Rename "cluster" config entry to "mesh" (#10127)

This config entry is being renamed primarily because in k8s the name
cluster could be confusing given that the config entry applies across
federated datacenters.

Additionally, this config entry will only apply to Consul as a service
mesh, so the more generic "cluster" name is not needed.
This commit is contained in:
Freddy 2021-04-28 16:13:29 -06:00 committed by GitHub
parent faf264b293
commit 401f3010e0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
21 changed files with 164 additions and 159 deletions

3
.changelog/10127.txt Normal file
View File

@ -0,0 +1,3 @@
```release-note:improvement
connect: rename cluster config entry to mesh.
```

View File

@ -4156,8 +4156,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
"config_entries": { "config_entries": {
"bootstrap": [ "bootstrap": [
{ {
"kind": "cluster", "kind": "mesh",
"name": "cluster", "name": "mesh",
"meta" : { "meta" : {
"foo": "bar", "foo": "bar",
"gir": "zim" "gir": "zim"
@ -4173,8 +4173,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
hcl: []string{` hcl: []string{`
config_entries { config_entries {
bootstrap { bootstrap {
kind = "cluster" kind = "mesh"
name = "cluster" name = "mesh"
meta { meta {
"foo" = "bar" "foo" = "bar"
"gir" = "zim" "gir" = "zim"
@ -4189,15 +4189,15 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
expected: func(rt *RuntimeConfig) { expected: func(rt *RuntimeConfig) {
rt.DataDir = dataDir rt.DataDir = dataDir
rt.ConfigEntryBootstrap = []structs.ConfigEntry{ rt.ConfigEntryBootstrap = []structs.ConfigEntry{
&structs.ClusterConfigEntry{ &structs.MeshConfigEntry{
Kind: "cluster", Kind: structs.MeshConfig,
Name: "cluster", Name: structs.MeshConfigMesh,
Meta: map[string]string{ Meta: map[string]string{
"foo": "bar", "foo": "bar",
"gir": "zim", "gir": "zim",
}, },
EnterpriseMeta: *defaultEntMeta, EnterpriseMeta: *defaultEntMeta,
TransparentProxy: structs.TransparentProxyClusterConfig{ TransparentProxy: structs.TransparentProxyMeshConfig{
CatalogDestinationsOnly: true, CatalogDestinationsOnly: true,
}, },
}, },
@ -4211,8 +4211,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
"config_entries": { "config_entries": {
"bootstrap": [ "bootstrap": [
{ {
"Kind": "cluster", "Kind": "mesh",
"Name": "cluster", "Name": "mesh",
"Meta" : { "Meta" : {
"foo": "bar", "foo": "bar",
"gir": "zim" "gir": "zim"
@ -4228,8 +4228,8 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
hcl: []string{` hcl: []string{`
config_entries { config_entries {
bootstrap { bootstrap {
Kind = "cluster" Kind = "mesh"
Name = "cluster" Name = "mesh"
Meta { Meta {
"foo" = "bar" "foo" = "bar"
"gir" = "zim" "gir" = "zim"
@ -4244,15 +4244,15 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
expected: func(rt *RuntimeConfig) { expected: func(rt *RuntimeConfig) {
rt.DataDir = dataDir rt.DataDir = dataDir
rt.ConfigEntryBootstrap = []structs.ConfigEntry{ rt.ConfigEntryBootstrap = []structs.ConfigEntry{
&structs.ClusterConfigEntry{ &structs.MeshConfigEntry{
Kind: "cluster", Kind: structs.MeshConfig,
Name: "cluster", Name: structs.MeshConfigMesh,
Meta: map[string]string{ Meta: map[string]string{
"foo": "bar", "foo": "bar",
"gir": "zim", "gir": "zim",
}, },
EnterpriseMeta: *defaultEntMeta, EnterpriseMeta: *defaultEntMeta,
TransparentProxy: structs.TransparentProxyClusterConfig{ TransparentProxy: structs.TransparentProxyMeshConfig{
CatalogDestinationsOnly: true, CatalogDestinationsOnly: true,
}, },
}, },

View File

@ -426,15 +426,15 @@ func TestFSM_SnapshotRestore_OSS(t *testing.T) {
} }
require.NoError(t, fsm.state.EnsureConfigEntry(26, serviceIxn)) require.NoError(t, fsm.state.EnsureConfigEntry(26, serviceIxn))
// cluster config entry // mesh config entry
clusterConfig := &structs.ClusterConfigEntry{ meshConfig := &structs.MeshConfigEntry{
Kind: structs.ClusterConfig, Kind: structs.MeshConfig,
Name: structs.ClusterConfigCluster, Name: structs.MeshConfigMesh,
TransparentProxy: structs.TransparentProxyClusterConfig{ TransparentProxy: structs.TransparentProxyMeshConfig{
CatalogDestinationsOnly: true, CatalogDestinationsOnly: true,
}, },
} }
require.NoError(t, fsm.state.EnsureConfigEntry(27, clusterConfig)) require.NoError(t, fsm.state.EnsureConfigEntry(27, meshConfig))
// Snapshot // Snapshot
snap, err := fsm.Snapshot() snap, err := fsm.Snapshot()
@ -710,10 +710,10 @@ func TestFSM_SnapshotRestore_OSS(t *testing.T) {
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, serviceIxn, serviceIxnEntry) require.Equal(t, serviceIxn, serviceIxnEntry)
// Verify cluster config entry is restored // Verify mesh config entry is restored
_, clusterConfigEntry, err := fsm2.state.ConfigEntry(nil, structs.ClusterConfig, structs.ClusterConfigCluster, structs.DefaultEnterpriseMeta()) _, meshConfigEntry, err := fsm2.state.ConfigEntry(nil, structs.MeshConfig, structs.MeshConfigMesh, structs.DefaultEnterpriseMeta())
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, clusterConfig, clusterConfigEntry) require.Equal(t, meshConfig, meshConfigEntry)
// Snapshot // Snapshot
snap, err = fsm2.Snapshot() snap, err = fsm2.Snapshot()

