Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

revert https://github.com/istio/istio/pull/43560 #44470

Merged
merged 1 commit into from
Apr 25, 2023
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
fix conflict
Signed-off-by: Kuat Yessenov <kuat@google.com>
  • Loading branch information
kyessenov committed Apr 21, 2023
commit bd64ed59f6c40b23b630ed840ccc4dcd85a33952
33 changes: 0 additions & 33 deletions pilot/pkg/model/service.go
Original file line number Diff line number Diff line change
@@ -514,39 +514,6 @@ func (ep *IstioEndpoint) IsDiscoverableFromProxy(p *Proxy) bool {
return ep.DiscoverabilityPolicy.IsDiscoverableFromProxy(ep, p)
}

// Metadata returns the endpoint metadata used for telemetry purposes.
func (ep *IstioEndpoint) Metadata() *EndpointMetadata {
return &EndpointMetadata{
Network: ep.Network,
TLSMode: ep.TLSMode,
WorkloadName: ep.WorkloadName,
Namespace: ep.Namespace,
Labels: ep.Labels,
ClusterID: ep.Locality.ClusterID,
}
}

// EndpointMetadata represents metadata set on Envoy LbEndpoint used for telemetry purposes.
type EndpointMetadata struct {
// Network holds the network where this endpoint is present
Network network.ID

// TLSMode endpoint is injected with istio sidecar and ready to configure Istio mTLS
TLSMode string

// Name of the workload that this endpoint belongs to. This is for telemetry purpose.
WorkloadName string

// Namespace that this endpoint belongs to. This is for telemetry purpose.
Namespace string

// Labels points to the workload or deployment labels.
Labels labels.Instance

// ClusterID where the endpoint is located
ClusterID cluster.ID
}

// EndpointDiscoverabilityPolicy determines the discoverability of an endpoint throughout the mesh.
type EndpointDiscoverabilityPolicy interface {
// IsDiscoverableFromProxy indicates whether an endpoint is discoverable from the given Proxy.
18 changes: 13 additions & 5 deletions pilot/pkg/networking/core/v1alpha3/cluster_builder.go
Original file line number Diff line number Diff line change
@@ -570,16 +570,24 @@ func (cb *ClusterBuilder) buildLocalityLbEndpoints(proxyView model.ProxyView, se
Metadata: &core.Metadata{},
}

metadata := instance.Endpoint.Metadata()
labels := instance.Endpoint.Labels
ns := instance.Endpoint.Namespace
if features.CanonicalServiceForMeshExternalServiceEntry && service.MeshExternal {
metadata.Namespace = service.Attributes.Namespace
ns = service.Attributes.Namespace
svcLabels := service.Attributes.Labels
if _, ok := svcLabels[model.IstioCanonicalServiceLabelName]; ok {
metadata.Labels[model.IstioCanonicalServiceLabelName] = svcLabels[model.IstioCanonicalServiceLabelName]
metadata.Labels[model.IstioCanonicalServiceRevisionLabelName] = svcLabels[model.IstioCanonicalServiceRevisionLabelName]
labels = map[string]string{
model.IstioCanonicalServiceLabelName: svcLabels[model.IstioCanonicalServiceLabelName],
model.IstioCanonicalServiceRevisionLabelName: svcLabels[model.IstioCanonicalServiceRevisionLabelName],
}
for k, v := range instance.Endpoint.Labels {
labels[k] = v
}
}
}
util.AppendLbEndpointMetadata(metadata, ep.Metadata)

util.AppendLbEndpointMetadata(instance.Endpoint.Network, instance.Endpoint.TLSMode, instance.Endpoint.WorkloadName,
ns, instance.Endpoint.Locality.ClusterID, labels, ep.Metadata)

locality := instance.Endpoint.Locality.Label
lbEndpoints[locality] = append(lbEndpoints[locality], ep)
Original file line number Diff line number Diff line change
@@ -1108,14 +1108,7 @@ func TestBuildLocalityLbEndpoints(t *testing.T) {
clusterID istiocluster.ID, lbls labels.Instance,
) *core.Metadata {
newmeta := &core.Metadata{}
util.AppendLbEndpointMetadata(&model.EndpointMetadata{
Network: networkID,
TLSMode: tlsMode,
WorkloadName: workloadname,
Namespace: namespace,
ClusterID: clusterID,
Labels: lbls,
}, newmeta)
util.AppendLbEndpointMetadata(networkID, tlsMode, workloadname, namespace, clusterID, lbls, newmeta)
return newmeta
}

