181,7 @@ func TestParseConfigEntry(t *testing.T) {
mesh_gateway {
mode = "remote"
}
transparent_proxy = true
`,
camel: `
Kind = "proxy-defaults"
@ -199,6 +200,7 @@ func TestParseConfigEntry(t *testing.T) {
MeshGateway {
Mode = "remote"
}
TransparentProxy = true
`,
snakeJSON: `
{
@ -217,7 +219,8 @@ func TestParseConfigEntry(t *testing.T) {
},
"mesh_gateway": {
"mode": "remote"
}
},
"transparent_proxy": true
}
`,
camelJSON: `
@ -237,7 +240,8 @@ func TestParseConfigEntry(t *testing.T) {
},
"MeshGateway": {
"Mode": "remote"
}
},
"TransparentProxy": true
}
`,
expect: &api.ProxyConfigEntry{
@ -257,6 +261,7 @@ func TestParseConfigEntry(t *testing.T) {
MeshGateway: api.MeshGatewayConfig{
Mode: api.MeshGatewayModeRemote,
},
TransparentProxy: true,
},
expectJSON: &api.ProxyConfigEntry{
Kind: "proxy-defaults",
@ -275,6 +280,7 @@ func TestParseConfigEntry(t *testing.T) {
MeshGateway: api.MeshGatewayConfig{
Mode: api.MeshGatewayModeRemote,
},
TransparentProxy: true,
},
},
{
@ -436,6 +442,7 @@ func TestParseConfigEntry(t *testing.T) {
mesh_gateway {
mode = "remote"
}
transparent_proxy = true
connect {
upstream_configs {
"redis" {
@ -479,6 +486,7 @@ func TestParseConfigEntry(t *testing.T) {
MeshGateway {
Mode = "remote"
}
TransparentProxy = true
connect = {
upstream_configs = {
"redis" = {
@ -523,6 +531,7 @@ func TestParseConfigEntry(t *testing.T) {
"mesh_gateway": {
"mode": "remote"
},
"transparent_proxy": true,
"connect": {
"upstream_configs": {
"redis": {
@ -568,6 +577,7 @@ func TestParseConfigEntry(t *testing.T) {
"MeshGateway": {
"Mode": "remote"
},
"TransparentProxy": true,
"Connect": {
"UpstreamConfigs": {
"redis": {
@ -612,6 +622,7 @@ func TestParseConfigEntry(t *testing.T) {
MeshGateway: api.MeshGatewayConfig{
Mode: api.MeshGatewayModeRemote,
},
TransparentProxy: true,
Connect: api.ConnectConfiguration{
UpstreamConfigs: map[string]api.UpstreamConfig{
"redis": {

4
proto/pbservice/service.gen.go
View File

@ -14,6 +14,7 @@ func ConnectProxyConfigToStructs(s ConnectProxyConfig) structs.ConnectProxyConfi
t.Upstreams = UpstreamsToStructs(s.Upstreams)
t.MeshGateway = MeshGatewayConfigToStructs(s.MeshGateway)
t.Expose = ExposeConfigToStructs(s.Expose)
t.TransparentProxy = s.TransparentProxy
return t
}
func NewConnectProxyConfigFromStructs(t structs.ConnectProxyConfig) ConnectProxyConfig {
@ -26,6 +27,7 @@ func NewConnectProxyConfigFromStructs(t structs.ConnectProxyConfig) ConnectProxy
s.Upstreams = NewUpstreamsFromStructs(t.Upstreams)
s.MeshGateway = NewMeshGatewayConfigFromStructs(t.MeshGateway)
s.Expose = NewExposeConfigFromStructs(t.Expose)
s.TransparentProxy = t.TransparentProxy
return s
}
func ExposeConfigToStructs(s ExposeConfig) structs.ExposeConfig {
@ -130,6 +132,7 @@ func UpstreamToStructs(s Upstream) structs.Upstream {
t.LocalBindPort = int(s.LocalBindPort)
t.Config = ProtobufTypesStructToMapStringInterface(s.Config)
t.MeshGateway = MeshGatewayConfigToStructs(s.MeshGateway)
t.CentrallyConfigured = s.CentrallyConfigured
return t
}
func NewUpstreamFromStructs(t structs.Upstream) Upstream {
@ -142,5 +145,6 @@ func NewUpstreamFromStructs(t structs.Upstream) Upstream {
s.LocalBindPort = int32(t.LocalBindPort)
s.Config = MapStringInterfaceToProtobufTypesStruct(t.Config)
s.MeshGateway = NewMeshGatewayConfigFromStructs(t.MeshGateway)
s.CentrallyConfigured = t.CentrallyConfigured
return s
}

206
proto/pbservice/service.pb.go
View File

@ -71,6 +71,9 @@ type ConnectProxyConfig struct {
MeshGateway MeshGatewayConfig `protobuf:"bytes,7,opt,name=MeshGateway,proto3" json:"MeshGateway"`
// Expose defines whether checks or paths are exposed through the proxy
Expose ExposeConfig `protobuf:"bytes,8,opt,name=Expose,proto3" json:"Expose"`
// TransparentProxy enables configuring the service mesh as if all inbound
// and outbound traffic is being redirected to this proxy
TransparentProxy bool `protobuf:"varint,9,opt,name=TransparentProxy,proto3" json:"TransparentProxy,omitempty"`
}
func (m *ConnectProxyConfig) Reset() { *m = ConnectProxyConfig{} }
@ -146,6 +149,9 @@ type Upstream struct {
Config *types.Struct `protobuf:"bytes,7,opt,name=Config,proto3" json:"Config,omitempty"`
// MeshGateway is the configuration for mesh gateway usage of this upstream
MeshGateway MeshGatewayConfig `protobuf:"bytes,8,opt,name=MeshGateway,proto3" json:"MeshGateway"`
// CentrallyConfigured indicates whether the upstream was defined in a proxy
// instance registration or whether it was generated from a config entry.
