-
Notifications
You must be signed in to change notification settings - Fork 327
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(*) TrafficRoute add Split #1149
Conversation
974379d
to
09b3ac6
Compare
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
09b3ac6
to
e7ef54d
Compare
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
…destination_wildcard
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
…destination_wildcard # Conflicts: # app/kumactl/pkg/install/k8s/control-plane/helmtemplates_vfsdata.go Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
…destination_wildcard
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
328fed6
to
8857318
Compare
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
…destination_wildcard
…destination_wildcard
pkg/defaults/mesh/traffic_route.go
Outdated
// This will be dropped when TrafficRoute will be converted to Global Scope on K8S instead of Namespace Scope | ||
// TrafficRoute needs to contain mesh name inside it. Otherwise if the name is the same (ex. "allow-all") creating new mesh would fail because there is already resource of name "allow-all" which is unique key on K8S | ||
func defaultTrafficRouteName(meshName string) string { | ||
return fmt.Sprintf("allow-all-%s.default", meshName) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the .default
is not required anymore
pkg/xds/topology/router.go
Outdated
service, ok := destination.Destination[mesh_proto.ServiceTag] | ||
if !ok { | ||
// ignore destinations without a `service` tag | ||
// TODO(yskopets): consider adding a metric for this | ||
continue | ||
} | ||
destinations[service] = destinations[service].Add(mesh_proto.MatchTags(destination.Destination)) | ||
if service == mesh_proto.MatchAllTag { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be handled already. routes core_xds.RouteMap
should not have *
matches
pkg/xds/topology/router.go
Outdated
Split: split, | ||
}, | ||
}, | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think that's the algorithm that we agreed on the call. The wildcard can be placed on many tags.
The idea was
- Take traffic route
- Remove all tag pairs with wildcard
- Add all tags from outbound to traffic route if they do not already exist in the list
Examples
1)
Traffic Route
conf:
split:
- weight: 100
tags:
kuma.io/service: '*'
- Outbound
outbound:
- port: 1234
tags:
kuma.io/service: backend
=
conf:
split:
- weight: 100
tags:
kuma.io/service: 'backend'
Traffic Route
conf:
split:
- weight: 100
tags:
kuma.io/service: '*'
kuma.io/zone: aws
- Outbound
outbound:
- port: 1234
tags:
kuma.io/service: backend
=
conf:
split:
- weight: 100
tags:
kuma.io/service: 'backend'
kuma.io/zone: aws
Traffic Route
conf:
split:
- weight: 100
tags:
kuma.io/service: '*'
kuma.io/zone: '*'
- Outbound
outbound:
- port: 1234
tags:
kuma.io/service: backend
=
conf:
split:
- weight: 100
tags:
kuma.io/service: 'backend'
Traffic Route
conf:
split:
- weight: 100
tags:
kuma.io/service: '*'
kuma.io/zone: '*'
- Outbound
outbound:
- port: 1234
tags:
kuma.io/service: backend
kuma.io/zone: aws
=
conf:
split:
- weight: 100
tags:
kuma.io/service: 'backend'
kuma.io/zone: aws
Traffic Route
conf:
split:
- weight: 100
tags:
kuma.io/service: '*'
- Outbound
outbound:
- port: 1234
tags:
kuma.io/service: backend
version: 1
=
conf:
split:
- weight: 100
tags:
kuma.io/service: 'backend'
version: 1
Traffic Route
conf:
split:
- weight: 100
tags:
kuma.io/service: '*'
version: 1
- Outbound
outbound:
- port: 1234
tags:
kuma.io/service: backend
version: 2
=
conf:
split:
- weight: 100
tags:
kuma.io/service: 'backend'
version: 1
(Traffic Route should take precedence)
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
…destination_wildcard # Conflicts: # app/kumactl/pkg/install/k8s/control-plane/helmtemplates_vfsdata.go Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
pkg/defaults/mesh/traffic_route.go
Outdated
) | ||
|
||
// Default traffic route needs to be stored with default suffix so on K8S it will be stored in the default namespace | ||
// This will be dropped when TrafficRoute will be converted to Global Scope on K8S instead of Namespace Scope |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Delete those two lines of comments, we don't have a suffix anymore
@@ -224,6 +226,10 @@ func (_ OutboundProxyGenerator) determineSubsets(proxy *model.Proxy, outbound *k | |||
// 0 assumes no traffic is passed there. Envoy doesn't support 0 weight, so instead of passing it to Envoy we just skip such cluster. | |||
continue | |||
} | |||
if service == kuma_mesh.MatchAllTag { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this should not happen, because we replace this on the upper level, right?
pkg/defaults/mesh/traffic_route.go
Outdated
// This will be dropped when TrafficRoute will be converted to Global Scope on K8S instead of Namespace Scope | ||
// TrafficRoute needs to contain mesh name inside it. Otherwise if the name is the same (ex. "allow-all") creating new mesh would fail because there is already resource of name "allow-all" which is unique key on K8S | ||
func defaultTrafficRouteName(meshName string) string { | ||
return fmt.Sprintf("allow-all-%s", meshName) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: I think the name could be better. allow-all
made sense in the context of traffic permissions. Here should be something like route-all-%
? default-router-%s
, router-%s
?
pkg/xds/topology/router.go
Outdated
}}, | ||
}, | ||
route := policy.(*mesh_core.TrafficRouteResource) | ||
if route.Spec.GetConf().HasWildcard() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this should rely on wildcard here. How about this case
Traffic Route
conf:
split:
- weight: 100
tags:
kuma.io/service: 'backend'
- Outbound
outbound:
- port: 1234
tags:
kuma.io/service: backend
version: 2
=
conf:
split:
- weight: 100
tags:
kuma.io/service: 'backend'
version: 2
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
…destination_wildcard # Conflicts: # pkg/core/managers/apis/mesh/mesh_manager_test.go Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Small nit about HasWildcard, remove it, then it's 👍
@@ -0,0 +1,10 @@ | |||
package v1alpha1 | |||
|
|||
func (c *TrafficRoute_Conf) HasWildcard() bool { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is not needed anymore
Signed-off-by: Nikolay Nikolaev <nikolay.nikolaev@konghq.com>
Summary
Adding default TrafficRoute, Move the Configuration destination list to a Split field and make it support wildcard services
Documentation