mirror of https://github.com/status-im/consul.git
Add new tracing configuration
This commit is contained in:
parent
70bb6a2abd
commit
ed7b34128f
|
@ -27,6 +27,12 @@ type ProxyConfig struct {
|
||||||
// Note: This escape hatch is compatible with the discovery chain.
|
// Note: This escape hatch is compatible with the discovery chain.
|
||||||
PublicListenerJSON string `mapstructure:"envoy_public_listener_json"`
|
PublicListenerJSON string `mapstructure:"envoy_public_listener_json"`
|
||||||
|
|
||||||
|
// LstenerTracingJSON is a complete override ("escape hatch") for the
|
||||||
|
// listeners tracing configuration.
|
||||||
|
//
|
||||||
|
// Note: This escape hatch is compatible with the discovery chain.
|
||||||
|
LstenerTracingJSON string `mapstructure:"envoy_listener_tracing_json"`
|
||||||
|
|
||||||
// LocalClusterJSON is a complete override ("escape hatch") for the
|
// LocalClusterJSON is a complete override ("escape hatch") for the
|
||||||
// local application cluster.
|
// local application cluster.
|
||||||
//
|
//
|
||||||
|
|
|
@ -3,7 +3,6 @@ package xds
|
||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
envoy_extensions_filters_listener_http_inspector_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/http_inspector/v3"
|
|
||||||
"net"
|
"net"
|
||||||
"net/url"
|
"net/url"
|
||||||
"regexp"
|
"regexp"
|
||||||
|
@ -12,6 +11,8 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
envoy_extensions_filters_listener_http_inspector_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/filters/listener/http_inspector/v3"
|
||||||
|
|
||||||
envoy_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
|
envoy_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
|
||||||
envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
|
envoy_listener_v3 "github.com/envoyproxy/go-control-plane/envoy/config/listener/v3"
|
||||||
envoy_route_v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
|
envoy_route_v3 "github.com/envoyproxy/go-control-plane/envoy/config/route/v3"
|
||||||
|
@ -107,6 +108,19 @@ func (s *ResourceGenerator) listenersFromSnapshotConnectProxy(cfgSnap *proxycfg.
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
proxyCfg, err := ParseProxyConfig(cfgSnap.Proxy.Config)
|
||||||
|
if err != nil {
|
||||||
|
// Don't hard fail on a config typo, just warn. The parse func returns
|
||||||
|
// default config if there is an error so it's safe to continue.
|
||||||
|
s.Logger.Warn("failed to parse Connect.Proxy.Config", "error", err)
|
||||||
|
}
|
||||||
|
var tracing *envoy_http_v3.HttpConnectionManager_Tracing
|
||||||
|
if proxyCfg.LstenerTracingJSON != "" {
|
||||||
|
if tracing, err = makeTracingFromUserConfig(proxyCfg.LstenerTracingJSON); err != nil {
|
||||||
|
s.Logger.Warn("failed to parse LstenerTracingJSON config", "error", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
for uid, chain := range cfgSnap.ConnectProxy.DiscoveryChain {
|
for uid, chain := range cfgSnap.ConnectProxy.DiscoveryChain {
|
||||||
upstreamCfg := cfgSnap.ConnectProxy.UpstreamConfig[uid]
|
upstreamCfg := cfgSnap.ConnectProxy.UpstreamConfig[uid]
|
||||||
|
|
||||||
|
@ -153,6 +167,7 @@ func (s *ResourceGenerator) listenersFromSnapshotConnectProxy(cfgSnap *proxycfg.
|
||||||
filterName: filterName,
|
filterName: filterName,
|
||||||
protocol: cfg.Protocol,
|
protocol: cfg.Protocol,
|
||||||
useRDS: useRDS,
|
useRDS: useRDS,
|
||||||
|
tracing: tracing,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -178,6 +193,7 @@ func (s *ResourceGenerator) listenersFromSnapshotConnectProxy(cfgSnap *proxycfg.
|
||||||
filterName: filterName,
|
filterName: filterName,
|
||||||
protocol: cfg.Protocol,
|
protocol: cfg.Protocol,
|
||||||
useRDS: useRDS,
|
useRDS: useRDS,
|
||||||
|
tracing: tracing,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -249,6 +265,7 @@ func (s *ResourceGenerator) listenersFromSnapshotConnectProxy(cfgSnap *proxycfg.
|
||||||
filterName: routeName,
|
filterName: routeName,
|
||||||
protocol: svcConfig.Protocol,
|
protocol: svcConfig.Protocol,
|
||||||
useRDS: true,
|
useRDS: true,
|
||||||
|
tracing: tracing,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -265,6 +282,7 @@ func (s *ResourceGenerator) listenersFromSnapshotConnectProxy(cfgSnap *proxycfg.
