Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable endpoints controller #467

Merged
merged 4 commits into from
Mar 26, 2021
Merged

Conversation

ishustava
Copy link
Contributor

@ishustava ishustava commented Mar 25, 2021

Changes proposed in this PR:

This PR enables the endpoints controller and configures the connect-init container to now search for services. It removes the old functionality where the services were registered in the init container. The full list of changes is below

container_init

Remove service registration from the init container template and the corresponding tests.

Note that I have removed some of the tests prematurely, even though that logic has not yet been implemented in the endpoints controller. Namely, tests for metrics configuration and namespaces. However, I think that is OK as these tests will be added back when we do implement those.

For other removed tests, if there wasn't already coverage in the endpoints controller, I've moved them there.

consul-sidecar

Consul sidecar is now only injected if we need to run the metrics merging server. The consulSidecar function now fails if you try to run it when metrics merging isn't enabled, and if it is, we configure it to not register services.

envoy-sidecar

Remove the preStop hook from the envoy sidecar container. The hook will no longer work as there is no service.hcl file, plus services should now be deregistered only be the endpoints controller.

connect-init

Remove the temporary -skip-service-registration-polling flag since we now always need to poll for services.

endpoints-controller

Enable endpoints controller in the inject-connect command.


How I've tested this PR:
Ran connect, controller, mesh-, ingress-, and terminating gateway acceptance tests only in insecure configuration as endpoints controller does not yet support TLS and ACLs link.

Note that I've added an acceptance test for when consul clients are restarted here.

How I expect reviewers to test this PR:
Acceptance tests. However, if you would like or have time, you could also test it manually.

Checklist:

  • Tests added
  • CHANGELOG entry added (HashiCorp engineers only, community PRs should not add a changelog entry)

@ishustava ishustava force-pushed the enable-endpoints-controller branch 3 times, most recently from 939e904 to dc6001b Compare March 25, 2021 23:52
@ishustava ishustava added theme/tproxy Items related to transparent proxy area/connect Related to Connect service mesh, e.g. injection type/enhancement New feature or request labels Mar 26, 2021
@ishustava ishustava marked this pull request as ready for review March 26, 2021 00:02
@@ -1,131 +0,0 @@
package connectinject
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

everything here was unused, except for escapeJSONPointer, which was only used in tests. I've moved it to the test that was using it instead.

Comment on lines +868 to +869
DestinationServiceName: "counting",
DestinationServiceID: "counting-counting",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is to fix errors in consul agent logs

@ishustava ishustava requested review from a team, kschoche and thisisnotashwin and removed request for a team March 26, 2021 00:05
@ishustava ishustava force-pushed the enable-endpoints-controller branch from dc6001b to 3d8c1f3 Compare March 26, 2021 01:40
Copy link
Contributor

@thisisnotashwin thisisnotashwin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks so excellent!! Have a few comments and suggestions. The one regarding passing in a pod pointer reference to metrics annotations is the one that is potentially "blocking"

connect-inject/annotations.go Show resolved Hide resolved
connect-inject/endpoints_controller.go Outdated Show resolved Hide resolved
connect-inject/endpoints_controller.go Show resolved Hide resolved
connect-inject/endpoints_controller_test.go Outdated Show resolved Hide resolved
connect-inject/endpoints_controller_test.go Show resolved Hide resolved
connect-inject/handler.go Outdated Show resolved Hide resolved
connect-inject/handler.go Outdated Show resolved Hide resolved
connect-inject/handler_test.go Outdated Show resolved Hide resolved
Copy link
Contributor

@thisisnotashwin thisisnotashwin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🍏 📗 🟢 💚 🥗 🟩

Copy link
Contributor

@kschoche kschoche left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Excellent work!

@ishustava ishustava merged commit 6f1b05d into feature-tproxy Mar 26, 2021
@ishustava ishustava deleted the enable-endpoints-controller branch March 26, 2021 18:32
thisisnotashwin pushed a commit that referenced this pull request Mar 26, 2021
This PR enables the endpoints controller and configures the connect-init container to now search for services. It removes the old functionality where the services were registered in the init container. The full list of changes is below

container_init:

Remove service registration from the init container template and the corresponding tests.

Note that I have removed some of the tests prematurely, even though that logic has not yet been implemented in the endpoints controller. Namely, tests for metrics configuration and namespaces. However, I think that is OK as these tests will be added back when we do implement those.

Other removed tests that didn't already have coverage in the endpoints controller have been moved to the endpoints controller.

consul-sidecar: 

Consul sidecar is now only injected if we need to run the metrics merging server. The consulSidecar function now fails if you try to run it when metrics merging isn't enabled, and if it is, we configure it to not register services.

envoy-sidecar:

Remove the preStop hook from the envoy sidecar container. The hook will no longer work as there is no service.hcl file, plus services should now be deregistered only be the endpoints controller.

connect-init:

Remove the temporary -skip-service-registration-polling flag since we now always need to poll for services.

endpoints-controller:

Enable endpoints controller in the inject-connect command.
ishustava added a commit that referenced this pull request Apr 14, 2021
This PR enables the endpoints controller and configures the connect-init container to now search for services. It removes the old functionality where the services were registered in the init container. The full list of changes is below

container_init:

Remove service registration from the init container template and the corresponding tests.

Note that I have removed some of the tests prematurely, even though that logic has not yet been implemented in the endpoints controller. Namely, tests for metrics configuration and namespaces. However, I think that is OK as these tests will be added back when we do implement those.

Other removed tests that didn't already have coverage in the endpoints controller have been moved to the endpoints controller.

consul-sidecar: 

Consul sidecar is now only injected if we need to run the metrics merging server. The consulSidecar function now fails if you try to run it when metrics merging isn't enabled, and if it is, we configure it to not register services.

envoy-sidecar:

Remove the preStop hook from the envoy sidecar container. The hook will no longer work as there is no service.hcl file, plus services should now be deregistered only be the endpoints controller.

connect-init:

Remove the temporary -skip-service-registration-polling flag since we now always need to poll for services.

endpoints-controller:

Enable endpoints controller in the inject-connect command.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/connect Related to Connect service mesh, e.g. injection theme/tproxy Items related to transparent proxy type/enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants