Replace TransparentProxy bool with ProxyMode
This PR replaces the original boolean used to configure transparent proxy mode. It was replaced with a string mode that can be set to: - "": Empty string is the default for when the setting should be defaulted from other configuration like config entries. - "direct": Direct mode is how applications originally opted into the mesh. Proxy listeners need to be dialed directly. - "transparent": Transparent mode enables configuring Envoy as a transparent proxy. Traffic must be captured and redirected to the inbound and outbound listeners. This PR also adds a struct for transparent proxy specific configuration. Initially this is not stored as a pointer. Will revisit that decision before GA.
This commit is contained in:
parent
fb4d07243d
commit
eeccba945d
|
@ -196,7 +196,10 @@ func TestAgent_Services_Sidecar(t *testing.T) {
|
|||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "db",
|
||||
Upstreams: structs.TestUpstreams(t),
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
},
|
||||
}
|
||||
a.State.AddService(srv1, "")
|
||||
|
@ -396,7 +399,7 @@ func TestAgent_Service(t *testing.T) {
|
|||
Service: "web-sidecar-proxy",
|
||||
Port: 8000,
|
||||
Proxy: expectProxy.ToAPI(),
|
||||
ContentHash: "fa3af167b81f6721",
|
||||
ContentHash: "eb557bc310d4f8a0",
|
||||
Weights: api.AgentWeights{
|
||||
Passing: 1,
|
||||
Warning: 1,
|
||||
|
@ -410,7 +413,7 @@ func TestAgent_Service(t *testing.T) {
|
|||
// Copy and modify
|
||||
updatedResponse := *expectedResponse
|
||||
updatedResponse.Port = 9999
|
||||
updatedResponse.ContentHash = "c7739b50900c7483"
|
||||
updatedResponse.ContentHash = "d61c11f438c7eb02"
|
||||
|
||||
// Simple response for non-proxy service registered in TestAgent config
|
||||
expectWebResponse := &api.AgentService{
|
||||
|
|
|
@ -1691,7 +1691,8 @@ func (b *builder) serviceProxyVal(v *ServiceProxy) *structs.ConnectProxyConfig {
|
|||
Upstreams: b.upstreamsVal(v.Upstreams),
|
||||
MeshGateway: b.meshGatewayConfVal(v.MeshGateway),
|
||||
Expose: b.exposeConfVal(v.Expose),
|
||||
TransparentProxy: boolVal(v.TransparentProxy),
|
||||
Mode: b.proxyModeVal(v.Mode),
|
||||
TransparentProxy: b.transparentProxyConfVal(v.TransparentProxy),
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1743,6 +1744,28 @@ func (b *builder) exposeConfVal(v *ExposeConfig) structs.ExposeConfig {
|
|||
return out
|
||||
}
|
||||
|
||||
func (b *builder) transparentProxyConfVal(tproxyConf *TransparentProxyConfig) structs.TransparentProxyConfig {
|
||||
var out structs.TransparentProxyConfig
|
||||
if tproxyConf == nil {
|
||||
return out
|
||||
}
|
||||
|
||||
out.OutboundListenerPort = intVal(tproxyConf.OutboundListenerPort)
|
||||
return out
|
||||
}
|
||||
|
||||
func (b *builder) proxyModeVal(v *string) structs.ProxyMode {
|
||||
if v == nil {
|
||||
return structs.ProxyModeDefault
|
||||
}
|
||||
|
||||
mode, err := structs.ValidateProxyMode(*v)
|
||||
if err != nil {
|
||||
b.err = multierror.Append(b.err, err)
|
||||
}
|
||||
return mode
|
||||
}
|
||||
|
||||
func (b *builder) pathsVal(v []ExposePath) []structs.ExposePath {
|
||||
paths := make([]structs.ExposePath, len(v))
|
||||
for i, p := range v {
|
||||
|
|
|
@ -461,6 +461,12 @@ type ServiceProxy struct {
|
|||
// (DestinationServiceID is set) but otherwise will be ignored.
|
||||
LocalServicePort *int `mapstructure:"local_service_port"`
|
||||
|
||||
// TransparentProxy configuration.
|
||||
TransparentProxy *TransparentProxyConfig `mapstructure:"transparent_proxy"`
|
||||
|
||||
// Mode represents how the proxy's inbound and upstream listeners are dialed.
|
||||
Mode *string `mapstructure:"mode"`
|
||||
|
||||
// Config is the arbitrary configuration data provided with the proxy
|
||||
// registration.
|
||||
Config map[string]interface{} `mapstructure:"config"`
|
||||
|
@ -474,10 +480,6 @@ type ServiceProxy struct {
|
|||
|
||||
// Expose defines whether checks or paths are exposed through the proxy
|
||||
Expose *ExposeConfig `mapstructure:"expose"`
|
||||
|
||||
// TransparentProxy toggles whether inbound and outbound traffic is being
|
||||
// redirected to the proxy.
|
||||
TransparentProxy *bool `mapstructure:"transparent_proxy"`
|
||||
}
|
||||
|
||||
// Upstream represents a single upstream dependency for a service or proxy. It
|
||||
|
@ -523,6 +525,11 @@ type MeshGatewayConfig struct {
|
|||
Mode *string `mapstructure:"mode"`
|
||||
}
|
||||
|
||||
type TransparentProxyConfig struct {
|
||||
// Mesh Gateway Mode
|
||||
OutboundListenerPort *int `mapstructure:"outbound_listener_port"`
|
||||
}
|
||||
|
||||
// ExposeConfig describes HTTP paths to expose through Envoy outside of Connect.
|
||||
// Users can expose individual paths and/or all HTTP/GRPC paths for checks.
|
||||
type ExposeConfig struct {
|
||||
|
|
|
@ -2582,7 +2582,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
}
|
||||
]
|
||||
},
|
||||
"transparent_proxy": true,
|
||||
"mode": "transparent",
|
||||
"transparent_proxy": {
|
||||
"outbound_listener_port": 10101
|
||||
},
|
||||
"upstreams": [
|
||||
{
|
||||
"destination_name": "db",
|
||||
|
@ -2619,7 +2622,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
}
|
||||
]
|
||||
}
|
||||
transparent_proxy = true
|
||||
mode = "transparent"
|
||||
transparent_proxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
upstreams = [
|
||||
{
|
||||
destination_name = "db"
|
||||
|
@ -2659,7 +2665,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
Upstreams: structs.Upstreams{
|
||||
structs.Upstream{
|
||||
DestinationType: "service",
|
||||
|
@ -2714,7 +2723,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
}
|
||||
]
|
||||
},
|
||||
"transparent_proxy": true,
|
||||
"mode": "transparent",
|
||||
"transparent_proxy": {
|
||||
"outbound_listener_port": 10101
|
||||
},
|
||||
"upstreams": [
|
||||
{
|
||||
"destination_name": "db",
|
||||
|
@ -2751,7 +2763,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
}
|
||||
]
|
||||
}
|
||||
transparent_proxy = true,
|
||||
mode = "transparent"
|
||||
transparent_proxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
upstreams = [
|
||||
{
|
||||
destination_name = "db"
|
||||
|
@ -2791,7 +2806,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
Upstreams: structs.Upstreams{
|
||||
structs.Upstream{
|
||||
DestinationType: "service",
|
||||
|
@ -3435,7 +3453,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
"mesh_gateway": {
|
||||
"mode": "remote"
|
||||
},
|
||||
"transparent_proxy": true
|
||||
"mode": "transparent",
|
||||
"transparent_proxy": {
|
||||
"outbound_listener_port": 10101
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -3454,7 +3475,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
mesh_gateway {
|
||||
mode = "remote"
|
||||
}
|
||||
transparent_proxy = true
|
||||
mode = "transparent"
|
||||
transparent_proxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
}
|
||||
}`},
|
||||
expected: func(rt *RuntimeConfig) {
|
||||
|
@ -3473,7 +3497,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
MeshGateway: structs.MeshGatewayConfig{
|
||||
Mode: structs.MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
},
|
||||
}
|
||||
},
|
||||
|
@ -3496,7 +3523,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
"MeshGateway": {
|
||||
"Mode": "remote"
|
||||
},
|
||||
"TransparentProxy": true
|
||||
"Mode": "transparent",
|
||||
"TransparentProxy": {
|
||||
"OutboundListenerPort": 10101
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -3515,7 +3545,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
MeshGateway {
|
||||
Mode = "remote"
|
||||
}
|
||||
TransparentProxy = true
|
||||
Mode = "transparent"
|
||||
TransparentProxy = {
|
||||
OutboundListenerPort = 10101
|
||||
}
|
||||
}
|
||||
}`},
|
||||
expected: func(rt *RuntimeConfig) {
|
||||
|
@ -3534,7 +3567,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
MeshGateway: structs.MeshGatewayConfig{
|
||||
Mode: structs.MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
},
|
||||
}
|
||||
},
|
||||
|
@ -3557,7 +3593,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
"mesh_gateway": {
|
||||
"mode": "remote"
|
||||
},
|
||||
"transparent_proxy": true
|
||||
"mode": "transparent",
|
||||
"transparent_proxy": {
|
||||
"outbound_listener_port": 10101
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -3576,7 +3615,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
mesh_gateway {
|
||||
mode = "remote"
|
||||
}
|
||||
transparent_proxy = true
|
||||
mode = "transparent"
|
||||
transparent_proxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
}
|
||||
}`},
|
||||
expected: func(rt *RuntimeConfig) {
|
||||
|
@ -3595,7 +3637,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
MeshGateway: structs.MeshGatewayConfig{
|
||||
Mode: structs.MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
},
|
||||
}
|
||||
},
|
||||
|
@ -3618,7 +3663,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
"MeshGateway": {
|
||||
"Mode": "remote"
|
||||
},
|
||||
"TransparentProxy": true
|
||||
"Mode": "transparent",
|
||||
"TransparentProxy": {
|
||||
"OutboundListenerPort": 10101
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -3637,7 +3685,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
MeshGateway {
|
||||
Mode = "remote"
|
||||
}
|
||||
TransparentProxy = true
|
||||
Mode = "transparent"
|
||||
TransparentProxy = {
|
||||
OutboundListenerPort = 10101
|
||||
}
|
||||
}
|
||||
}`},
|
||||
expected: func(rt *RuntimeConfig) {
|
||||
|
@ -3656,7 +3707,10 @@ func TestLoad_IntegrationWithFlags(t *testing.T) {
|
|||
MeshGateway: structs.MeshGatewayConfig{
|
||||
Mode: structs.MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
},
|
||||
}
|
||||
},
|
||||
|
@ -5598,7 +5652,10 @@ func TestLoad_FullConfig(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
},
|
||||
Weights: &structs.Weights{
|
||||
Passing: 1,
|
||||
|
|
|
@ -591,7 +591,10 @@ services = [
|
|||
}
|
||||
]
|
||||
}
|
||||
transparent_proxy = true
|
||||
mode = "transparent"
|
||||
transparent_proxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
|
|
|
@ -572,7 +572,10 @@
|
|||
}
|
||||
]
|
||||
},
|
||||
"transparent_proxy": true,
|
||||
"mode": "transparent",
|
||||
"transparent_proxy": {
|
||||
"outbound_listener_port": 10101
|
||||
},
|
||||
"upstreams": [
|
||||
{
|
||||
"destination_name": "KPtAj2cb",
|
||||
|
|
|
@ -355,9 +355,10 @@ func (c *ConfigEntry) ResolveServiceConfig(args *structs.ServiceConfigRequest, r
|
|||
return fmt.Errorf("failed to copy global proxy-defaults: %v", err)
|
||||
}
|
||||
reply.ProxyConfig = mapCopy.(map[string]interface{})
|
||||
reply.Mode = proxyConf.Mode
|
||||
reply.TransparentProxy = proxyConf.TransparentProxy
|
||||
reply.MeshGateway = proxyConf.MeshGateway
|
||||
reply.Expose = proxyConf.Expose
|
||||
reply.TransparentProxy = proxyConf.TransparentProxy
|
||||
|
||||
// Extract the global protocol from proxyConf for upstream configs.
|
||||
rawProtocol := proxyConf.Config["protocol"]
|
||||
|
@ -396,8 +397,11 @@ func (c *ConfigEntry) ResolveServiceConfig(args *structs.ServiceConfigRequest, r
|
|||
}
|
||||
reply.ProxyConfig["protocol"] = serviceConf.Protocol
|
||||
}
|
||||
if serviceConf.TransparentProxy {
|
||||
reply.TransparentProxy = serviceConf.TransparentProxy
|
||||
if serviceConf.TransparentProxy.OutboundListenerPort != 0 {
|
||||
reply.TransparentProxy.OutboundListenerPort = serviceConf.TransparentProxy.OutboundListenerPort
|
||||
}
|
||||
if serviceConf.Mode != structs.ProxyModeDefault {
|
||||
reply.Mode = serviceConf.Mode
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -413,13 +417,13 @@ func (c *ConfigEntry) ResolveServiceConfig(args *structs.ServiceConfigRequest, r
|
|||
var (
|
||||
noUpstreamArgs = len(upstreamIDs) == 0 && len(args.Upstreams) == 0
|
||||
|
||||
// Check the args and the resolved value. If it was exclusively set via a config entry, then args.TransparentProxy
|
||||
// will never be true because the service config request does not use the resolved value.
|
||||
tproxy = args.TransparentProxy || reply.TransparentProxy
|
||||
// Check the args and the resolved value. If it was exclusively set via a config entry, then args.Mode
|
||||
// will never be transparent because the service config request does not use the resolved value.
|
||||
tproxy = args.Mode == structs.ProxyModeTransparent || reply.Mode == structs.ProxyModeTransparent
|
||||
)
|
||||
|
||||
// The upstreams passed as arguments to this endpoint are the upstreams explicitly defined in a proxy registration.