|
||||||
clusterName: clusterName,
|
clusterName: clusterName,
|
||||||
filterName: clusterName,
|
filterName: clusterName,
|
||||||
protocol: svcConfig.Protocol,
|
protocol: svcConfig.Protocol,
|
||||||
|
tracing: tracing,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -376,6 +394,7 @@ func (s *ResourceGenerator) listenersFromSnapshotConnectProxy(cfgSnap *proxycfg.
|
||||||
protocol: cfg.Protocol,
|
protocol: cfg.Protocol,
|
||||||
useRDS: false,
|
useRDS: false,
|
||||||
statPrefix: "upstream_peered.",
|
statPrefix: "upstream_peered.",
|
||||||
|
tracing: tracing,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -533,6 +552,7 @@ func (s *ResourceGenerator) listenersFromSnapshotConnectProxy(cfgSnap *proxycfg.
|
||||||
filterName: uid.EnvoyID(),
|
filterName: uid.EnvoyID(),
|
||||||
routeName: uid.EnvoyID(),
|
routeName: uid.EnvoyID(),
|
||||||
protocol: cfg.Protocol,
|
protocol: cfg.Protocol,
|
||||||
|
tracing: tracing,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -1188,12 +1208,20 @@ func (s *ResourceGenerator) makeInboundListener(cfgSnap *proxycfg.ConfigSnapshot
|
||||||
|
|
||||||
l = makePortListener(name, addr, port, envoy_core_v3.TrafficDirection_INBOUND)
|
l = makePortListener(name, addr, port, envoy_core_v3.TrafficDirection_INBOUND)
|
||||||
|
|
||||||
|
var tracing *envoy_http_v3.HttpConnectionManager_Tracing
|
||||||
|
if cfg.LstenerTracingJSON != "" {
|
||||||
|
if tracing, err = makeTracingFromUserConfig(cfg.LstenerTracingJSON); err != nil {
|
||||||
|
s.Logger.Warn("failed to parse LstenerTracingJSON config", "error", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
filterOpts := listenerFilterOpts{
|
filterOpts := listenerFilterOpts{
|
||||||
protocol: cfg.Protocol,
|
protocol: cfg.Protocol,
|
||||||
filterName: name,
|
filterName: name,
|
||||||
routeName: name,
|
routeName: name,
|
||||||
cluster: LocalAppClusterName,
|
cluster: LocalAppClusterName,
|
||||||
requestTimeoutMs: cfg.LocalRequestTimeoutMs,
|
requestTimeoutMs: cfg.LocalRequestTimeoutMs,
|
||||||
|
tracing: tracing,
|
||||||
}
|
}
|
||||||
if useHTTPFilter {
|
if useHTTPFilter {
|
||||||
filterOpts.httpAuthzFilter, err = makeRBACHTTPFilter(
|
filterOpts.httpAuthzFilter, err = makeRBACHTTPFilter(
|
||||||
|
@ -1310,6 +1338,7 @@ func (s *ResourceGenerator) makeExposedCheckListener(cfgSnap *proxycfg.ConfigSna
|
||||||
statPrefix: "",
|
statPrefix: "",
|
||||||
routePath: path.Path,
|
routePath: path.Path,
|
||||||
httpAuthzFilter: nil,
|
httpAuthzFilter: nil,
|
||||||
|
// in the exposed check listener de don't set the tracing configuration
|
||||||
}
|
}
|
||||||
f, err := makeListenerFilter(opts)
|
f, err := makeListenerFilter(opts)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -1542,6 +1571,19 @@ func (s *ResourceGenerator) makeFilterChainTerminatingGateway(cfgSnap *proxycfg.
|
||||||
filterChain.Filters = append(filterChain.Filters, authFilter)
|
filterChain.Filters = append(filterChain.Filters, authFilter)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
proxyCfg, err := ParseProxyConfig(cfgSnap.Proxy.Config)
|
||||||
|
if err != nil {
|
||||||
|
// Don't hard fail on a config typo, just warn. The parse func returns
|
||||||
|
// default config if there is an error so it's safe to continue.
|
||||||
|
s.Logger.Warn("failed to parse Connect.Proxy.Config", "error", err)
|
||||||
|
}
|
||||||
|
var tracing *envoy_http_v3.HttpConnectionManager_Tracing
|
||||||
|
if proxyCfg.LstenerTracingJSON != "" {
|
||||||
|
if tracing, err = makeTracingFromUserConfig(proxyCfg.LstenerTracingJSON); err != nil {
|
||||||
|
s.Logger.Warn("failed to parse LstenerTracingJSON config", "error", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Lastly we setup the actual proxying component. For L4 this is a straight
|
// Lastly we setup the actual proxying component. For L4 this is a straight
|
||||||
// tcp proxy. For L7 this is a very hands-off HTTP proxy just to inject an
|
// tcp proxy. For L7 this is a very hands-off HTTP proxy just to inject an
|
||||||
// HTTP filter to do intention checks here instead.
|
// HTTP filter to do intention checks here instead.