29 changes: 17 additions & 12 deletions pilot/pkg/networking/util/util.go
Original file line number Diff line number Diff line change
@@ -47,8 +47,11 @@ import (
istionetworking "istio.io/istio/pilot/pkg/networking"
"istio.io/istio/pilot/pkg/serviceregistry/util/label"
"istio.io/istio/pilot/pkg/util/protoconv"
"istio.io/istio/pkg/cluster"
"istio.io/istio/pkg/config"
"istio.io/istio/pkg/config/labels"
kubelabels "istio.io/istio/pkg/kube/labels"
"istio.io/istio/pkg/network"
"istio.io/istio/pkg/proto/merge"
"istio.io/istio/pkg/util/strcase"
"istio.io/pkg/log"
@@ -473,20 +476,22 @@ func MergeAnyWithAny(dst *anypb.Any, src *anypb.Any) (*anypb.Any, error) {
}

// AppendLbEndpointMetadata adds metadata values to a lb endpoint using the passed in metadata as base.
func AppendLbEndpointMetadata(istioMetadata *model.EndpointMetadata, envoyMetadata *core.Metadata,
func AppendLbEndpointMetadata(networkID network.ID, tlsMode, workloadname, namespace string,
clusterID cluster.ID, lbls labels.Instance, metadata *core.Metadata,
) {
if !features.EndpointTelemetryLabel || !features.EnableTelemetryLabel {
if networkID == "" && (tlsMode == "" || tlsMode == model.DisabledTLSModeLabel) &&
(!features.EndpointTelemetryLabel || !features.EnableTelemetryLabel) {
return
}

if envoyMetadata.FilterMetadata == nil {
envoyMetadata.FilterMetadata = map[string]*structpb.Struct{}
if metadata.FilterMetadata == nil {
metadata.FilterMetadata = map[string]*structpb.Struct{}
}

if istioMetadata.TLSMode != "" && istioMetadata.TLSMode != model.DisabledTLSModeLabel {
envoyMetadata.FilterMetadata[EnvoyTransportSocketMetadataKey] = &structpb.Struct{
if tlsMode != "" && tlsMode != model.DisabledTLSModeLabel {
metadata.FilterMetadata[EnvoyTransportSocketMetadataKey] = &structpb.Struct{
Fields: map[string]*structpb.Value{
model.TLSModeLabelShortname: {Kind: &structpb.Value_StringValue{StringValue: istioMetadata.TLSMode}},
model.TLSModeLabelShortname: {Kind: &structpb.Value_StringValue{StringValue: tlsMode}},
},
}
}
@@ -498,24 +503,24 @@ func AppendLbEndpointMetadata(istioMetadata *model.EndpointMetadata, envoyMetada
// workload-name;namespace;canonical-service-name;canonical-service-revision;cluster-id.
if features.EndpointTelemetryLabel {
// allow defaulting for non-injected cases
canonicalName, canonicalRevision := kubelabels.CanonicalService(istioMetadata.Labels, istioMetadata.WorkloadName)
canonicalName, canonicalRevision := kubelabels.CanonicalService(lbls, workloadname)