CentrallyConfigured bool `protobuf:"varint,9,opt,name=CentrallyConfigured,proto3" json:"CentrallyConfigured,omitempty"`
}
func (m *Upstream) Reset() { *m = Upstream{} }
@ -556,73 +562,75 @@ func init() {
func init() { proto.RegisterFile("proto/pbservice/service.proto", fileDescriptor_cbb99233b75fb80b) }
var fileDescriptor_cbb99233b75fb80b = []byte{
// 1048 bytes of a gzipped FileDescriptorProto
// 1083 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0x1b, 0x45,
0x14, 0xf6, 0xfa, 0x27, 0xb6, 0x4f, 0x42, 0x7e, 0xa6, 0x26, 0x2c, 0xa1, 0x75, 0xcc, 0x0a, 0x21,
0x0b, 0x22, 0xbb, 0x4d, 0x54, 0x4a, 0x2b, 0x15, 0x89, 0xc4, 0x01, 0x55, 0xd4, 0xc5, 0x6c, 0x8c,
0x2a, 0x90, 0xb8, 0x18, 0xaf, 0x27, 0xeb, 0x55, 0xec, 0x1d, 0x6b, 0x67, 0x1c, 0xea, 0xcb, 0xbe,
0x01, 0x97, 0x3c, 0x06, 0x8f, 0x11, 0x89, 0x9b, 0x5e, 0x72, 0x15, 0x41, 0xf2, 0x16, 0xbd, 0x42,
0x73, 0x76, 0x76, 0xb3, 0xde, 0x35, 0x11, 0x70, 0xe5, 0x99, 0xf3, 0x9d, 0xf3, 0x9d, 0xdd, 0xf3,
0x7d, 0x33, 0x6b, 0xb8, 0x37, 0x0d, 0xb8, 0xe4, 0xed, 0xe9, 0x40, 0xb0, 0xe0, 0xdc, 0x73, 0x58,
0x5b, 0xff, 0xb6, 0x30, 0x4e, 0xaa, 0x31, 0xb0, 0x73, 0xd7, 0xe5, 0xdc, 0x1d, 0xb3, 0x36, 0x02,
0x83, 0xd9, 0x69, 0x5b, 0xc8, 0x60, 0xe6, 0xc8, 0x30, 0x71, 0xe7, 0x83, 0x88, 0xc7, 0xe1, 0x93,
0x09, 0xf7, 0xdb, 0xe1, 0x8f, 0x06, 0x3f, 0x4c, 0x37, 0x19, 0x31, 0x3a, 0x96, 0x23, 0x67, 0xc4,
0x9c, 0x33, 0x9d, 0x52, 0x73, 0xb9, 0xcb, 0xc3, 0x34, 0xb5, 0x0a, 0xa3, 0xd6, 0xef, 0x05, 0x20,
0x47, 0xdc, 0xf7, 0x99, 0x23, 0x7b, 0x01, 0x7f, 0x35, 0x3f, 0xe2, 0xfe, 0xa9, 0xe7, 0x92, 0xcf,
0x60, 0xbb, 0xc3, 0x84, 0xf4, 0x7c, 0x2a, 0x3d, 0xee, 0x9f, 0x84, 0xa4, 0x2f, 0xe8, 0x84, 0x99,
0x46, 0xc3, 0x68, 0x56, 0xed, 0x7f, 0x40, 0xc9, 0x3e, 0xd4, 0xb2, 0xc8, 0xb3, 0x8e, 0x99, 0xc7,
0xaa, 0xa5, 0x18, 0xb9, 0x0f, 0x77, 0x9e, 0x73, 0x87, 0x8e, 0x75, 0xe4, 0xcb, 0xe1, 0x30, 0x60,
0x42, 0x98, 0x05, 0x2c, 0x59, 0x06, 0x91, 0x4f, 0x60, 0x33, 0x19, 0xee, 0xf1, 0x40, 0x9a, 0xc5,
0x86, 0xd1, 0x2c, 0xd9, 0x99, 0x38, 0x79, 0x08, 0x2b, 0xe1, 0x3b, 0x99, 0xa5, 0x86, 0xd1, 0x5c,
0xdd, 0x7f, 0xaf, 0x15, 0x4e, 0xb9, 0x15, 0x4d, 0xb9, 0x75, 0x82, 0x53, 0x3e, 0x2c, 0x5e, 0x5c,
0xee, 0x1a, 0xb6, 0x4e, 0x26, 0x8f, 0xa0, 0xfa, 0xfd, 0x54, 0xc8, 0x80, 0xd1, 0x89, 0x30, 0x57,
0x1a, 0x85, 0xe6, 0xea, 0xfe, 0x9d, 0x56, 0x3c, 0xde, 0x56, 0x84, 0x61, 0x55, 0xce, 0xbe, 0xc9,
