Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(kuma-cp): reachable services in transparent proxying #3791

Merged
merged 3 commits into from
Feb 7, 2022
Merged

feat(kuma-cp): reachable services in transparent proxying #3791

merged 3 commits into from
Feb 7, 2022

Conversation

jakubdyszkiewicz
Copy link
Contributor

@jakubdyszkiewicz jakubdyszkiewicz commented Feb 3, 2022
edited
Loading

Summary

Introduce reachable service. This way, a service owner can restrict which services are reachable from their service.
The result is that Envoy follows only this couple of services which dramatically improves the performance of the system.

Issues resolved

Fix #3779

Documentation

Testing

  • Unit tests
  • E2E tests
  • Manual testing on Universal
  • Manual testing on Kubernetes

Backwards compatibility

- [ ] Update UPGRADE.md with any steps users will need to take when upgrading.
- [ ] Add backport-to-stable label if the code follows our backporting policy

@codecov-commenter
Copy link

codecov-commenter commented Feb 3, 2022
edited
Loading

Codecov Report

Merging #3791 (865b60f) into master (a931aba) will increase coverage by 0.02%.
The diff coverage is 45.45%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #3791      +/-   ##
==========================================
+ Coverage   55.86%   55.89%   +0.02%     
==========================================
  Files         897      897              
  Lines       53297    53326      +29     
==========================================
+ Hits        29773    29805      +32     
+ Misses      21151    21147       -4     
- Partials     2373     2374       +1
Impacted Files Coverage Δ
api/mesh/v1alpha1/dataplane.pb.go 36.92% <0.00%> (-0.29%) ⬇️
pkg/plugins/runtime/k8s/metadata/annotations.go 100.00% <ø> (ø)
pkg/xds/sync/dataplane_proxy_builder.go 65.33% <0.00%> (-6.73%) ⬇️
...est/framework/deployments/testserver/deployment.go 0.00% <0.00%> (ø)
...est/framework/deployments/testserver/kubernetes.go 0.00% <0.00%> (ø)
test/framework/interface.go 0.00% <0.00%> (ø)
test/framework/setup.go 3.16% <0.00%> (ø)
test/framework/universal_app.go 0.00% <ø> (ø)
api/mesh/v1alpha1/dataplane_helpers.go 86.02% <100.00%> (ø)
pkg/core/resources/apis/mesh/dataplane_helpers.go 87.32% <100.00%> (+2.18%) ⬆️
... and 15 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a931aba...865b60f. Read the comment docs.

@jakubdyszkiewicz jakubdyszkiewicz marked this pull request as ready for review February 7, 2022 08:32
@jakubdyszkiewicz jakubdyszkiewicz requested a review from a team as a code owner February 7, 2022 08:32
lahabana
lahabana approved these changes Feb 7, 2022
View reviewed changes
Copy link
Contributor

@lahabana lahabana left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have one slightly concern WRT Universal and Outbounds but I'm unsure.

pkg/xds/generator/dns_generator.go Show resolved Hide resolved
test/framework/universal_app.go Show resolved Hide resolved
pkg/xds/generator/dns_generator.go Outdated Show resolved Hide resolved
@jakubdyszkiewicz jakubdyszkiewicz merged commit fa98447 into master Feb 7, 2022
@jakubdyszkiewicz jakubdyszkiewicz deleted the feat/reachable-services branch February 7, 2022 13:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lahabana lahabana lahabana approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Way to reduce configuration policy by explicitly stating which Services a DP talks to
3 participants
@jakubdyszkiewicz @codecov-commenter @lahabana