|
||||
// If no upstreams were passed, then we should only returned the resolved config if the proxy has TransparentProxy mode enabled.
|
||||
// If no upstreams were passed, then we should only returned the resolved config if the proxy in transparent mode.
|
||||
// Otherwise we would return a resolved upstream config to a proxy with no configured upstreams.
|
||||
if noUpstreamArgs && !tproxy {
|
||||
return nil
|
||||
|
|
|
@ -913,7 +913,8 @@ func TestConfigEntry_ResolveServiceConfig_TransparentProxy(t *testing.T) {
|
|||
&structs.ProxyConfigEntry{
|
||||
Kind: structs.ProxyDefaults,
|
||||
Name: structs.ProxyConfigGlobal,
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 10101},
|
||||
},
|
||||
},
|
||||
request: structs.ServiceConfigRequest{
|
||||
|
@ -921,7 +922,8 @@ func TestConfigEntry_ResolveServiceConfig_TransparentProxy(t *testing.T) {
|
|||
Datacenter: "dc1",
|
||||
},
|
||||
expect: structs.ServiceConfigResponse{
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 10101},
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -930,7 +932,8 @@ func TestConfigEntry_ResolveServiceConfig_TransparentProxy(t *testing.T) {
|
|||
&structs.ServiceConfigEntry{
|
||||
Kind: structs.ServiceDefaults,
|
||||
Name: "foo",
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 808},
|
||||
},
|
||||
},
|
||||
request: structs.ServiceConfigRequest{
|
||||
|
@ -938,7 +941,8 @@ func TestConfigEntry_ResolveServiceConfig_TransparentProxy(t *testing.T) {
|
|||
Datacenter: "dc1",
|
||||
},
|
||||
expect: structs.ServiceConfigResponse{
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 808},
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -947,12 +951,14 @@ func TestConfigEntry_ResolveServiceConfig_TransparentProxy(t *testing.T) {
|
|||
&structs.ProxyConfigEntry{
|
||||
Kind: structs.ProxyDefaults,
|
||||
Name: structs.ProxyConfigGlobal,
|
||||
TransparentProxy: false,
|
||||
Mode: structs.ProxyModeDirect,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 10101},
|
||||
},
|
||||
&structs.ServiceConfigEntry{
|
||||
Kind: structs.ServiceDefaults,
|
||||
Name: "foo",
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 808},
|
||||
},
|
||||
},
|
||||
request: structs.ServiceConfigRequest{
|
||||
|
@ -960,7 +966,8 @@ func TestConfigEntry_ResolveServiceConfig_TransparentProxy(t *testing.T) {
|
|||
Datacenter: "dc1",
|
||||
},
|
||||
expect: structs.ServiceConfigResponse{
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 808},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
@ -1245,9 +1252,9 @@ func TestConfigEntry_ResolveServiceConfig_Upstreams(t *testing.T) {
|
|||
},
|
||||
},
|
||||
request: structs.ServiceConfigRequest{
|
||||
Name: "api",
|
||||
Datacenter: "dc1",
|
||||
TransparentProxy: true,
|
||||
Name: "api",
|
||||
Datacenter: "dc1",
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
|
||||
// Empty Upstreams/UpstreamIDs
|
||||
},
|
||||
|
@ -1291,7 +1298,8 @@ func TestConfigEntry_ResolveServiceConfig_Upstreams(t *testing.T) {
|
|||
},
|
||||
|
||||
// TransparentProxy on the config entry but not the config request
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 10101},
|
||||
},
|
||||
},
|
||||
request: structs.ServiceConfigRequest{
|
||||
|
@ -1301,7 +1309,8 @@ func TestConfigEntry_ResolveServiceConfig_Upstreams(t *testing.T) {
|
|||
// Empty Upstreams/UpstreamIDs
|
||||
},
|
||||
expect: structs.ServiceConfigResponse{
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 10101},
|
||||
UpstreamIDConfigs: structs.OpaqueUpstreamConfigs{
|
||||
{
|
||||
Upstream: wildcard,
|
||||
|
@ -1342,9 +1351,9 @@ func TestConfigEntry_ResolveServiceConfig_Upstreams(t *testing.T) {
|
|||
},
|
||||
},
|
||||
request: structs.ServiceConfigRequest{
|
||||
Name: "api",
|
||||
Datacenter: "dc1",
|
||||
TransparentProxy: false,
|
||||
Name: "api",
|
||||
Datacenter: "dc1",
|
||||
Mode: structs.ProxyModeDirect,
|
||||
|
||||
// Empty Upstreams/UpstreamIDs
|
||||
},
|
||||
|
|
|
@ -360,7 +360,7 @@ type ConfigSnapshot struct {
|
|||
func (s *ConfigSnapshot) Valid() bool {
|
||||
switch s.Kind {
|
||||
case structs.ServiceKindConnectProxy:
|
||||
if s.Proxy.TransparentProxy && !s.ConnectProxy.ClusterConfigSet {
|
||||
if s.Proxy.Mode == structs.ProxyModeTransparent && !s.ConnectProxy.ClusterConfigSet {
|
||||
return false
|
||||
}
|
||||
return s.Roots != nil &&
|
||||
|
|
|
@ -305,7 +305,7 @@ func (s *state) initWatchesConnectProxy(snap *ConfigSnapshot) error {
|
|||
// default the namespace to the namespace of this proxy service
|
||||
currentNamespace := s.proxyID.NamespaceOrDefault()
|
||||
|
||||
if s.proxyCfg.TransparentProxy {
|
||||
if s.proxyCfg.Mode == structs.ProxyModeTransparent {
|
||||
// When in transparent proxy we will infer upstreams from intentions with this source
|
||||
err := s.cache.Notify(s.ctx, cachetype.IntentionUpstreamsName, &structs.ServiceSpecificRequest{
|
||||
Datacenter: s.source.Datacenter,
|
||||
|
@ -350,8 +350,8 @@ func (s *state) initWatchesConnectProxy(snap *ConfigSnapshot) error {
|
|||
if u.Datacenter != "" {
|
||||
dc = u.Datacenter
|
||||
}
|
||||
if s.proxyCfg.TransparentProxy && (dc == "" || dc == s.source.Datacenter) {
|
||||
// In TransparentProxy mode, watches for upstreams in the local DC are handled by the IntentionUpstreams watch.
|
||||
if s.proxyCfg.Mode == structs.ProxyModeTransparent && (dc == "" || dc == s.source.Datacenter) {
|
||||
// In transparent proxy mode, watches for upstreams in the local DC are handled by the IntentionUpstreams watch.
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
|
@ -1541,7 +1541,7 @@ func TestState_WatchesAndUpdates(t *testing.T) {
|
|||
Address: "10.0.1.1",
|
||||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "api",
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
},
|
||||
},
|
||||
sourceDC: "dc1",
|
||||
|
@ -1606,7 +1606,7 @@ func TestState_WatchesAndUpdates(t *testing.T) {
|
|||
Address: "10.0.1.1",
|
||||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "api",
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
Upstreams: structs.Upstreams{
|
||||
{
|
||||
CentrallyConfigured: true,
|
||||
|
|
|
@ -335,13 +335,13 @@ func makeConfigRequest(bd BaseDeps, addReq AddServiceRequest) *structs.ServiceCo
|
|||
}
|
||||
|
||||
req := &structs.ServiceConfigRequest{
|
||||
Name: name,
|
||||
Datacenter: bd.RuntimeConfig.Datacenter,
|
||||
QueryOptions: structs.QueryOptions{Token: addReq.token},
|
||||
MeshGateway: ns.Proxy.MeshGateway,
|
||||
TransparentProxy: ns.Proxy.TransparentProxy,
|
||||
UpstreamIDs: upstreams,
|
||||
EnterpriseMeta: ns.EnterpriseMeta,
|
||||
Name: name,
|
||||
Datacenter: bd.RuntimeConfig.Datacenter,
|
||||
QueryOptions: structs.QueryOptions{Token: addReq.token},
|
||||
MeshGateway: ns.Proxy.MeshGateway,
|
||||
Mode: ns.Proxy.Mode,
|
||||
UpstreamIDs: upstreams,
|
||||
EnterpriseMeta: ns.EnterpriseMeta,
|
||||
}
|
||||
if req.QueryOptions.Token == "" {
|
||||
req.QueryOptions.Token = bd.Tokens.AgentToken()
|
||||
|
@ -377,8 +377,11 @@ func mergeServiceConfig(defaults *structs.ServiceConfigResponse, service *struct
|
|||
if ns.Proxy.MeshGateway.Mode == structs.MeshGatewayModeDefault {
|
||||
ns.Proxy.MeshGateway.Mode = defaults.MeshGateway.Mode
|
||||
}
|
||||
if !ns.Proxy.TransparentProxy {
|
||||
ns.Proxy.TransparentProxy = defaults.TransparentProxy
|
||||
if ns.Proxy.Mode == structs.ProxyModeDefault {
|
||||
ns.Proxy.Mode = defaults.Mode
|
||||
}
|
||||
if ns.Proxy.TransparentProxy.OutboundListenerPort == 0 {
|
||||
ns.Proxy.TransparentProxy.OutboundListenerPort = defaults.TransparentProxy.OutboundListenerPort
|
||||
}
|
||||
|
||||
// remoteUpstreams contains synthetic Upstreams generated from central config (service-defaults.UpstreamConfigs).
|
||||
|
@ -406,7 +409,7 @@ func mergeServiceConfig(defaults *structs.ServiceConfigResponse, service *struct
|
|||
}
|
||||
|
||||
// localUpstreams stores the upstreams seen from the local registration so that we can merge in the synthetic entries.
|
||||
// In TransparentProxy mode ns.Proxy.Upstreams will likely be empty because users do not need to define upstreams explicitly.
|
||||
// In transparent proxy mode ns.Proxy.Upstreams will likely be empty because users do not need to define upstreams explicitly.
|
||||
// So to store upstream-specific flags from central config, we add entries to ns.Proxy.Upstream with those values.
|
||||
localUpstreams := make(map[structs.ServiceID]struct{})
|
||||
|
||||
|
@ -437,9 +440,9 @@ func mergeServiceConfig(defaults *structs.ServiceConfigResponse, service *struct
|
|||
}
|
||||
|
||||
// Ensure upstreams present in central config are represented in the local configuration.
|
||||
// This does not apply outside of TransparentProxy mode because in that situation every possible upstream already exists
|
||||
// This does not apply outside of transparent mode because in that situation every possible upstream already exists
|
||||
// inside of ns.Proxy.Upstreams.