0x25, 0x1d, 0x58, 0xed, 0x32, 0x31, 0xfa, 0x9a, 0x4a, 0xf6, 0x33, 0x9d, 0x9b, 0x65, 0x6c, 0x7a,
0x37, 0x51, 0x9a, 0x40, 0xc3, 0x5e, 0x9a, 0x23, 0x59, 0xa6, 0x9e, 0xfa, 0xf8, 0xd5, 0x94, 0x0b,
0x66, 0x56, 0xf4, 0x53, 0xdf, 0x10, 0x84, 0xc0, 0x42, 0xad, 0x4e, 0xb6, 0x5e, 0x17, 0xa0, 0x12,
0x3d, 0x0a, 0x69, 0xc2, 0x46, 0x62, 0xde, 0xfd, 0xf9, 0x34, 0x12, 0x2f, 0x1d, 0x4e, 0xa9, 0xa6,
0x84, 0x14, 0x53, 0xea, 0xb0, 0x25, 0xaa, 0xc5, 0x58, 0x8a, 0x1d, 0xad, 0x51, 0xc8, 0xb0, 0xa3,
0x27, 0xea, 0x00, 0x1d, 0x2a, 0xa9, 0xc3, 0x7c, 0xc9, 0x02, 0xd4, 0xa9, 0x6a, 0x27, 0x22, 0xb1,
0x9a, 0x87, 0x9e, 0x3f, 0x8c, 0xc4, 0x2f, 0x61, 0x56, 0x26, 0x4e, 0x3e, 0x82, 0x77, 0xe2, 0x18,
0xca, 0xbe, 0x82, 0xb2, 0x2f, 0x06, 0x13, 0x9a, 0x97, 0xff, 0x8b, 0xe6, 0x29, 0xe9, 0x2a, 0xff,
0x4b, 0x3a, 0xcb, 0x87, 0x75, 0xed, 0x3f, 0x7d, 0xae, 0xc8, 0x36, 0xac, 0xbc, 0xa0, 0xd2, 0x3b,
0x0f, 0xe7, 0x5f, 0xb1, 0xf5, 0x8e, 0x74, 0x60, 0xfd, 0xc4, 0x1b, 0x32, 0x87, 0x06, 0xba, 0x00,
0x27, 0xb8, 0xd8, 0x52, 0x23, 0x1d, 0x76, 0xea, 0xf9, 0x9e, 0x1a, 0xa9, 0x9d, 0xaa, 0xb1, 0x7e,
0x80, 0xb5, 0xa4, 0x23, 0x54, 0xb7, 0x23, 0x75, 0xec, 0x45, 0xd4, 0x2d, 0xdc, 0x91, 0x07, 0x50,
0xea, 0x51, 0x39, 0x12, 0x66, 0x1e, 0xdd, 0xfc, 0x6e, 0xc6, 0x51, 0x0a, 0xd5, 0x2f, 0x14, 0x66,
0x5a, 0xbf, 0x19, 0x00, 0x37, 0x18, 0xb1, 0x60, 0xed, 0xb9, 0x27, 0x24, 0xf3, 0x59, 0x80, 0xb3,
0x37, 0x70, 0xf6, 0x0b, 0x31, 0x42, 0xa0, 0xa8, 0x72, 0xb5, 0x75, 0x70, 0x1d, 0x8b, 0xa6, 0x36,
0x58, 0x58, 0x48, 0x88, 0x16, 0x05, 0xc9, 0x0e, 0x54, 0x7a, 0x4a, 0x1e, 0x87, 0x8f, 0xb5, 0x49,
0xe2, 0xbd, 0x32, 0x5b, 0x8f, 0x06, 0x82, 0x0d, 0xbf, 0x0a, 0xf8, 0x04, 0xdf, 0x07, 0x1d, 0x52,
0xb1, 0xd3, 0x61, 0xeb, 0x14, 0xb6, 0x32, 0x2a, 0x91, 0xef, 0xa0, 0xd8, 0xe5, 0x43, 0x6d, 0xff,
0xc3, 0xa7, 0x6f, 0x2f, 0x77, 0x1f, 0xbb, 0x9e, 0x1c, 0xcd, 0x06, 0x2d, 0x87, 0x4f, 0xda, 0x23,
0x2a, 0x46, 0x9e, 0xc3, 0x83, 0x69, 0xdb, 0xe1, 0xbe, 0x98, 0x8d, 0xdb, 0xd4, 0x65, 0xbe, 0xd4,
0x97, 0xaf, 0x48, 0x8a, 0xae, 0x48, 0x6c, 0xa4, 0xb2, 0x5e, 0x97, 0x61, 0x2b, 0xa3, 0x0d, 0xe9,
0x42, 0xf1, 0x1b, 0xcf, 0x1f, 0xea, 0x46, 0x8f, 0xdf, 0x5e, 0xee, 0x3e, 0xfc, 0xf7, 0x8d, 0x34,
0x9d, 0x22, 0xb0, 0x91, 0x86, 0xac, 0x43, 0x3e, 0xbe, 0x3b, 0xf3, 0xcf, 0x3a, 0x6a, 0xb8, 0x89,
0x83, 0x86, 0x6b, 0x15, 0xeb, 0x53, 0x57, 0x98, 0xc5, 0x46, 0x41, 0xc5, 0xd4, 0x9a, 0x98, 0x50,
