luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Fix virtual services being included in intention topology as downstreams. (#17099)

This commit is contained in:
Derek Menteer 2023-04-24 12:03:26 -05:00 committed by GitHub
parent 2409c32e20
commit 136adf52da
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
agent/consul/state/intention.go
View File

@ -1079,16 +1079,21 @@ func (s *Store) intentionTopologyTxn(
}
addSvcs(tempServices)
// Query the virtual ip table as well to include virtual services that don't have a registered instance yet.
vipIndex, vipServices, err := servicesVirtualIPsTxn(tx)
if err != nil {
return index, nil, fmt.Errorf("failed to list service virtual IPs: %v", err)
}
for _, svc := range vipServices {
services[svc.Service.ServiceName] = struct{}{}
}
if vipIndex > index {
index = vipIndex
if !downstreams {
// Query the virtual ip table as well to include virtual services that don't have a registered instance yet.
// We only need to do this for upstreams currently, so that tproxy can find which discovery chains should be
// contacted for failover scenarios. Virtual services technically don't need to be considered as downstreams,
// because they will take on the identity of the calling service, rather than the chain itself.
vipIndex, vipServices, err := servicesVirtualIPsTxn(tx)
if err != nil {
return index, nil, fmt.Errorf("failed to list service virtual IPs: %v", err)
}
for _, svc := range vipServices {
services[svc.Service.ServiceName] = struct{}{}
}
if vipIndex > index {
index = vipIndex
}
}
} else {
// destinations can only ever be upstream, since they are only allowed as intention destination.