|
||||
if ns.Proxy.TransparentProxy {
|
||||
if ns.Proxy.Mode == structs.ProxyModeTransparent {
|
||||
for id, remote := range remoteUpstreams {
|
||||
if _, ok := localUpstreams[id]; ok {
|
||||
// Remote upstream is already present locally
|
||||
|
|
|
@ -929,7 +929,7 @@ func Test_mergeServiceConfig_UpstreamOverrides(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
name: "remote upstream config expands local upstream list in tproxy mode",
|
||||
name: "remote upstream config expands local upstream list in transparent mode",
|
||||
args: args{
|
||||
defaults: &structs.ServiceConfigResponse{
|
||||
UpstreamIDConfigs: structs.OpaqueUpstreamConfigs{
|
||||
|
@ -950,7 +950,10 @@ func Test_mergeServiceConfig_UpstreamOverrides(t *testing.T) {
|
|||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
DestinationServiceID: "foo",
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
Upstreams: structs.Upstreams{
|
||||
structs.Upstream{
|
||||
DestinationNamespace: "default",
|
||||
|
@ -970,7 +973,10 @@ func Test_mergeServiceConfig_UpstreamOverrides(t *testing.T) {
|
|||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
DestinationServiceID: "foo",
|
||||
TransparentProxy: true,
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
Upstreams: structs.Upstreams{
|
||||
structs.Upstream{
|
||||
DestinationNamespace: "default",
|
||||
|
@ -993,7 +999,7 @@ func Test_mergeServiceConfig_UpstreamOverrides(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
name: "remote upstream config not added to local upstream list outside of tproxy mode",
|
||||
name: "remote upstream config not added to local upstream list outside of transparent mode",
|
||||
args: args{
|
||||
defaults: &structs.ServiceConfigResponse{
|
||||
UpstreamIDConfigs: structs.OpaqueUpstreamConfigs{
|
||||
|
@ -1014,7 +1020,7 @@ func Test_mergeServiceConfig_UpstreamOverrides(t *testing.T) {
|
|||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
DestinationServiceID: "foo",
|
||||
TransparentProxy: false,
|
||||
Mode: structs.ProxyModeDirect,
|
||||
Upstreams: structs.Upstreams{
|
||||
structs.Upstream{
|
||||
DestinationNamespace: "default",
|
||||
|
@ -1034,6 +1040,7 @@ func Test_mergeServiceConfig_UpstreamOverrides(t *testing.T) {
|
|||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
DestinationServiceID: "foo",
|
||||
Mode: structs.ProxyModeDirect,
|
||||
Upstreams: structs.Upstreams{
|
||||
structs.Upstream{
|
||||
DestinationNamespace: "default",
|
||||
|
@ -1175,3 +1182,81 @@ func Test_mergeServiceConfig_UpstreamOverrides(t *testing.T) {
|
|||
})
|
||||
}
|
||||
}
|
||||
|
||||
func Test_mergeServiceConfig_TransparentProxy(t *testing.T) {
|
||||
type args struct {
|
||||
defaults *structs.ServiceConfigResponse
|
||||
service *structs.NodeService
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
want *structs.NodeService
|
||||
}{
|
||||
{
|
||||
name: "inherit transparent proxy settings",
|
||||
args: args{
|
||||
defaults: &structs.ServiceConfigResponse{
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 10101},
|
||||
},
|
||||
service: &structs.NodeService{
|
||||
ID: "foo-proxy",
|
||||
Service: "foo-proxy",
|
||||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
DestinationServiceID: "foo",
|
||||
Mode: structs.ProxyModeDefault,
|
||||
TransparentProxy: structs.TransparentProxyConfig{},
|
||||
},
|
||||
},
|
||||
},
|
||||
want: &structs.NodeService{
|
||||
ID: "foo-proxy",
|
||||
Service: "foo-proxy",
|
||||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
DestinationServiceID: "foo",
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 10101},
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "override transparent proxy settings",
|
||||
args: args{
|
||||
defaults: &structs.ServiceConfigResponse{
|
||||
Mode: structs.ProxyModeTransparent,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 10101},
|
||||
},
|
||||
service: &structs.NodeService{
|
||||
ID: "foo-proxy",
|
||||
Service: "foo-proxy",
|
||||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
DestinationServiceID: "foo",
|
||||
Mode: structs.ProxyModeDirect,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 808},
|
||||
},
|
||||
},
|
||||
},
|
||||
want: &structs.NodeService{
|
||||
ID: "foo-proxy",
|
||||
Service: "foo-proxy",
|
||||
Proxy: structs.ConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
DestinationServiceID: "foo",
|
||||
Mode: structs.ProxyModeDirect,
|
||||
TransparentProxy: structs.TransparentProxyConfig{OutboundListenerPort: 808},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
got, err := mergeServiceConfig(tt.args.defaults, tt.args.service)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, tt.want, got)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
|
@ -85,9 +85,10 @@ type ServiceConfigEntry struct {
|
|||
Kind string
|
||||
Name string
|
||||
Protocol string
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
|
||||
Mode ProxyMode `json:",omitempty"`
|
||||
TransparentProxy TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"`
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
|
||||
ExternalSNI string `json:",omitempty" alias:"external_sni"`
|
||||
|
||||
|
@ -223,9 +224,10 @@ type ProxyConfigEntry struct {
|
|||
Kind string
|
||||
Name string
|
||||
Config map[string]interface{}
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
|
||||
Mode ProxyMode `json:",omitempty"`
|
||||
TransparentProxy TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"`
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
|
||||
Meta map[string]string `json:",omitempty"`
|
||||
EnterpriseMeta `hcl:",squash" mapstructure:",squash"`
|
||||
|
@ -595,8 +597,8 @@ type ServiceConfigRequest struct {
|
|||
// MeshGateway contains the mesh gateway configuration from the requesting proxy's registration
|
||||
MeshGateway MeshGatewayConfig
|
||||
|
||||
// TransparentProxy indicates whether the requesting proxy is in transparent proxy mode
|
||||
TransparentProxy bool
|
||||
// Mode indicates how the requesting proxy's listeners are dialed
|
||||
Mode ProxyMode
|
||||
|
||||
UpstreamIDs []ServiceID
|
||||
|
||||
|
@ -859,9 +861,10 @@ type ServiceConfigResponse struct {
|
|||
ProxyConfig map[string]interface{}
|
||||
UpstreamConfigs map[string]map[string]interface{}
|
||||
UpstreamIDConfigs OpaqueUpstreamConfigs
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
TransparentProxy bool `json:",omitempty"`
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
TransparentProxy TransparentProxyConfig `json:",omitempty"`
|
||||
Mode ProxyMode `json:",omitempty"`
|
||||
QueryMeta
|
||||
}
|
||||
|
||||
|
|
|
@ -75,6 +75,45 @@ func (c *MeshGatewayConfig) ToAPI() api.MeshGatewayConfig {
|
|||
return api.MeshGatewayConfig{Mode: api.MeshGatewayMode(c.Mode)}
|
||||
}
|
||||
|
||||
type ProxyMode string
|
||||
|
||||
const (
|
||||
// ProxyModeDefault represents no specific mode and should
|
||||
// be used to indicate that a different layer of the configuration
|
||||
// chain should take precedence
|
||||
ProxyModeDefault ProxyMode = ""
|
||||
|
||||
// ProxyModeTransparent represents that inbound and outbound application
|
||||
// traffic is being captured and redirected through the proxy.
|
||||
ProxyModeTransparent ProxyMode = "transparent"
|
||||
|
||||
// ProxyModeDirect represents that the proxy's listeners must be dialed directly
|
||||
// by the local application and other proxies.
|
||||
ProxyModeDirect ProxyMode = "direct"
|
||||
)
|
||||
|
||||
func ValidateProxyMode(mode string) (ProxyMode, error) {
|
||||
switch ProxyMode(mode) {
|
||||
case ProxyModeDefault:
|
||||
return ProxyModeDefault, nil
|
||||
case ProxyModeDirect:
|
||||
return ProxyModeDirect, nil
|
||||
case ProxyModeTransparent:
|
||||
return ProxyModeTransparent, nil
|
||||
default:
|
||||
return ProxyModeDefault, fmt.Errorf("Invalid Proxy Mode: %q", mode)
|
||||
}
|
||||
}
|
||||
|
||||
type TransparentProxyConfig struct {
|
||||
// The port of the listener where outbound application traffic is being redirected to.
|
||||
OutboundListenerPort int `json:",omitempty" alias:"outbound_listener_port"`
|
||||
}
|
||||
|
||||
func (c TransparentProxyConfig) ToAPI() api.TransparentProxyConfig {
|
||||
return api.TransparentProxyConfig{OutboundListenerPort: c.OutboundListenerPort}
|
||||
}
|
||||
|
||||
// ConnectProxyConfig describes the configuration needed for any proxy managed
|
||||
// or unmanaged. It describes a single logical service's listener and optionally
|
||||
// upstreams and sidecar-related config for a single instance. To describe a
|
||||
|
@ -105,6 +144,9 @@ type ConnectProxyConfig struct {
|
|||
// (DestinationServiceID is set) but otherwise will be ignored.
|
||||
LocalServicePort int `json:",omitempty" alias:"local_service_port"`
|
||||
|
||||
// Mode represents how the proxy's inbound and upstream listeners are dialed.
|
||||
Mode ProxyMode
|
||||
|
||||
// Config is the arbitrary configuration data provided with the proxy
|
||||
// registration.
|
||||
Config map[string]interface{} `json:",omitempty" bexpr:"-"`
|
||||
|
@ -119,20 +161,20 @@ type ConnectProxyConfig struct {
|
|||
// Expose defines whether checks or paths are exposed through the proxy
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
|
||||
// TransparentProxy toggles whether inbound and outbound traffic is being
|
||||
// redirected to the proxy.
|
||||
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
|
||||
// TransparentProxy defines configuration for when the proxy is in
|
||||
// transparent mode.
|
||||
TransparentProxy TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"`
|
||||
}
|
||||
|
||||
func (t *ConnectProxyConfig) UnmarshalJSON(data []byte) (err error) {
|
||||
type Alias ConnectProxyConfig
|
||||
aux := &struct {
|
||||
DestinationServiceNameSnake string `json:"destination_service_name"`
|
||||
DestinationServiceIDSnake string `json:"destination_service_id"`
|
||||
LocalServiceAddressSnake string `json:"local_service_address"`
|
||||
LocalServicePortSnake int `json:"local_service_port"`
|
||||
MeshGatewaySnake MeshGatewayConfig `json:"mesh_gateway"`
|
||||
TransparentProxySnake bool `json:"transparent_proxy"`
|
||||
DestinationServiceNameSnake string `json:"destination_service_name"`
|
||||
DestinationServiceIDSnake string `json:"destination_service_id"`
|
||||
LocalServiceAddressSnake string `json:"local_service_address"`
|
||||
LocalServicePortSnake int `json:"local_service_port"`
|
||||
MeshGatewaySnake MeshGatewayConfig `json:"mesh_gateway"`
|
||||
TransparentProxySnake TransparentProxyConfig `json:"transparent_proxy"`
|
||||
|
||||
*Alias
|
||||
}{
|
||||
|
@ -156,8 +198,8 @@ func (t *ConnectProxyConfig) UnmarshalJSON(data []byte) (err error) {
|
|||
if t.MeshGateway.Mode == "" {
|
||||
t.MeshGateway.Mode = aux.MeshGatewaySnake.Mode
|
||||
}
|
||||
if !t.TransparentProxy {
|
||||
t.TransparentProxy = aux.TransparentProxySnake
|
||||
if t.TransparentProxy.OutboundListenerPort == 0 {
|
||||
t.TransparentProxy.OutboundListenerPort = aux.TransparentProxySnake.OutboundListenerPort
|
||||
}
|
||||
|
||||
return nil
|
||||
|
@ -187,11 +229,12 @@ func (c *ConnectProxyConfig) ToAPI() *api.AgentServiceConnectProxyConfig {
|
|||
DestinationServiceID: c.DestinationServiceID,
|
||||
LocalServiceAddress: c.LocalServiceAddress,
|
||||
LocalServicePort: c.LocalServicePort,
|
||||
Mode: api.ProxyMode(c.Mode),
|
||||
TransparentProxy: c.TransparentProxy.ToAPI(),
|
||||
Config: c.Config,
|
||||
Upstreams: c.Upstreams.ToAPI(),
|
||||
MeshGateway: c.MeshGateway.ToAPI(),
|
||||
Expose: c.Expose.ToAPI(),
|
||||
TransparentProxy: c.TransparentProxy,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -572,3 +572,37 @@ func TestValidateMeshGatewayMode(t *testing.T) {
|
|||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestValidateProxyMode(t *testing.T) {
|
||||
for _, tc := range []struct {
|
||||
modeConstant string
|
||||
modeExplicit string
|
||||
expect ProxyMode
|
||||
ok bool
|
||||
}{
|
||||
{string(ProxyModeDefault), "", ProxyModeDefault, true},
|
||||
{string(ProxyModeDirect), "direct", ProxyModeDirect, true},
|
||||
{string(ProxyModeTransparent), "transparent", ProxyModeTransparent, true},
|
||||
} {
|
||||
tc := tc
|
||||
|
||||
t.Run(tc.modeConstant+" (constant)", func(t *testing.T) {
|
||||
got, err := ValidateProxyMode(tc.modeConstant)
|
||||
if tc.ok {
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, tc.expect, got)
|
||||
} else {
|
||||
require.Error(t, err)
|
||||
}
|
||||
})
|
||||
t.Run(tc.modeExplicit+" (explicit)", func(t *testing.T) {
|
||||
got, err := ValidateProxyMode(tc.modeExplicit)
|
||||
if tc.ok {
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, tc.expect, got)
|
||||
} else {
|
||||
require.Error(t, err)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
|
@ -56,10 +56,11 @@ func (s *Server) clustersFromSnapshotConnectProxy(cfgSnap *proxycfg.ConfigSnapsh
|
|||
}
|
||||
clusters = append(clusters, appCluster)
|
||||
|
||||
// In TransparentProxy mode there needs to be a passthrough cluster for traffic going to destinations
|
||||
// In transparent proxy mode there needs to be a passthrough cluster for traffic going to destinations
|
||||
// that aren't in Consul's catalog.
|
||||
// TODO (freddy): Add cluster-wide setting that can disable this cluster and restrict traffic to catalog destinations.
|
||||
if cfgSnap.Proxy.TransparentProxy {
|
||||
if cfgSnap.Proxy.Mode == structs.ProxyModeTransparent &&
|
||||
!cfgSnap.ConnectProxy.ClusterConfig.TransparentProxy.CatalogDestinationsOnly {
|
||||
|
||||
clusters = append(clusters, &envoy_cluster_v3.Cluster{
|
||||
Name: OriginalDestinationClusterName,
|
||||
ClusterDiscoveryType: &envoy_cluster_v3.Cluster_Type{
|
||||
|
|
|
@ -629,7 +629,14 @@ func TestClustersFromSnapshot(t *testing.T) {
|
|||
name: "transparent-proxy",
|
||||
create: proxycfg.TestConfigSnapshot,
|
||||
setup: func(snap *proxycfg.ConfigSnapshot) {
|
||||
snap.Proxy.TransparentProxy = true
|
||||
snap.Proxy.Mode = structs.ProxyModeTransparent
|
||||
|
||||
snap.ConnectProxy.ClusterConfigSet = true
|
||||
snap.ConnectProxy.ClusterConfig = &structs.ClusterConfigEntry{
|
||||
TransparentProxy: structs.TransparentProxyClusterConfig{
|
||||
CatalogDestinationsOnly: false,
|
||||
},
|
||||
}
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
|
@ -65,14 +65,19 @@ func (s *Server) listenersFromSnapshotConnectProxy(cInfo connectionInfo, cfgSnap
|
|||
return nil, err
|
||||
}
|
||||
|
||||
// This outboundListener is exclusively used when TransparentProxy mode is active.
|
||||
// This outboundListener is exclusively used when transparent proxy mode is active.
|
||||
// In that situation there is a single listener where we are redirecting outbound traffic,
|
||||
// and each upstream gets a filter chain attached to that listener.