0x5e, 0x3c, 0x48, 0xd1, 0x96, 0x50, 0xd8, 0xe8, 0x53, 0xd7, 0x65, 0xd1, 0x81, 0x62, 0xc2, 0xdc,
0x44, 0x3b, 0x3c, 0xb8, 0xcd, 0x73, 0xad, 0x54, 0xcd, 0xb1, 0x2f, 0x83, 0xb9, 0xb6, 0x4a, 0x9a,
0x8f, 0x3c, 0x81, 0x62, 0x97, 0x49, 0xaa, 0x2f, 0xcd, 0x8f, 0x6f, 0xe5, 0x55, 0x89, 0x48, 0x66,
0x63, 0x0d, 0xba, 0x47, 0x19, 0xa4, 0x8c, 0x06, 0xc1, 0x35, 0xb9, 0x0f, 0xa5, 0x50, 0xf1, 0xf0,
0x3c, 0xd6, 0x12, 0x84, 0x18, 0x57, 0x37, 0x58, 0x64, 0x5b, 0x0c, 0x90, 0xbd, 0xf8, 0x04, 0x54,
0xf1, 0x19, 0x96, 0x96, 0xc4, 0xe7, 0x62, 0x0f, 0xca, 0x2f, 0x99, 0xe7, 0x8e, 0xa4, 0x30, 0x01,
0x3b, 0x90, 0x44, 0xba, 0x46, 0xec, 0x28, 0x85, 0xd4, 0xa0, 0xd4, 0xe7, 0x67, 0xcc, 0x37, 0x57,
0x71, 0xb0, 0xe1, 0x86, 0xec, 0xc1, 0xd6, 0xb1, 0x4f, 0x07, 0x63, 0xd6, 0xa7, 0xee, 0xb7, 0xe7,
0x2c, 0x08, 0xbc, 0x21, 0x33, 0xd7, 0xd0, 0xa1, 0x59, 0x80, 0x1c, 0x40, 0x09, 0xbf, 0xb5, 0xe6,
0x3a, 0xf6, 0xbb, 0x97, 0x7c, 0xbc, 0xcc, 0xa7, 0xd8, 0x0e, 0x73, 0xd5, 0x65, 0x71, 0xac, 0xae,
0xcb, 0x69, 0xe0, 0x09, 0x86, 0x03, 0xde, 0xc2, 0xea, 0xed, 0x96, 0xfe, 0x23, 0xb0, 0x88, 0xea,
0x89, 0xa4, 0x6a, 0xc8, 0x01, 0x94, 0x75, 0x0b, 0x73, 0x03, 0xcb, 0xdf, 0xcf, 0xea, 0xa3, 0x13,
0xec, 0x28, 0x73, 0xe7, 0x27, 0xa8, 0x2d, 0x33, 0x00, 0xd9, 0x84, 0xc2, 0x19, 0x9b, 0xeb, 0x8f,
0x8a, 0x5a, 0x92, 0x36, 0x94, 0xce, 0xe9, 0x78, 0x16, 0x7e, 0x39, 0x96, 0x92, 0x6b, 0x0a, 0x3b,
0xcc, 0x7b, 0x92, 0xff, 0xdc, 0xd8, 0x79, 0x04, 0xd5, 0xd8, 0x07, 0x4b, 0x38, 0x6b, 0x49, 0xce,
0x6a, 0xa2, 0xd0, 0xfa, 0x22, 0xbe, 0x69, 0x23, 0x7b, 0x27, 0x8c, 0x6f, 0x2c, 0x1a, 0x3f, 0x72,
0x56, 0xfe, 0xc6, 0x59, 0xd6, 0xd3, 0x58, 0x79, 0x55, 0xd8, 0xa3, 0x42, 0x78, 0xbe, 0xab, 0x6f,
0xb5, 0x68, 0xab, 0x90, 0x97, 0x34, 0xf0, 0x15, 0x12, 0xd6, 0x46, 0xdb, 0xc3, 0xee, 0xc5, 0x5f,
0xf5, 0xdc, 0xc5, 0x55, 0xdd, 0x78, 0x73, 0x55, 0x37, 0xfe, 0xbc, 0xaa, 0x1b, 0xbf, 0x5c, 0xd7,
0x73, 0xbf, 0x5e, 0xd7, 0x73, 0x6f, 0xae, 0xeb, 0xb9, 0x3f, 0xae, 0xeb, 0xb9, 0x1f, 0x3f, 0xbd,
0xed, 0xf0, 0xa7, 0xfe, 0xb1, 0x0d, 0x56, 0x30, 0x70, 0xf0, 0x77, 0x00, 0x00, 0x00, 0xff, 0xff,
0x62, 0x98, 0x42, 0xf5, 0x30, 0x0a, 0x00, 0x00,
0x14, 0xf6, 0xfa, 0x27, 0xb6, 0x4f, 0x42, 0x7e, 0x26, 0x26, 0x2c, 0xa1, 0x75, 0x8c, 0x85, 0x90,
0x05, 0x91, 0x9d, 0x26, 0x2a, 0xa5, 0x95, 0x8a, 0x44, 0xe2, 0x80, 0x2a, 0x9a, 0x62, 0x36, 0x46,
