From c0dc93e5b8a7c62d58e89cf4b14d73973bb5141a Mon Sep 17 00:00:00 2001 From: cskh Date: Wed, 19 Oct 2022 16:33:25 -0400 Subject: [PATCH] fix: wan address isn't used by peering token --- agent/consul/peering_backend.go | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/agent/consul/peering_backend.go b/agent/consul/peering_backend.go index d9daeaea1..12ed97cbb 100644 --- a/agent/consul/peering_backend.go +++ b/agent/consul/peering_backend.go @@ -205,6 +205,19 @@ func meshGatewayAdresses(state *state.Store, ws memdb.WatchSet, wan bool) ([]str return addrs, nil } +func parseNodeAddr(node *structs.ServiceNode) string { + // Prefer the wan address + if v, ok := node.TaggedAddresses[structs.TaggedAddressWANIPv4]; ok { + return v + } + + if v, ok := node.TaggedAddresses[structs.TaggedAddressWAN]; ok { + return v + } + + return node.Address +} + func serverAddresses(state *state.Store) ([]string, error) { _, nodes, err := state.ServiceNodes(nil, "consul", structs.DefaultEnterpriseMetaInDefaultPartition(), structs.DefaultPeerKeyword) if err != nil { @@ -212,16 +225,18 @@ func serverAddresses(state *state.Store) ([]string, error) { } var addrs []string for _, node := range nodes { + addr := parseNodeAddr(node) + // Prefer the TLS port if it is defined. grpcPortStr := node.ServiceMeta["grpc_tls_port"] if v, err := strconv.Atoi(grpcPortStr); err == nil && v > 0 { - addrs = append(addrs, node.Address+":"+grpcPortStr) + addrs = append(addrs, addr+":"+grpcPortStr) continue } // Fallback to the standard port if TLS is not defined. grpcPortStr = node.ServiceMeta["grpc_port"] if v, err := strconv.Atoi(grpcPortStr); err == nil && v > 0 { - addrs = append(addrs, node.Address+":"+grpcPortStr) + addrs = append(addrs, addr+":"+grpcPortStr) continue } // Skip node if neither defined.