luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/agent
History
Ashvitha f514182f3e
Allow HCP metrics collection for Envoy proxies 
Co-authored-by: Ashvitha Sridharan <ashvitha.sridharan@hashicorp.com>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>

Add a new envoy flag: "envoy_hcp_metrics_bind_socket_dir", a directory
where a unix socket will be created with the name
`<namespace>_<proxy_id>.sock` to forward Envoy metrics.

If set, this will configure:
- In bootstrap configuration a local stats_sink and static cluster.
  These will forward metrics to a loopback listener sent over xDS.

- A dynamic listener listening at the socket path that the previously
  defined static cluster is sending metrics to.

- A dynamic cluster that will forward traffic received at this listener
  to the hcp-metrics-collector service.


Reasons for having a static cluster pointing at a dynamic listener:
- We want to secure the metrics stream using TLS, but the stats sink can
  only be defined in bootstrap config. With dynamic listeners/clusters
  we can use the proxy's leaf certificate issued by the Connect CA,
  which isn't available at bootstrap time.

- We want to intelligently route to the HCP collector. Configuring its
  addreess at bootstrap time limits our flexibility routing-wise. More
  on this below.

Reasons for defining the collector as an upstream in `proxycfg`:
- The HCP collector will be deployed as a mesh service.

- Certificate management is taken care of, as mentioned above.

- Service discovery and routing logic is automatically taken care of,
  meaning that no code changes are required in the xds package.