|
||||
var outboundListener *envoy_listener_v3.Listener
|
||||
|
||||
if cfgSnap.Proxy.TransparentProxy {
|
||||
if cfgSnap.Proxy.Mode == structs.ProxyModeTransparent {
|
||||
port := iptables.DefaultTProxyOutboundPort
|
||||
if cfgSnap.Proxy.TransparentProxy.OutboundListenerPort != 0 {
|
||||
port = cfgSnap.Proxy.TransparentProxy.OutboundListenerPort
|
||||
}
|
||||
|
||||
// TODO (freddy) Make DefaultTProxyOutboundPort configurable
|
||||
outboundListener = makeListener(OutboundListenerName, "127.0.0.1", iptables.DefaultTProxyOutboundPort, envoy_core_v3.TrafficDirection_OUTBOUND)
|
||||
outboundListener = makeListener(OutboundListenerName, "127.0.0.1", port, envoy_core_v3.TrafficDirection_OUTBOUND)
|
||||
outboundListener.FilterChains = make([]*envoy_listener_v3.FilterChain, 0)
|
||||
outboundListener.ListenerFilters = []*envoy_listener_v3.ListenerFilter{
|
||||
{
|
||||
|
|
|
@ -481,11 +481,11 @@ func TestListenersFromSnapshot(t *testing.T) {
|
|||
name: "transparent-proxy",
|
||||
create: proxycfg.TestConfigSnapshot,
|
||||
setup: func(snap *proxycfg.ConfigSnapshot) {
|
||||
snap.Proxy.TransparentProxy = true
|
||||
snap.Proxy.Mode = structs.ProxyModeTransparent
|
||||
|
||||
snap.ConnectProxy.ClusterConfigSet = true
|
||||
|
||||
// DiscoveryChain without an UpstreamConfig should yield a filter chain when in TransparentProxy mode
|
||||
// DiscoveryChain without an UpstreamConfig should yield a filter chain when in transparent proxy mode
|
||||
snap.ConnectProxy.DiscoveryChain["google"] = discoverychain.TestCompileConfigEntries(
|
||||
t, "google", "default", "dc1",
|
||||
connect.TestClusterID+".consul", "dc1", nil)
|
||||
|
@ -514,7 +514,7 @@ func TestListenersFromSnapshot(t *testing.T) {
|
|||
name: "transparent-proxy-catalog-destinations-only",
|
||||
create: proxycfg.TestConfigSnapshot,
|
||||
setup: func(snap *proxycfg.ConfigSnapshot) {
|
||||
snap.Proxy.TransparentProxy = true
|
||||
snap.Proxy.Mode = structs.ProxyModeTransparent
|
||||
|
||||
snap.ConnectProxy.ClusterConfigSet = true
|
||||
snap.ConnectProxy.ClusterConfig = &structs.ClusterConfigEntry{
|
||||
|
@ -525,7 +525,7 @@ func TestListenersFromSnapshot(t *testing.T) {
|
|||
},
|
||||
}
|
||||
|
||||
// DiscoveryChain without an UpstreamConfig should yield a filter chain when in TransparentProxy mode
|
||||
// DiscoveryChain without an UpstreamConfig should yield a filter chain when in transparent proxy mode
|
||||
snap.ConnectProxy.DiscoveryChain["google"] = discoverychain.TestCompileConfigEntries(
|
||||
t, "google", "default", "dc1",
|
||||
connect.TestClusterID+".consul", "dc1", nil)
|
||||
|
|
|
@ -52,7 +52,7 @@ const (
|
|||
// PublicListenerName is the name we give the public listener in Envoy config.
|
||||
PublicListenerName = "public_listener"
|
||||
|
||||
// OutboundListenerName is the name we give the outbound Envoy listener when TransparentProxy mode is enabled.
|
||||
// OutboundListenerName is the name we give the outbound Envoy listener when transparent proxy mode is enabled.
|
||||
OutboundListenerName = "outbound_listener"
|
||||
|
||||
// LocalAppClusterName is the name we give the local application "cluster" in
|
||||
|
@ -86,7 +86,7 @@ const (
|
|||
// OriginalDestinationClusterName is the name we give to the passthrough
|
||||
// cluster which redirects transparently-proxied requests to their original
|
||||
// destination. This cluster prevents Consul from blocking connections to
|
||||
// destinations outside of the catalog when in TransparentProxy mode.
|
||||
// destinations outside of the catalog when in transparent proxy mode.
|
||||
OriginalDestinationClusterName = "original-destination"
|
||||
|
||||
// DefaultAuthCheckFrequency is the default value for
|
||||
|
|
|
@ -118,11 +118,12 @@ type AgentServiceConnectProxyConfig struct {
|
|||
DestinationServiceID string `json:",omitempty"`
|
||||
LocalServiceAddress string `json:",omitempty"`
|
||||
LocalServicePort int `json:",omitempty"`
|
||||
Mode ProxyMode `json:",omitempty"`
|
||||
TransparentProxy TransparentProxyConfig `json:",omitempty"`
|
||||
Config map[string]interface{} `json:",omitempty" bexpr:"-"`
|
||||
Upstreams []Upstream `json:",omitempty"`
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
TransparentProxy bool `json:",omitempty"`
|
||||
}
|
||||
|
||||
const (
|
||||
|
|
|
@ -438,7 +438,7 @@ func TestAPI_AgentServices_ExternalConnectProxy(t *testing.T) {
|
|||
Port: 8001,
|
||||
Proxy: &AgentServiceConnectProxyConfig{
|
||||
DestinationServiceName: "foo",
|
||||
TransparentProxy: true,
|
||||
Mode: ProxyModeTransparent,
|
||||
},
|
||||
}
|
||||
if err := agent.ServiceRegister(reg); err != nil {
|
||||
|
@ -455,7 +455,7 @@ func TestAPI_AgentServices_ExternalConnectProxy(t *testing.T) {
|
|||
if _, ok := services["foo-proxy"]; !ok {
|
||||
t.Fatalf("missing proxy service: %v", services)
|
||||
}
|
||||
if !services["foo-proxy"].Proxy.TransparentProxy {
|
||||
if services["foo-proxy"].Proxy.Mode != ProxyModeTransparent {
|
||||
t.Fatalf("expected transparent proxy mode to be enabled")
|
||||
}
|
||||
|
||||
|
|
|
@ -64,6 +64,28 @@ type MeshGatewayConfig struct {
|
|||
Mode MeshGatewayMode `json:",omitempty"`
|
||||
}
|
||||
|
||||
type ProxyMode string
|
||||
|
||||
const (
|
||||
// ProxyModeDefault represents no specific mode and should
|
||||
// be used to indicate that a different layer of the configuration
|
||||
// chain should take precedence
|
||||
ProxyModeDefault ProxyMode = ""
|
||||
|
||||
// ProxyModeTransparent represents that inbound and outbound application
|
||||
// traffic is being captured and redirected through the proxy.
|
||||
ProxyModeTransparent ProxyMode = "transparent"
|
||||
|
||||
// ProxyModeDirect represents that the proxy's listeners must be dialed directly
|
||||
// by the local application and other proxies.
|
||||
ProxyModeDirect ProxyMode = "direct"
|
||||
)
|
||||
|
||||
type TransparentProxyConfig struct {
|
||||
// The port of the listener where outbound application traffic is being redirected to.
|
||||
OutboundListenerPort int `json:",omitempty" alias:"outbound_listener_port"`
|
||||
}
|
||||
|
||||
// ExposeConfig describes HTTP paths to expose through Envoy outside of Connect.
|
||||
// Users can expose individual paths and/or all HTTP/GRPC paths for checks.
|
||||
type ExposeConfig struct {
|
||||
|
@ -171,14 +193,15 @@ type UpstreamLimits struct {
|
|||
type ServiceConfigEntry struct {
|
||||
Kind string
|
||||
Name string
|
||||
Namespace string `json:",omitempty"`
|
||||
Protocol string `json:",omitempty"`
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
|
||||
Connect ConnectConfiguration `json:",omitempty"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
|
||||
ExternalSNI string `json:",omitempty" alias:"external_sni"`
|
||||
Meta map[string]string `json:",omitempty"`
|
||||
Namespace string `json:",omitempty"`
|
||||
Protocol string `json:",omitempty"`
|
||||
Mode ProxyMode `json:",omitempty"`
|
||||
TransparentProxy TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"`
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
|
||||
Connect ConnectConfiguration `json:",omitempty"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
ExternalSNI string `json:",omitempty" alias:"external_sni"`
|
||||
Meta map[string]string `json:",omitempty"`
|
||||
CreateIndex uint64
|
||||
ModifyIndex uint64
|
||||
}
|
||||
|
@ -211,10 +234,11 @@ type ProxyConfigEntry struct {
|
|||
Kind string
|
||||
Name string
|
||||
Namespace string `json:",omitempty"`
|
||||
Mode ProxyMode `json:",omitempty"`
|
||||
TransparentProxy TransparentProxyConfig `json:",omitempty" alias:"transparent_proxy"`
|
||||
Config map[string]interface{} `json:",omitempty"`
|
||||
MeshGateway MeshGatewayConfig `json:",omitempty" alias:"mesh_gateway"`
|
||||
Expose ExposeConfig `json:",omitempty"`
|
||||
TransparentProxy bool `json:",omitempty" alias:"transparent_proxy"`
|
||||
Meta map[string]string `json:",omitempty"`
|
||||
CreateIndex uint64
|
||||
ModifyIndex uint64
|
||||
|
|
|
@ -297,7 +297,10 @@ func TestDecodeConfigEntry(t *testing.T) {
|
|||
"MeshGateway": {
|
||||
"Mode": "remote"
|
||||
},
|
||||
"TransparentProxy": true
|
||||
"Mode": "transparent",
|
||||
"TransparentProxy": {
|
||||
"OutboundListenerPort": 808
|
||||
}
|
||||
}
|
||||
`,
|
||||
expect: &ProxyConfigEntry{
|
||||
|
@ -317,7 +320,8 @@ func TestDecodeConfigEntry(t *testing.T) {
|
|||
MeshGateway: MeshGatewayConfig{
|
||||
Mode: MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: ProxyModeTransparent,
|
||||
TransparentProxy: TransparentProxyConfig{OutboundListenerPort: 808},
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -335,7 +339,10 @@ func TestDecodeConfigEntry(t *testing.T) {
|
|||
"MeshGateway": {
|
||||
"Mode": "remote"
|
||||
},
|
||||
"TransparentProxy": true,
|
||||
"Mode": "transparent",
|
||||
"TransparentProxy": {
|
||||
"OutboundListenerPort": 808
|
||||
},
|
||||
"Connect": {
|
||||
"UpstreamConfigs": {
|
