diff --git a/.changelog/10757.txt b/.changelog/10757.txt new file mode 100644 index 0000000000..35a90591fa --- /dev/null +++ b/.changelog/10757.txt @@ -0,0 +1,4 @@ +```release-note:bug +cli: Ensure the metrics endpoint is accessible when Envoy is configured to use +a non-default admin bind address. +``` diff --git a/command/connect/envoy/bootstrap_config.go b/command/connect/envoy/bootstrap_config.go index b78f816677..c7925a11d9 100644 --- a/command/connect/envoy/bootstrap_config.go +++ b/command/connect/envoy/bootstrap_config.go @@ -579,6 +579,7 @@ func (c *BootstrapConfig) generateListenerConfig(args *BootstrapTplArgs, bindAdd // metrics. This cluster will only be created once since it's only created // when prometheusBackendPort is set, and prometheusBackendPort is only set // when calling this function if c.PrometheusBindAddr is set. + clusterAddress := args.AdminBindAddress clusterPort := args.AdminBindPort clusterName := selfAdminName if prometheusBackendPort != "" { @@ -601,7 +602,7 @@ func (c *BootstrapConfig) generateListenerConfig(args *BootstrapTplArgs, bindAdd "endpoint": { "address": { "socket_address": { - "address": "127.0.0.1", + "address": "` + clusterAddress + `", "port_value": ` + clusterPort + ` } } diff --git a/command/connect/envoy/bootstrap_config_test.go b/command/connect/envoy/bootstrap_config_test.go index de9105efca..f58c5aa1ef 100644 --- a/command/connect/envoy/bootstrap_config_test.go +++ b/command/connect/envoy/bootstrap_config_test.go @@ -37,6 +37,32 @@ const ( } ] } +}` + expectedSelfAdminClusterNonLoopbackIP = `{ + "name": "self_admin", + "ignore_health_on_host_removal": false, + "connect_timeout": "5s", + "type": "STATIC", + "http_protocol_options": {}, + "loadAssignment": { + "clusterName": "self_admin", + "endpoints": [ + { + "lbEndpoints": [ + { + "endpoint": { + "address": { + "socket_address": { + "address": "192.0.2.10", + "port_value": 19002 + } + } + } + } + ] + } + ] + } }` expectedPrometheusBackendCluster = `{ "name": "prometheus_backend", @@ -649,6 +675,28 @@ func TestBootstrapConfig_ConfigureArgs(t *testing.T) { }, wantErr: false, }, + { + name: "prometheus-bind-addr-non-loopback-ip", + input: BootstrapConfig{ + PrometheusBindAddr: "0.0.0.0:9000", + }, + baseArgs: BootstrapTplArgs{ + AdminBindAddress: "192.0.2.10", + AdminBindPort: "19002", + PrometheusScrapePath: "/metrics", + }, + wantArgs: BootstrapTplArgs{ + AdminBindAddress: "192.0.2.10", + AdminBindPort: "19002", + // Should add a static cluster for the self-proxy to admin + StaticClustersJSON: expectedSelfAdminClusterNonLoopbackIP, + // Should add a static http listener too + StaticListenersJSON: expectedPromListener, + StatsConfigJSON: defaultStatsConfigJSON, + PrometheusScrapePath: "/metrics", + }, + wantErr: false, + }, { name: "prometheus-bind-addr-with-overrides", input: BootstrapConfig{