- Custom routing rules can be added for the collector using discovery
  chain config entries. Initially the collector is expected to be
  deployed to each admin partition, but in the future could be deployed
  centrally in the default partition. These config entries could even be
  managed by HCP itself.
 		2023-03-10 13:52:54 -07:00
..
ae
auto-config Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
cache xds: don't attempt to load-balance sessions for local proxies (#15789) 2023-01-18 12:33:21 -06:00
cache-types Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
checks Fix TLS_BadVerify test assertions on macOS (#15903) 2023-01-05 11:47:45 -06:00
config allow setting locality on services and nodes (#16581) 2023-03-10 09:36:15 -05:00
configentry Add Peer Locality to Discovery Chains (#16588) 2023-03-10 12:59:47 -05:00
connect support vault auth config for alicloud ca provider 2023-03-07 03:02:05 +00:00
consul Add Peer Locality to Discovery Chains (#16588) 2023-03-10 12:59:47 -05:00
debug
dns
envoyextensions Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
exec
grpc-external GRPC stub for the ResourceService (#16528) 2023-03-09 13:40:23 -06:00
grpc-internal grpc: fix data race in balancer registration (#16229) 2023-02-28 10:18:38 +00:00
grpc-middleware GRPC stub for the ResourceService (#16528) 2023-03-09 13:40:23 -06:00
hcp xds: don't attempt to load-balance sessions for local proxies (#15789) 2023-01-18 12:33:21 -06:00
local allow setting locality on services and nodes (#16581) 2023-03-10 09:36:15 -05:00
log-drop inject logger and create logdrop sink (#15822) 2023-01-06 11:33:53 -07:00
metadata Change serf-tag references to field references. 2022-08-31 16:38:42 -05:00
metrics emit metrics for global rate limiting (#15891) 2023-01-06 17:49:33 -06:00
mock
pool Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
proxycfg Allow HCP metrics collection for Envoy proxies 2023-03-10 13:52:54 -07:00
proxycfg-glue Fix issue with peer services incorrectly appearing as connect-enabled. (#16339) 2023-02-21 13:59:36 -06:00
proxycfg-sources proxycfg: ensure that an irrecoverable error in proxycfg closes the xds session and triggers a replacement proxycfg watcher (#16497) 2023-03-03 14:27:53 -06:00
router Regenerate files according to 1.19.2 formatter 2022-10-24 16:12:08 -04:00
routine-leak-checker removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
rpc allow setting locality on services and nodes (#16581) 2023-03-10 09:36:15 -05:00
rpcclient/health Fix resolution of service resolvers with subsets for external upstreams (#16499) 2023-03-03 14:17:11 -05:00
structs Add Peer Locality to Discovery Chains (#16588) 2023-03-10 12:59:47 -05:00
submatview Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
systemd
token Add new config_file_service_registration token (#15828) 2023-01-10 10:24:02 -06:00
uiserver auto-updated agent/uiserver/dist/ from commit 63204b518 (#16587) 2023-03-09 13:56:53 -05:00
xds Allow HCP metrics collection for Envoy proxies 2023-03-10 13:52:54 -07:00
acl.go Output user-friendly name for anonymous token (#15884) 2023-01-09 12:28:53 -06:00
acl_endpoint.go ACL error improvements: incomplete bootstrapping and non-existent token (#16105) 2023-02-08 23:49:44 +00:00
acl_endpoint_test.go ACL error improvements: incomplete bootstrapping and non-existent token (#16105) 2023-02-08 23:49:44 +00:00
acl_oss.go
acl_test.go revert method name change in xds server protocol for version compatibility (#16195) 2023-02-07 14:19:09 -06:00
agent.go allow setting locality on services and nodes (#16581) 2023-03-10 09:36:15 -05:00
agent_endpoint.go allow setting locality on services and nodes (#16581) 2023-03-10 09:36:15 -05:00
agent_endpoint_oss.go Apply agent partition to load services and agent api (#16024) 2023-01-20 12:59:26 -05:00
agent_endpoint_oss_test.go
agent_endpoint_test.go Update token language to distinguish Accessor and Secret ID usage (#16044) 2023-02-07 12:26:30 -06:00
agent_oss.go
agent_test.go allow setting locality on services and nodes (#16581) 2023-03-10 09:36:15 -05:00
apiserver.go
apiserver_test.go
catalog_endpoint.go Add the `operator usage instances` command and api endpoint (#16205) 2023-02-08 12:07:21 -08:00
catalog_endpoint_oss.go
catalog_endpoint_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
check.go
config_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
config_endpoint_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
connect_auth.go
connect_ca_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
connect_ca_endpoint_test.go removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
coordinate_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
coordinate_endpoint_test.go [OSS] security: update go to 1.20.1 (#16263) 2023-02-17 15:04:12 -05:00
delegate_mock_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
denylist.go
denylist_test.go
discovery_chain_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
discovery_chain_endpoint_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
dns.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
dns_oss.go Add peering `.service` and `.node` DNS lookups. (#15596) 2022-11-29 12:23:18 -06:00
dns_oss_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
dns_test.go Speed up test by registering services concurrently (#16509) 2023-03-02 14:36:44 -05:00
enterprise_delegate_oss.go
event_endpoint.go
event_endpoint_test.go Warn when the token query param is used for auth (#16009) 2023-01-24 16:21:41 +00:00
federation_state_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
health_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
health_endpoint_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
http.go Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
http_decode_test.go Regenerate files according to 1.19.2 formatter 2022-10-24 16:12:08 -04:00
http_oss.go
http_oss_test.go
http_register.go Add the `operator usage instances` command and api endpoint (#16205) 2023-02-08 12:07:21 -08:00
http_test.go fix: add tls config to unix socket when https is used (#16301) 2023-02-21 08:28:13 -05:00
intentions_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
intentions_endpoint_oss_test.go
intentions_endpoint_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
keyring.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
keyring_test.go removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
kvs_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
kvs_endpoint_test.go
metrics.go
metrics_test.go Correct WAL metrics registrations (#16388) 2023-02-23 14:07:17 +00:00
nodeid.go removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
nodeid_test.go removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00
notify.go
notify_test.go
operator_endpoint.go Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
operator_endpoint_oss.go
operator_endpoint_oss_test.go Add the `operator usage instances` command and api endpoint (#16205) 2023-02-08 12:07:21 -08:00
operator_endpoint_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
peering_endpoint.go Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
peering_endpoint_oss_test.go Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
peering_endpoint_test.go Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
prepared_query_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
prepared_query_endpoint_test.go [OSS] security: update go to 1.20.1 (#16263) 2023-02-17 15:04:12 -05:00
proxycfg_test.go proxycfg: ensure that an irrecoverable error in proxycfg closes the xds session and triggers a replacement proxycfg watcher (#16497) 2023-03-03 14:27:53 -06:00
reload.go
remote_exec.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
remote_exec_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
retry_join.go Deprecate -join and -join-wan (#15598) 2022-12-14 20:28:25 +00:00
retry_join_test.go add HCP integration component (#14723) 2022-09-26 14:58:15 -04:00
service_checks_test.go Service http checks data source for agentless proxies (#14924) 2022-10-12 07:49:56 -07:00
service_manager.go [OSS] Add Peer field to service-defaults upstream overrides (#15956) 2023-02-03 10:51:53 -05:00
service_manager_test.go [OSS] Add Peer field to service-defaults upstream overrides (#15956) 2023-02-03 10:51:53 -05:00
session_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
session_endpoint_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
setup.go grpc: fix data race in balancer registration (#16229) 2023-02-28 10:18:38 +00:00
setup_oss.go
sidecar_service.go PR #14057 follow up fix: service id parsing from sidecar id (#14541) 2022-09-09 09:47:10 -05:00
sidecar_service_test.go Backport test from ENT: "Fix missing test fields" (#15258) 2022-11-04 09:29:16 -05:00
signal_unix.go
signal_windows.go
snapshot_endpoint.go
snapshot_endpoint_test.go Warn when the token query param is used for auth (#16009) 2023-01-24 16:21:41 +00:00
status_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
status_endpoint_test.go
streaming_test.go
testagent.go proxycfg: ensure that an irrecoverable error in proxycfg closes the xds session and triggers a replacement proxycfg watcher (#16497) 2023-03-03 14:27:53 -06:00
testagent_test.go
translate_addr.go
txn_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
txn_endpoint_test.go [OSS] security: update go to 1.20.1 (#16263) 2023-02-17 15:04:12 -05:00
ui_endpoint.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
ui_endpoint_oss_test.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
ui_endpoint_test.go Protobuf Refactoring for Multi-Module Cleanliness (#16302) 2023-02-17 16:14:46 -05:00
user_event.go Pass remote addr of incoming HTTP requests through to RPC(..) calls (#15700) 2022-12-14 09:24:22 -06:00
user_event_test.go Add new config_file_service_registration token (#15828) 2023-01-10 10:24:02 -06:00
util.go
util_test.go
watch_handler.go
watch_handler_test.go removes ioutil usage everywhere which was deprecated in go1.16 (#15297) 2022-11-10 10:26:01 -06:00