// don't bother sending the default value in config
if canonicalRevision == "latest" {
canonicalRevision = ""
}

var sb strings.Builder
sb.WriteString(istioMetadata.WorkloadName)
sb.WriteString(workloadname)
sb.WriteString(";")
sb.WriteString(istioMetadata.Namespace)
sb.WriteString(namespace)
sb.WriteString(";")
sb.WriteString(canonicalName)
sb.WriteString(";")
sb.WriteString(canonicalRevision)
sb.WriteString(";")
sb.WriteString(istioMetadata.ClusterID.String())
addIstioEndpointLabel(envoyMetadata, "workload", &structpb.Value{Kind: &structpb.Value_StringValue{StringValue: sb.String()}})
sb.WriteString(clusterID.String())
addIstioEndpointLabel(metadata, "workload", &structpb.Value{Kind: &structpb.Value_StringValue{StringValue: sb.String()}})
}
}

99 changes: 47 additions & 52 deletions pilot/pkg/networking/util/util_test.go
Original file line number Diff line number Diff line change
@@ -36,9 +36,11 @@ import (
"istio.io/istio/pilot/pkg/features"
"istio.io/istio/pilot/pkg/model"
"istio.io/istio/pilot/pkg/util/protoconv"
"istio.io/istio/pkg/cluster"
"istio.io/istio/pkg/config"
"istio.io/istio/pkg/config/labels"
"istio.io/istio/pkg/config/schema/gvk"
"istio.io/istio/pkg/network"
"istio.io/istio/pkg/test"
)

