From f5e62f1d1bc803bbcc0cb12adae571dc88617e1c Mon Sep 17 00:00:00 2001 From: "R.B. Boyer" Date: Thu, 27 Aug 2020 11:33:33 -0500 Subject: [PATCH] agent: expose the list of supported envoy versions on /v1/agent/self (#8566) also backport of a portion of c599a2f5f411a5820b7f0b9b126e2d2270ba3a67 from #8424 --- .changelog/8545.txt | 3 + agent/agent_endpoint.go | 16 +++++ agent/agent_endpoint_test.go | 84 +++++++++++++++++--------- agent/xds/clusters_test.go | 13 +--- agent/xds/endpoints_test.go | 3 +- agent/xds/listeners_test.go | 3 +- agent/xds/proxysupport/proxysupport.go | 14 +++++ agent/xds/routes_test.go | 3 +- command/connect/envoy/envoy.go | 8 +-- 9 files changed, 100 insertions(+), 47 deletions(-) create mode 100644 .changelog/8545.txt create mode 100644 agent/xds/proxysupport/proxysupport.go diff --git a/.changelog/8545.txt b/.changelog/8545.txt new file mode 100644 index 0000000000..a7d84ab1de --- /dev/null +++ b/.changelog/8545.txt @@ -0,0 +1,3 @@ +```release-note:feature +agent: expose the list of supported envoy versions on /v1/agent/self +``` diff --git a/agent/agent_endpoint.go b/agent/agent_endpoint.go index 74bb9c1dcf..79d6b797f2 100644 --- a/agent/agent_endpoint.go +++ b/agent/agent_endpoint.go @@ -17,6 +17,7 @@ import ( "github.com/hashicorp/consul/agent/debug" "github.com/hashicorp/consul/agent/structs" token_store "github.com/hashicorp/consul/agent/token" + "github.com/hashicorp/consul/agent/xds/proxysupport" "github.com/hashicorp/consul/api" "github.com/hashicorp/consul/ipaddr" "github.com/hashicorp/consul/lib" @@ -38,6 +39,11 @@ type Self struct { Member serf.Member Stats map[string]map[string]string Meta map[string]string + XDS *xdsSelf `json:"xDS,omitempty"` +} + +type xdsSelf struct { + SupportedProxies map[string][]string } func (s *HTTPServer) AgentSelf(resp http.ResponseWriter, req *http.Request) (interface{}, error) { @@ -60,6 +66,15 @@ func (s *HTTPServer) AgentSelf(resp http.ResponseWriter, req *http.Request) (int } } + var xds *xdsSelf + if s.agent.grpcServer != nil { + xds = &xdsSelf{ + SupportedProxies: map[string][]string{ + "envoy": proxysupport.EnvoyVersions, + }, + } + } + config := struct { Datacenter string NodeName string @@ -82,6 +97,7 @@ func (s *HTTPServer) AgentSelf(resp http.ResponseWriter, req *http.Request) (int Member: s.agent.LocalMember(), Stats: s.agent.Stats(), Meta: s.agent.State.Metadata(), + XDS: xds, }, nil } diff --git a/agent/agent_endpoint_test.go b/agent/agent_endpoint_test.go index 67c24a8103..5d52efb0e0 100644 --- a/agent/agent_endpoint_test.go +++ b/agent/agent_endpoint_test.go @@ -13,7 +13,6 @@ import ( "net/http/httptest" "net/url" "os" - "reflect" "strconv" "strings" "testing" @@ -27,6 +26,7 @@ import ( "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/agent/token" tokenStore "github.com/hashicorp/consul/agent/token" + "github.com/hashicorp/consul/agent/xds/proxysupport" "github.com/hashicorp/consul/api" "github.com/hashicorp/consul/lib" "github.com/hashicorp/consul/sdk/testutil" @@ -1209,39 +1209,65 @@ func TestAgent_Checks_ACLFilter(t *testing.T) { func TestAgent_Self(t *testing.T) { t.Parallel() - a := NewTestAgent(t, ` - node_meta { - somekey = "somevalue" - } - `) - defer a.Shutdown() - testrpc.WaitForTestAgent(t, a.RPC, "dc1") - req, _ := http.NewRequest("GET", "/v1/agent/self", nil) - obj, err := a.srv.AgentSelf(nil, req) - if err != nil { - t.Fatalf("err: %v", err) + cases := map[string]struct { + hcl string + expectXDS bool + }{ + "normal": { + hcl: ` + node_meta { + somekey = "somevalue" + } + `, + expectXDS: true, + }, + "no grpc": { + hcl: ` + node_meta { + somekey = "somevalue" + } + ports = { + grpc = -1 + } + `, + expectXDS: false, + }, } - val := obj.