From 4a04915e3f8b95ac54baeed6d42503324fb7af9b Mon Sep 17 00:00:00 2001 From: zirain Date: Sat, 4 Feb 2023 02:28:35 +0800 Subject: [PATCH] xds: Deprecated http2_protocol_options (#974) * xds: Deprecated http2_protocol_options Signed-off-by: hejianpeng --- internal/xds/translator/authentication.go | 10 +++++----- internal/xds/translator/ratelimit.go | 8 ++++---- .../authn-multi-route-multi-provider.clusters.yaml | 12 ++++++++++-- .../authn-multi-route-single-provider.clusters.yaml | 6 +++++- .../out/xds-ir/authn-ratelimit.clusters.yaml | 12 ++++++++++-- .../authn-single-route-single-match.clusters.yaml | 6 +++++- .../testdata/out/xds-ir/ratelimit.clusters.yaml | 6 +++++- 7 files changed, 44 insertions(+), 16 deletions(-) diff --git a/internal/xds/translator/authentication.go b/internal/xds/translator/authentication.go index 14c703fbac4..96d863e7e3d 100644 --- a/internal/xds/translator/authentication.go +++ b/internal/xds/translator/authentication.go @@ -219,11 +219,11 @@ func buildClusterFromJwks(jwks *jwksCluster) (*cluster.Cluster, error) { }, }, }, - Http2ProtocolOptions: &core.Http2ProtocolOptions{}, - DnsRefreshRate: durationpb.New(30 * time.Second), - RespectDnsTtl: true, - DnsLookupFamily: cluster.Cluster_V4_ONLY, - TransportSocket: tSocket, + TypedExtensionProtocolOptions: buildTypedExtensionProtocolOptions(), + DnsRefreshRate: durationpb.New(30 * time.Second), + RespectDnsTtl: true, + DnsLookupFamily: cluster.Cluster_V4_ONLY, + TransportSocket: tSocket, }, nil } diff --git a/internal/xds/translator/ratelimit.go b/internal/xds/translator/ratelimit.go index ebd7b05c155..aa4477984e8 100644 --- a/internal/xds/translator/ratelimit.go +++ b/internal/xds/translator/ratelimit.go @@ -292,10 +292,10 @@ func buildRateLimitServiceCluster(irListener *ir.HTTPListener) *cluster.Cluster }, }, }, - Http2ProtocolOptions: &core.Http2ProtocolOptions{}, - DnsRefreshRate: durationpb.New(30 * time.Second), - RespectDnsTtl: true, - DnsLookupFamily: cluster.Cluster_V4_ONLY, + TypedExtensionProtocolOptions: buildTypedExtensionProtocolOptions(), + DnsRefreshRate: durationpb.New(30 * time.Second), + RespectDnsTtl: true, + DnsLookupFamily: cluster.Cluster_V4_ONLY, } return rateLimitServerCluster } diff --git a/internal/xds/translator/testdata/out/xds-ir/authn-multi-route-multi-provider.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/authn-multi-route-multi-provider.clusters.yaml index 094af93ce65..dc9b1f67897 100644 --- a/internal/xds/translator/testdata/out/xds-ir/authn-multi-route-multi-provider.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/authn-multi-route-multi-provider.clusters.yaml @@ -37,7 +37,6 @@ - connectTimeout: 10s dnsLookupFamily: V4_ONLY dnsRefreshRate: 30s - http2ProtocolOptions: {} lbPolicy: RANDOM loadAssignment: clusterName: localhost_443 @@ -59,10 +58,14 @@ trustedCa: filename: /etc/ssl/certs/ca-certificates.crt type: STATIC + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + '@type': type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicitHttpConfig: + http2ProtocolOptions: {} - connectTimeout: 10s dnsLookupFamily: V4_ONLY dnsRefreshRate: 30s - http2ProtocolOptions: {} lbPolicy: RANDOM loadAssignment: clusterName: localhost_8080 @@ -84,3 +87,8 @@ trustedCa: filename: /etc/ssl/certs/ca-certificates.crt type: STATIC + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + '@type': type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicitHttpConfig: + http2ProtocolOptions: {} diff --git a/internal/xds/translator/testdata/out/xds-ir/authn-multi-route-single-provider.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/authn-multi-route-single-provider.clusters.yaml index 7514a02fd48..c566000c08b 100644 --- a/internal/xds/translator/testdata/out/xds-ir/authn-multi-route-single-provider.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/authn-multi-route-single-provider.clusters.yaml @@ -37,7 +37,6 @@ - connectTimeout: 10s dnsLookupFamily: V4_ONLY dnsRefreshRate: 30s - http2ProtocolOptions: {} lbPolicy: RANDOM loadAssignment: clusterName: localhost_443 @@ -59,3 +58,8 @@ trustedCa: filename: /etc/ssl/certs/ca-certificates.crt type: STATIC + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + '@type': type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicitHttpConfig: + http2ProtocolOptions: {} diff --git a/internal/xds/translator/testdata/out/xds-ir/authn-ratelimit.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/authn-ratelimit.clusters.yaml index c693e628449..923d1eac2c1 100644 --- a/internal/xds/translator/testdata/out/xds-ir/authn-ratelimit.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/authn-ratelimit.clusters.yaml @@ -55,7 +55,6 @@ - connectTimeout: 10s dnsLookupFamily: V4_ONLY dnsRefreshRate: 30s - http2ProtocolOptions: {} lbPolicy: RANDOM loadAssignment: clusterName: ratelimit_cluster @@ -69,10 +68,14 @@ name: ratelimit_cluster respectDnsTtl: true type: STRICT_DNS + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + '@type': type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicitHttpConfig: + http2ProtocolOptions: {} - connectTimeout: 10s dnsLookupFamily: V4_ONLY dnsRefreshRate: 30s - http2ProtocolOptions: {} lbPolicy: RANDOM loadAssignment: clusterName: localhost_443 @@ -94,3 +97,8 @@ trustedCa: filename: /etc/ssl/certs/ca-certificates.crt type: STATIC + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + '@type': type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicitHttpConfig: + http2ProtocolOptions: {} diff --git a/internal/xds/translator/testdata/out/xds-ir/authn-single-route-single-match.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/authn-single-route-single-match.clusters.yaml index 5027864f4f1..4bf9732bb8f 100644 --- a/internal/xds/translator/testdata/out/xds-ir/authn-single-route-single-match.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/authn-single-route-single-match.clusters.yaml @@ -19,7 +19,6 @@ - connectTimeout: 10s dnsLookupFamily: V4_ONLY dnsRefreshRate: 30s - http2ProtocolOptions: {} lbPolicy: RANDOM loadAssignment: clusterName: localhost_443 @@ -41,3 +40,8 @@ trustedCa: filename: /etc/ssl/certs/ca-certificates.crt type: STATIC + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + '@type': type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicitHttpConfig: + http2ProtocolOptions: {} diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit.clusters.yaml index cb605d770dc..86159d03e12 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit.clusters.yaml @@ -55,7 +55,6 @@ - connectTimeout: 10s dnsLookupFamily: V4_ONLY dnsRefreshRate: 30s - http2ProtocolOptions: {} lbPolicy: RANDOM loadAssignment: clusterName: ratelimit_cluster @@ -69,3 +68,8 @@ name: ratelimit_cluster respectDnsTtl: true type: STRICT_DNS + typedExtensionProtocolOptions: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + '@type': type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicitHttpConfig: + http2ProtocolOptions: {}