From f30990da8baa6c8a4a0412829658164ed48c670e Mon Sep 17 00:00:00 2001 From: Jesse Haka Date: Tue, 26 Mar 2024 12:32:20 +0200 Subject: [PATCH] allow websockets in url rewrite Signed-off-by: Jesse Haka --- internal/xds/translator/route.go | 10 ++++++ ...e-rewrite-root-path-url-prefix.routes.yaml | 2 ++ ...ttp-route-rewrite-url-fullpath.routes.yaml | 2 ++ .../http-route-rewrite-url-host.routes.yaml | 2 ++ .../http-route-rewrite-url-prefix.routes.yaml | 2 ++ test/helm/default.yaml | 32 +++++++++---------- 6 files changed, 34 insertions(+), 16 deletions(-) diff --git a/internal/xds/translator/route.go b/internal/xds/translator/route.go index 22654bc8c45f..6cb3e7259b7f 100644 --- a/internal/xds/translator/route.go +++ b/internal/xds/translator/route.go @@ -59,6 +59,16 @@ func buildXdsRoute(httpRoute *ir.HTTPRoute) (*routev3.Route, error) { routeAction.RequestMirrorPolicies = buildXdsRequestMirrorPolicies(httpRoute.Mirrors) } + if !httpRoute.IsHTTP2 { + // Allow websocket upgrades for HTTP 1.1 + // Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Protocol_upgrade_mechanism + routeAction.UpgradeConfigs = []*routev3.RouteAction_UpgradeConfig{ + { + UpgradeType: "websocket", + }, + } + } + router.Action = &routev3.Route_Route{Route: routeAction} default: var routeAction *routev3.RouteAction diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.routes.yaml index 2bf01099ad2a..d5a0bd989940 100644 --- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.routes.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.routes.yaml @@ -18,3 +18,5 @@ pattern: regex: ^/origin/\/* substitution: / + upgradeConfigs: + - upgradeType: websocket diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.routes.yaml index f1f30bbbffc5..f8b81712daed 100644 --- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.routes.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.routes.yaml @@ -14,3 +14,5 @@ pattern: regex: /.+ substitution: /rewrite + upgradeConfigs: + - upgradeType: websocket diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.routes.yaml index 7de20ab03052..680a67404ee9 100644 --- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.routes.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.routes.yaml @@ -17,3 +17,5 @@ cluster: rewrite-route-dest hostRewriteLiteral: 3.3.3.3 prefixRewrite: /rewrite + upgradeConfigs: + - upgradeType: websocket diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.routes.yaml index a5f47ebab544..84bc70f04bd2 100644 --- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.routes.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.routes.yaml @@ -15,3 +15,5 @@ route: cluster: rewrite-route-dest prefixRewrite: /rewrite + upgradeConfigs: + - upgradeType: websocket diff --git a/test/helm/default.yaml b/test/helm/default.yaml index 4e9c147f265a..49057fba30e9 100644 --- a/test/helm/default.yaml +++ b/test/helm/default.yaml @@ -4,7 +4,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: envoy-gateway - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -17,7 +17,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: envoy-gateway-config - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -163,14 +163,14 @@ roleRef: subjects: - kind: ServiceAccount name: 'envoy-gateway' - namespace: 'default' + namespace: 'sentry' --- # Source: gateway-helm/templates/infra-manager-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: eg-gateway-helm-infra-manager - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -212,7 +212,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: eg-gateway-helm-leader-election-role - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -257,7 +257,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: eg-gateway-helm-infra-manager - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -271,14 +271,14 @@ roleRef: subjects: - kind: ServiceAccount name: 'envoy-gateway' - namespace: 'default' + namespace: 'sentry' --- # Source: gateway-helm/templates/leader-election-rbac.yaml apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: eg-gateway-helm-leader-election-rolebinding - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -292,14 +292,14 @@ roleRef: subjects: - kind: ServiceAccount name: 'envoy-gateway' - namespace: 'default' + namespace: 'sentry' --- # Source: gateway-helm/templates/envoy-gateway-service.yaml apiVersion: v1 kind: Service metadata: name: envoy-gateway - namespace: 'default' + namespace: 'sentry' labels: control-plane: envoy-gateway helm.sh/chart: gateway-helm-v0.0.0-latest @@ -328,7 +328,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: envoy-gateway - namespace: 'default' + namespace: 'sentry' labels: control-plane: envoy-gateway helm.sh/chart: gateway-helm-v0.0.0-latest @@ -421,7 +421,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: eg-gateway-helm-certgen - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -436,7 +436,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: eg-gateway-helm-certgen - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -460,7 +460,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: eg-gateway-helm-certgen - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm @@ -476,14 +476,14 @@ roleRef: subjects: - kind: ServiceAccount name: 'eg-gateway-helm-certgen' - namespace: 'default' + namespace: 'sentry' --- # Source: gateway-helm/templates/certgen.yaml apiVersion: batch/v1 kind: Job metadata: name: eg-gateway-helm-certgen - namespace: 'default' + namespace: 'sentry' labels: helm.sh/chart: gateway-helm-v0.0.0-latest app.kubernetes.io/name: gateway-helm