Skip to content

Commit

Permalink
Use strict DNS for mesh gateways with hostnames (#19268)
Browse files Browse the repository at this point in the history
* Use strict DNS for mesh gateways with hostnames

* Add changelog
  • Loading branch information
Andrew Stucki authored Oct 24, 2023
1 parent dc00be0 commit e414cbe
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 6 deletions.
3 changes: 3 additions & 0 deletions .changelog/19268.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
Mesh Gateways: Fix a bug where replicated and peered mesh gateways with hostname-based WAN addresses fail to initialize.
```
13 changes: 8 additions & 5 deletions agent/xds/clusters.go
Original file line number Diff line number Diff line change
Expand Up @@ -641,10 +641,13 @@ func (s *ResourceGenerator) makePeerServerClusters(cfgSnap *proxycfg.ConfigSnaps

var cluster *envoy_cluster_v3.Cluster
if servers.UseCDS {
// we use strict DNS here since multiple gateways with hostnames
// would result in an invalid cluster due to logical DNS requiring
// only a single host
cluster = s.makeExternalHostnameCluster(cfgSnap, clusterOpts{
name: name,
addresses: servers.Addresses,
})
}, envoy_cluster_v3.Cluster_STRICT_DNS)
} else {
cluster = s.makeGatewayCluster(cfgSnap, clusterOpts{
name: name,
Expand Down Expand Up @@ -842,7 +845,7 @@ func (s *ResourceGenerator) makeDestinationClusters(cfgSnap *proxycfg.ConfigSnap
if structs.IsIP(address) {
cluster = s.makeExternalIPCluster(cfgSnap, opts)
} else {
cluster = s.makeExternalHostnameCluster(cfgSnap, opts)
cluster = s.makeExternalHostnameCluster(cfgSnap, opts, envoy_cluster_v3.Cluster_LOGICAL_DNS)
}
if err := s.injectGatewayDestinationAddons(cfgSnap, cluster, svcName); err != nil {
return nil, err
Expand Down Expand Up @@ -1865,8 +1868,8 @@ func (s *ResourceGenerator) makeExternalIPCluster(snap *proxycfg.ConfigSnapshot,
}

// makeExternalHostnameCluster creates an Envoy cluster for hostname endpoints that will be resolved with DNS
// This is used by both terminating gateways for Destinations, and Mesh Gateways for peering control plane traffice
func (s *ResourceGenerator) makeExternalHostnameCluster(snap *proxycfg.ConfigSnapshot, opts clusterOpts) *envoy_cluster_v3.Cluster {
// This is used by both terminating gateways for Destinations, and Mesh Gateways for peering control plane traffic
func (s *ResourceGenerator) makeExternalHostnameCluster(snap *proxycfg.ConfigSnapshot, opts clusterOpts, discoveryType envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster {
cfg, err := config.ParseGatewayConfig(snap.Proxy.Config)
if err != nil {
// Don't hard fail on a config typo, just warn. The parse func returns
Expand All @@ -1881,7 +1884,7 @@ func (s *ResourceGenerator) makeExternalHostnameCluster(snap *proxycfg.ConfigSna

// Having an empty config enables outlier detection with default config.
OutlierDetection: &envoy_cluster_v3.OutlierDetection{},
ClusterDiscoveryType: &envoy_cluster_v3.Cluster_Type{Type: envoy_cluster_v3.Cluster_LOGICAL_DNS},
ClusterDiscoveryType: &envoy_cluster_v3.Cluster_Type{Type: discoveryType},
DnsLookupFamily: envoy_cluster_v3.Cluster_V4_ONLY,
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@
},
"name": "server.dc3.peering.f622dc37-7238-4485-ab58-0f53864a9ae5",
"outlierDetection": {},
"type": "LOGICAL_DNS"
"type": "STRICT_DNS"
}
],
"typeUrl": "type.googleapis.com/envoy.config.cluster.v3.Cluster",
Expand Down

0 comments on commit e414cbe

Please sign in to comment.