Adjust inbound and outbound filter chains #28442
Merged
+122
−16
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
howardjohn
added
the
release-notes-none
google-cla
bot
added
the
cla: yes
istio-testing
added
the
size/L
|
/retest |
| @@ -400,4 +400,8 @@ var ( | |||
| 15*time.Second, | |||
| "If set, the max amount of time to delay a push by. Depends on PILOT_ENABLE_FLOW_CONTROL.", | |||
| ).Get() | |||
|
|
|||
| PilotEnableLoopBlockers = env.RegisterBoolVar("PILOT_ENABLE_LOOP_BLOCKER", true, | |||
| "If enabled, Envoy will be configured to prevent traffic directly the the inbound/outbound "+ | |||
There was a problem hiding this comment.
"Envoy will be configured to prevent traffic directly" - This is confusing. Can we change to "Envoy will be configured to not send traffic directly to inbound/outbound ports" ?
There was a problem hiding this comment.
How about "PILOT_DENY_TRAFFIC_ON_LISTEN_PORTS" or "PILOT_DISABLE_TRAFFIC_ON_LISTEN_PORTS" ?
There was a problem hiding this comment.
Seems doesn't matter, it will be removed
| if features.PilotEnableLoopBlockers { | ||
| filterChains = append(filterChains, &listener.FilterChain{ | ||
| Name: VirtualInboundBlackholeFilterChainName, | ||
| FilterChainMatch: &listener.FilterChainMatch{ |
There was a problem hiding this comment.
Can we create this once and reuse?
There was a problem hiding this comment.
I was going to but I am concerned if an EnvoyFilter modifies it and it's shared then every push we will apply the same modification. In similar code in 1.4 we saw this where an access log filter got appended every push and ended up with millions of access log filters...
I am also concerned that's are other places in our code with this same problem
|
Not sure what it is trying to resolve, can you add some context |
lambdai
approved these changes
Nov 3, 2020
|
LGTM. Let me know if you want to change the flag based on this comment https://github.com/istio/istio/pull/28442/files#r515457221. I can approve if you are good with the existing name. I am fine with that as well. |
hzxuzhonghu
approved these changes
Nov 3, 2020
|
/retest
…On Tue, Nov 3, 2020 at 4:59 AM Istio Automation ***@***.***> wrote:
@howardjohn <https://github.com/howardjohn>: The following test *failed*,
say /retest to rerun all failed tests:
Test name Commit Details Rerun command
integ-pilot-k8s-tests_istio 2cf2381
<2cf2381>
link
<https://prow.istio.io/view/gs/istio-prow/pr-logs/pull/istio_istio/28442/integ-pilot-k8s-tests_istio/1323607591204425728> /test
integ-pilot-k8s-tests_istio
Instructions for interacting with me using PR comments are available here
<https://git.k8s.io/community/contributors/guide/pull-requests.md>. If
you have questions or suggestions related to my behavior, please file an
issue against the kubernetes/test-infra
<https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:>
repository. I understand the commands that are listed here
<https://go.k8s.io/bot-commands>.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#28442 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAEYGXKIAO6ZV63POL4BJHTSN75BHANCNFSM4TFN4ERQ>
.
|
|
/retest |
|
In response to a cherrypick label: #28442 failed to apply on top of branch "release-1.7": |
|
In response to a cherrypick label: new issue created for failed cherrypick: #28545 |
|
In response to a cherrypick label: #28442 failed to apply on top of branch "release-1.8": |
|
In response to a cherrypick label: new issue created for failed cherrypick: #28546 |
|
In response to a cherrypick label: #28442 failed to apply on top of branch "release-1.6": |
|
In response to a cherrypick label: new issue created for failed cherrypick: #28547 |
howardjohn
added a commit
to howardjohn/istio
that referenced
this pull request
Nov 3, 2020
* Adjust inbound and outbound filter chains * fix test (cherry picked from commit 1f422dd)
howardjohn
added a commit
to howardjohn/istio
that referenced
this pull request
Nov 3, 2020
* Adjust inbound and outbound filter chains * fix test (cherry picked from commit 1f422dd)
howardjohn
added a commit
to howardjohn/istio
that referenced
this pull request
Nov 3, 2020
* Adjust inbound and outbound filter chains * fix test (cherry picked from commit 1f422dd)
istio-testing
pushed a commit
that referenced
this pull request
Nov 4, 2020
istio-testing
pushed a commit
that referenced
this pull request
Nov 5, 2020
istio-testing
pushed a commit
that referenced
this pull request
Nov 6, 2020
incfly
pushed a commit
to incfly/istio
that referenced
this pull request
Apr 13, 2022
* Adjust inbound and outbound filter chains * fix test (cherry picked from commit 1f422dd)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.