diff --git a/agent/agent.go b/agent/agent.go index 8fee06587d..eed01ca5d0 100644 --- a/agent/agent.go +++ b/agent/agent.go @@ -824,7 +824,6 @@ func (a *Agent) listenAndServeGRPC() error { return a.delegate.ResolveTokenAndDefaultMeta(id, nil, nil) }, a, - a, ) a.xdsServer.Register(a.publicGRPCServer) diff --git a/agent/proxycfg/testing_connect_proxy.go b/agent/proxycfg/testing_connect_proxy.go index 2e34e7d352..297208c8bd 100644 --- a/agent/proxycfg/testing_connect_proxy.go +++ b/agent/proxycfg/testing_connect_proxy.go @@ -1,12 +1,15 @@ package proxycfg import ( + "time" + "github.com/mitchellh/go-testing-interface" "github.com/stretchr/testify/assert" "github.com/hashicorp/consul/agent/connect" "github.com/hashicorp/consul/agent/consul/discoverychain" "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/consul/types" ) // TestConfigSnapshot returns a fully populated snapshot @@ -222,6 +225,33 @@ func TestConfigSnapshotExposeConfig(t testing.T, nsFn func(ns *structs.NodeServi }, nsFn, nil, baseEvents) } +func TestConfigSnapshotExposeChecks(t testing.T) *ConfigSnapshot { + return TestConfigSnapshot(t, + func(ns *structs.NodeService) { + ns.Address = "1.2.3.4" + ns.Port = 8080 + ns.Proxy.Upstreams = nil + ns.Proxy.Expose = structs.ExposeConfig{ + Checks: true, + } + }, + []UpdateEvent{ + { + CorrelationID: svcChecksWatchIDPrefix + structs.ServiceIDString("web", nil), + Result: []structs.CheckType{{ + CheckID: types.CheckID("http"), + Name: "http", + HTTP: "http://127.0.0.1:8181/debug", + ProxyHTTP: "http://:21500/debug", + Method: "GET", + Interval: 10 * time.Second, + Timeout: 1 * time.Second, + }}, + }, + }, + ) +} + func TestConfigSnapshotGRPCExposeHTTP1(t testing.T) *ConfigSnapshot { roots, leaf := TestCerts(t) diff --git a/agent/xds/clusters.go b/agent/xds/clusters.go index ae586a540e..7adaf7cf32 100644 --- a/agent/xds/clusters.go +++ b/agent/xds/clusters.go @@ -146,7 +146,7 @@ func (s *ResourceGenerator) clustersFromSnapshotConnectProxy(cfgSnap *proxycfg.C // Add service health checks to the list of paths to create clusters for if needed if cfgSnap.Proxy.Expose.Checks { psid := structs.NewServiceID(cfgSnap.Proxy.DestinationServiceID, &cfgSnap.ProxyID.EnterpriseMeta) - for _, check := range s.CheckFetcher.ServiceHTTPBasedChecks(psid) { + for _, check := range cfgSnap.ConnectProxy.WatchedServiceChecks[psid] { p, err := parseCheckPath(check) if err != nil { s.Logger.Warn("failed to create cluster for", "check", check.CheckID, "error", err) diff --git a/agent/xds/clusters_test.go b/agent/xds/clusters_test.go index 7d89dfc1e5..1897d134e0 100644 --- a/agent/xds/clusters_test.go +++ b/agent/xds/clusters_test.go @@ -638,7 +638,7 @@ func TestClustersFromSnapshot(t *testing.T) { setupTLSRootsAndLeaf(t, snap) // Need server just for logger dependency - g := newResourceGenerator(testutil.Logger(t), nil, nil, false) + g := newResourceGenerator(testutil.Logger(t), nil, false) g.ProxyFeatures = sf clusters, err := g.clustersFromSnapshot(snap) diff --git a/agent/xds/delta.go b/agent/xds/delta.go index 3d5326dd9a..cdc6e53d6d 100644 --- a/agent/xds/delta.go +++ b/agent/xds/delta.go @@ -106,7 +106,6 @@ func (s *Server) processDelta(stream ADSDeltaStream, reqCh <-chan *envoy_discove generator := newResourceGenerator( s.Logger.Named(logging.XDS).With("xdsVersion", "v3"), - s.CheckFetcher, s.CfgFetcher, true, ) diff --git a/agent/xds/endpoints_test.go b/agent/xds/endpoints_test.go index ca40d2cdb0..c1e99949d1 100644 --- a/agent/xds/endpoints_test.go +++ b/agent/xds/endpoints_test.go @@ -504,7 +504,7 @@ func TestEndpointsFromSnapshot(t *testing.T) { setupTLSRootsAndLeaf(t, snap) // Need server just for logger dependency - g := newResourceGenerator(testutil.Logger(t), nil, nil, false) + g := newResourceGenerator(testutil.Logger(t), nil, false) g.ProxyFeatures = sf endpoints, err := g.endpointsFromSnapshot(snap) diff --git a/agent/xds/listeners.go b/agent/xds/listeners.go index b3b98d5c22..bcbf28063a 100644 --- a/agent/xds/listeners.go +++ b/agent/xds/listeners.go @@ -398,7 +398,7 @@ func (s *ResourceGenerator) listenersFromSnapshotConnectProxy(cfgSnap *proxycfg. // Add service health checks to the list of paths to create listeners for if needed if cfgSnap.Proxy.Expose.Checks { psid := structs.NewServiceID(cfgSnap.Proxy.DestinationServiceID, &cfgSnap.ProxyID.EnterpriseMeta) - for _, check := range s.CheckFetcher.ServiceHTTPBasedChecks(psid) { + for _, check := range cfgSnap.ConnectProxy.WatchedServiceChecks[psid] { p, err := parseCheckPath(check) if err != nil { s.Logger.Warn("failed to create listener for", "check", check.CheckID, "error", err) diff --git a/agent/xds/listeners_test.go b/agent/xds/listeners_test.go index b43b5c0b27..39d779d215 100644 --- a/agent/xds/listeners_test.go +++ b/agent/xds/listeners_test.go @@ -6,7 +6,6 @@ import ( "sort" "testing" "text/template" - "time" envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3" testinf "github.com/mitchellh/go-testing-interface" @@ -451,33 +450,12 @@ func TestListenersFromSnapshot(t *testing.T) { // NOTE: if IPv6 is not supported in the kernel per // kernelSupportsIPv6() then this test will fail because the golden // files were generated assuming ipv6 support was present - name: "expose-checks", - create: func(t testinf.T) *proxycfg.ConfigSnapshot { - return proxycfg.TestConfigSnapshotExposeConfig(t, func(ns *structs.NodeService) { - ns.Proxy.Expose = structs.ExposeConfig{ - Checks: true, - } - }) - }, + name: "expose-checks", + create: proxycfg.TestConfigSnapshotExposeChecks, generatorSetup: func(s *ResourceGenerator) { s.CfgFetcher = configFetcherFunc(func() string { return "192.0.2.1" }) - - s.CheckFetcher = httpCheckFetcherFunc(func(sid structs.ServiceID) []structs.CheckType { - if sid != structs.NewServiceID("web", nil) { - return nil - } - return []structs.CheckType{{ - CheckID: types.CheckID("http"), - Name: "http", - HTTP: "http://127.0.0.1:8181/debug", - ProxyHTTP: "http://:21500/debug", - Method: "GET", - Interval: 10 * time.Second, - Timeout: 1 * time.Second, - }} - }) }, }, { @@ -838,7 +816,7 @@ func TestListenersFromSnapshot(t *testing.T) { } // Need server just for logger dependency - g := newResourceGenerator(testutil.Logger(t), nil, nil, false) + g := newResourceGenerator(testutil.Logger(t), nil, false) g.ProxyFeatures = sf if tt.generatorSetup != nil { tt.generatorSetup(g) @@ -988,14 +966,6 @@ func customHTTPListenerJSON(t testinf.T, opts customHTTPListenerJSONOptions) str return buf.String() } -type httpCheckFetcherFunc func(serviceID structs.ServiceID) []structs.CheckType - -var _ HTTPCheckFetcher = (httpCheckFetcherFunc)(nil) - -func (f httpCheckFetcherFunc) ServiceHTTPBasedChecks(serviceID structs.ServiceID) []structs.CheckType { - return f(serviceID) -} - type configFetcherFunc func() string var _ ConfigFetcher = (configFetcherFunc)(nil) diff --git a/agent/xds/resources.go b/agent/xds/resources.go index c2bb43b3a3..31a5769ab7 