consul/agent/structs
Freddy 2d633ed804 Fixup discovery chain handling in transparent mode (#10168)
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>

Previously we would associate the address of a discovery chain target
with the discovery chain's filter chain. This was broken for a few reasons:

- If the upstream is a virtual service, the client proxy has no way of
dialing it because virtual services are not targets of their discovery
chains. The targets are distinct services. This is addressed by watching
the endpoints of all upstream services, not just their discovery chain
targets.

- If multiple discovery chains resolve to the same target, that would
lead to multiple filter chains attempting to match on the target's
virtual IP. This is addressed by only matching on the upstream's virtual
IP.

NOTE: this implementation requires an intention to the redirecting
virtual service and not just to the final destination. This is how
we can know that the virtual service is an upstream to watch.

A later PR will look into traversing discovery chains when computing
upstreams so that intentions are only required to the discovery chain
targets.
2021-05-04 14:46:53 +00:00
..
acl.go Move static token resolution into the ACLResolver (#10013) 2021-04-14 12:39:35 -04:00
acl_cache.go
acl_cache_test.go
acl_legacy.go
acl_legacy_test.go
acl_oss.go
acl_test.go
auto_encrypt.go
autopilot.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
autopilot_oss.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
catalog.go
check_definition.go add http2 ping health checks (#8431) 2021-04-09 15:12:10 -04:00
check_definition_test.go add http2 ping health checks (#8431) 2021-04-09 15:12:10 -04:00
check_type.go add http2 ping health checks (#8431) 2021-04-09 15:12:10 -04:00
config_entry.go Rename "cluster" config entry to "mesh" (#10127) 2021-04-28 22:14:03 +00:00
config_entry_discoverychain.go connect: support defining intentions using layer 7 criteria (#8839) 2020-10-06 17:09:13 -05:00
config_entry_discoverychain_oss.go
config_entry_discoverychain_test.go
config_entry_gateways.go ui: Remove any trailing fullstop/period DNS characters from Gateways UI API (#9752) 2021-02-25 09:34:47 +00:00
config_entry_gateways_test.go ui: Remove any trailing fullstop/period DNS characters from Gateways UI API (#9752) 2021-02-25 09:34:47 +00:00
config_entry_intentions.go server: add OSS stubs supporting validation of source namespaces in service-intentions config entries (#9527) 2021-01-25 11:27:38 -06:00
config_entry_intentions_oss.go server: add OSS stubs supporting validation of source namespaces in service-intentions config entries (#9527) 2021-01-25 11:27:38 -06:00
config_entry_intentions_test.go server: remove config entry CAS in legacy intention API bridge code (#9151) 2020-11-13 14:42:21 -06:00
config_entry_mesh.go Rename cluster config files to mesh as well (#10148) 2021-04-29 00:16:06 +00:00
config_entry_mesh_oss.go Rename cluster config files to mesh as well (#10148) 2021-04-29 00:16:06 +00:00
config_entry_oss.go
config_entry_oss_test.go
config_entry_test.go Rename "cluster" config entry to "mesh" (#10127) 2021-04-28 22:14:03 +00:00
connect.go
connect_ca.go Add CA server delegate interface for testing 2020-11-19 20:08:06 -08:00
connect_ca_test.go
connect_oss.go
connect_proxy_config.go Merge pull request #10016 from hashicorp/topology-update 2021-04-15 14:11:23 -06:00
connect_proxy_config_oss.go Split Upstream.Identifier() so non-empty namespace is always prepended in ent (#10031) 2021-04-15 13:54:40 -06:00
connect_proxy_config_test.go Fixup tests 2021-04-13 16:08:41 -06:00
discovery_chain.go Fixup discovery chain handling in transparent mode (#10168) 2021-05-04 14:46:53 +00:00
discovery_chain_oss.go
errors.go Special case the error returned when we have a Raft leader but are not tracking it in the ServerLookup (#9487) 2021-01-04 14:05:23 -05:00
federation_state.go
identity.go state: convert services.node and checks.node indexes 2021-03-16 13:00:31 -04:00
intention.go Augment intention decision summary with DefaultAllow mode 2021-04-12 19:32:09 -06:00
intention_oss.go connect: intentions are now managed as a new config entry kind "service-intentions" (#8834) 2020-10-06 13:24:05 -05:00
intention_test.go connect: support defining intentions using layer 7 criteria (#8839) 2020-10-06 17:09:13 -05:00
operator.go Switch to using the external autopilot module 2020-11-09 09:22:11 -05:00
prepared_query.go
prepared_query_test.go
protobuf_compat.go
sanitize_oss.go
service_definition.go
service_definition_test.go
snapshot.go
structs.go Update viz endpoint to include topology from intentions 2021-04-14 10:20:15 -06:00
structs_filtering_test.go connect: update centralized upstreams representation in service-defaults (#10015) 2021-04-15 14:21:44 -05:00
structs_oss.go Add methods to check intention has wildcard src or dst 2021-03-17 22:15:48 -06:00
structs_oss_test.go Add methods to check intention has wildcard src or dst 2021-03-17 22:15:48 -06:00
structs_test.go Prevent wildcard destinations for proxies and upstreams 2021-04-07 09:32:47 -06:00
system_metadata.go connect: intentions are now managed as a new config entry kind "service-intentions" (#8834) 2020-10-06 13:24:05 -05:00
testing.go
testing_catalog.go
testing_connect_proxy_config.go
testing_intention.go
testing_service_definition.go
txn.go connect: intentions are now managed as a new config entry kind "service-intentions" (#8834) 2020-10-06 13:24:05 -05:00