|
|
|
|
@ -151,35 +151,23 @@ func (s *Server) listenersFromSnapshotConnectProxy(cInfo connectionInfo, cfgSnap
|
|
|
|
|
uniqueAddrs := make(map[string]struct{})
|
|
|
|
|
|
|
|
|
|
for _, t := range chain.Targets {
|
|
|
|
|
var k8sNamespace string
|
|
|
|
|
|
|
|
|
|
// Store all the IP addresses per unique port
|
|
|
|
|
// Store all the possible IP addresses that might be used to dial this endpoint
|
|
|
|
|
for _, e := range endpoints[t.ID] {
|
|
|
|
|
addr, _ := e.BestAddress(false)
|
|
|
|
|
|
|
|
|
|
if _, ok := uniqueAddrs[addr]; !ok {
|
|
|
|
|
uniqueAddrs[addr] = struct{}{}
|
|
|
|
|
if e.Service.Address != "" {
|
|
|
|
|
uniqueAddrs[e.Service.Address] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// The k8s namespace should be the same for all instances, so pick any
|
|
|
|
|
if ns, ok := e.Service.Meta["k8s-namespace"]; ok {
|
|
|
|
|
k8sNamespace = ns
|
|
|
|
|
if e.Node.Address != "" {
|
|
|
|
|
uniqueAddrs[e.Node.Address] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// TODO (freddy) hack to remove for beta: for every potential discovery chain target, resolve the k8s ClusterIP
|
|
|
|
|
// since it's not stored in Consul's catalog (yet)
|
|
|
|
|
if k8sNamespace != "" {
|
|
|
|
|
host := fmt.Sprintf("%s.%s.svc.cluster.local", t.Service, k8sNamespace)
|
|
|
|
|
resolved, err := net.LookupHost(host)
|
|
|
|
|
if err != nil {
|
|
|
|
|
// We still have the Pod ips in the catalog, so don't hard-fail on errors
|
|
|
|
|
s.Logger.Warn("failed to resolve", "host", host, "error", err)
|
|
|
|
|
continue
|
|
|
|
|
for _, tagged := range e.Node.TaggedAddresses {
|
|
|
|
|
if tagged != "" {
|
|
|
|
|
uniqueAddrs[tagged] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
for _, addr := range resolved {
|
|
|
|
|
if _, ok := uniqueAddrs[addr]; !ok {
|
|
|
|
|
uniqueAddrs[addr] = struct{}{}
|
|
|
|
|
for _, tagged := range e.Service.TaggedAddresses {
|
|
|
|
|
if tagged.Address != "" {
|
|
|
|
|
uniqueAddrs[tagged.Address] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
@ -205,6 +193,12 @@ func (s *Server) listenersFromSnapshotConnectProxy(cInfo connectionInfo, cfgSnap
|
|
|
|
|
PrefixLen: &wrappers.UInt32Value{Value: pfxLen},
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// The match rules are stable sorted to avoid draining if the list is provided out of order
|
|
|
|
|
sort.SliceStable(ranges, func(i, j int) bool {
|
|
|
|
|
return ranges[i].AddressPrefix < ranges[j].AddressPrefix
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
filterChain.FilterChainMatch = &envoy_listener_v3.FilterChainMatch{
|
|
|
|
|
PrefixRanges: ranges,
|
|
|
|
|
}
|
|
|
|
|
|
Freddy
4 years ago
committed by