Allow registering the same service in multiple namespaces. (#697)

* Allow registering the same service in multiple namespaces. * Added changelog entry
hashicorp · Sep 1, 2021 · edb1286 · edb1286
1 parent b7ef83c
commit edb1286
Show file tree

Hide file tree

Showing 3 changed files with 1 addition and 100 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,7 +9,7 @@ IMPROVEMENTS:
 * Control Plane
   * Added health endpoint to the connect inject webhook that will be healthy when webhook certs are present and not empty. [[GH-626](https://github.com/hashicorp/consul-k8s/pull/626)]
   * Catalog Sync: Fix issue registering NodePort services with wrong IPs when a node has multiple IP addresses. [[GH-619](https://github.com/hashicorp/consul-k8s/pull/619)]
-
+  * Allow registering the same service in multiple namespaces. [[GH-697](https://github.com/hashicorp/consul-k8s/pull/697)]
 
 ## 0.33.0 (August 12, 2021)
 

diff --git a/control-plane/connect-inject/endpoints_controller.go b/control-plane/connect-inject/endpoints_controller.go
@@ -232,27 +232,6 @@ func (r *EndpointsController) registerServicesAndHealthCheck(ctx context.Context
 				return err
 			}
 
-			// When Consul namespaces are not enabled, we check that the service with the same name but in a different namespace
-			// is already registered with Consul, and if it is, we skip the registration to avoid service name collisions.
-			if !r.EnableConsulNamespaces {
-				services, _, err := client.Catalog().Service(serviceRegistration.Name, "", nil)
-				if err != nil {
-					r.Log.Error(err, "failed to get service from the Consul catalog", "name", serviceRegistration.Name)
-					return err
-				}
-				for _, service := range services {
-					if existingNS, ok := service.ServiceMeta[MetaKeyKubeNS]; ok && existingNS != serviceEndpoints.Namespace {
-						// Log but don't return an error because we don't want to reconcile this endpoints object again.
-						r.Log.Info("Skipping service registration because a service with the same name "+
-							"but a different Kubernetes namespace is already registered with Consul",
-							"name", serviceRegistration.Name,
-							MetaKeyKubeNS, serviceEndpoints.Namespace,
-							"existing-k8s-namespace", existingNS)
-						return nil
-					}
-				}
-			}
-
 			// Register the service instance with the local agent.
 			// Note: the order of how we register services is important,
 			// and the connect-proxy service should come after the "main" service

diff --git a/control-plane/connect-inject/endpoints_controller_test.go b/control-plane/connect-inject/endpoints_controller_test.go
@@ -4658,84 +4658,6 @@ func TestCreateServiceRegistrations_withTransparentProxy(t *testing.T) {
 	}
 }
 
-func TestRegisterServicesAndHealthCheck_skipsWhenDuplicateServiceFound(t *testing.T) {
-	t.Parallel()
-
-	nodeName := "test-node"
-	consul, err := testutil.NewTestServerConfigT(t, func(c *testutil.TestServerConfig) {
-		c.NodeName = nodeName
-	})
-	require.NoError(t, err)
-	defer consul.Stop()
-
-	consul.WaitForServiceIntentions(t)
-	httpAddr := consul.HTTPAddr
-	clientConfig := &api.Config{
-		Address: httpAddr,
-	}
-	consulClient, err := api.NewClient(clientConfig)
-	require.NoError(t, err)
-	addr := strings.Split(httpAddr, ":")
-	consulPort := addr[1]
-
-	existingService := &api.AgentServiceRegistration{
-		ID:      "test-service",
-		Name:    "test-service",
-		Port:    1234,
-		Address: "1.2.3.4",
-		Meta:    map[string]string{MetaKeyKubeNS: "some-other-ns"},
-	}
-	err = consulClient.Agent().ServiceRegister(existingService)
-	require.NoError(t, err)
-	pod := createPod("test-pod", "1.1.1.1", true, true)
-
-	endpointsAddress := corev1.EndpointAddress{
-		IP:       "1.2.3.4",
-		NodeName: &nodeName,
-		TargetRef: &corev1.ObjectReference{
-			Kind:      "Pod",
-			Name:      pod.Name,
-			Namespace: pod.Namespace,
-		},
-	}
-	endpoints := &corev1.Endpoints{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "test-service",
-			Namespace: "default",
-		},
-		Subsets: []corev1.EndpointSubset{
-			{
-				Addresses: []corev1.EndpointAddress{endpointsAddress},
-			},
-		},
-	}
-	ns := &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: "default"}}
-	fakeClient := fake.NewClientBuilder().WithRuntimeObjects(ns, pod, endpoints).Build()
-
-	ep := &EndpointsController{
-		Log:                   logrtest.TestLogger{T: t},
-		ConsulClient:          consulClient,
-		ConsulPort:            consulPort,
-		ConsulScheme:          "http",
-		ConsulClientCfg:       clientConfig,
-		AllowK8sNamespacesSet: mapset.NewSetWith("*"),
-		DenyK8sNamespacesSet:  mapset.NewSetWith(),
-		Client:                fakeClient,
-	}
-
-	err = ep.registerServicesAndHealthCheck(context.Background(), *endpoints, endpointsAddress, api.HealthPassing, make(map[string]bool))
-	require.NoError(t, err)
-
-	// Check that the service is not registered with Consul.
-	_, _, err = consulClient.Agent().Service("test-pod-test-service", nil)
-	require.Error(t, err)
-	require.Contains(t, err.Error(), "Unexpected response code: 404 (unknown service ID")
-
-	_, _, err = consulClient.Agent().Service("test-pod-test-service-sidecar-proxy", nil)
-	require.Error(t, err)
-	require.Contains(t, err.Error(), "Unexpected response code: 404 (unknown service ID")
-}
-
 func TestGetTokenMetaFromDescription(t *testing.T) {
 	t.Parallel()
 	cases := map[string]struct {