||||
"redis": {
|
||||
|
@ -380,7 +387,8 @@ func TestDecodeConfigEntry(t *testing.T) {
|
|||
MeshGateway: MeshGatewayConfig{
|
||||
Mode: MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: ProxyModeTransparent,
|
||||
TransparentProxy: TransparentProxyConfig{OutboundListenerPort: 808},
|
||||
Connect: ConnectConfiguration{
|
||||
UpstreamConfigs: map[string]UpstreamConfig{
|
||||
"redis": {
|
||||
|
|
|
@ -182,7 +182,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
mesh_gateway {
|
||||
mode = "remote"
|
||||
}
|
||||
transparent_proxy = true
|
||||
mode = "direct"
|
||||
transparent_proxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
`,
|
||||
camel: `
|
||||
Kind = "proxy-defaults"
|
||||
|
@ -201,7 +204,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
MeshGateway {
|
||||
Mode = "remote"
|
||||
}
|
||||
TransparentProxy = true
|
||||
Mode = "direct"
|
||||
TransparentProxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
`,
|
||||
snakeJSON: `
|
||||
{
|
||||
|
@ -221,7 +227,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
"mesh_gateway": {
|
||||
"mode": "remote"
|
||||
},
|
||||
"transparent_proxy": true
|
||||
"mode": "direct",
|
||||
"transparent_proxy": {
|
||||
"outbound_listener_port": 10101
|
||||
}
|
||||
}
|
||||
`,
|
||||
camelJSON: `
|
||||
|
@ -242,7 +251,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
"MeshGateway": {
|
||||
"Mode": "remote"
|
||||
},
|
||||
"TransparentProxy": true
|
||||
"Mode": "direct",
|
||||
"TransparentProxy": {
|
||||
"OutboundListenerPort": 10101
|
||||
}
|
||||
}
|
||||
`,
|
||||
expect: &api.ProxyConfigEntry{
|
||||
|
@ -262,7 +274,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
MeshGateway: api.MeshGatewayConfig{
|
||||
Mode: api.MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: api.ProxyModeDirect,
|
||||
TransparentProxy: api.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
},
|
||||
expectJSON: &api.ProxyConfigEntry{
|
||||
Kind: "proxy-defaults",
|
||||
|
@ -281,7 +296,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
MeshGateway: api.MeshGatewayConfig{
|
||||
Mode: api.MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: api.ProxyModeDirect,
|
||||
TransparentProxy: api.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -443,7 +461,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
mesh_gateway {
|
||||
mode = "remote"
|
||||
}
|
||||
transparent_proxy = true
|
||||
mode = "direct"
|
||||
transparent_proxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
connect {
|
||||
upstream_configs {
|
||||
"redis" {
|
||||
|
@ -487,7 +508,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
MeshGateway {
|
||||
Mode = "remote"
|
||||
}
|
||||
TransparentProxy = true
|
||||
Mode = "direct"
|
||||
TransparentProxy = {
|
||||
outbound_listener_port = 10101
|
||||
}
|
||||
connect = {
|
||||
upstream_configs = {
|
||||
"redis" = {
|
||||
|
@ -532,7 +556,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
"mesh_gateway": {
|
||||
"mode": "remote"
|
||||
},
|
||||
"transparent_proxy": true,
|
||||
"mode": "direct",
|
||||
"transparent_proxy": {
|
||||
"outbound_listener_port": 10101
|
||||
},
|
||||
"connect": {
|
||||
"upstream_configs": {
|
||||
"redis": {
|
||||
|
@ -578,7 +605,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
"MeshGateway": {
|
||||
"Mode": "remote"
|
||||
},
|
||||
"TransparentProxy": true,
|
||||
"Mode": "direct",
|
||||
"TransparentProxy": {
|
||||
"OutboundListenerPort": 10101
|
||||
},
|
||||
"Connect": {
|
||||
"UpstreamConfigs": {
|
||||
"redis": {
|
||||
|
@ -623,7 +653,10 @@ func TestParseConfigEntry(t *testing.T) {
|
|||
MeshGateway: api.MeshGatewayConfig{
|
||||
Mode: api.MeshGatewayModeRemote,
|
||||
},
|
||||
TransparentProxy: true,
|
||||
Mode: api.ProxyModeDirect,
|
||||
TransparentProxy: api.TransparentProxyConfig{
|
||||
OutboundListenerPort: 10101,
|
||||
},
|
||||
Connect: api.ConnectConfiguration{
|
||||
UpstreamConfigs: map[string]api.UpstreamConfig{
|
||||
"redis": {
|
||||
|
|
|
@ -14,7 +14,8 @@ func ConnectProxyConfigToStructs(s ConnectProxyConfig) structs.ConnectProxyConfi
|
|||
t.Upstreams = UpstreamsToStructs(s.Upstreams)
|
||||
t.MeshGateway = MeshGatewayConfigToStructs(s.MeshGateway)
|
||||
t.Expose = ExposeConfigToStructs(s.Expose)
|
||||
t.TransparentProxy = s.TransparentProxy
|
||||
t.TransparentProxy = TransparentProxyConfigToStructs(s.TransparentProxy)
|
||||
t.Mode = s.Mode
|
||||
return t
|
||||
}
|
||||
func NewConnectProxyConfigFromStructs(t structs.ConnectProxyConfig) ConnectProxyConfig {
|
||||
|
@ -27,7 +28,8 @@ func NewConnectProxyConfigFromStructs(t structs.ConnectProxyConfig) ConnectProxy
|
|||
s.Upstreams = NewUpstreamsFromStructs(t.Upstreams)
|
||||
s.MeshGateway = NewMeshGatewayConfigFromStructs(t.MeshGateway)
|
||||
s.Expose = NewExposeConfigFromStructs(t.Expose)
|
||||
s.TransparentProxy = t.TransparentProxy
|
||||
s.TransparentProxy = NewTransparentProxyConfigFromStructs(t.TransparentProxy)
|
||||
s.Mode = t.Mode
|
||||
return s
|
||||
}
|
||||
func ExposeConfigToStructs(s ExposeConfig) structs.ExposeConfig {
|
||||
|
@ -70,6 +72,16 @@ func NewMeshGatewayConfigFromStructs(t structs.MeshGatewayConfig) MeshGatewayCon
|
|||
s.Mode = t.Mode
|
||||
return s
|
||||
}
|
||||
func TransparentProxyConfigToStructs(s TransparentProxyConfig) structs.TransparentProxyConfig {
|
||||
var t structs.TransparentProxyConfig
|
||||
t.OutboundListenerPort = int(s.OutboundListenerPort)
|
||||
return t
|
||||
}
|
||||
func NewTransparentProxyConfigFromStructs(t structs.TransparentProxyConfig) TransparentProxyConfig {
|
||||
var s TransparentProxyConfig
|
||||
s.OutboundListenerPort = int32(t.OutboundListenerPort)
|
||||
return s
|
||||
}
|
||||
func ServiceConnectToStructs(s ServiceConnect) structs.ServiceConnect {
|
||||
var t structs.ServiceConnect
|
||||
t.Native = s.Native
|
||||
|
|
|
@ -67,6 +67,16 @@ func (msg *MeshGatewayConfig) UnmarshalBinary(b []byte) error {
|
|||
return proto.Unmarshal(b, msg)
|
||||
}
|
||||
|
||||
// MarshalBinary implements encoding.BinaryMarshaler
|
||||
func (msg *TransparentProxyConfig) MarshalBinary() ([]byte, error) {
|
||||
return proto.Marshal(msg)
|
||||
}
|
||||
|
||||
// UnmarshalBinary implements encoding.BinaryUnmarshaler
|
||||
func (msg *TransparentProxyConfig) UnmarshalBinary(b []byte) error {
|
||||
return proto.Unmarshal(b, msg)
|
||||
}
|
||||
|
||||
// MarshalBinary implements encoding.BinaryMarshaler
|
||||
func (msg *ServiceDefinition) MarshalBinary() ([]byte, error) {
|
||||
return proto.Marshal(msg)
|
||||
|
|
|
@ -67,13 +67,15 @@ type ConnectProxyConfig struct {
|
|||
// setup.
|
||||
// mog: func-to=UpstreamsToStructs func-from=NewUpstreamsFromStructs
|
||||
Upstreams []Upstream `protobuf:"bytes,6,rep,name=Upstreams,proto3" json:"Upstreams"`
|
||||
// MeshGateway defines the mesh gateway configuration for this upstream
|
||||
// MeshGateway defines the mesh gateway configuration for upstreams
|
||||
MeshGateway MeshGatewayConfig `protobuf:"bytes,7,opt,name=MeshGateway,proto3" json:"MeshGateway"`
|
||||
// Expose defines whether checks or paths are exposed through the proxy
|
||||
Expose ExposeConfig `protobuf:"bytes,8,opt,name=Expose,proto3" json:"Expose"`
|
||||
// TransparentProxy enables configuring the service mesh as if all inbound
|
||||
// and outbound traffic is being redirected to this proxy
|
||||
TransparentProxy bool `protobuf:"varint,9,opt,name=TransparentProxy,proto3" json:"TransparentProxy,omitempty"`
|
||||
// Mode represents how the proxy's inbound and upstream listeners are dialed.
|
||||
Mode github_com_hashicorp_consul_agent_structs.ProxyMode `protobuf:"bytes,9,opt,name=Mode,proto3,casttype=github.com/hashicorp/consul/agent/structs.ProxyMode" json:"Mode,omitempty"`
|
||||
// TransparentProxy defines configuration for when the proxy is in
|
||||
// transparent mode.
|
||||
TransparentProxy TransparentProxyConfig `protobuf:"bytes,10,opt,name=TransparentProxy,proto3" json:"TransparentProxy"`
|
||||
}
|
||||
|
||||
func (m *ConnectProxyConfig) Reset() { *m = ConnectProxyConfig{} }
|
||||
|
@ -387,6 +389,48 @@ func (m *MeshGatewayConfig) XXX_DiscardUnknown() {
|
|||
|
||||
var xxx_messageInfo_MeshGatewayConfig proto.InternalMessageInfo
|
||||
|
||||
// mog annotation:
|
||||
//
|
||||
// target=github.com/hashicorp/consul/agent/structs.TransparentProxyConfig
|
||||
// output=service.gen.go
|
||||
// name=Structs
|
||||
type TransparentProxyConfig struct {
|
||||
OutboundListenerPort int32 `protobuf:"varint,1,opt,name=OutboundListenerPort,proto3" json:"OutboundListenerPort,omitempty"`
|
||||
}
|
||||
|
||||
func (m *TransparentProxyConfig) Reset() { *m = TransparentProxyConfig{} }
|
||||
func (m *TransparentProxyConfig) String() string { return proto.CompactTextString(m) }
|
||||
func (*TransparentProxyConfig) ProtoMessage() {}
|
||||
func (*TransparentProxyConfig) Descriptor() ([]byte, []int) {
|
||||
return fileDescriptor_cbb99233b75fb80b, []int{6}
|
||||
