Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ingress: Restore original dst address routing #1016

Merged
merged 3 commits into from
May 24, 2021
Merged

ingress: Restore original dst address routing #1016

merged 3 commits into from
May 24, 2021

Conversation

olix0r
Copy link
Member

@olix0r olix0r commented May 22, 2021

In f8cc918, we started requiring the l5d-dst-override header. As
described in linkerd/linkerd2#6157, this breaks some ingress
configurations, especially those that may route to out-of-cluster
resources.

This change restores original-dst-addr routing for requests that do not
include the l5d-dst-override header.

Internally, this change centralizes the DST_OVERRIDE_HEADER and
related utilities to the ingress module, as no other modules should have
to know anything about it.

@olix0r
ingress: Restore original dst address routing
452f12a 
In f8cc918, we started requiring the `l5d-dst-override` header. As
described in linkerd/linkerd2#6157, this breaks some ingress
configurations, especially those that may route to out-of-cluster
resources.

This change restores original-dst-addr routing for requests that do not
include the `l5d-dst-override` header.

Internally, this change centralizes the `DST_OVERRIDE_HEADER` and
related utilities to the ingress module, as no other modules should have
to know anything about it.
@olix0r olix0r requested a review from a team May 22, 2021 04:18
hawkw
hawkw approved these changes May 24, 2021
View reviewed changes
Copy link
Contributor

@hawkw hawkw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

overall, lgtm --- i commented on some nits mostly related to logging, but no real blockers!

@olix0r
Copy link
Member Author

olix0r commented May 24, 2021

@hawkw PTAL, moved some things around

@olix0r olix0r merged commit a07b33d into main May 24, 2021
@olix0r olix0r deleted the ver/ingress-authority branch May 24, 2021 19:37
@olix0r olix0r mentioned this pull request May 24, 2021
Closed
olix0r added a commit to linkerd/linkerd2 that referenced this pull request May 27, 2021
@olix0r
proxy: v2.145.0
5eb62dc 
* Controller clients of components with more than one replica could fail
  to drive all connections to completion. This could result in timeouts
  showing up in logs, but would not have prevented proxies from
  communicating with controllers. #6146
* linkerd/linkerd2-proxy#992 made the `l5d-dst-override` header required
  for ingress-mode proxies. This behavior has been reverted so that
  requests without this header are forwarded to their original
  destination.
* OpenCensus trace spans for HTTP requests no longer include query
  parameters.

---

* ci: Update/pin action dependencies (linkerd/linkerd2-proxy#1012)
* control: Ensure endpoints are driven to readiness (linkerd/linkerd2-proxy#1014)
* Make span name without query string (linkerd/linkerd2-proxy#1013)
* ingress: Restore original dst address routing (linkerd/linkerd2-proxy#1016)
* ci: Restict permissions in Actions (linkerd/linkerd2-proxy#1019)
* Forbid unsafe code in most module (linkerd/linkerd2-proxy#1018)
@olix0r olix0r mentioned this pull request May 27, 2021
Merged
olix0r added a commit to linkerd/linkerd2 that referenced this pull request May 27, 2021
@olix0r
proxy: v2.145.0 (#6187)
20876ab 
* Controller clients of components with more than one replica could fail
  to drive all connections to completion. This could result in timeouts
  showing up in logs, but would not have prevented proxies from
  communicating with controllers. #6146
* linkerd/linkerd2-proxy#992 made the `l5d-dst-override` header required
  for ingress-mode proxies. This behavior has been reverted so that
  requests without this header are forwarded to their original
  destination.
* OpenCensus trace spans for HTTP requests no longer include query
  parameters.

---

* ci: Update/pin action dependencies (linkerd/linkerd2-proxy#1012)
* control: Ensure endpoints are driven to readiness (linkerd/linkerd2-proxy#1014)
* Make span name without query string (linkerd/linkerd2-proxy#1013)
* ingress: Restore original dst address routing (linkerd/linkerd2-proxy#1016)
* ci: Restict permissions in Actions (linkerd/linkerd2-proxy#1019)
* Forbid unsafe code in most module (linkerd/linkerd2-proxy#1018)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hawkw hawkw hawkw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@olix0r @hawkw