@@ -909,18 +911,21 @@ func TestCidrRangeSliceEqual(t *testing.T) {
func TestEndpointMetadata(t *testing.T) {
test.SetForTest(t, &features.EndpointTelemetryLabel, true)
cases := []struct {
name string
metadata *model.EndpointMetadata
want *core.Metadata
name string
network network.ID
tlsMode string
workloadName string
clusterID cluster.ID
namespace string
labels labels.Instance
want *core.Metadata
}{
{
name: "all empty",
metadata: &model.EndpointMetadata{
TLSMode: model.DisabledTLSModeLabel,
Network: "",
WorkloadName: "",
ClusterID: "",
},
name: "all empty",
tlsMode: model.DisabledTLSModeLabel,
network: "",
workloadName: "",
clusterID: "",
want: &core.Metadata{
FilterMetadata: map[string]*structpb.Struct{
IstioMetadataKey: {
@@ -936,13 +941,11 @@ func TestEndpointMetadata(t *testing.T) {
},
},
{
name: "tls mode",
metadata: &model.EndpointMetadata{
TLSMode: model.IstioMutualTLSModeLabel,
Network: "",
WorkloadName: "",
ClusterID: "",
},
name: "tls mode",
tlsMode: model.IstioMutualTLSModeLabel,
network: "",
workloadName: "",
clusterID: "",
want: &core.Metadata{
FilterMetadata: map[string]*structpb.Struct{
EnvoyTransportSocketMetadataKey: {
@@ -967,13 +970,11 @@ func TestEndpointMetadata(t *testing.T) {
},
},
{
name: "network and tls mode",
metadata: &model.EndpointMetadata{
TLSMode: model.IstioMutualTLSModeLabel,
Network: "network",
WorkloadName: "",
ClusterID: "",
},
name: "network and tls mode",
tlsMode: model.IstioMutualTLSModeLabel,
network: "network",
workloadName: "",
clusterID: "",
want: &core.Metadata{
FilterMetadata: map[string]*structpb.Struct{
EnvoyTransportSocketMetadataKey: {
@@ -998,17 +999,15 @@ func TestEndpointMetadata(t *testing.T) {
},
},
{
name: "all label",
metadata: &model.EndpointMetadata{
TLSMode: model.IstioMutualTLSModeLabel,
Network: "network",
WorkloadName: "workload",
ClusterID: "cluster",
Namespace: "default",
Labels: labels.Instance{
model.IstioCanonicalServiceLabelName: "service",
model.IstioCanonicalServiceRevisionLabelName: "v1",
},
name: "all label",
tlsMode: model.IstioMutualTLSModeLabel,
network: "network",
workloadName: "workload",
clusterID: "cluster",
namespace: "default",
labels: labels.Instance{
model.IstioCanonicalServiceLabelName: "service",
model.IstioCanonicalServiceRevisionLabelName: "v1",
},
want: &core.Metadata{
FilterMetadata: map[string]*structpb.Struct{
@@ -1034,14 +1033,12 @@ func TestEndpointMetadata(t *testing.T) {
},
},
{
name: "miss pod label",
metadata: &model.EndpointMetadata{
TLSMode: model.IstioMutualTLSModeLabel,
Network: "network",
WorkloadName: "workload",
ClusterID: "cluster",
Namespace: "default",
},
name: "miss pod label",
tlsMode: model.IstioMutualTLSModeLabel,
network: "network",
workloadName: "workload",
clusterID: "cluster",
namespace: "default",
want: &core.Metadata{
FilterMetadata: map[string]*structpb.Struct{
EnvoyTransportSocketMetadataKey: {
@@ -1066,14 +1063,12 @@ func TestEndpointMetadata(t *testing.T) {
},
},
{
name: "miss workload name",
metadata: &model.EndpointMetadata{
TLSMode: model.IstioMutualTLSModeLabel,
Network: "network",
WorkloadName: "",
ClusterID: "cluster",
Namespace: "",
},
name: "miss workload name",
tlsMode: model.IstioMutualTLSModeLabel,
network: "network",
workloadName: "",
clusterID: "cluster",
namespace: "",
want: &core.Metadata{
FilterMetadata: map[string]*structpb.Struct{
EnvoyTransportSocketMetadataKey: {
@@ -1101,7 +1096,7 @@ func TestEndpointMetadata(t *testing.T) {
for _, tt := range cases {
t.Run(tt.name, func(t *testing.T) {
input := &core.Metadata{}
AppendLbEndpointMetadata(tt.metadata, input)
AppendLbEndpointMetadata(tt.network, tt.tlsMode, tt.workloadName, tt.namespace, tt.clusterID, tt.labels, input)
if !reflect.DeepEqual(input, tt.want) {
t.Errorf("Unexpected Endpoint metadata got %v, want %v", input, tt.want)
}
2 changes: 1 addition & 1 deletion pilot/pkg/xds/endpoint_builder.go
Original file line number Diff line number Diff line change
@@ -402,7 +402,7 @@ func buildEnvoyLbEndpoint(b *EndpointBuilder, e *model.IstioEndpoint) *endpoint.
// Istio telemetry depends on the metadata value being set for endpoints in the mesh.
// Istio endpoint level tls transport socket configuration depends on this logic
// Do not remove pilot/pkg/xds/fake.go
util.AppendLbEndpointMetadata(e.Metadata(), ep.Metadata)
util.AppendLbEndpointMetadata(e.Network, e.TLSMode, e.WorkloadName, e.Namespace, e.Locality.ClusterID, e.Labels, ep.Metadata)

address, port := e.Address, e.EndpointPort
tunnelAddress, tunnelPort := address, model.HBoneInboundListenPort
8 changes: 2 additions & 6 deletions pilot/pkg/xds/ep_filters.go
Original file line number Diff line number Diff line change
@@ -146,12 +146,8 @@ func (b *EndpointBuilder) EndpointsByNetworkFilter(endpoints []*LocalityEndpoint
Metadata: &core.Metadata{},
}
// TODO: figure out a way to extract locality data from the gateway public endpoints in meshNetworks
util.AppendLbEndpointMetadata(&model.EndpointMetadata{
Network: gw.Network,
TLSMode: model.IstioMutualTLSModeLabel,
ClusterID: b.clusterID,
Labels: labels.Instance{},
}, gwEp.Metadata)
util.AppendLbEndpointMetadata(gw.Network, model.IstioMutualTLSModeLabel,
"", "", b.clusterID, labels.Instance{}, gwEp.Metadata)
// Currently gateway endpoint does not support tunnel.
lbEndpoints.append(gwIstioEp, gwEp)
}