}
|
||||
func (m *TransparentProxyConfig) XXX_Unmarshal(b []byte) error {
|
||||
return m.Unmarshal(b)
|
||||
}
|
||||
func (m *TransparentProxyConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
|
||||
if deterministic {
|
||||
return xxx_messageInfo_TransparentProxyConfig.Marshal(b, m, deterministic)
|
||||
} else {
|
||||
b = b[:cap(b)]
|
||||
n, err := m.MarshalToSizedBuffer(b)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return b[:n], nil
|
||||
}
|
||||
}
|
||||
func (m *TransparentProxyConfig) XXX_Merge(src proto.Message) {
|
||||
xxx_messageInfo_TransparentProxyConfig.Merge(m, src)
|
||||
}
|
||||
func (m *TransparentProxyConfig) XXX_Size() int {
|
||||
return m.Size()
|
||||
}
|
||||
func (m *TransparentProxyConfig) XXX_DiscardUnknown() {
|
||||
xxx_messageInfo_TransparentProxyConfig.DiscardUnknown(m)
|
||||
}
|
||||
|
||||
var xxx_messageInfo_TransparentProxyConfig proto.InternalMessageInfo
|
||||
|
||||
// ServiceDefinition is used to JSON decode the Service definitions. For
|
||||
// documentation on specific fields see NodeService which is better documented.
|
||||
//
|
||||
|
@ -435,7 +479,7 @@ func (m *ServiceDefinition) Reset() { *m = ServiceDefinition{} }
|
|||
func (m *ServiceDefinition) String() string { return proto.CompactTextString(m) }
|
||||
func (*ServiceDefinition) ProtoMessage() {}
|
||||
func (*ServiceDefinition) Descriptor() ([]byte, []int) {
|
||||
return fileDescriptor_cbb99233b75fb80b, []int{6}
|
||||
return fileDescriptor_cbb99233b75fb80b, []int{7}
|
||||
}
|
||||
func (m *ServiceDefinition) XXX_Unmarshal(b []byte) error {
|
||||
return m.Unmarshal(b)
|
||||
|
@ -475,7 +519,7 @@ func (m *ServiceAddress) Reset() { *m = ServiceAddress{} }
|
|||
func (m *ServiceAddress) String() string { return proto.CompactTextString(m) }
|
||||
func (*ServiceAddress) ProtoMessage() {}
|
||||
func (*ServiceAddress) Descriptor() ([]byte, []int) {
|
||||
return fileDescriptor_cbb99233b75fb80b, []int{7}
|
||||
return fileDescriptor_cbb99233b75fb80b, []int{8}
|
||||
}
|
||||
func (m *ServiceAddress) XXX_Unmarshal(b []byte) error {
|
||||
return m.Unmarshal(b)
|
||||
|
@ -516,7 +560,7 @@ func (m *Weights) Reset() { *m = Weights{} }
|
|||
func (m *Weights) String() string { return proto.CompactTextString(m) }
|
||||
func (*Weights) ProtoMessage() {}
|
||||
func (*Weights) Descriptor() ([]byte, []int) {
|
||||
return fileDescriptor_cbb99233b75fb80b, []int{8}
|
||||
return fileDescriptor_cbb99233b75fb80b, []int{9}
|
||||
}
|
||||
func (m *Weights) XXX_Unmarshal(b []byte) error {
|
||||
return m.Unmarshal(b)
|
||||
|
@ -552,6 +596,7 @@ func init() {
|
|||
proto.RegisterType((*ExposeConfig)(nil), "pbservice.ExposeConfig")
|
||||
proto.RegisterType((*ExposePath)(nil), "pbservice.ExposePath")
|
||||
proto.RegisterType((*MeshGatewayConfig)(nil), "pbservice.MeshGatewayConfig")
|
||||
proto.RegisterType((*TransparentProxyConfig)(nil), "pbservice.TransparentProxyConfig")
|
||||
proto.RegisterType((*ServiceDefinition)(nil), "pbservice.ServiceDefinition")
|
||||
proto.RegisterMapType((map[string]string)(nil), "pbservice.ServiceDefinition.MetaEntry")
|
||||
proto.RegisterMapType((map[string]ServiceAddress)(nil), "pbservice.ServiceDefinition.TaggedAddressesEntry")
|
||||
|
@ -562,75 +607,78 @@ func init() {
|
|||
func init() { proto.RegisterFile("proto/pbservice/service.proto", fileDescriptor_cbb99233b75fb80b) }
|
||||
|
||||
var fileDescriptor_cbb99233b75fb80b = []byte{
|
||||
// 1083 bytes of a gzipped FileDescriptorProto
|
||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0x1b, 0x45,
|
||||
0x14, 0xf6, 0xfa, 0x27, 0xb6, 0x4f, 0x42, 0x7e, 0x26, 0x26, 0x2c, 0xa1, 0x75, 0x8c, 0x85, 0x90,
|
||||
0x05, 0x91, 0x9d, 0x26, 0x2a, 0xa5, 0x95, 0x8a, 0x44, 0xe2, 0x80, 0x2a, 0x9a, 0x62, 0x36, 0x46,
|
||||
0x15, 0x48, 0x5c, 0x4c, 0xd6, 0x93, 0xf5, 0x2a, 0xf6, 0x8c, 0x35, 0x33, 0x0e, 0xcd, 0x25, 0x6f,
|
||||
0xc0, 0x25, 0x8f, 0x81, 0xc4, 0x4b, 0xe4, 0xb2, 0x97, 0x5c, 0x45, 0x90, 0x3c, 0x04, 0x52, 0xaf,
|
||||
0xd0, 0xfc, 0xec, 0x66, 0xbd, 0x6b, 0x22, 0xe0, 0xca, 0x33, 0xe7, 0x3b, 0x3f, 0xe3, 0xf3, 0x7d,
|
||||
0xe7, 0xd8, 0x70, 0x7f, 0xc2, 0x99, 0x64, 0x9d, 0xc9, 0x89, 0x20, 0xfc, 0x3c, 0xf4, 0x49, 0xc7,
|
||||
0x7e, 0xb6, 0xb5, 0x1d, 0x55, 0x63, 0x60, 0xf3, 0x5e, 0xc0, 0x58, 0x30, 0x22, 0x1d, 0x0d, 0x9c,
|
||||
0x4c, 0x4f, 0x3b, 0x42, 0xf2, 0xa9, 0x2f, 0x8d, 0xe3, 0xe6, 0x7b, 0x51, 0x1e, 0x9f, 0x8d, 0xc7,
|
||||
0x8c, 0x76, 0xcc, 0x87, 0x05, 0xdf, 0x4f, 0x17, 0x19, 0x12, 0x3c, 0x92, 0x43, 0x7f, 0x48, 0xfc,
|
||||
0x33, 0xeb, 0x52, 0x0b, 0x58, 0xc0, 0x8c, 0x9b, 0x3a, 0x19, 0x6b, 0xf3, 0xaf, 0x02, 0xa0, 0x03,
|
||||
0x46, 0x29, 0xf1, 0x65, 0x8f, 0xb3, 0x57, 0x17, 0x07, 0x8c, 0x9e, 0x86, 0x01, 0xfa, 0x04, 0x36,
|
||||
0xba, 0x44, 0xc8, 0x90, 0x62, 0x19, 0x32, 0x7a, 0x6c, 0x92, 0xbe, 0xc0, 0x63, 0xe2, 0x3a, 0x0d,
|
||||
0xa7, 0x55, 0xf5, 0xfe, 0x01, 0x45, 0xbb, 0x50, 0xcb, 0x22, 0xcf, 0xba, 0x6e, 0x5e, 0x47, 0xcd,
|
||||
0xc5, 0xd0, 0x0e, 0xac, 0x3f, 0x67, 0x3e, 0x1e, 0x59, 0xcb, 0xe7, 0x83, 0x01, 0x27, 0x42, 0xb8,
|
||||
0x05, 0x1d, 0x32, 0x0f, 0x42, 0x1f, 0xc1, 0x6a, 0xd2, 0xdc, 0x63, 0x5c, 0xba, 0xc5, 0x86, 0xd3,
|
||||
0x2a, 0x79, 0x19, 0x3b, 0x7a, 0x08, 0x0b, 0xe6, 0x3b, 0xb9, 0xa5, 0x86, 0xd3, 0x5a, 0xdc, 0x7d,
|
||||
0xa7, 0x6d, 0xba, 0xdc, 0x8e, 0xba, 0xdc, 0x3e, 0xd6, 0x5d, 0xde, 0x2f, 0x5e, 0x5e, 0x6d, 0x39,
|
||||
0x9e, 0x75, 0x46, 0x8f, 0xa0, 0xfa, 0xed, 0x44, 0x48, 0x4e, 0xf0, 0x58, 0xb8, 0x0b, 0x8d, 0x42,
|
||||
0x6b, 0x71, 0x77, 0xbd, 0x1d, 0xb7, 0xb7, 0x1d, 0x61, 0x3a, 0x2a, 0xe7, 0xdd, 0xfa, 0xa2, 0x2e,
|
||||
0x2c, 0x1e, 0x11, 0x31, 0xfc, 0x12, 0x4b, 0xf2, 0x23, 0xbe, 0x70, 0xcb, 0xba, 0xe8, 0xbd, 0x44,
|
||||
0x68, 0x02, 0x35, 0xb5, 0x6c, 0x8e, 0x64, 0x98, 0x7a, 0xf5, 0xe1, 0xab, 0x09, 0x13, 0xc4, 0xad,
|
||||
0xd8, 0x57, 0xdf, 0x26, 0x30, 0xc0, 0x4c, 0xac, 0x75, 0x56, 0x8d, 0xe9, 0x73, 0x4c, 0xc5, 0x04,
|
||||
0x73, 0x42, 0x0d, 0xa1, 0x6e, 0xb5, 0xe1, 0xb4, 0x2a, 0x5e, 0xc6, 0xde, 0xfc, 0xad, 0x00, 0x95,
|
||||
0xe8, 0xd9, 0xa8, 0x05, 0x2b, 0x09, 0x6e, 0xfa, 0x17, 0x93, 0x88, 0xe8, 0xb4, 0x39, 0xc5, 0xb0,
|
||||
0x22, 0x5d, 0x4c, 0xb0, 0x4f, 0xe6, 0x30, 0x1c, 0x63, 0xa9, 0xec, 0x5a, 0x46, 0x85, 0x4c, 0x76,
|
||||
0xad, 0x9f, 0x3a, 0x40, 0x17, 0x4b, 0xec, 0x13, 0x2a, 0x09, 0xd7, 0x9c, 0x56, 0xbd, 0x84, 0x25,
|
||||
0x66, 0x7e, 0x3f, 0xa4, 0x83, 0x48, 0x28, 0x25, 0xed, 0x95, 0xb1, 0xa3, 0x0f, 0xe0, 0xad, 0xd8,
|
||||
0xa6, 0x25, 0xb2, 0xa0, 0x25, 0x32, 0x6b, 0x4c, 0xe8, 0xa3, 0xfc, 0x5f, 0xf4, 0x91, 0xa2, 0xb9,
|
||||
0xf2, 0xff, 0x68, 0xde, 0x81, 0xf5, 0x03, 0x42, 0x25, 0xc7, 0xa3, 0x91, 0xf5, 0x9a, 0x72, 0x32,
|
||||
0xb0, 0x94, 0xcd, 0x83, 0x9a, 0x14, 0x96, 0xad, 0xba, 0xed, 0xd4, 0xa2, 0x0d, 0x58, 0x78, 0x81,
|
||||
0x65, 0x78, 0x6e, 0x18, 0xab, 0x78, 0xf6, 0x86, 0xba, 0xb0, 0x7c, 0x1c, 0x0e, 0x88, 0x8f, 0xb9,
|
||||
0x0d, 0xd0, 0x3d, 0x9f, 0x7d, 0xa4, 0x45, 0xba, 0xe4, 0x34, 0xa4, 0xa1, 0x22, 0xc1, 0x4b, 0xc5,
|
||||
0x34, 0xbf, 0x83, 0xa5, 0xa4, 0xde, 0x54, 0xb5, 0x03, 0xb5, 0x54, 0x44, 0x54, 0xcd, 0xdc, 0xd0,
|
||||
0x03, 0x28, 0xf5, 0xb0, 0x1c, 0x0a, 0x37, 0xaf, 0x67, 0xe5, 0xed, 0x8c, 0x5e, 0x15, 0x6a, 0x5b,
|
||||
0x60, 0x3c, 0x9b, 0xbf, 0x3a, 0x00, 0xb7, 0x18, 0x6a, 0xc2, 0xd2, 0xf3, 0x50, 0x48, 0x42, 0x09,
|
||||
0xd7, 0x6c, 0x39, 0x9a, 0xad, 0x19, 0x1b, 0x42, 0x50, 0x54, 0xbe, 0x56, 0x6c, 0xfa, 0x1c, 0xd3,
|
||||
0xac, 0x2e, 0x3a, 0xb0, 0x90, 0xa0, 0x39, 0x32, 0xa2, 0x4d, 0xa8, 0xf4, 0x14, 0xa1, 0x3e, 0x1b,
|
||||
0x59, 0x59, 0xc5, 0x77, 0x25, 0xcf, 0x1e, 0xe6, 0x82, 0x0c, 0xbe, 0xe0, 0x6c, 0xac, 0xbf, 0x8f,
|
||||
0xd6, 0x54, 0xc5, 0x4b, 0x9b, 0x9b, 0xa7, 0xb0, 0x96, 0xe1, 0x15, 0x7d, 0x03, 0xc5, 0x23, 0x36,
|
||||
0xb0, 0x03, 0xb3, 0xff, 0xf4, 0xcd, 0xd5, 0xd6, 0xe3, 0x20, 0x94, 0xc3, 0xe9, 0x49, 0xdb, 0x67,
|
||||
0xe3, 0xce, 0x10, 0x8b, 0x61, 0xe8, 0x33, 0x3e, 0xe9, 0xf8, 0x8c, 0x8a, 0xe9, 0xa8, 0x83, 0x03,
|
||||
0x42, 0xa5, 0x5d, 0xed, 0x22, 0x29, 0x13, 0x95, 0xc4, 0xd3, 0xa9, 0x9a, 0x3f, 0x95, 0x61, 0x2d,
|
||||
0xc3, 0x0d, 0x3a, 0x82, 0xe2, 0x57, 0x21, 0x1d, 0xd8, 0x42, 0x8f, 0xdf, 0x5c, 0x6d, 0x3d, 0xfc,
|
||||
0xf7, 0x85, 0x6c, 0x3a, 0x95, 0xc0, 0xd3, 0x69, 0xd0, 0x32, 0xe4, 0xe3, 0xcd, 0x9c, 0x7f, 0xd6,
|
||||
0x55, 0xcd, 0x4d, 0x8c, 0xa6, 0x3e, 0x2b, 0x5b, 0x1f, 0x07, 0xc2, 0x2d, 0x36, 0x0a, 0xca, 0xa6,
|
||||
0xce, 0xc8, 0x85, 0xf2, 0xec, 0xe8, 0x45, 0x57, 0x84, 0x61, 0xa5, 0x8f, 0x83, 0x80, 0x44, 0x23,
|
||||
0x48, 0x84, 0xbb, 0xaa, 0xe5, 0xf0, 0xe0, 0x2e, 0xcd, 0xb5, 0x53, 0x31, 0x87, 0x54, 0xf2, 0x0b,
|
||||
0x2b, 0x95, 0x74, 0x3e, 0xf4, 0x04, 0x8a, 0x47, 0x44, 0x62, 0xbb, 0x92, 0x3f, 0xbc, 0x33, 0xaf,
|
||||
0x72, 0xd4, 0xc9, 0x3c, 0x1d, 0xa3, 0xd5, 0xa3, 0x04, 0x52, 0xd6, 0x02, 0xd1, 0x67, 0xb4, 0x03,
|
||||
0x25, 0xc3, 0xb8, 0x99, 0xe0, 0x5a, 0x22, 0xa1, 0xb6, 0xab, 0x9d, 0x17, 0xc9, 0x56, 0x1b, 0xd0,
|
||||
0x76, 0x3c, 0x01, 0x55, 0xfd, 0x86, 0xb9, 0x21, 0xf1, 0x5c, 0x6c, 0x43, 0xf9, 0x25, 0x09, 0x83,
|
||||
0xa1, 0x14, 0x2e, 0xe8, 0x0a, 0x28, 0xe1, 0x6e, 0x11, 0x2f, 0x72, 0x41, 0x35, 0x28, 0xf5, 0xd9,
|
||||