View File

@ -361,7 +361,7 @@ func validateProposedConfigEntryInGraph(
return err return err
} }
case structs.ServiceIntentions: case structs.ServiceIntentions:
case structs.ClusterConfig: case structs.MeshConfig:
default: default:
return fmt.Errorf("unhandled kind %q during validation of %q", kind, name) return fmt.Errorf("unhandled kind %q during validation of %q", kind, name)
} }

View File

@ -61,8 +61,8 @@ type configSnapshotConnectProxy struct {
Intentions structs.Intentions Intentions structs.Intentions
IntentionsSet bool IntentionsSet bool
ClusterConfig *structs.ClusterConfigEntry MeshConfig *structs.MeshConfigEntry
ClusterConfigSet bool MeshConfigSet bool
} }
func (c *configSnapshotConnectProxy) IsEmpty() bool { func (c *configSnapshotConnectProxy) IsEmpty() bool {
@ -80,7 +80,7 @@ func (c *configSnapshotConnectProxy) IsEmpty() bool {
len(c.WatchedServiceChecks) == 0 && len(c.WatchedServiceChecks) == 0 &&
len(c.PreparedQueryEndpoints) == 0 && len(c.PreparedQueryEndpoints) == 0 &&
len(c.UpstreamConfig) == 0 && len(c.UpstreamConfig) == 0 &&
!c.ClusterConfigSet !c.MeshConfigSet
} }
type configSnapshotTerminatingGateway struct { type configSnapshotTerminatingGateway struct {
@ -360,7 +360,7 @@ type ConfigSnapshot struct {
func (s *ConfigSnapshot) Valid() bool { func (s *ConfigSnapshot) Valid() bool {
switch s.Kind { switch s.Kind {
case structs.ServiceKindConnectProxy: case structs.ServiceKindConnectProxy:
if s.Proxy.Mode == structs.ProxyModeTransparent && !s.ConnectProxy.ClusterConfigSet { if s.Proxy.Mode == structs.ProxyModeTransparent && !s.ConnectProxy.MeshConfigSet {
return false return false
} }
return s.Roots != nil && return s.Roots != nil &&

View File

@ -46,7 +46,7 @@ const (
serviceResolverIDPrefix = "service-resolver:" serviceResolverIDPrefix = "service-resolver:"
serviceIntentionsIDPrefix = "service-intentions:" serviceIntentionsIDPrefix = "service-intentions:"
intentionUpstreamsID = "intention-upstreams" intentionUpstreamsID = "intention-upstreams"
clusterConfigEntryID = "cluster-config" meshConfigEntryID = "mesh"
svcChecksWatchIDPrefix = cachetype.ServiceHTTPChecksName + ":" svcChecksWatchIDPrefix = cachetype.ServiceHTTPChecksName + ":"
serviceIDPrefix = string(structs.UpstreamDestTypeService) + ":" serviceIDPrefix = string(structs.UpstreamDestTypeService) + ":"
preparedQueryIDPrefix = string(structs.UpstreamDestTypePreparedQuery) + ":" preparedQueryIDPrefix = string(structs.UpstreamDestTypePreparedQuery) + ":"
@ -318,12 +318,12 @@ func (s *state) initWatchesConnectProxy(snap *ConfigSnapshot) error {
} }
err = s.cache.Notify(s.ctx, cachetype.ConfigEntryName, &structs.ConfigEntryQuery{ err = s.cache.Notify(s.ctx, cachetype.ConfigEntryName, &structs.ConfigEntryQuery{
Kind: structs.ClusterConfig, Kind: structs.MeshConfig,
Name: structs.ClusterConfigCluster, Name: structs.MeshConfigMesh,
Datacenter: s.source.Datacenter, Datacenter: s.source.Datacenter,
QueryOptions: structs.QueryOptions{Token: s.token}, QueryOptions: structs.QueryOptions{Token: s.token},
EnterpriseMeta: *structs.DefaultEnterpriseMeta(), EnterpriseMeta: *structs.DefaultEnterpriseMeta(),
}, clusterConfigEntryID, s.ch) }, meshConfigEntryID, s.ch)
if err != nil { if err != nil {
return err return err
} }
@ -887,22 +887,22 @@ func (s *state) handleUpdateConnectProxy(u cache.UpdateEvent, snap *ConfigSnapsh
svcID := structs.ServiceIDFromString(strings.TrimPrefix(u.CorrelationID, svcChecksWatchIDPrefix)) svcID := structs.ServiceIDFromString(strings.TrimPrefix(u.CorrelationID, svcChecksWatchIDPrefix))
snap.ConnectProxy.WatchedServiceChecks[svcID] = resp snap.ConnectProxy.WatchedServiceChecks[svcID] = resp
case u.CorrelationID == clusterConfigEntryID: case u.CorrelationID == meshConfigEntryID:
resp, ok := u.Result.(*structs.ConfigEntryResponse) resp, ok := u.Result.(*structs.ConfigEntryResponse)
if !ok { if !ok {
return fmt.Errorf("invalid type for response: %T", u.Result) return fmt.Errorf("invalid type for response: %T", u.Result)
} }
if resp.Entry != nil { if resp.Entry != nil {
clusterConf, ok := resp.Entry.(*structs.ClusterConfigEntry) meshConf, ok := resp.Entry.(*structs.MeshConfigEntry)
if !ok { if !ok {
return fmt.Errorf("invalid type for config entry: %T", resp.Entry) return fmt.Errorf("invalid type for config entry: %T", resp.Entry)
} }
snap.ConnectProxy.ClusterConfig = clusterConf snap.ConnectProxy.MeshConfig = meshConf
} else { } else {
snap.ConnectProxy.ClusterConfig = nil snap.ConnectProxy.MeshConfig = nil
} }
snap.ConnectProxy.ClusterConfigSet = true snap.ConnectProxy.MeshConfigSet = true
default: default:
return s.handleUpdateUpstreams(u, &snap.ConnectProxy.ConfigSnapshotUpstreams) return s.handleUpdateUpstreams(u, &snap.ConnectProxy.ConfigSnapshotUpstreams)

