luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Backport of NET-5049: subscribe to bound-api-gateway only after receiving api-gateway into release/1.16.x (#18295) 

* backport of commit 972b20aee7c764217d8772502856aca5333c59c1

* backport of commit 275681714280e27228a1f9f5ce68c1b1ddb3c33e

* backport of commit 72c8f1e4db8c8204a71d0c85b6f9900c231c495a

---------

Co-authored-by: Nathan Coleman <nathan.coleman@hashicorp.com>
This commit is contained in:
hc-github-team-consul-core 2023-07-26 16:18:00 -04:00 committed by GitHub
parent 360a42e81a
commit 1b564e02c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.changelog/18291.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:bug
api-gateway: fix race condition in proxy config generation when Consul is notified of the bound-api-gateway config entry before it is notified of the api-gateway config entry.
```

22
agent/proxycfg/api_gateway.go
View File

@ -54,12 +54,6 @@ func (h *handlerAPIGateway) initialize(ctx context.Context) (ConfigSnapshot, err
return snap, err return snap, err
} }
// Watch the bound-api-gateway's config entry
err = h.subscribeToConfigEntry(ctx, structs.BoundAPIGateway, h.service, h.proxyID.EnterpriseMeta, boundGatewayConfigWatchID)
if err != nil {
return snap, err
}
snap.APIGateway.Listeners = make(map[string]structs.APIGatewayListener) snap.APIGateway.Listeners = make(map[string]structs.APIGatewayListener)
snap.APIGateway.BoundListeners = make(map[string]structs.BoundAPIGatewayListener) snap.APIGateway.BoundListeners = make(map[string]structs.BoundAPIGatewayListener)
snap.APIGateway.HTTPRoutes = watch.NewMap[structs.ResourceReference, *structs.HTTPRouteConfigEntry]() snap.APIGateway.HTTPRoutes = watch.NewMap[structs.ResourceReference, *structs.HTTPRouteConfigEntry]()
@ -143,10 +137,12 @@ func (h *handlerAPIGateway) handleRootCAUpdate(u UpdateEvent, snap *ConfigSnapsh
return nil return nil
} }
// handleGatewayConfigUpdate responds to changes in the watched config entry for a gateway. // handleGatewayConfigUpdate responds to changes in the watched config entries for a gateway.
// In particular, we want to make sure that we're subscribing to any attached resources such // Once the base api-gateway config entry has been seen, we store the list of listeners and
// as routes and certificates. These additional subscriptions will enable us to update the // then subscribe to the corresponding bound-api-gateway config entry. We use the bound-api-gateway
// config snapshot appropriately for any route or certificate changes. // config entry to subscribe to any attached resources, including routes and certificates.
// These additional subscriptions will enable us to update the config snapshot appropriately
// for any route or certificate changes.
func (h *handlerAPIGateway) handleGatewayConfigUpdate(ctx context.Context, u UpdateEvent, snap *ConfigSnapshot, correlationID string) error { func (h *handlerAPIGateway) handleGatewayConfigUpdate(ctx context.Context, u UpdateEvent, snap *ConfigSnapshot, correlationID string) error {
resp, ok := u.Result.(*structs.ConfigEntryResponse) resp, ok := u.Result.(*structs.ConfigEntryResponse)
if !ok { if !ok {
@ -244,6 +240,12 @@ func (h *handlerAPIGateway) handleGatewayConfigUpdate(ctx context.Context, u Upd
} }
snap.APIGateway.GatewayConfigLoaded = true snap.APIGateway.GatewayConfigLoaded = true
// Watch the corresponding bound-api-gateway config entry
err := h.subscribeToConfigEntry(ctx, structs.BoundAPIGateway, h.service, h.proxyID.EnterpriseMeta, boundGatewayConfigWatchID)
if err != nil {
return err
}
break break
default: default:
return fmt.Errorf("invalid type for config entry: %T", resp.Entry) return fmt.Errorf("invalid type for config entry: %T", resp.Entry)