(Self) - if int(val.Member.Port) != a.Config.SerfPortLAN { - t.Fatalf("incorrect port: %v", obj) - } + for name, tc := range cases { + tc := tc + t.Run(name, func(t *testing.T) { + a := NewTestAgent(t, tc.hcl) + defer a.Shutdown() - if val.DebugConfig["SerfPortLAN"].(int) != a.Config.SerfPortLAN { - t.Fatalf("incorrect port: %v", obj) - } + testrpc.WaitForTestAgent(t, a.RPC, "dc1") + req, _ := http.NewRequest("GET", "/v1/agent/self", nil) + obj, err := a.srv.AgentSelf(nil, req) + require.NoError(t, err) - cs, err := a.GetLANCoordinate() - if err != nil { - t.Fatalf("err: %v", err) - } - if c := cs[a.config.SegmentName]; !reflect.DeepEqual(c, val.Coord) { - t.Fatalf("coordinates are not equal: %v != %v", c, val.Coord) - } - delete(val.Meta, structs.MetaSegmentKey) // Added later, not in config. - if !reflect.DeepEqual(a.config.NodeMeta, val.Meta) { - t.Fatalf("meta fields are not equal: %v != %v", a.config.NodeMeta, val.Meta) + val := obj.(Self) + require.Equal(t, a.Config.SerfPortLAN, int(val.Member.Port)) + require.Equal(t, a.Config.SerfPortLAN, val.DebugConfig["SerfPortLAN"].(int)) + + cs, err := a.GetLANCoordinate() + require.NoError(t, err) + require.Equal(t, cs[a.config.SegmentName], val.Coord) + + delete(val.Meta, structs.MetaSegmentKey) // Added later, not in config. + require.Equal(t, a.config.NodeMeta, val.Meta) + + if tc.expectXDS { + require.NotNil(t, val.XDS, "xds component missing when gRPC is enabled") + require.Equal(t, + map[string][]string{"envoy": proxysupport.EnvoyVersions}, + val.XDS.SupportedProxies, + ) + + } else { + require.Nil(t, val.XDS, "xds component should be missing when gRPC is disabled") + } + }) } } diff --git a/agent/xds/clusters_test.go b/agent/xds/clusters_test.go index cd2467361e..6ebed92382 100644 --- a/agent/xds/clusters_test.go +++ b/agent/xds/clusters_test.go @@ -11,6 +11,7 @@ import ( envoy "github.com/envoyproxy/go-control-plane/envoy/api/v2" "github.com/hashicorp/consul/agent/proxycfg" "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/consul/agent/xds/proxysupport" "github.com/hashicorp/consul/sdk/testutil" testinf "github.com/mitchellh/go-testing-interface" "github.com/stretchr/testify/require" @@ -527,7 +528,7 @@ func TestClustersFromSnapshot(t *testing.T) { }, } - for _, envoyVersion := range supportedEnvoyVersions { + for _, envoyVersion := range proxysupport.EnvoyVersions { sf := determineSupportedProxyFeaturesFromString(envoyVersion) t.Run("envoy-"+envoyVersion, func(t *testing.T) { for _, tt := range tests { @@ -738,13 +739,3 @@ func setupTLSRootsAndLeaf(t *testing.T, snap *proxycfg.ConfigSnapshot) { snap.Roots.Roots[0].RootCert = golden(t, "test-root-cert", "", "") } } - -// supportedEnvoyVersions lists the versions that we generated golden tests for -// -// see: https://www.consul.io/docs/connect/proxies/envoy#supported-versions -var supportedEnvoyVersions = []string{ - "1.14.2", - "1.13.2", - "1.12.4", - "1.11.2", -} diff --git a/agent/xds/endpoints_test.go b/agent/xds/endpoints_test.go index 6c616ad883..63977b6bf9 100644 --- a/agent/xds/endpoints_test.go +++ b/agent/xds/endpoints_test.go @@ -14,6 +14,7 @@ import ( envoyendpoint "github.com/envoyproxy/go-control-plane/envoy/api/v2/endpoint" "github.com/hashicorp/consul/agent/proxycfg" "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/consul/agent/xds/proxysupport" "github.com/hashicorp/consul/sdk/testutil" testinf "github.com/mitchellh/go-testing-interface" ) @@ -554,7 +555,7 @@ func Test_endpointsFromSnapshot(t *testing.T) { }, } - for _, envoyVersion := range supportedEnvoyVersions { + for _, envoyVersion := range proxysupport.EnvoyVersions { sf := determineSupportedProxyFeaturesFromString(envoyVersion) t.Run("envoy-"+envoyVersion, func(t *testing.T) { for _, tt := range tests { diff --git a/agent/xds/listeners_test.go b/agent/xds/listeners_test.go index 43a3e1991f..3f200368f9 100644 --- a/agent/xds/listeners_test.go +++ b/agent/xds/listeners_test.go @@ -11,6 +11,7 @@ import ( envoy "github.com/envoyproxy/go-control-plane/envoy/api/v2" "github.com/hashicorp/consul/agent/proxycfg" "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/consul/agent/xds/proxysupport" "github.com/hashicorp/consul/sdk/testutil" testinf "github.com/mitchellh/go-testing-interface" "github.com/stretchr/testify/require" @@ -433,7 +434,7 @@ func TestListenersFromSnapshot(t *testing.T) { }, } - for _, envoyVersion := range supportedEnvoyVersions { + for _, envoyVersion := range proxysupport.EnvoyVersions { sf := determineSupportedProxyFeaturesFromString(envoyVersion) t.Run("envoy-"+envoyVersion, func(t *testing.T) { for _, tt := range tests { diff --git a/agent/xds/proxysupport/proxysupport.go b/agent/xds/proxysupport/proxysupport.go new file mode 100644 index 0000000000..07e2f1fbc0 --- /dev/null +++ b/agent/xds/proxysupport/proxysupport.go @@ -0,0 +1,14 @@ +package proxysupport + +// EnvoyVersions lists the latest officially supported versions of envoy. +// +// This list must be sorted by semver descending. Only one point release for +// each major release should be present. +// +// see: https://www.consul.io/docs/connect/proxies/envoy#supported-versions +var EnvoyVersions = []string{ + "1.14.2", + "1.13.2", + "1.12.4", + "1.11.2", +} diff --git a/agent/xds/routes_test.go b/agent/xds/routes_test.go index 842ddf64ec..a2207ad67c 100644 --- a/agent/xds/routes_test.go +++ b/agent/xds/routes_test.go @@ -11,6 +11,7 @@ import ( "github.com/hashicorp/consul/agent/consul/discoverychain" "github.com/hashicorp/consul/agent/proxycfg" "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/consul/agent/xds/proxysupport" testinf "github.com/mitchellh/go-testing-interface" "github.com/stretchr/testify/require" ) @@ -175,7 +176,7 @@ func TestRoutesFromSnapshot(t *testing.T) { }, } - for _, envoyVersion := range supportedEnvoyVersions { + for _, envoyVersion := range proxysupport.EnvoyVersions { sf := determineSupportedProxyFeaturesFromString(envoyVersion) t.Run("envoy-"+envoyVersion, func(t *testing.T) { for _, tt := range tests { diff --git a/command/connect/envoy/envoy.go b/command/connect/envoy/envoy.go index 774c29a9da..2fe0c978bd 100644 --- a/command/connect/envoy/envoy.go +++ b/command/connect/envoy/envoy.go @@ -15,6 +15,7 @@ import ( "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/agent/xds" + "github.com/hashicorp/consul/agent/xds/proxysupport" "github.com/hashicorp/consul/api" proxyCmd "github.com/hashicorp/consul/command/connect/proxy" "github.com/hashicorp/consul/command/flags" @@ -68,10 +69,9 @@ type cmd struct { gatewayKind api.ServiceKind } -const ( - defaultEnvoyVersion = "1.14.2" - meshGatewayVal = "mesh" -) +const meshGatewayVal = "mesh" + +var defaultEnvoyVersion = proxysupport.EnvoyVersions[0] var supportedGateways = map[string]api.ServiceKind{ "mesh": api.ServiceKindMeshGateway,