View File

@ -289,15 +289,15 @@ func genVerifyDiscoveryChainWatch(expected *structs.DiscoveryChainRequest) verif
} }
} }
func genVerifyClusterConfigWatch(expectedDatacenter string) verifyWatchRequest { func genVerifyMeshConfigWatch(expectedDatacenter string) verifyWatchRequest {
return func(t testing.TB, cacheType string, request cache.Request) { return func(t testing.TB, cacheType string, request cache.Request) {
require.Equal(t, cachetype.ConfigEntryName, cacheType) require.Equal(t, cachetype.ConfigEntryName, cacheType)
reqReal, ok := request.(*structs.ConfigEntryQuery) reqReal, ok := request.(*structs.ConfigEntryQuery)
require.True(t, ok) require.True(t, ok)
require.Equal(t, expectedDatacenter, reqReal.Datacenter) require.Equal(t, expectedDatacenter, reqReal.Datacenter)
require.Equal(t, structs.ClusterConfigCluster, reqReal.Name) require.Equal(t, structs.MeshConfigMesh, reqReal.Name)
require.Equal(t, structs.ClusterConfig, reqReal.Kind) require.Equal(t, structs.MeshConfig, reqReal.Kind)
} }
} }
@ -1554,9 +1554,9 @@ func TestState_WatchesAndUpdates(t *testing.T) {
rootsWatchID: genVerifyRootsWatch("dc1"), rootsWatchID: genVerifyRootsWatch("dc1"),
intentionUpstreamsID: genVerifyServiceSpecificRequest(intentionUpstreamsID, intentionUpstreamsID: genVerifyServiceSpecificRequest(intentionUpstreamsID,
"api", "", "dc1", false), "api", "", "dc1", false),
leafWatchID: genVerifyLeafWatch("api", "dc1"), leafWatchID: genVerifyLeafWatch("api", "dc1"),
intentionsWatchID: genVerifyIntentionWatch("api", "dc1"), intentionsWatchID: genVerifyIntentionWatch("api", "dc1"),
clusterConfigEntryID: genVerifyClusterConfigWatch("dc1"), meshConfigEntryID: genVerifyMeshConfigWatch("dc1"),
}, },
verifySnapshot: func(t testing.TB, snap *ConfigSnapshot) { verifySnapshot: func(t testing.TB, snap *ConfigSnapshot) {
require.False(t, snap.Valid(), "proxy without roots/leaf/intentions is not valid") require.False(t, snap.Valid(), "proxy without roots/leaf/intentions is not valid")
@ -1588,7 +1588,7 @@ func TestState_WatchesAndUpdates(t *testing.T) {
Err: nil, Err: nil,
}, },
{ {
CorrelationID: clusterConfigEntryID, CorrelationID: meshConfigEntryID,
Result: &structs.ConfigEntryResponse{ Result: &structs.ConfigEntryResponse{
Entry: nil, // no explicit config Entry: nil, // no explicit config
}, },
@ -1603,8 +1603,8 @@ func TestState_WatchesAndUpdates(t *testing.T) {
require.True(t, snap.MeshGateway.IsEmpty()) require.True(t, snap.MeshGateway.IsEmpty())
require.True(t, snap.IngressGateway.IsEmpty()) require.True(t, snap.IngressGateway.IsEmpty())
require.True(t, snap.TerminatingGateway.IsEmpty()) require.True(t, snap.TerminatingGateway.IsEmpty())
require.True(t, snap.ConnectProxy.ClusterConfigSet) require.True(t, snap.ConnectProxy.MeshConfigSet)
require.Nil(t, snap.ConnectProxy.ClusterConfig) require.Nil(t, snap.ConnectProxy.MeshConfig)
}, },
}, },
}, },
@ -1639,9 +1639,9 @@ func TestState_WatchesAndUpdates(t *testing.T) {
rootsWatchID: genVerifyRootsWatch("dc1"), rootsWatchID: genVerifyRootsWatch("dc1"),
intentionUpstreamsID: genVerifyServiceSpecificRequest(intentionUpstreamsID, intentionUpstreamsID: genVerifyServiceSpecificRequest(intentionUpstreamsID,
"api", "", "dc1", false), "api", "", "dc1", false),
leafWatchID: genVerifyLeafWatch("api", "dc1"), leafWatchID: genVerifyLeafWatch("api", "dc1"),
intentionsWatchID: genVerifyIntentionWatch("api", "dc1"), intentionsWatchID: genVerifyIntentionWatch("api", "dc1"),
clusterConfigEntryID: genVerifyClusterConfigWatch("dc1"), meshConfigEntryID: genVerifyMeshConfigWatch("dc1"),
}, },
verifySnapshot: func(t testing.TB, snap *ConfigSnapshot) { verifySnapshot: func(t testing.TB, snap *ConfigSnapshot) {
require.False(t, snap.Valid(), "proxy without roots/leaf/intentions is not valid") require.False(t, snap.Valid(), "proxy without roots/leaf/intentions is not valid")
@ -1671,12 +1671,12 @@ func TestState_WatchesAndUpdates(t *testing.T) {
Err: nil, Err: nil,
}, },
{ {
CorrelationID: clusterConfigEntryID, CorrelationID: meshConfigEntryID,
Result: &structs.ConfigEntryResponse{ Result: &structs.ConfigEntryResponse{
Entry: &structs.ClusterConfigEntry{ Entry: &structs.MeshConfigEntry{
Kind: structs.ClusterConfig, Kind: structs.MeshConfig,
Name: structs.ClusterConfigCluster, Name: structs.MeshConfigMesh,
TransparentProxy: structs.TransparentProxyClusterConfig{}, TransparentProxy: structs.TransparentProxyMeshConfig{},
}, },
}, },
Err: nil, Err: nil,
@ -1690,8 +1690,8 @@ func TestState_WatchesAndUpdates(t *testing.T) {
require.True(t, snap.MeshGateway.IsEmpty()) require.True(t, snap.MeshGateway.IsEmpty())
require.True(t, snap.IngressGateway.IsEmpty()) require.True(t, snap.IngressGateway.IsEmpty())
require.True(t, snap.TerminatingGateway.IsEmpty()) require.True(t, snap.TerminatingGateway.IsEmpty())
require.True(t, snap.ConnectProxy.ClusterConfigSet) require.True(t, snap.ConnectProxy.MeshConfigSet)
require.NotNil(t, snap.ConnectProxy.ClusterConfig) require.NotNil(t, snap.ConnectProxy.MeshConfig)
}, },
}, },
// Receiving an intention should lead to spinning up a discovery chain watch // Receiving an intention should lead to spinning up a discovery chain watch