0x15, 0x48, 0x5c, 0x4c, 0xd6, 0x93, 0xf5, 0x2a, 0xf6, 0x8c, 0x35, 0x33, 0x0e, 0xcd, 0x25, 0x6f,
0xc0, 0x25, 0x8f, 0x81, 0xc4, 0x4b, 0xe4, 0xb2, 0x97, 0x5c, 0x45, 0x90, 0x3c, 0x04, 0x52, 0xaf,
0xd0, 0xfc, 0xec, 0x66, 0xbd, 0x6b, 0x22, 0xe0, 0xca, 0x33, 0xe7, 0x3b, 0x3f, 0xe3, 0xf3, 0x7d,
0xe7, 0xd8, 0x70, 0x7f, 0xc2, 0x99, 0x64, 0x9d, 0xc9, 0x89, 0x20, 0xfc, 0x3c, 0xf4, 0x49, 0xc7,
0x7e, 0xb6, 0xb5, 0x1d, 0x55, 0x63, 0x60, 0xf3, 0x5e, 0xc0, 0x58, 0x30, 0x22, 0x1d, 0x0d, 0x9c,
0x4c, 0x4f, 0x3b, 0x42, 0xf2, 0xa9, 0x2f, 0x8d, 0xe3, 0xe6, 0x7b, 0x51, 0x1e, 0x9f, 0x8d, 0xc7,
0x8c, 0x76, 0xcc, 0x87, 0x05, 0xdf, 0x4f, 0x17, 0x19, 0x12, 0x3c, 0x92, 0x43, 0x7f, 0x48, 0xfc,
0x33, 0xeb, 0x52, 0x0b, 0x58, 0xc0, 0x8c, 0x9b, 0x3a, 0x19, 0x6b, 0xf3, 0xaf, 0x02, 0xa0, 0x03,
0x46, 0x29, 0xf1, 0x65, 0x8f, 0xb3, 0x57, 0x17, 0x07, 0x8c, 0x9e, 0x86, 0x01, 0xfa, 0x04, 0x36,
0xba, 0x44, 0xc8, 0x90, 0x62, 0x19, 0x32, 0x7a, 0x6c, 0x92, 0xbe, 0xc0, 0x63, 0xe2, 0x3a, 0x0d,
0xa7, 0x55, 0xf5, 0xfe, 0x01, 0x45, 0xbb, 0x50, 0xcb, 0x22, 0xcf, 0xba, 0x6e, 0x5e, 0x47, 0xcd,
0xc5, 0xd0, 0x0e, 0xac, 0x3f, 0x67, 0x3e, 0x1e, 0x59, 0xcb, 0xe7, 0x83, 0x01, 0x27, 0x42, 0xb8,
0x05, 0x1d, 0x32, 0x0f, 0x42, 0x1f, 0xc1, 0x6a, 0xd2, 0xdc, 0x63, 0x5c, 0xba, 0xc5, 0x86, 0xd3,
0x2a, 0x79, 0x19, 0x3b, 0x7a, 0x08, 0x0b, 0xe6, 0x3b, 0xb9, 0xa5, 0x86, 0xd3, 0x5a, 0xdc, 0x7d,
0xa7, 0x6d, 0xba, 0xdc, 0x8e, 0xba, 0xdc, 0x3e, 0xd6, 0x5d, 0xde, 0x2f, 0x5e, 0x5e, 0x6d, 0x39,
0x9e, 0x75, 0x46, 0x8f, 0xa0, 0xfa, 0xed, 0x44, 0x48, 0x4e, 0xf0, 0x58, 0xb8, 0x0b, 0x8d, 0x42,
0x6b, 0x71, 0x77, 0xbd, 0x1d, 0xb7, 0xb7, 0x1d, 0x61, 0x3a, 0x2a, 0xe7, 0xdd, 0xfa, 0xa2, 0x2e,
0x2c, 0x1e, 0x11, 0x31, 0xfc, 0x12, 0x4b, 0xf2, 0x23, 0xbe, 0x70, 0xcb, 0xba, 0xe8, 0xbd, 0x44,
0x68, 0x02, 0x35, 0xb5, 0x6c, 0x8e, 0x64, 0x98, 0x7a, 0xf5, 0xe1, 0xab, 0x09, 0x13, 0xc4, 0xad,
0xd8, 0x57, 0xdf, 0x26, 0x30, 0xc0, 0x4c, 0xac, 0x75, 0x56, 0x8d, 0xe9, 0x73, 0x4c, 0xc5, 0x04,
0x73, 0x42, 0x0d, 0xa1, 0x6e, 0xb5, 0xe1, 0xb4, 0x2a, 0x5e, 0xc6, 0xde, 0xfc, 0xad, 0x00, 0x95,
0xe8, 0xd9, 0xa8, 0x05, 0x2b, 0x09, 0x6e, 0xfa, 0x17, 0x93, 0x88, 0xe8, 0xb4, 0x39, 0xc5, 0xb0,
0x22, 0x5d, 0x4c, 0xb0, 0x4f, 0xe6, 0x30, 0x1c, 0x63, 0xa9, 0xec, 0x5a, 0x46, 0x85, 0x4c, 0x76,
0xad, 0x9f, 0x3a, 0x40, 0x17, 0x4b, 0xec, 0x13, 0x2a, 0x09, 0xd7, 0x9c, 0x56, 0xbd, 0x84, 0x25,
