Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only write service-defaults if protocol set #169

Merged
merged 1 commit into from
Dec 4, 2019
Merged

Only write service-defaults if protocol set #169

merged 1 commit into from
Dec 4, 2019

Conversation

lkysow
Copy link
Member

@lkysow lkysow commented Nov 30, 2019

Previously, we would write a service-defaults config regardless of the
value of the -default-protocol flag or the Pod's protocol annotation. If
neither of these were set, we would write a config with protocol set to
the empty string. This is the same as setting it to tcp. So for every
service, we were by default setting its protocol to tcp.

If a user explicitly created a global proxy-defaults config and set the
protocol to, say, http. Then our service-defaults config would override
that protocol. This behaviour was unexpected because users had never
explicitly told us to write a service-defaults config and it wasn't
helping them.

This change will cause us to only write a service-defaults config if the
protocol is explicitly set–either via the -default-protocol flag or via
the Pod annotation.

I've also renamed the CentralConfig field to WriteServiceDefaults
because there are many types of central config now so it's best to be
explicit.

Fixes #168

@lkysow lkysow requested a review from a team November 30, 2019 00:52
lkysow
lkysow commented Nov 30, 2019
View reviewed changes
connect-inject/container_init.go
// the protocol was empty. This is the same as setting it to tcp. This
// would then override any global proxy-defaults config. Now, we only
// write the config if a protocol is explicitly set.
writeServiceDefaults := h.WriteServiceDefaults && protocol != ""
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here's the only real change. Previously this was just the value of h.WriteServiceDefaults

lkysow
lkysow commented Nov 30, 2019
View reviewed changes
connect-inject/handler.go
// Default protocol is specified by a flag if not explicitly annotated
if _, ok := pod.ObjectMeta.Annotations[annotationProtocol]; !ok {
if _, ok := pod.ObjectMeta.Annotations[annotationProtocol]; !ok && h.DefaultProtocol != "" {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Previously we would write an annotation even if the protocol was empty (i.e. we'd set it to the empty string).

@lkysow lkysow added the area/connect Related to Connect service mesh, e.g. injection label Nov 30, 2019
adilyse
adilyse approved these changes Dec 4, 2019
View reviewed changes
Copy link
Contributor

@adilyse adilyse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have this impression that there was a reason we needed to define a protocol on everything, but can't remember the details. If Consul is fine in these situations, then this looks great.

connect-inject/container_init.go Outdated
{{- if .CentralConfig }}
# Create the central config's service registration
{{- if .WriteServiceDefaults }}
# Create the service-defaults config for the service
cat <<EOF >/consul/connect-inject/central-config.hcl
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since everything is being renamed to "service-defaults", does it make sense to rename the file be written as well? (This would need to be changed several places, as well as in the tests.)

Suggested change
cat <<EOF >/consul/connect-inject/central-config.hcl
cat <<EOF >/consul/connect-inject/service-defaults.hcl

@lkysow
Only write service-defaults if protocol set
afb5808 
Previously, we would write a service-defaults config regardless of the
value of the -default-protocol flag or the Pod's protocol annotation. If
neither of these were set, we would write a config with protocol set to
the empty string. This is the same as setting it to tcp. So for every
service, we were by default setting its protocol to tcp.

If a user explicitly created a global proxy-defaults config and set the
protocol to, say, http. Then our service-defaults config would override
that protocol. This behaviour was unexpected because users had never
explicitly told us to write a service-defaults config and it wasn't
helping them.

This change will cause us to only write a service-defaults config if the
protocol is explicitly set–either via the -default-protocol flag or via
the Pod annotation.

I've also renamed the CentralConfig field to WriteServiceDefaults
because there are many types of central config now so it's best to be
explicit.

Fixes #168
@lkysow lkysow force-pushed the protocol-write branch 2 times, most recently from 9f22760 to afb5808 Compare December 4, 2019 20:10
@lkysow lkysow merged commit 2bc5db5 into master Dec 4, 2019
@lkysow lkysow deleted the protocol-write branch December 4, 2019 23:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adilyse adilyse adilyse approved these changes

Assignees
No one assigned
Labels
area/connect Related to Connect service mesh, e.g. injection
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Don't write service-defaults during connect-inject unless protocol set explicitly
2 participants
@lkysow @adilyse