View File

@ -26,10 +26,10 @@ const (
IngressGateway string = "ingress-gateway" IngressGateway string = "ingress-gateway"
TerminatingGateway string = "terminating-gateway" TerminatingGateway string = "terminating-gateway"
ServiceIntentions string = "service-intentions" ServiceIntentions string = "service-intentions"
ClusterConfig string = "cluster" MeshConfig string = "mesh"
ProxyConfigGlobal string = "global" ProxyConfigGlobal string = "global"
ClusterConfigCluster string = "cluster" MeshConfigMesh string = "mesh"
DefaultServiceProtocol = "tcp" DefaultServiceProtocol = "tcp"
) )
@ -43,7 +43,7 @@ var AllConfigEntryKinds = []string{
IngressGateway, IngressGateway,
TerminatingGateway, TerminatingGateway,
ServiceIntentions, ServiceIntentions,
ClusterConfig, MeshConfig,
} }
// ConfigEntry is the interface for centralized configuration stored in Raft. // ConfigEntry is the interface for centralized configuration stored in Raft.
@ -528,8 +528,8 @@ func MakeConfigEntry(kind, name string) (ConfigEntry, error) {
return &TerminatingGatewayConfigEntry{Name: name}, nil return &TerminatingGatewayConfigEntry{Name: name}, nil
case ServiceIntentions: case ServiceIntentions:
return &ServiceIntentionsConfigEntry{Name: name}, nil return &ServiceIntentionsConfigEntry{Name: name}, nil
case ClusterConfig: case MeshConfig:
return &ClusterConfigEntry{Name: name}, nil return &MeshConfigEntry{Name: name}, nil
default: default:
return nil, fmt.Errorf("invalid config entry kind: %s", kind) return nil, fmt.Errorf("invalid config entry kind: %s", kind)
} }