0x66, 0x7e, 0x3f, 0xa4, 0x83, 0x48, 0x28, 0x25, 0xed, 0x95, 0xb1, 0xa3, 0x0f, 0xe0, 0xad, 0xd8,
0xa6, 0x25, 0xb2, 0xa0, 0x25, 0x32, 0x6b, 0x4c, 0xe8, 0xa3, 0xfc, 0x5f, 0xf4, 0x91, 0xa2, 0xb9,
0xf2, 0xff, 0x68, 0xde, 0x81, 0xf5, 0x03, 0x42, 0x25, 0xc7, 0xa3, 0x91, 0xf5, 0x9a, 0x72, 0x32,
0xb0, 0x94, 0xcd, 0x83, 0x9a, 0x14, 0x96, 0xad, 0xba, 0xed, 0xd4, 0xa2, 0x0d, 0x58, 0x78, 0x81,
0x65, 0x78, 0x6e, 0x18, 0xab, 0x78, 0xf6, 0x86, 0xba, 0xb0, 0x7c, 0x1c, 0x0e, 0x88, 0x8f, 0xb9,
0x0d, 0xd0, 0x3d, 0x9f, 0x7d, 0xa4, 0x45, 0xba, 0xe4, 0x34, 0xa4, 0xa1, 0x22, 0xc1, 0x4b, 0xc5,
0x34, 0xbf, 0x83, 0xa5, 0xa4, 0xde, 0x54, 0xb5, 0x03, 0xb5, 0x54, 0x44, 0x54, 0xcd, 0xdc, 0xd0,
0x03, 0x28, 0xf5, 0xb0, 0x1c, 0x0a, 0x37, 0xaf, 0x67, 0xe5, 0xed, 0x8c, 0x5e, 0x15, 0x6a, 0x5b,
0x60, 0x3c, 0x9b, 0xbf, 0x3a, 0x00, 0xb7, 0x18, 0x6a, 0xc2, 0xd2, 0xf3, 0x50, 0x48, 0x42, 0x09,
0xd7, 0x6c, 0x39, 0x9a, 0xad, 0x19, 0x1b, 0x42, 0x50, 0x54, 0xbe, 0x56, 0x6c, 0xfa, 0x1c, 0xd3,
0xac, 0x2e, 0x3a, 0xb0, 0x90, 0xa0, 0x39, 0x32, 0xa2, 0x4d, 0xa8, 0xf4, 0x14, 0xa1, 0x3e, 0x1b,
0x59, 0x59, 0xc5, 0x77, 0x25, 0xcf, 0x1e, 0xe6, 0x82, 0x0c, 0xbe, 0xe0, 0x6c, 0xac, 0xbf, 0x8f,
0xd6, 0x54, 0xc5, 0x4b, 0x9b, 0x9b, 0xa7, 0xb0, 0x96, 0xe1, 0x15, 0x7d, 0x03, 0xc5, 0x23, 0x36,
0xb0, 0x03, 0xb3, 0xff, 0xf4, 0xcd, 0xd5, 0xd6, 0xe3, 0x20, 0x94, 0xc3, 0xe9, 0x49, 0xdb, 0x67,
0xe3, 0xce, 0x10, 0x8b, 0x61, 0xe8, 0x33, 0x3e, 0xe9, 0xf8, 0x8c, 0x8a, 0xe9, 0xa8, 0x83, 0x03,
0x42, 0xa5, 0x5d, 0xed, 0x22, 0x29, 0x13, 0x95, 0xc4, 0xd3, 0xa9, 0x9a, 0x3f, 0x95, 0x61, 0x2d,
0xc3, 0x0d, 0x3a, 0x82, 0xe2, 0x57, 0x21, 0x1d, 0xd8, 0x42, 0x8f, 0xdf, 0x5c, 0x6d, 0x3d, 0xfc,
0xf7, 0x85, 0x6c, 0x3a, 0x95, 0xc0, 0xd3, 0x69, 0xd0, 0x32, 0xe4, 0xe3, 0xcd, 0x9c, 0x7f, 0xd6,
0x55, 0xcd, 0x4d, 0x8c, 0xa6, 0x3e, 0x2b, 0x5b, 0x1f, 0x07, 0xc2, 0x2d, 0x36, 0x0a, 0xca, 0xa6,
0xce, 0xc8, 0x85, 0xf2, 0xec, 0xe8, 0x45, 0x57, 0x84, 0x61, 0xa5, 0x8f, 0x83, 0x80, 0x44, 0x23,
0x48, 0x84, 0xbb, 0xaa, 0xe5, 0xf0, 0xe0, 0x2e, 0xcd, 0xb5, 0x53, 0x31, 0x87, 0x54, 0xf2, 0x0b,
0x2b, 0x95, 0x74, 0x3e, 0xf4, 0x04, 0x8a, 0x47, 0x44, 0x62, 0xbb, 0x92, 0x3f, 0xbc, 0x33, 0xaf,
0x72, 0xd4, 0xc9, 0x3c, 0x1d, 0xa3, 0xd5, 0xa3, 0x04, 0x52, 0xd6, 0x02, 0xd1, 0x67, 0xb4, 0x03,
0x25, 0xc3, 0xb8, 0x99, 0xe0, 0x5a, 0x22, 0xa1, 0xb6, 0xab, 0x9d, 0x17, 0xc9, 0x56, 0x1b, 0xd0,