0x19, 0xa1, 0xee, 0xa2, 0x6e, 0xac, 0xb9, 0xa0, 0x6d, 0x58, 0x3b, 0xa4, 0xf8, 0x64, 0x44, 0xfa,
|
||||
0x38, 0xf8, 0xfa, 0x9c, 0x70, 0x1e, 0x0e, 0x88, 0xbb, 0xa4, 0x15, 0x9a, 0x05, 0xd0, 0x1e, 0x94,
|
||||
0xcc, 0xe2, 0x5f, 0xd6, 0xf5, 0xee, 0x27, 0x9f, 0x97, 0xf9, 0xa1, 0xf7, 0x8c, 0xaf, 0x5a, 0x16,
|
||||
0x87, 0x6a, 0xc1, 0x4e, 0x78, 0x28, 0x88, 0x6e, 0xf0, 0x9a, 0x8e, 0xde, 0x68, 0xdb, 0xbf, 0x19,
|
||||
0xb3, 0xa8, 0xed, 0x48, 0x2a, 0x06, 0xed, 0x41, 0xd9, 0x96, 0x70, 0x57, 0x74, 0xf8, 0xbb, 0x59,
|
||||
0x7e, 0xac, 0x83, 0x17, 0x79, 0x6e, 0xfe, 0x00, 0xb5, 0x79, 0x02, 0x40, 0xab, 0x50, 0x38, 0x23,
|
||||
0x17, 0xf6, 0x67, 0x48, 0x1d, 0x51, 0x07, 0x4a, 0xe7, 0x78, 0x34, 0x35, 0xbf, 0x35, 0x73, 0x93,
|
||||
0xdb, 0x14, 0x9e, 0xf1, 0x7b, 0x92, 0xff, 0xd4, 0xd9, 0x7c, 0x04, 0xd5, 0x58, 0x07, 0x73, 0x72,
|
||||
0xd6, 0x92, 0x39, 0xab, 0x89, 0xc0, 0xe6, 0x67, 0xf1, 0xa6, 0x8d, 0xe4, 0x9d, 0x10, 0xbe, 0x33,
|
||||
0x2b, 0xfc, 0x48, 0x59, 0xf9, 0x5b, 0x65, 0x35, 0x9f, 0xc6, 0xcc, 0xab, 0xc0, 0x1e, 0x16, 0x22,
|
||||
0xa4, 0x81, 0xdd, 0x6a, 0xd1, 0x55, 0x21, 0x2f, 0x31, 0xa7, 0x0a, 0x31, 0xb1, 0xd1, 0x75, 0xff,
|
||||
0xe8, 0xf2, 0xcf, 0x7a, 0xee, 0xf2, 0xba, 0xee, 0xbc, 0xbe, 0xae, 0x3b, 0x7f, 0x5c, 0xd7, 0x9d,
|
||||
0x9f, 0x6f, 0xea, 0xb9, 0x5f, 0x6e, 0xea, 0xb9, 0xd7, 0x37, 0xf5, 0xdc, 0xef, 0x37, 0xf5, 0xdc,
|
||||
0xf7, 0x1f, 0xdf, 0x35, 0xfc, 0xa9, 0xff, 0x83, 0x27, 0x0b, 0xda, 0xb0, 0xf7, 0x77, 0x00, 0x00,
|
||||
0x00, 0xff, 0xff, 0x79, 0x3a, 0x36, 0x1b, 0x8e, 0x0a, 0x00, 0x00,
|
||||
// 1135 bytes of a gzipped FileDescriptorProto
|
||||
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0x4f, 0x6f, 0x1b, 0x45,
|
||||
0x14, 0xf7, 0xfa, 0x4f, 0x6c, 0xbf, 0x94, 0x34, 0x99, 0x9a, 0xb0, 0x84, 0xd6, 0x49, 0x2d, 0x84,
|
||||
0x22, 0x88, 0xec, 0x34, 0x51, 0x09, 0xad, 0x54, 0x24, 0x12, 0x07, 0x54, 0x35, 0x69, 0xcd, 0xc6,
|
||||
0xa8, 0x02, 0x89, 0xc3, 0x78, 0x3d, 0x59, 0xaf, 0x62, 0xcf, 0x58, 0x3b, 0xe3, 0xd0, 0x1c, 0xf9,
|
||||
0x06, 0x1c, 0xf9, 0x18, 0x48, 0x7c, 0x89, 0x1c, 0x7b, 0xe4, 0x14, 0x41, 0x72, 0xe6, 0x0b, 0xe4,
|
||||
0x84, 0xe6, 0xed, 0xec, 0x66, 0xbd, 0x5e, 0xa2, 0xc2, 0xc9, 0x33, 0xef, 0xf7, 0xde, 0x6f, 0x9e,
|
||||
0xdf, 0xfb, 0xbd, 0x99, 0x85, 0x07, 0xe3, 0x40, 0x28, 0xd1, 0x1a, 0xf7, 0x24, 0x0b, 0x4e, 0x7d,
|
||||
0x97, 0xb5, 0xcc, 0x6f, 0x13, 0xed, 0xa4, 0x1a, 0x03, 0x2b, 0xf7, 0x3d, 0x21, 0xbc, 0x21, 0x6b,
|
||||
0x21, 0xd0, 0x9b, 0x1c, 0xb7, 0xa4, 0x0a, 0x26, 0xae, 0x0a, 0x1d, 0x57, 0x3e, 0x8a, 0x78, 0x5c,
|
||||
0x31, 0x1a, 0x09, 0xde, 0x0a, 0x7f, 0x0c, 0xf8, 0x30, 0x7d, 0xc8, 0x80, 0xd1, 0xa1, 0x1a, 0xb8,
|
||||
0x03, 0xe6, 0x9e, 0x18, 0x97, 0x9a, 0x27, 0x3c, 0x11, 0xba, 0xe9, 0x55, 0x68, 0x6d, 0xfc, 0x5d,
|
||||
0x04, 0xb2, 0x27, 0x38, 0x67, 0xae, 0xea, 0x04, 0xe2, 0xcd, 0xd9, 0x9e, 0xe0, 0xc7, 0xbe, 0x47,
|
||||
0x3e, 0x87, 0xe5, 0x36, 0x93, 0xca, 0xe7, 0x54, 0xf9, 0x82, 0x1f, 0x85, 0xa4, 0x2f, 0xe9, 0x88,
|
||||
0xd9, 0xd6, 0x9a, 0xb5, 0x5e, 0x75, 0xfe, 0x05, 0x25, 0x5b, 0x50, 0x9b, 0x45, 0x9e, 0xb7, 0xed,
|
||||
0x3c, 0x46, 0x65, 0x62, 0x64, 0x13, 0xee, 0x1d, 0x08, 0x97, 0x0e, 0x8d, 0xe5, 0xab, 0x7e, 0x3f,
|
||||
0x60, 0x52, 0xda, 0x05, 0x0c, 0xc9, 0x82, 0xc8, 0xa7, 0xb0, 0x98, 0x34, 0x77, 0x44, 0xa0, 0xec,
|
||||
0xe2, 0x9a, 0xb5, 0x5e, 0x72, 0x66, 0xec, 0xe4, 0x31, 0xcc, 0x85, 0xff, 0xc9, 0x2e, 0xad, 0x59,
|
||||
0xeb, 0xf3, 0x5b, 0x1f, 0x34, 0xc3, 0x2a, 0x37, 0xa3, 0x2a, 0x37, 0x8f, 0xb0, 0xca, 0xbb, 0xc5,
|
||||
0xf3, 0x8b, 0x55, 0xcb, 0x31, 0xce, 0x64, 0x07, 0xaa, 0xdf, 0x8d, 0xa5, 0x0a, 0x18, 0x1d, 0x49,
|
||||
0x7b, 0x6e, 0xad, 0xb0, 0x3e, 0xbf, 0x75, 0xaf, 0x19, 0x97, 0xb7, 0x19, 0x61, 0x18, 0x95, 0x73,
|
||||
0x6e, 0x7c, 0x49, 0x1b, 0xe6, 0x0f, 0x99, 0x1c, 0x7c, 0x43, 0x15, 0xfb, 0x89, 0x9e, 0xd9, 0x65,
|
||||
0x3c, 0xf4, 0x7e, 0x22, 0x34, 0x81, 0x86, 0x67, 0x19, 0x8e, 0x64, 0x98, 0xce, 0x7a, 0xff, 0xcd,
|
||||
0x58, 0x48, 0x66, 0x57, 0x4c, 0xd6, 0x37, 0x04, 0x21, 0x30, 0x15, 0x6b, 0x9c, 0xc9, 0x0b, 0x28,
|
||||
0x1e, 0x8a, 0x3e, 0xb3, 0xab, 0xba, 0x76, 0xbb, 0x3b, 0xd7, 0x17, 0xab, 0xdb, 0x9e, 0xaf, 0x06,
|
||||
0x93, 0x5e, 0xd3, 0x15, 0xa3, 0xd6, 0x80, 0xca, 0x81, 0xef, 0x8a, 0x60, 0xdc, 0x72, 0x05, 0x97,
|
||||
0x93, 0x61, 0x8b, 0x7a, 0x8c, 0x2b, 0xa3, 0x32, 0xd9, 0xc4, 0xfe, 0xeb, 0x70, 0x07, 0x49, 0xc8,
|
||||
0x11, 0x2c, 0x76, 0x03, 0xca, 0xe5, 0x98, 0x06, 0x8c, 0x87, 0xea, 0xb0, 0x01, 0xb3, 0x79, 0x98,
|
||||
0xc8, 0x26, 0xed, 0x32, 0x95, 0xd7, 0x0c, 0x41, 0xe3, 0xf7, 0x02, 0x54, 0xa2, 0x62, 0x91, 0x75,
|
||||
0xb8, 0x9b, 0x50, 0x44, 0xf7, 0x6c, 0x1c, 0xc9, 0x2b, 0x6d, 0x4e, 0xe9, 0x4a, 0x4b, 0x4d, 0x8e,
|
||||
0xa9, 0xcb, 0x32, 0x74, 0x15, 0x63, 0x29, 0x76, 0x14, 0x6f, 0x61, 0x86, 0x1d, 0x55, 0x5b, 0x07,
|
||||
0x68, 0x53, 0x45, 0x5d, 0xc6, 0x15, 0x0b, 0x50, 0x49, 0x55, 0x27, 0x61, 0x89, 0xf5, 0xb6, 0xeb,
|
||||
0xf3, 0x7e, 0x24, 0xcf, 0x12, 0x7a, 0xcd, 0xd8, 0xc9, 0xc7, 0xf0, 0x5e, 0x6c, 0x43, 0x61, 0xce,
|
||||
0xa1, 0x30, 0xa7, 0x8d, 0x09, 0x55, 0x96, 0xff, 0x8b, 0x2a, 0x53, 0xe2, 0xaa, 0xfc, 0x3f, 0x71,
|
||||
0x6d, 0xc2, 0xbd, 0x3d, 0xc6, 0x55, 0x40, 0x87, 0x43, 0xe3, 0x35, 0x09, 0x58, 0x1f, 0x45, 0x53,
|
||||
0x71, 0xb2, 0xa0, 0x06, 0x87, 0x05, 0x33, 0x53, 0xe6, 0xae, 0x20, 0xcb, 0x30, 0xf7, 0x92, 0x2a,
|
||||
0xff, 0x34, 0xec, 0x58, 0xc5, 0x31, 0x3b, 0xd2, 0x86, 0x85, 0x23, 0xbf, 0xcf, 0x5c, 0x1a, 0x98,
|
||||
0x00, 0xac, 0xf9, 0x74, 0x92, 0x06, 0x69, 0xb3, 0x63, 0x9f, 0xfb, 0xba, 0x09, 0x4e, 0x2a, 0xa6,
|
||||
0xf1, 0x3d, 0xdc, 0x49, 0xaa, 0x5c, 0x9f, 0xb6, 0xa7, 0xaf, 0x32, 0x19, 0x9d, 0x16, 0xee, 0xc8,
|
||||
0x23, 0x28, 0x75, 0xa8, 0x1a, 0x48, 0x3b, 0x8f, 0x13, 0xfa, 0xfe, 0xcc, 0x94, 0x68, 0xd4, 0x94,
|
||||
0x20, 0xf4, 0x6c, 0xfc, 0x66, 0x01, 0xdc, 0x60, 0xa4, 0x01, 0x77, 0x0e, 0x7c, 0xa9, 0x18, 0x67,
|
||||
0x01, 0x76, 0xcb, 0xc2, 0x6e, 0x4d, 0xd9, 0x08, 0x81, 0xa2, 0xf6, 0x35, 0x62, 0xc3, 0x75, 0xdc,
|
||||
0x66, 0xbd, 0xc1, 0xc0, 0x42, 0xa2, 0xcd, 0x91, 0x91, 0xac, 0x40, 0xa5, 0xa3, 0x1b, 0xea, 0x8a,
|
||||
0xa1, 0x91, 0x55, 0xbc, 0xd7, 0xf2, 0xec, 0xd0, 0x40, 0xb2, 0xfe, 0xd7, 0x81, 0x18, 0xe1, 0xff,
|
||||
0x41, 0x4d, 0x55, 0x9c, 0xb4, 0xb9, 0x71, 0x0c, 0x4b, 0x33, 0x7d, 0x25, 0xdf, 0x9a, 0x51, 0xc7,
|
||||
0x81, 0xd9, 0x7d, 0x76, 0x7d, 0xb1, 0xfa, 0xe4, 0xdd, 0x47, 0x3d, 0x41, 0x77, 0x33, 0xf0, 0x8d,
|
||||
0x03, 0x58, 0xce, 0x9e, 0x66, 0x3d, 0x7e, 0xaf, 0x26, 0xaa, 0x27, 0x26, 0xbc, 0x9f, 0x51, 0xad,
|
||||
0x4c, 0xac, 0xf1, 0x73, 0x19, 0x96, 0x66, 0x3a, 0x4d, 0x0e, 0xa1, 0xf8, 0xc2, 0xe7, 0x7d, 0x93,
|
||||
0xf6, 0x93, 0xeb, 0x8b, 0xd5, 0xc7, 0xef, 0x9e, 0xb6, 0xa1, 0xd3, 0x04, 0x0e, 0xd2, 0x90, 0x05,
|
||||
0xc8, 0xc7, 0xaf, 0x4b, 0xfe, 0x79, 0x5b, 0xb7, 0x2a, 0x31, 0xe8, 0xb8, 0xd6, 0xb6, 0x2e, 0xf5,
|
||||
0xa4, 0x5d, 0x5c, 0x2b, 0x68, 0x9b, 0x5e, 0x13, 0x1b, 0xca, 0xd3, 0x83, 0x1c, 0x6d, 0x09, 0x85,
|
||||
0xbb, 0x5d, 0xea, 0x79, 0x2c, 0x1a, 0x68, 0x26, 0xed, 0x45, 0x14, 0xd7, 0xa3, 0xdb, 0x14, 0xdc,
|
||||
0x4c, 0xc5, 0xec, 0x73, 0x15, 0x9c, 0x19, 0xe1, 0xa5, 0xf9, 0xc8, 0x53, 0x28, 0x1e, 0x32, 0x45,
|
||||
0xcd, 0xb3, 0xf2, 0xc9, 0xad, 0xbc, 0xda, 0x11, 0xc9, 0x1c, 0x8c, 0x41, 0x2d, 0xea, 0xca, 0x97,
|
||||
0xb1, 0xf2, 0xb8, 0x26, 0x9b, 0x50, 0x0a, 0xf5, 0x13, 0xde, 0x07, 0xb5, 0x04, 0x21, 0xda, 0xf5,
|
||||
0x0d, 0x1a, 0x0d, 0x01, 0x1a, 0xc8, 0x46, 0x3c, 0x4f, 0x55, 0xcc, 0x21, 0x33, 0x24, 0x9e, 0xb2,
|
||||
0x0d, 0x28, 0xbf, 0x66, 0xbe, 0x37, 0x50, 0xd2, 0xdc, 0xff, 0x24, 0xe1, 0x6e, 0x10, 0x27, 0x72,
|
||||
0x21, 0x35, 0x28, 0x75, 0xc5, 0x09, 0xe3, 0xf6, 0x3c, 0x16, 0x36, 0xdc, 0x90, 0x0d, 0x58, 0xda,
|
||||
0xe7, 0xb4, 0x37, 0x64, 0x5d, 0xea, 0xbd, 0x3a, 0x65, 0x41, 0xe0, 0xf7, 0x99, 0x7d, 0x07, 0xf5,
|
||||
0x3e, 0x0b, 0x90, 0x6d, 0x28, 0x85, 0xef, 0xcd, 0x02, 0x9e, 0xf7, 0x20, 0x99, 0xde, 0xcc, 0xc7,
|
||||
0x8a, 0x13, 0xfa, 0xea, 0xab, 0x67, 0x5f, 0x5f, 0xd7, 0xe3, 0xc0, 0x97, 0x0c, 0x0b, 0xbc, 0x84,
|
||||
0xd1, 0xcb, 0x4d, 0xf3, 0xa9, 0x34, 0x8d, 0x9a, 0x8a, 0xa4, 0x62, 0xc8, 0x36, 0x94, 0xcd, 0x11,
|
||||
0xf6, 0x5d, 0x0c, 0xff, 0x70, 0xb6, 0x3f, 0xc6, 0xc1, 0x89, 0x3c, 0x57, 0x7e, 0x84, 0x5a, 0x96,
|
||||
0x00, 0xc8, 0x22, 0x14, 0x4e, 0xd8, 0x99, 0x79, 0xd4, 0xf4, 0x92, 0xb4, 0xa0, 0x74, 0x4a, 0x87,
|
||||
0x93, 0xf0, 0xe5, 0xca, 0x24, 0x37, 0x14, 0x4e, 0xe8, 0xf7, 0x34, 0xff, 0x85, 0xb5, 0xb2, 0x03,
|
||||
0xd5, 0x58, 0x07, 0x19, 0x9c, 0xb5, 0x24, 0x67, 0x35, 0x11, 0xd8, 0xf8, 0x32, 0xbe, 0xb7, 0x23,
|
||||
0x79, 0x27, 0x84, 0x6f, 0x4d, 0x0b, 0x3f, 0x52, 0x56, 0xfe, 0x46, 0x59, 0x8d, 0x67, 0x71, 0xe7,
|
||||
0x75, 0x60, 0x87, 0x4a, 0xe9, 0x73, 0xcf, 0x4c, 0x7d, 0xb4, 0xd5, 0xc8, 0x6b, 0x1a, 0x70, 0x8d,
|
||||
0x84, 0xb1, 0xd1, 0x76, 0xf7, 0xf0, 0xfc, 0xaf, 0x7a, 0xee, 0xfc, 0xb2, 0x6e, 0xbd, 0xbd, 0xac,
|
||||
0x5b, 0x7f, 0x5e, 0xd6, 0xad, 0x5f, 0xae, 0xea, 0xb9, 0x5f, 0xaf, 0xea, 0xb9, 0xb7, 0x57, 0xf5,
|
||||
0xdc, 0x1f, 0x57, 0xf5, 0xdc, 0x0f, 0x9f, 0xdd, 0x36, 0xfc, 0xa9, 0x6f, 0xda, 0xde, 0x1c, 0x1a,
|
||||
0xb6, 0xff, 0x09, 0x00, 0x00, 0xff, 0xff, 0x1f, 0xf1, 0x41, 0x33, 0x52, 0x0b, 0x00, 0x00,
|
||||
}
|
||||
|
||||
func (m *ConnectProxyConfig) Marshal() (dAtA []byte, err error) {
|
||||
|