View File

@ -6,32 +6,32 @@ import (
"github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/acl"
) )
type ClusterConfigEntry struct { type MeshConfigEntry struct {
Kind string Kind string
Name string Name string
// TransparentProxy contains cluster-wide options pertaining to TPROXY mode // TransparentProxy contains cluster-wide options pertaining to TPROXY mode
// when enabled. // when enabled.
TransparentProxy TransparentProxyClusterConfig `alias:"transparent_proxy"` TransparentProxy TransparentProxyMeshConfig `alias:"transparent_proxy"`
Meta map[string]string `json:",omitempty"` Meta map[string]string `json:",omitempty"`
EnterpriseMeta `hcl:",squash" mapstructure:",squash"` EnterpriseMeta `hcl:",squash" mapstructure:",squash"`
RaftIndex RaftIndex
} }
// TransparentProxyClusterConfig contains cluster-wide options pertaining to // TransparentProxyMeshConfig contains cluster-wide options pertaining to
// TPROXY mode when enabled. // TPROXY mode when enabled.
type TransparentProxyClusterConfig struct { type TransparentProxyMeshConfig struct {
// CatalogDestinationsOnly can be used to disable the pass-through that // CatalogDestinationsOnly can be used to disable the pass-through that
// allows traffic to destinations outside of the mesh. // allows traffic to destinations outside of the mesh.
CatalogDestinationsOnly bool `alias:"catalog_destinations_only"` CatalogDestinationsOnly bool `alias:"catalog_destinations_only"`
} }
func (e *ClusterConfigEntry) GetKind() string { func (e *MeshConfigEntry) GetKind() string {
return ClusterConfig return MeshConfig
} }
func (e *ClusterConfigEntry) GetName() string { func (e *MeshConfigEntry) GetName() string {
if e == nil { if e == nil {
return "" return ""
} }
@ -39,33 +39,33 @@ func (e *ClusterConfigEntry) GetName() string {
return e.Name return e.Name
} }
func (e *ClusterConfigEntry) GetMeta() map[string]string { func (e *MeshConfigEntry) GetMeta() map[string]string {
if e == nil { if e == nil {
return nil return nil
} }
return e.Meta return e.Meta
} }
func (e *ClusterConfigEntry) Normalize() error { func (e *MeshConfigEntry) Normalize() error {
if e == nil { if e == nil {
return fmt.Errorf("config entry is nil") return fmt.Errorf("config entry is nil")
} }
e.Kind = ClusterConfig e.Kind = MeshConfig
e.Name = ClusterConfigCluster e.Name = MeshConfigMesh
e.EnterpriseMeta.Normalize() e.EnterpriseMeta.Normalize()
return nil return nil
} }
func (e *ClusterConfigEntry) Validate() error { func (e *MeshConfigEntry) Validate() error {
if e == nil { if e == nil {
return fmt.Errorf("config entry is nil") return fmt.Errorf("config entry is nil")
} }
if e.Name != ClusterConfigCluster { if e.Name != MeshConfigMesh {
return fmt.Errorf("invalid name (%q), only %q is supported", e.Name, ClusterConfigCluster) return fmt.Errorf("invalid name (%q), only %q is supported", e.Name, MeshConfigMesh)
} }
if err := validateConfigEntryMeta(e.Meta); err != nil { if err := validateConfigEntryMeta(e.Meta); err != nil {
@ -75,17 +75,17 @@ func (e *ClusterConfigEntry) Validate() error {
return e.validateEnterpriseMeta() return e.validateEnterpriseMeta()
} }
func (e *ClusterConfigEntry) CanRead(authz acl.Authorizer) bool { func (e *MeshConfigEntry) CanRead(authz acl.Authorizer) bool {
return true return true
} }
func (e *ClusterConfigEntry) CanWrite(authz acl.Authorizer) bool { func (e *MeshConfigEntry) CanWrite(authz acl.Authorizer) bool {
var authzContext acl.AuthorizerContext var authzContext acl.AuthorizerContext
e.FillAuthzContext(&authzContext) e.FillAuthzContext(&authzContext)
return authz.OperatorWrite(&authzContext) == acl.Allow return authz.OperatorWrite(&authzContext) == acl.Allow
} }
func (e *ClusterConfigEntry) GetRaftIndex() *RaftIndex { func (e *MeshConfigEntry) GetRaftIndex() *RaftIndex {
if e == nil { if e == nil {
return &RaftIndex{} return &RaftIndex{}
} }
@ -93,7 +93,7 @@ func (e *ClusterConfigEntry) GetRaftIndex() *RaftIndex {
return &e.RaftIndex return &e.RaftIndex
} }
func (e *ClusterConfigEntry) GetEnterpriseMeta() *EnterpriseMeta { func (e *MeshConfigEntry) GetEnterpriseMeta() *EnterpriseMeta {
if e == nil { if e == nil {
return nil return nil
} }

View File

@ -2,6 +2,6 @@
package structs package structs
func (e *ClusterConfigEntry) validateEnterpriseMeta() error { func (e *MeshConfigEntry) validateEnterpriseMeta() error {
return nil return nil
} }

View File

@ -1307,10 +1307,10 @@ func TestDecodeConfigEntry(t *testing.T) {
}, },
}, },
{ {
name: "cluster", name: "mesh",
snake: ` snake: `
kind = "cluster" kind = "mesh"
name = "cluster" name = "mesh"
meta { meta {
"foo" = "bar" "foo" = "bar"
"gir" = "zim" "gir" = "zim"
@ -1320,8 +1320,8 @@ func TestDecodeConfigEntry(t *testing.T) {
} }
`, `,
camel: ` camel: `
Kind = "cluster" Kind = "mesh"
Name = "cluster" Name = "mesh"
Meta { Meta {
"foo" = "bar" "foo" = "bar"
"gir" = "zim" "gir" = "zim"
@ -1330,14 +1330,14 @@ func TestDecodeConfigEntry(t *testing.T) {
CatalogDestinationsOnly = true CatalogDestinationsOnly = true
} }
`, `,
expect: &ClusterConfigEntry{ expect: &MeshConfigEntry{
Kind: "cluster", Kind: MeshConfig,
Name: "cluster", Name: MeshConfigMesh,
Meta: map[string]string{ Meta: map[string]string{
"foo": "bar", "foo": "bar",
"gir": "zim", "gir": "zim",
}, },
TransparentProxy: TransparentProxyClusterConfig{ TransparentProxy: TransparentProxyMeshConfig{
CatalogDestinationsOnly: true, CatalogDestinationsOnly: true,
}, },
}, },