100644 --- a/agent/xds/resources.go +++ b/agent/xds/resources.go @@ -14,7 +14,6 @@ import ( // resources for a single client. type ResourceGenerator struct { Logger hclog.Logger - CheckFetcher HTTPCheckFetcher CfgFetcher ConfigFetcher IncrementalXDS bool @@ -23,13 +22,11 @@ type ResourceGenerator struct { func newResourceGenerator( logger hclog.Logger, - checkFetcher HTTPCheckFetcher, cfgFetcher ConfigFetcher, incrementalXDS bool, ) *ResourceGenerator { return &ResourceGenerator{ Logger: logger, - CheckFetcher: checkFetcher, CfgFetcher: cfgFetcher, IncrementalXDS: incrementalXDS, } diff --git a/agent/xds/routes_test.go b/agent/xds/routes_test.go index 80a75ef1b6..90c699c165 100644 --- a/agent/xds/routes_test.go +++ b/agent/xds/routes_test.go @@ -197,7 +197,7 @@ func TestRoutesFromSnapshot(t *testing.T) { // golden files for every test case and so not be any use! setupTLSRootsAndLeaf(t, snap) - g := newResourceGenerator(testutil.Logger(t), nil, nil, false) + g := newResourceGenerator(testutil.Logger(t), nil, false) g.ProxyFeatures = sf routes, err := g.routesFromSnapshot(snap) diff --git a/agent/xds/server.go b/agent/xds/server.go index a3f7d59136..adbe9a62f7 100644 --- a/agent/xds/server.go +++ b/agent/xds/server.go @@ -85,12 +85,6 @@ const ( // coupling this to the agent. type ACLResolverFunc func(id string) (acl.Authorizer, error) -// HTTPCheckFetcher is the interface the agent needs to expose -// for the xDS server to fetch a service's HTTP check definitions -type HTTPCheckFetcher interface { - ServiceHTTPBasedChecks(serviceID structs.ServiceID) []structs.CheckType -} - // ConfigFetcher is the interface the agent needs to expose // for the xDS server to fetch agent config, currently only one field is fetched type ConfigFetcher interface { @@ -113,7 +107,6 @@ type Server struct { Logger hclog.Logger CfgSrc ProxyConfigSource ResolveToken ACLResolverFunc - CheckFetcher HTTPCheckFetcher CfgFetcher ConfigFetcher // AuthCheckFrequency is how often we should re-check the credentials used @@ -165,7 +158,6 @@ func NewServer( serverlessPluginEnabled bool, cfgMgr ProxyConfigSource, resolveToken ACLResolverFunc, - checkFetcher HTTPCheckFetcher, cfgFetcher ConfigFetcher, ) *Server { return &Server{ @@ -173,7 +165,6 @@ func NewServer( Logger: logger, CfgSrc: cfgMgr, ResolveToken: resolveToken, - CheckFetcher: checkFetcher, CfgFetcher: cfgFetcher, AuthCheckFrequency: DefaultAuthCheckFrequency, activeStreams: &activeStreamCounters{}, diff --git a/agent/xds/serverless_plugin_oss_test.go b/agent/xds/serverless_plugin_oss_test.go index 334905d4a1..0a520c7f0f 100644 --- a/agent/xds/serverless_plugin_oss_test.go +++ b/agent/xds/serverless_plugin_oss_test.go @@ -73,7 +73,7 @@ func TestServerlessPluginFromSnapshot(t *testing.T) { // golden files for every test case and so not be any use! setupTLSRootsAndLeaf(t, snap) - g := newResourceGenerator(testutil.Logger(t), nil, nil, false) + g := newResourceGenerator(testutil.Logger(t), nil, false) g.ProxyFeatures = sf res, err := g.allResourcesFromSnapshot(snap) diff --git a/agent/xds/xds_protocol_helpers_test.go b/agent/xds/xds_protocol_helpers_test.go index 5e56f02698..a27eaba2f2 100644 --- a/agent/xds/xds_protocol_helpers_test.go +++ b/agent/xds/xds_protocol_helpers_test.go @@ -160,7 +160,6 @@ func newTestServerDeltaScenario( serverlessPluginEnabled, mgr, resolveToken, - nil, /*checkFetcher HTTPCheckFetcher*/ nil, /*cfgFetcher ConfigFetcher*/ ) if authCheckFrequency > 0 {