0x76, 0x3c, 0x01, 0x55, 0xfd, 0x86, 0xb9, 0x21, 0xf1, 0x5c, 0x6c, 0x43, 0xf9, 0x25, 0x09, 0x83,
0xa1, 0x14, 0x2e, 0xe8, 0x0a, 0x28, 0xe1, 0x6e, 0x11, 0x2f, 0x72, 0x41, 0x35, 0x28, 0xf5, 0xd9,
0x19, 0xa1, 0xee, 0xa2, 0x6e, 0xac, 0xb9, 0xa0, 0x6d, 0x58, 0x3b, 0xa4, 0xf8, 0x64, 0x44, 0xfa,
0x38, 0xf8, 0xfa, 0x9c, 0x70, 0x1e, 0x0e, 0x88, 0xbb, 0xa4, 0x15, 0x9a, 0x05, 0xd0, 0x1e, 0x94,
0xcc, 0xe2, 0x5f, 0xd6, 0xf5, 0xee, 0x27, 0x9f, 0x97, 0xf9, 0xa1, 0xf7, 0x8c, 0xaf, 0x5a, 0x16,
0x87, 0x6a, 0xc1, 0x4e, 0x78, 0x28, 0x88, 0x6e, 0xf0, 0x9a, 0x8e, 0xde, 0x68, 0xdb, 0xbf, 0x19,
0xb3, 0xa8, 0xed, 0x48, 0x2a, 0x06, 0xed, 0x41, 0xd9, 0x96, 0x70, 0x57, 0x74, 0xf8, 0xbb, 0x59,
0x7e, 0xac, 0x83, 0x17, 0x79, 0x6e, 0xfe, 0x00, 0xb5, 0x79, 0x02, 0x40, 0xab, 0x50, 0x38, 0x23,
0x17, 0xf6, 0x67, 0x48, 0x1d, 0x51, 0x07, 0x4a, 0xe7, 0x78, 0x34, 0x35, 0xbf, 0x35, 0x73, 0x93,
0xdb, 0x14, 0x9e, 0xf1, 0x7b, 0x92, 0xff, 0xd4, 0xd9, 0x7c, 0x04, 0xd5, 0x58, 0x07, 0x73, 0x72,
0xd6, 0x92, 0x39, 0xab, 0x89, 0xc0, 0xe6, 0x67, 0xf1, 0xa6, 0x8d, 0xe4, 0x9d, 0x10, 0xbe, 0x33,
0x2b, 0xfc, 0x48, 0x59, 0xf9, 0x5b, 0x65, 0x35, 0x9f, 0xc6, 0xcc, 0xab, 0xc0, 0x1e, 0x16, 0x22,
0xa4, 0x81, 0xdd, 0x6a, 0xd1, 0x55, 0x21, 0x2f, 0x31, 0xa7, 0x0a, 0x31, 0xb1, 0xd1, 0x75, 0xff,
0xe8, 0xf2, 0xcf, 0x7a, 0xee, 0xf2, 0xba, 0xee, 0xbc, 0xbe, 0xae, 0x3b, 0x7f, 0x5c, 0xd7, 0x9d,
0x9f, 0x6f, 0xea, 0xb9, 0x5f, 0x6e, 0xea, 0xb9, 0xd7, 0x37, 0xf5, 0xdc, 0xef, 0x37, 0xf5, 0xdc,
0xf7, 0x1f, 0xdf, 0x35, 0xfc, 0xa9, 0xff, 0x83, 0x27, 0x0b, 0xda, 0xb0, 0xf7, 0x77, 0x00, 0x00,
0x00, 0xff, 0xff, 0x79, 0x3a, 0x36, 0x1b, 0x8e, 0x0a, 0x00, 0x00,
}
func (m *ConnectProxyConfig) Marshal() (dAtA []byte, err error) {
@ -645,6 +653,16 @@ func (m *ConnectProxyConfig) MarshalToSizedBuffer(dAtA []byte) (int, error) {
_ = i
var l int
_ = l
if m.TransparentProxy {
i--
if m.TransparentProxy {
dAtA[i] = 1
} else {
dAtA[i] = 0
}
i--
dAtA[i] = 0x48
}
{
size, err := m.Expose.MarshalToSizedBuffer(dAtA[:i])
if err != nil {
@ -740,6 +758,16 @@ func (m *Upstream) MarshalToSizedBuffer(dAtA []byte) (int, error) {
_ = i
var l int
_ = l
if m.CentrallyConfigured {
i--
if m.CentrallyConfigured {
dAtA[i] = 1
} else {
dAtA[i] = 0
}
i--
dAtA[i] = 0x48
}
{
size, err := m.MeshGateway.MarshalToSizedBuffer(dAtA[:i])
if err != nil {