View File

@ -59,8 +59,8 @@ func (s *Server) clustersFromSnapshotConnectProxy(cfgSnap *proxycfg.ConfigSnapsh
// In transparent proxy mode there needs to be a passthrough cluster for traffic going to destinations // In transparent proxy mode there needs to be a passthrough cluster for traffic going to destinations
// that aren't in Consul's catalog. // that aren't in Consul's catalog.
if cfgSnap.Proxy.Mode == structs.ProxyModeTransparent && if cfgSnap.Proxy.Mode == structs.ProxyModeTransparent &&
cfgSnap.ConnectProxy.ClusterConfig != nil && cfgSnap.ConnectProxy.MeshConfig != nil &&
!cfgSnap.ConnectProxy.ClusterConfig.TransparentProxy.CatalogDestinationsOnly { !cfgSnap.ConnectProxy.MeshConfig.TransparentProxy.CatalogDestinationsOnly {
clusters = append(clusters, &envoy_cluster_v3.Cluster{ clusters = append(clusters, &envoy_cluster_v3.Cluster{
Name: OriginalDestinationClusterName, Name: OriginalDestinationClusterName,

View File

@ -631,9 +631,9 @@ func TestClustersFromSnapshot(t *testing.T) {
setup: func(snap *proxycfg.ConfigSnapshot) { setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Mode = structs.ProxyModeTransparent snap.Proxy.Mode = structs.ProxyModeTransparent
snap.ConnectProxy.ClusterConfigSet = true snap.ConnectProxy.MeshConfigSet = true
snap.ConnectProxy.ClusterConfig = &structs.ClusterConfigEntry{ snap.ConnectProxy.MeshConfig = &structs.MeshConfigEntry{
TransparentProxy: structs.TransparentProxyClusterConfig{ TransparentProxy: structs.TransparentProxyMeshConfig{
CatalogDestinationsOnly: false, CatalogDestinationsOnly: false,
}, },
} }

View File

@ -218,8 +218,8 @@ func (s *Server) listenersFromSnapshotConnectProxy(cInfo connectionInfo, cfgSnap
}) })
// Add a catch-all filter chain that acts as a TCP proxy to non-catalog destinations // Add a catch-all filter chain that acts as a TCP proxy to non-catalog destinations
if cfgSnap.ConnectProxy.ClusterConfig == nil || if cfgSnap.ConnectProxy.MeshConfig == nil ||
!cfgSnap.ConnectProxy.ClusterConfig.TransparentProxy.CatalogDestinationsOnly { !cfgSnap.ConnectProxy.MeshConfig.TransparentProxy.CatalogDestinationsOnly {
filterChain, err := s.makeUpstreamFilterChainForDiscoveryChain( filterChain, err := s.makeUpstreamFilterChainForDiscoveryChain(
"passthrough", "passthrough",

View File

@ -483,7 +483,7 @@ func TestListenersFromSnapshot(t *testing.T) {
setup: func(snap *proxycfg.ConfigSnapshot) { setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Mode = structs.ProxyModeTransparent snap.Proxy.Mode = structs.ProxyModeTransparent
snap.ConnectProxy.ClusterConfigSet = true snap.ConnectProxy.MeshConfigSet = true
// DiscoveryChain without an UpstreamConfig should yield a filter chain when in transparent proxy mode // DiscoveryChain without an UpstreamConfig should yield a filter chain when in transparent proxy mode
snap.ConnectProxy.DiscoveryChain["google"] = discoverychain.TestCompileConfigEntries( snap.ConnectProxy.DiscoveryChain["google"] = discoverychain.TestCompileConfigEntries(
@ -516,11 +516,11 @@ func TestListenersFromSnapshot(t *testing.T) {
setup: func(snap *proxycfg.ConfigSnapshot) { setup: func(snap *proxycfg.ConfigSnapshot) {
snap.Proxy.Mode = structs.ProxyModeTransparent snap.Proxy.Mode = structs.ProxyModeTransparent
snap.ConnectProxy.ClusterConfigSet = true snap.ConnectProxy.MeshConfigSet = true
snap.ConnectProxy.ClusterConfig = &structs.ClusterConfigEntry{ snap.ConnectProxy.MeshConfig = &structs.MeshConfigEntry{
Kind: structs.ClusterConfig, Kind: structs.MeshConfig,
Name: structs.ClusterConfigCluster, Name: structs.MeshConfigMesh,
TransparentProxy: structs.TransparentProxyClusterConfig{ TransparentProxy: structs.TransparentProxyMeshConfig{
CatalogDestinationsOnly: true, CatalogDestinationsOnly: true,
}, },
} }