|
||||||
|
@ -1552,6 +1594,7 @@ func (s *ResourceGenerator) makeFilterChainTerminatingGateway(cfgSnap *proxycfg.
|
||||||
cluster: tgtwyOpts.cluster,
|
cluster: tgtwyOpts.cluster,
|
||||||
statPrefix: "upstream.",
|
statPrefix: "upstream.",
|
||||||
routePath: "",
|
routePath: "",
|
||||||
|
tracing: tracing,
|
||||||
}
|
}
|
||||||
|
|
||||||
if useHTTPFilter {
|
if useHTTPFilter {
|
||||||
|
@ -1798,6 +1841,7 @@ type filterChainOpts struct {
|
||||||
statPrefix string
|
statPrefix string
|
||||||
forwardClientDetails bool
|
forwardClientDetails bool
|
||||||
forwardClientPolicy envoy_http_v3.HttpConnectionManager_ForwardClientCertDetails
|
forwardClientPolicy envoy_http_v3.HttpConnectionManager_ForwardClientCertDetails
|
||||||
|
tracing *envoy_http_v3.HttpConnectionManager_Tracing
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *ResourceGenerator) makeUpstreamFilterChain(opts filterChainOpts) (*envoy_listener_v3.FilterChain, error) {
|
func (s *ResourceGenerator) makeUpstreamFilterChain(opts filterChainOpts) (*envoy_listener_v3.FilterChain, error) {
|
||||||
|
@ -1813,6 +1857,7 @@ func (s *ResourceGenerator) makeUpstreamFilterChain(opts filterChainOpts) (*envo
|
||||||
statPrefix: opts.statPrefix,
|
statPrefix: opts.statPrefix,
|
||||||
forwardClientDetails: opts.forwardClientDetails,
|
forwardClientDetails: opts.forwardClientDetails,
|
||||||
forwardClientPolicy: opts.forwardClientPolicy,
|
forwardClientPolicy: opts.forwardClientPolicy,
|
||||||
|
tracing: opts.tracing,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -1955,6 +2000,7 @@ type listenerFilterOpts struct {
|
||||||
httpAuthzFilter *envoy_http_v3.HttpFilter
|
httpAuthzFilter *envoy_http_v3.HttpFilter
|
||||||
forwardClientDetails bool
|
forwardClientDetails bool
|
||||||
forwardClientPolicy envoy_http_v3.HttpConnectionManager_ForwardClientCertDetails
|
forwardClientPolicy envoy_http_v3.HttpConnectionManager_ForwardClientCertDetails
|
||||||
|
tracing *envoy_http_v3.HttpConnectionManager_Tracing
|
||||||
}
|
}
|
||||||
|
|
||||||
func makeListenerFilter(opts listenerFilterOpts) (*envoy_listener_v3.Filter, error) {
|
func makeListenerFilter(opts listenerFilterOpts) (*envoy_listener_v3.Filter, error) {
|
||||||
|
@ -2014,6 +2060,19 @@ func makeStatPrefix(prefix, filterName string) string {
|
||||||
return fmt.Sprintf("%s%s", prefix, strings.Replace(filterName, ":", "_", -1))
|
return fmt.Sprintf("%s%s", prefix, strings.Replace(filterName, ":", "_", -1))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func makeTracingFromUserConfig(configJSON string) (*envoy_http_v3.HttpConnectionManager_Tracing, error) {
|
||||||
|
// Type field is present so decode it as a any.Any
|
||||||
|
var any any.Any
|
||||||
|
if err := jsonpb.UnmarshalString(configJSON, &any); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
var t envoy_http_v3.HttpConnectionManager_Tracing
|
||||||
|
if err := proto.Unmarshal(any.Value, &t); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return &t, nil
|
||||||
|
}
|
||||||
|
|
||||||
func makeHTTPFilter(opts listenerFilterOpts) (*envoy_listener_v3.Filter, error) {
|
func makeHTTPFilter(opts listenerFilterOpts) (*envoy_listener_v3.Filter, error) {
|
||||||
router, err := makeEnvoyHTTPFilter("envoy.filters.http.router", &envoy_http_router_v3.Router{})
|
router, err := makeEnvoyHTTPFilter("envoy.filters.http.router", &envoy_http_router_v3.Router{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -2034,6 +2093,10 @@ func makeHTTPFilter(opts listenerFilterOpts) (*envoy_listener_v3.Filter, error)
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if opts.tracing != nil {
|
||||||
|
cfg.Tracing = opts.tracing
|
||||||
|
}
|
||||||
|
|
||||||
if opts.useRDS {
|
if opts.useRDS {
|
||||||
if opts.cluster != "" {
|
if opts.cluster != "" {
|
||||||
return nil, fmt.Errorf("cannot specify cluster name when using RDS")
|
return nil, fmt.Errorf("cannot specify cluster name when using RDS")
|
||||||
|
|
Loading…
Reference in New Issue