chore(kuma-cp) certificates over ADS (#2558)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>

.golangci.yml

@@ -12,7 +12,6 @@ linters:
 run:
   skip-files:
     - app/kumactl/pkg/k8s/kubectl_proxy.go # excluded to keep as close to original file from K8S repository
-    - pkg/sds/server/sds.go # excluded to keep as close to original file from Envoy repository
     - pkg/xds/server/server.go # excluded to keep as close to original file from Envoy repository
     - pkg/xds/server/server_test.go # excluded to keep as close to original file from Envoy repository
   modules-download-mode: readonly

app/kuma-cp/cmd/run.go

@@ -24,7 +24,6 @@ import (
 	kds_zone "github.com/kumahq/kuma/pkg/kds/zone"
 	mads_server "github.com/kumahq/kuma/pkg/mads/server"
 	metrics "github.com/kumahq/kuma/pkg/metrics/components"
-	sds_server "github.com/kumahq/kuma/pkg/sds/server"
 	"github.com/kumahq/kuma/pkg/util/os"
 	kuma_version "github.com/kumahq/kuma/pkg/version"
 	"github.com/kumahq/kuma/pkg/xds"
@@ -111,10 +110,6 @@ func newRunCmdWithOpts(opts runCmdOpts) *cobra.Command {
 					runLog.Error(err, "unable to set up XDS")
 					return err
 				}
-				if err := sds_server.Setup(rt); err != nil {
-					runLog.Error(err, "unable to set up SDS")
-					return err
-				}
 				if err := hds.Setup(rt); err != nil {
 					runLog.Error(err, "unable to set up HDS")
 					return err
@@ -152,10 +147,6 @@ func newRunCmdWithOpts(opts runCmdOpts) *cobra.Command {
 					runLog.Error(err, "unable to set up XDS")
 					return err
 				}
-				if err := sds_server.Setup(rt); err != nil {
-					runLog.Error(err, "unable to set up SDS")
-					return err
-				}
 				if err := hds.Setup(rt); err != nil {
 					runLog.Error(err, "unable to set up HDS")
 					return err

pkg/api-server/config_ws_test.go

@@ -250,9 +250,6 @@ var _ = Describe("Config WS", func() {
               "dataplaneCleanupAge": "72h0m0s"
             }
           },
-          "sdsServer": {
-            "dataplaneConfigurationRefreshInterval": "1s"
-          },
           "dpServer": {
             "port": 5678,
             "tlsCertFile": "",

pkg/config/app/kuma-cp/config.go

@@ -16,7 +16,6 @@ import (
 	"github.com/kumahq/kuma/pkg/config/mads"
 	"github.com/kumahq/kuma/pkg/config/multizone"
 	"github.com/kumahq/kuma/pkg/config/plugins/runtime"
-	"github.com/kumahq/kuma/pkg/config/sds"
 	"github.com/kumahq/kuma/pkg/config/xds"
 	"github.com/kumahq/kuma/pkg/config/xds/bootstrap"
 )
@@ -117,8 +116,6 @@ type Config struct {
 	BootstrapServer *bootstrap.BootstrapServerConfig `yaml:"bootstrapServer,omitempty"`
 	// Envoy XDS server configuration
 	XdsServer *xds.XdsServerConfig `yaml:"xdsServer,omitempty"`
-	// Envoy SDS server configuration
-	SdsServer *sds.SdsServerConfig `yaml:"sdsServer,omitempty"`
 	// Monitoring Assignment Discovery Service (MADS) server configuration
 	MonitoringAssignmentServer *mads.MonitoringAssignmentServerConfig `yaml:"monitoringAssignmentServer,omitempty"`
 	// API Server configuration
@@ -148,7 +145,6 @@ func (c *Config) Sanitize() {
 	c.Store.Sanitize()
 	c.BootstrapServer.Sanitize()
 	c.XdsServer.Sanitize()
-	c.SdsServer.Sanitize()
 	c.MonitoringAssignmentServer.Sanitize()
 	c.ApiServer.Sanitize()
 	c.Runtime.Sanitize()
@@ -166,7 +162,6 @@ func DefaultConfig() Config {
 		Mode:                       core.Standalone,
 		Store:                      store.DefaultStoreConfig(),
 		XdsServer:                  xds.DefaultXdsServerConfig(),
-		SdsServer:                  sds.DefaultSdsServerConfig(),
 		MonitoringAssignmentServer: mads.DefaultMonitoringAssignmentServerConfig(),
 		ApiServer:                  api_server.DefaultApiServerConfig(),
 		BootstrapServer:            bootstrap.DefaultBootstrapServerConfig(),
@@ -222,9 +217,6 @@ func (c *Config) Validate() error {
 		if err := c.BootstrapServer.Validate(); err != nil {
 			return errors.Wrap(err, "Bootstrap Server validation failed")
 		}
-		if err := c.SdsServer.Validate(); err != nil {
-			return errors.Wrap(err, "SDS Server validation failed")
-		}
 		if err := c.MonitoringAssignmentServer.Validate(); err != nil {
 			return errors.Wrap(err, "Monitoring Assignment Server validation failed")
 		}
@@ -247,9 +239,6 @@ func (c *Config) Validate() error {
 		if err := c.BootstrapServer.Validate(); err != nil {
 			return errors.Wrap(err, "Bootstrap Server validation failed")
 		}
-		if err := c.SdsServer.Validate(); err != nil {
-			return errors.Wrap(err, "SDS Server validation failed")
-		}
 		if err := c.MonitoringAssignmentServer.Validate(); err != nil {
 			return errors.Wrap(err, "Monitoring Assignment Server validation failed")
 		}