View File

@ -21,10 +21,10 @@ const (
IngressGateway string = "ingress-gateway" IngressGateway string = "ingress-gateway"
TerminatingGateway string = "terminating-gateway" TerminatingGateway string = "terminating-gateway"
ServiceIntentions string = "service-intentions" ServiceIntentions string = "service-intentions"
ClusterConfig string = "cluster" MeshConfig string = "mesh"
ProxyConfigGlobal string = "global" ProxyConfigGlobal string = "global"
ClusterConfigCluster string = "cluster" MeshConfigMesh string = "mesh"
) )
type ConfigEntry interface { type ConfigEntry interface {
@ -294,8 +294,8 @@ func makeConfigEntry(kind, name string) (ConfigEntry, error) {
return &TerminatingGatewayConfigEntry{Kind: kind, Name: name}, nil return &TerminatingGatewayConfigEntry{Kind: kind, Name: name}, nil
case ServiceIntentions: case ServiceIntentions:
return &ServiceIntentionsConfigEntry{Kind: kind, Name: name}, nil return &ServiceIntentionsConfigEntry{Kind: kind, Name: name}, nil
case ClusterConfig: case MeshConfig:
return &ClusterConfigEntry{Kind: kind, Name: name}, nil return &MeshConfigEntry{Kind: kind, Name: name}, nil
default: default:
return nil, fmt.Errorf("invalid config entry kind: %s", kind) return nil, fmt.Errorf("invalid config entry kind: %s", kind)
} }

View File

@ -1,39 +1,39 @@
package api package api
type ClusterConfigEntry struct { type MeshConfigEntry struct {
Kind string Kind string
Name string Name string
Namespace string `json:",omitempty"` Namespace string `json:",omitempty"`
TransparentProxy TransparentProxyClusterConfig `alias:"transparent_proxy"` TransparentProxy TransparentProxyMeshConfig `alias:"transparent_proxy"`
Meta map[string]string `json:",omitempty"` Meta map[string]string `json:",omitempty"`
CreateIndex uint64 CreateIndex uint64
ModifyIndex uint64 ModifyIndex uint64
} }
type TransparentProxyClusterConfig struct { type TransparentProxyMeshConfig struct {
CatalogDestinationsOnly bool `alias:"catalog_destinations_only"` CatalogDestinationsOnly bool `alias:"catalog_destinations_only"`
} }
func (e *ClusterConfigEntry) GetKind() string { func (e *MeshConfigEntry) GetKind() string {
return e.Kind return e.Kind
} }
func (e *ClusterConfigEntry) GetName() string { func (e *MeshConfigEntry) GetName() string {
return e.Name return e.Name
} }
func (e *ClusterConfigEntry) GetNamespace() string { func (e *MeshConfigEntry) GetNamespace() string {
return e.Namespace return e.Namespace
} }
func (e *ClusterConfigEntry) GetMeta() map[string]string { func (e *MeshConfigEntry) GetMeta() map[string]string {
return e.Meta return e.Meta
} }
func (e *ClusterConfigEntry) GetCreateIndex() uint64 { func (e *MeshConfigEntry) GetCreateIndex() uint64 {
return e.CreateIndex return e.CreateIndex
} }
func (e *ClusterConfigEntry) GetModifyIndex() uint64 { func (e *MeshConfigEntry) GetModifyIndex() uint64 {
return e.ModifyIndex return e.ModifyIndex
} }

View File

@ -1137,11 +1137,11 @@ func TestDecodeConfigEntry(t *testing.T) {
}, },
}, },
{ {
name: "cluster", name: "mesh",
body: ` body: `
{ {
"Kind": "cluster", "Kind": "mesh",
"Name": "cluster", "Name": "mesh",
"Meta" : { "Meta" : {
"foo": "bar", "foo": "bar",
"gir": "zim" "gir": "zim"
@ -1151,14 +1151,14 @@ func TestDecodeConfigEntry(t *testing.T) {
} }
} }
`, `,
expect: &ClusterConfigEntry{ expect: &MeshConfigEntry{
Kind: "cluster", Kind: "mesh",
Name: "cluster", Name: "mesh",
Meta: map[string]string{ Meta: map[string]string{
"foo": "bar", "foo": "bar",
"gir": "zim", "gir": "zim",
}, },
TransparentProxy: TransparentProxyClusterConfig{ TransparentProxy: TransparentProxyMeshConfig{
CatalogDestinationsOnly: true, CatalogDestinationsOnly: true,
}, },
}, },

