From c0e1751878b684dc554fb995edf5551ec4a32c36 Mon Sep 17 00:00:00 2001 From: freddygv Date: Tue, 14 Apr 2020 15:13:25 -0600 Subject: [PATCH] Allow terminating-gateway to setup listener before servicegroups are known --- agent/proxycfg/snapshot.go | 1 - agent/xds/listeners.go | 14 ++++++++++++++ agent/xds/server.go | 4 ++-- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/agent/proxycfg/snapshot.go b/agent/proxycfg/snapshot.go index a370dec371..6720e5b97d 100644 --- a/agent/proxycfg/snapshot.go +++ b/agent/proxycfg/snapshot.go @@ -2,7 +2,6 @@ package proxycfg import ( "context" - "github.com/hashicorp/consul/agent/structs" "github.com/mitchellh/copystructure" ) diff --git a/agent/xds/listeners.go b/agent/xds/listeners.go index 573a410604..cb8414ac86 100644 --- a/agent/xds/listeners.go +++ b/agent/xds/listeners.go @@ -591,6 +591,20 @@ func (s *Server) makeTerminatingGatewayListener(name, addr string, port int, cfg err = injectConnectFilters(cfgSnap, token, l, false) + // This fallback catch-all filter ensures a listener will be present for health checks to pass + // Envoy will reset these connections since known endpoints are caught by filter chain matches above + tcpProxy, err := makeTCPProxyFilter(name, "", "terminating_gateway_") + if err != nil { + return nil, err + } + fallback := envoylistener.FilterChain{ + Filters: []envoylistener.Filter{ + {Name: "envoy.filters.network.sni_cluster"}, + tcpProxy, + }, + } + l.FilterChains = append(l.FilterChains, fallback) + return l, nil } diff --git a/agent/xds/server.go b/agent/xds/server.go index 2cd84631c3..e51a30a513 100644 --- a/agent/xds/server.go +++ b/agent/xds/server.go @@ -219,8 +219,8 @@ func (s *Server) process(stream ADSStream, reqCh <-chan *envoy.DiscoveryRequest) resources: s.clustersFromSnapshot, stream: stream, allowEmptyFn: func(cfgSnap *proxycfg.ConfigSnapshot) bool { - // Mesh gateways are allowed to inform CDS of no clusters. - return cfgSnap.Kind == structs.ServiceKindMeshGateway + // Mesh and Terminating gateways are allowed to inform CDS of no clusters. + return cfgSnap.Kind == structs.ServiceKindMeshGateway || cfgSnap.Kind == structs.ServiceKindTerminatingGateway }, }, RouteType: {