pkg/config/app/kuma-cp/kuma-cp.defaults.yaml

@@ -85,11 +85,6 @@ bootstrapServer:
     # Connection timeout to the XDS Server
     xdsConnectTimeout: 1s # ENV: KUMA_BOOTSTRAP_SERVER_PARAMS_XDS_CONNECT_TIMEOUT
 
-# Envoy SDS server configuration
-sdsServer:
-  # Interval for re-genarting configuration for Dataplanes connected to the Control Plane
-  dataplaneConfigurationRefreshInterval: 1s # ENV: KUMA_SDS_SERVER_DATAPLANE_CONFIGURATION_REFRESH_INTERVAL
-
 #  Monitoring Assignment Discovery Service (MADS) server configuration
 monitoringAssignmentServer:
   # Port of a gRPC server that serves Monitoring Assignment Discovery Service (MADS).
@@ -348,7 +343,7 @@ diagnostics:
   # If true, enables https://golang.org/pkg/net/http/pprof/ debug endpoints
   debugEndpoints: false # ENV: KUMA_DIAGNOSTICS_DEBUG_ENDPOINTS
 
-# Dataplane Server configuration that servers API like Bootstrap/XDS/SDS for the Dataplane.
+# Dataplane Server configuration that servers API like Bootstrap/XDS for the Dataplane.
 dpServer:
   # Port of the DP Server
   port: 5678 # ENV: KUMA_DP_SERVER_PORT

pkg/config/dp-server/config.go

@@ -10,7 +10,7 @@ import (
 
 var _ config.Config = &DpServerConfig{}
 
-// Dataplane Server configuration that servers API like Bootstrap/XDS/SDS.
+// Dataplane Server configuration that servers API like Bootstrap/XDS.
 type DpServerConfig struct {
 	// Port of the DP Server
 	Port int `yaml:"port" envconfig:"kuma_dp_server_port"`

pkg/config/loader_test.go

@@ -236,8 +236,6 @@ var _ = Describe("Config loader", func() {
 			Expect(cfg.DpServer.Hds.CheckDefaults.NoTrafficInterval).To(Equal(7 * time.Second))
 			Expect(cfg.DpServer.Hds.CheckDefaults.HealthyThreshold).To(Equal(uint32(8)))
 			Expect(cfg.DpServer.Hds.CheckDefaults.UnhealthyThreshold).To(Equal(uint32(9)))
-
-			Expect(cfg.SdsServer.DataplaneConfigurationRefreshInterval).To(Equal(11 * time.Second))
 		},
 		Entry("from config file", testCase{
 			envVars: map[string]string{},
@@ -428,8 +426,6 @@ dpServer:
       noTrafficInterval: 7s
       healthyThreshold: 8
       unhealthyThreshold: 9
-sdsServer:
-  dataplaneConfigurationRefreshInterval: 11s
 `,
 		}),
 		Entry("from env variables", testCase{
@@ -562,7 +558,6 @@ sdsServer:
 				"KUMA_DP_SERVER_HDS_CHECK_NO_TRAFFIC_INTERVAL":                                             "7s",
 				"KUMA_DP_SERVER_HDS_CHECK_HEALTHY_THRESHOLD":                                               "8",
 				"KUMA_DP_SERVER_HDS_CHECK_UNHEALTHY_THRESHOLD":                                             "9",
-				"KUMA_SDS_SERVER_DATAPLANE_CONFIGURATION_REFRESH_INTERVAL":                                 "11s",
 			},
 			yamlFileConfig: "",
 		}),

pkg/plugins/runtime/gateway/suite_test.go

@@ -104,15 +104,13 @@ func MakeDataplaneProxy(rt runtime.Runtime, key core_model.ResourceKey) *core_xd
 
 	proxy, err := b.Build(key, &xds_context.Context{
 		ControlPlane: &xds_context.ControlPlaneContext{
-			SdsTlsCert:        nil,
 			AdminProxyKeyPair: nil,
 			CLACache:          nil,
 		},
 		Mesh: xds_context.MeshContext{
 			Resource:   mesh,
 			Dataplanes: &dataplanes,
 		},
-		ConnectionInfo:   xds_context.ConnectionInfo{},
 		EnvoyAdminClient: nil,
 	})
 	Expect(err).To(Succeed())