View File

@ -2624,10 +2624,10 @@ func TestParseConfigEntry(t *testing.T) {
}, },
}, },
{ {
name: "cluster", name: "mesh",
snake: ` snake: `
kind = "cluster" kind = "mesh"
name = "cluster" name = "mesh"
meta { meta {
"foo" = "bar" "foo" = "bar"
"gir" = "zim" "gir" = "zim"
@ -2637,8 +2637,8 @@ func TestParseConfigEntry(t *testing.T) {
} }
`, `,
camel: ` camel: `
Kind = "cluster" Kind = "mesh"
Name = "cluster" Name = "mesh"
Meta { Meta {
"foo" = "bar" "foo" = "bar"
"gir" = "zim" "gir" = "zim"
@ -2649,8 +2649,8 @@ func TestParseConfigEntry(t *testing.T) {
`, `,
snakeJSON: ` snakeJSON: `
{ {
"kind": "cluster", "kind": "mesh",
"name": "cluster", "name": "mesh",
"meta" : { "meta" : {
"foo": "bar", "foo": "bar",
"gir": "zim" "gir": "zim"
@ -2662,8 +2662,8 @@ func TestParseConfigEntry(t *testing.T) {
`, `,
camelJSON: ` camelJSON: `
{ {
"Kind": "cluster", "Kind": "mesh",
"Name": "cluster", "Name": "mesh",
"Meta" : { "Meta" : {
"foo": "bar", "foo": "bar",
"gir": "zim" "gir": "zim"
@ -2673,14 +2673,14 @@ func TestParseConfigEntry(t *testing.T) {
} }
} }
`, `,
expect: &api.ClusterConfigEntry{ expect: &api.MeshConfigEntry{
Kind: "cluster", Kind: api.MeshConfig,
Name: "cluster", Name: api.MeshConfigMesh,
Meta: map[string]string{ Meta: map[string]string{
"foo": "bar", "foo": "bar",
"gir": "zim", "gir": "zim",
}, },
TransparentProxy: api.TransparentProxyClusterConfig{ TransparentProxy: api.TransparentProxyMeshConfig{
CatalogDestinationsOnly: true, CatalogDestinationsOnly: true,
}, },
}, },

View File

@ -1,18 +1,18 @@
--- ---
layout: docs layout: docs
page_title: 'Configuration Entry Kind: Cluster' page_title: 'Configuration Entry Kind: Mesh'
description: >- description: >-
The cluster config entry kind allows for globally defining default The mesh config entry kind allows for globally defining default
configuration across all services mesh proxies. configuration across all services mesh proxies.
Settings in this config entry apply across all namespaces and federated datacenters. Settings in this config entry apply across all namespaces and federated datacenters.
Currently, only one cluster entry is supported. Currently, only one mesh entry is supported.
--- ---
# Cluster <sup>Beta</sup> # Mesh <sup>Beta</sup>
-> **v1.10.0+:** This config entry is supported in Consul versions 1.10.0+. -> **v1.10.0+:** This config entry is supported in Consul versions 1.10.0+.
The `cluster` config entry kind allows for globally defining The `mesh` config entry kind allows for globally defining
default configuration that applies to all service mesh proxies. default configuration that applies to all service mesh proxies.
Settings in this config entry apply across all namespaces and federated datacenters. Settings in this config entry apply across all namespaces and federated datacenters.
@ -24,8 +24,9 @@ Settings in this config entry apply across all namespaces and federated datacent
<Tab heading="HCL"> <Tab heading="HCL">
```hcl ```hcl
Kind = "cluster" Kind = "mesh"
Name = "cluster" Name = "mesh"
TransparentProxy { TransparentProxy {
CatalogDestinationsOnly = true CatalogDestinationsOnly = true
} }
@ -34,13 +35,14 @@ TransparentProxy {
</Tab> </Tab>
<Tab heading="HCL (Consul Enterprise)"> <Tab heading="HCL (Consul Enterprise)">
**NOTE:** The `cluster` config entry can only be created in the `default` **NOTE:** The `mesh` config entry can only be created in the `default`
namespace and it will apply to proxies across **all** namespaces. namespace and it will apply to proxies across **all** namespaces.
```hcl ```hcl
Kind = "cluster" Kind = "mesh"
Name = "cluster" Name = "mesh"
Namespace = "default" # Can only be set to "default". Namespace = "default" # Can only be set to "default".
TransparentProxy { TransparentProxy {
CatalogDestinationsOnly = true CatalogDestinationsOnly = true
} }
@ -51,9 +53,9 @@ TransparentProxy {
## Available Fields ## Available Fields
- `Kind` - Must be set to `cluster` - `Kind` - Must be set to `mesh`
- `Name` `(string: <required>)` - Must be set to `cluster` - `Name` `(string: <required>)` - Must be set to `mesh`
- `Namespace` `(string: "default")` <EnterpriseAlert inline /> - Specifies the namespace the config entry will apply to. - `Namespace` `(string: "default")` <EnterpriseAlert inline /> - Specifies the namespace the config entry will apply to.
Must be set to `default` Must be set to `default`
@ -71,7 +73,7 @@ TransparentProxy {
Configuration entries may be protected by [ACLs](/docs/security/acl). Configuration entries may be protected by [ACLs](/docs/security/acl).
Reading a `cluster` config entry requires no specific privileges. Reading a `mesh` config entry requires no specific privileges.
Creating, updating, or deleting a `cluster` config entry requires Creating, updating, or deleting a `mesh` config entry requires
`operator:write`. `operator:write`.

View File

@ -141,14 +141,14 @@
"title": "Overview", "title": "Overview",
"path": "connect/config-entries" "path": "connect/config-entries"
}, },
{
"title": "Cluster",
"path": "connect/config-entries/cluster"
},
{ {
"title": "Ingress Gateway", "title": "Ingress Gateway",
"path": "connect/config-entries/ingress-gateway" "path": "connect/config-entries/ingress-gateway"
}, },
{
"title": "Mesh",
"path": "connect/config-entries/mesh"
},
{ {
"title": "Proxy Defaults", "title": "Proxy Defaults",
"path": "connect/config-entries/proxy-defaults" "path": "connect/config-entries/proxy-defaults"