@ -653,15 +701,22 @@ func (m *ConnectProxyConfig) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
|||
_ = i
|
||||
var l int
|
||||
_ = l
|
||||
if m.TransparentProxy {
|
||||
i--
|
||||
if m.TransparentProxy {
|
||||
dAtA[i] = 1
|
||||
} else {
|
||||
dAtA[i] = 0
|
||||
{
|
||||
size, err := m.TransparentProxy.MarshalToSizedBuffer(dAtA[:i])
|
||||
if err != nil {
|
||||
return 0, err
|
||||
}
|
||||
i -= size
|
||||
i = encodeVarintService(dAtA, i, uint64(size))
|
||||
}
|
||||
i--
|
||||
dAtA[i] = 0x52
|
||||
if len(m.Mode) > 0 {
|
||||
i -= len(m.Mode)
|
||||
copy(dAtA[i:], m.Mode)
|
||||
i = encodeVarintService(dAtA, i, uint64(len(m.Mode)))
|
||||
i--
|
||||
dAtA[i] = 0x48
|
||||
dAtA[i] = 0x4a
|
||||
}
|
||||
{
|
||||
size, err := m.Expose.MarshalToSizedBuffer(dAtA[:i])
|
||||
|
@ -1012,6 +1067,34 @@ func (m *MeshGatewayConfig) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
|||
return len(dAtA) - i, nil
|
||||
}
|
||||
|
||||
func (m *TransparentProxyConfig) Marshal() (dAtA []byte, err error) {
|
||||
size := m.Size()
|
||||
dAtA = make([]byte, size)
|
||||
n, err := m.MarshalToSizedBuffer(dAtA[:size])
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return dAtA[:n], nil
|
||||
}
|
||||
|
||||
func (m *TransparentProxyConfig) MarshalTo(dAtA []byte) (int, error) {
|
||||
size := m.Size()
|
||||
return m.MarshalToSizedBuffer(dAtA[:size])
|
||||
}
|
||||
|
||||
func (m *TransparentProxyConfig) MarshalToSizedBuffer(dAtA []byte) (int, error) {
|
||||
i := len(dAtA)
|
||||
_ = i
|
||||
var l int
|
||||
_ = l
|
||||
if m.OutboundListenerPort != 0 {
|
||||
i = encodeVarintService(dAtA, i, uint64(m.OutboundListenerPort))
|
||||
i--
|
||||
dAtA[i] = 0x8
|
||||
}
|
||||
return len(dAtA) - i, nil
|
||||
}
|
||||
|
||||
func (m *ServiceDefinition) Marshal() (dAtA []byte, err error) {
|
||||
size := m.Size()
|
||||
dAtA = make([]byte, size)
|
||||
|
@ -1325,9 +1408,12 @@ func (m *ConnectProxyConfig) Size() (n int) {
|
|||
n += 1 + l + sovService(uint64(l))
|
||||
l = m.Expose.Size()
|
||||
n += 1 + l + sovService(uint64(l))
|
||||
if m.TransparentProxy {
|
||||
n += 2
|
||||
l = len(m.Mode)
|
||||
if l > 0 {
|
||||
n += 1 + l + sovService(uint64(l))
|
||||
}
|
||||
l = m.TransparentProxy.Size()
|
||||
n += 1 + l + sovService(uint64(l))
|
||||
return n
|
||||
}
|
||||
|
||||
|
@ -1445,6 +1531,18 @@ func (m *MeshGatewayConfig) Size() (n int) {
|
|||
return n
|
||||
}
|
||||
|
||||
func (m *TransparentProxyConfig) Size() (n int) {
|
||||
if m == nil {
|
||||
return 0
|
||||
}
|
||||
var l int
|
||||
_ = l
|
||||
if m.OutboundListenerPort != 0 {
|
||||
n += 1 + sovService(uint64(m.OutboundListenerPort))
|
||||
}
|
||||
return n
|
||||
}
|
||||
|
||||
func (m *ServiceDefinition) Size() (n int) {
|
||||
if m == nil {
|
||||
return 0
|
||||
|
@ -1843,10 +1941,10 @@ func (m *ConnectProxyConfig) Unmarshal(dAtA []byte) error {
|
|||
}
|
||||
iNdEx = postIndex
|
||||
case 9:
|
||||
if wireType != 0 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field TransparentProxy", wireType)
|
||||
if wireType != 2 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field Mode", wireType)
|
||||
}
|
||||
var v int
|
||||
var stringLen uint64
|
||||
for shift := uint(0); ; shift += 7 {
|
||||
if shift >= 64 {
|
||||
return ErrIntOverflowService
|
||||
|
@ -1856,12 +1954,57 @@ func (m *ConnectProxyConfig) Unmarshal(dAtA []byte) error {
|
|||
}
|
||||
b := dAtA[iNdEx]
|
||||
iNdEx++
|
||||
v |= int(b&0x7F) << shift
|
||||
stringLen |= uint64(b&0x7F) << shift
|
||||
if b < 0x80 {
|
||||
break
|
||||
}
|
||||
}
|
||||
m.TransparentProxy = bool(v != 0)
|
||||
intStringLen := int(stringLen)
|
||||
if intStringLen < 0 {
|
||||
return ErrInvalidLengthService
|
||||
}
|
||||
postIndex := iNdEx + intStringLen
|
||||
if postIndex < 0 {
|
||||
return ErrInvalidLengthService
|
||||
}
|
||||
if postIndex > l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
m.Mode = github_com_hashicorp_consul_agent_structs.ProxyMode(dAtA[iNdEx:postIndex])
|
||||
iNdEx = postIndex
|
||||
case 10:
|
||||
if wireType != 2 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field TransparentProxy", wireType)
|
||||
}
|
||||
var msglen int
|
||||
for shift := uint(0); ; shift += 7 {
|
||||
if shift >= 64 {
|
||||
return ErrIntOverflowService
|
||||
}
|
||||
if iNdEx >= l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
b := dAtA[iNdEx]
|
||||
iNdEx++
|
||||
msglen |= int(b&0x7F) << shift
|
||||
if b < 0x80 {
|
||||
break
|
||||
}
|
||||
}
|
||||
if msglen < 0 {
|
||||
return ErrInvalidLengthService
|
||||
}
|
||||
postIndex := iNdEx + msglen
|
||||
if postIndex < 0 {
|
||||
return ErrInvalidLengthService
|
||||
}
|
||||
if postIndex > l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
if err := m.TransparentProxy.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
|
||||
return err
|
||||
}
|
||||
iNdEx = postIndex
|
||||
default:
|
||||
iNdEx = preIndex
|
||||
skippy, err := skipService(dAtA[iNdEx:])
|
||||
|
@ -2683,6 +2826,78 @@ func (m *MeshGatewayConfig) Unmarshal(dAtA []byte) error {
|
|||
}
|
||||
return nil
|
||||
}
|
||||
func (m *TransparentProxyConfig) Unmarshal(dAtA []byte) error {
|
||||
l := len(dAtA)
|
||||
iNdEx := 0
|
||||
for iNdEx < l {
|
||||
preIndex := iNdEx
|
||||
var wire uint64
|
||||
for shift := uint(0); ; shift += 7 {
|
||||
if shift >= 64 {
|
||||
return ErrIntOverflowService
|
||||
}
|
||||
if iNdEx >= l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
b := dAtA[iNdEx]
|
||||
iNdEx++
|
||||
wire |= uint64(b&0x7F) << shift
|
||||
if b < 0x80 {
|
||||
break
|
||||
}
|
||||
}
|
||||
fieldNum := int32(wire >> 3)
|
||||
wireType := int(wire & 0x7)
|
||||
if wireType == 4 {
|
||||
return fmt.Errorf("proto: TransparentProxyConfig: wiretype end group for non-group")
|
||||
}
|
||||
if fieldNum <= 0 {
|
||||
return fmt.Errorf("proto: TransparentProxyConfig: illegal tag %d (wire type %d)", fieldNum, wire)
|
||||
}
|
||||
switch fieldNum {
|
||||
case 1:
|
||||
if wireType != 0 {
|
||||
return fmt.Errorf("proto: wrong wireType = %d for field OutboundListenerPort", wireType)
|
||||
}
|
||||
m.OutboundListenerPort = 0
|
||||
for shift := uint(0); ; shift += 7 {
|
||||
if shift >= 64 {
|
||||
return ErrIntOverflowService
|
||||
}
|
||||
if iNdEx >= l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
b := dAtA[iNdEx]
|
||||
iNdEx++
|
||||
m.OutboundListenerPort |= int32(b&0x7F) << shift
|
||||
if b < 0x80 {
|
||||
break
|
||||
}
|
||||
}
|
||||
default:
|
||||
iNdEx = preIndex
|
||||
skippy, err := skipService(dAtA[iNdEx:])
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if skippy < 0 {
|
||||
return ErrInvalidLengthService
|
||||
}
|
||||
if (iNdEx + skippy) < 0 {
|
||||
return ErrInvalidLengthService
|
||||
}
|
||||
if (iNdEx + skippy) > l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
iNdEx += skippy
|
||||
}
|
||||
}
|
||||
|
||||
if iNdEx > l {
|
||||
return io.ErrUnexpectedEOF
|
||||
}
|
||||
return nil
|
||||
}
|
||||
func (m *ServiceDefinition) Unmarshal(dAtA []byte) error {
|
||||
l := len(dAtA)
|
||||
iNdEx := 0
|
||||
|
|
|
@ -64,15 +64,18 @@ message ConnectProxyConfig {
|
|||
// mog: func-to=UpstreamsToStructs func-from=NewUpstreamsFromStructs
|
||||
repeated Upstream Upstreams = 6 [(gogoproto.nullable) = false];
|
||||
|
||||
// MeshGateway defines the mesh gateway configuration for this upstream
|
||||
// MeshGateway defines the mesh gateway configuration for upstreams
|
||||
MeshGatewayConfig MeshGateway = 7 [(gogoproto.nullable) = false];
|
||||
|
||||
// Expose defines whether checks or paths are exposed through the proxy
|
||||
ExposeConfig Expose = 8 [(gogoproto.nullable) = false];
|
||||
|
||||
// TransparentProxy enables configuring the service mesh as if all inbound
|
||||
// and outbound traffic is being redirected to this proxy
|
||||
bool TransparentProxy = 9;
|
||||
// Mode represents how the proxy's inbound and upstream listeners are dialed.
|
||||
string Mode = 9 [(gogoproto.casttype) = "github.com/hashicorp/consul/agent/structs.ProxyMode"];
|
||||
|
||||
// TransparentProxy defines configuration for when the proxy is in
|
||||
// transparent mode.
|
||||
TransparentProxyConfig TransparentProxy = 10 [(gogoproto.nullable) = false];
|
||||
}
|
||||
|
||||
// Upstream represents a single upstream dependency for a service or proxy. It
|
||||
|
@ -200,6 +203,15 @@ message MeshGatewayConfig {
|
|||
string Mode = 1 [(gogoproto.casttype) = "github.com/hashicorp/consul/agent/structs.MeshGatewayMode"];
|
||||
}
|
||||
|
||||
// mog annotation:
|
||||
//
|
||||
// target=github.com/hashicorp/consul/agent/structs.TransparentProxyConfig
|
||||
// output=service.gen.go
|
||||
// name=Structs
|
||||
message TransparentProxyConfig {
|
||||
int32 OutboundListenerPort = 1;
|
||||
}
|
||||
|
||||
// ServiceDefinition is used to JSON decode the Service definitions. For
|
||||
// documentation on specific fields see NodeService which is better documented.
|
||||
//
|
||||
|
|
Loading…
Reference in New Issue