@ -1297,6 +1325,9 @@ func (m *ConnectProxyConfig) Size() (n int) {
n += 1 + l + sovService(uint64(l))
l = m.Expose.Size()
n += 1 + l + sovService(uint64(l))
if m.TransparentProxy {
n += 2
}
return n
}
@ -1335,6 +1366,9 @@ func (m *Upstream) Size() (n int) {
}
l = m.MeshGateway.Size()
n += 1 + l + sovService(uint64(l))
if m.CentrallyConfigured {
n += 2
}
return n
}
@ -1808,6 +1842,26 @@ func (m *ConnectProxyConfig) Unmarshal(dAtA []byte) error {
return err
}
iNdEx = postIndex
case 9:
if wireType != 0 {
return fmt.Errorf("proto: wrong wireType = %d for field TransparentProxy", wireType)
}
var v int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowService
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
v |= int(b&0x7F) << shift
if b < 0x80 {
break
}
}
m.TransparentProxy = bool(v != 0)
default:
iNdEx = preIndex
skippy, err := skipService(dAtA[iNdEx:])
@ -2109,6 +2163,26 @@ func (m *Upstream) Unmarshal(dAtA []byte) error {
return err
}
iNdEx = postIndex
case 9:
if wireType != 0 {
return fmt.Errorf("proto: wrong wireType = %d for field CentrallyConfigured", wireType)
}
var v int
for shift := uint(0); ; shift += 7 {
if shift >= 64 {
return ErrIntOverflowService
}
if iNdEx >= l {
return io.ErrUnexpectedEOF
}
b := dAtA[iNdEx]
iNdEx++
v |= int(b&0x7F) << shift
if b < 0x80 {
break
}
}
m.CentrallyConfigured = bool(v != 0)
default:
iNdEx = preIndex
skippy, err := skipService(dAtA[iNdEx:])

8
proto/pbservice/service.proto
View File

@ -69,6 +69,10 @@ message ConnectProxyConfig {
// Expose defines whether checks or paths are exposed through the proxy
ExposeConfig Expose = 8 [(gogoproto.nullable) = false];
// TransparentProxy enables configuring the service mesh as if all inbound
// and outbound traffic is being redirected to this proxy
bool TransparentProxy = 9;
}
// Upstream represents a single upstream dependency for a service or proxy. It
@ -116,6 +120,10 @@ message Upstream {
// MeshGateway is the configuration for mesh gateway usage of this upstream
MeshGatewayConfig MeshGateway = 8 [(gogoproto.nullable) = false];
// CentrallyConfigured indicates whether the upstream was defined in a proxy
// instance registration or whether it was generated from a config entry.
bool CentrallyConfigured = 9;
}
// ServiceConnect are the shared Connect settings between all service