diff --git a/internal/xds/translator/cluster.go b/internal/xds/translator/cluster.go index 761a81e87f94..b0ba387ac83d 100644 --- a/internal/xds/translator/cluster.go +++ b/internal/xds/translator/cluster.go @@ -57,6 +57,22 @@ const ( EndpointTypeStatic ) +func buildEndpointType(settings []*ir.DestinationSetting) EndpointType { + // Get endpoint address type for xds cluster by returning the first DestinationSetting's AddressType, + // since there's no Mixed AddressType among all the DestinationSettings. + if settings == nil { + return EndpointTypeStatic + } + + addrType := settings[0].AddressType + + if addrType != nil && *addrType == ir.FQDN { + return EndpointTypeDNS + } + + return EndpointTypeStatic +} + func buildXdsCluster(args *xdsClusterArgs) *clusterv3.Cluster { cluster := &clusterv3.Cluster{ Name: args.name, diff --git a/internal/xds/translator/testdata/in/xds-ir/tls-route-passthrough.yaml b/internal/xds/translator/testdata/in/xds-ir/tls-route-passthrough.yaml index 1d33d64cc91d..a798d00b8fdd 100644 --- a/internal/xds/translator/testdata/in/xds-ir/tls-route-passthrough.yaml +++ b/internal/xds/translator/testdata/in/xds-ir/tls-route-passthrough.yaml @@ -1,5 +1,5 @@ tcp: -- name: "tls-passthrough" +- name: "tls-passthrough-foo" address: "0.0.0.0" port: 10080 tls: @@ -7,10 +7,24 @@ tcp: snis: - foo.com destination: - name: "tls-passthrough-dest" + name: "tls-passthrough-foo-dest" settings: - endpoints: - host: "1.2.3.4" port: 50000 - host: "5.6.7.8" port: 50001 +- name: "tls-passthrough-bar" + address: "0.0.0.0" + port: 10081 + tls: + passthrough: + snis: + - bar.com + destination: + name: "tls-passthrough-bar-dest" + settings: + - endpoints: + - host: "bar" + port: 50000 + addressType: FQDN diff --git a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.clusters.yaml index bd4967179fa5..f60942991df8 100644 --- a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.clusters.yaml @@ -9,9 +9,36 @@ edsConfig: ads: {} resourceApiVersion: V3 - serviceName: tls-passthrough-dest + serviceName: tls-passthrough-foo-dest lbPolicy: LEAST_REQUEST - name: tls-passthrough-dest + name: tls-passthrough-foo-dest outlierDetection: {} perConnectionBufferLimitBytes: 32768 type: EDS +- circuitBreakers: + thresholds: + - maxRetries: 1024 + commonLbConfig: + localityWeightedLbConfig: {} + connectTimeout: 10s + dnsLookupFamily: V4_ONLY + dnsRefreshRate: 30s + lbPolicy: LEAST_REQUEST + loadAssignment: + clusterName: tls-passthrough-bar-dest + endpoints: + - lbEndpoints: + - endpoint: + address: + socketAddress: + address: bar + portValue: 50000 + loadBalancingWeight: 1 + loadBalancingWeight: 1 + locality: + region: tls-passthrough-bar-dest/backend/0 + name: tls-passthrough-bar-dest + outlierDetection: {} + perConnectionBufferLimitBytes: 32768 + respectDnsTtl: true + type: STRICT_DNS diff --git a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.endpoints.yaml b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.endpoints.yaml index ec2795413be3..ee66753c4780 100644 --- a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.endpoints.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.endpoints.yaml @@ -1,4 +1,4 @@ -- clusterName: tls-passthrough-dest +- clusterName: tls-passthrough-foo-dest endpoints: - lbEndpoints: - endpoint: @@ -15,4 +15,4 @@ loadBalancingWeight: 1 loadBalancingWeight: 1 locality: - region: tls-passthrough-dest/backend/0 + region: tls-passthrough-foo-dest/backend/0 diff --git a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml index 4e0f498aea65..a1c312fa0bd1 100644 --- a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml @@ -11,11 +11,32 @@ - name: envoy.filters.network.tcp_proxy typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy - cluster: tls-passthrough-dest + cluster: tls-passthrough-foo-dest statPrefix: passthrough listenerFilters: - name: envoy.filters.listener.tls_inspector typedConfig: '@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector - name: tls-passthrough + name: tls-passthrough-foo + perConnectionBufferLimitBytes: 32768 +- address: + socketAddress: + address: 0.0.0.0 + portValue: 10081 + drainType: MODIFY_ONLY + filterChains: + - filterChainMatch: + serverNames: + - bar.com + filters: + - name: envoy.filters.network.tcp_proxy + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy + cluster: tls-passthrough-bar-dest + statPrefix: passthrough + listenerFilters: + - name: envoy.filters.listener.tls_inspector + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector + name: tls-passthrough-bar perConnectionBufferLimitBytes: 32768 diff --git a/internal/xds/translator/translator.go b/internal/xds/translator/translator.go index 16b7e7a9d1dc..de490f2d8888 100644 --- a/internal/xds/translator/translator.go +++ b/internal/xds/translator/translator.go @@ -354,7 +354,7 @@ func processTCPListenerXdsTranslation(tCtx *types.ResourceVersionTable, tcpListe name: tcpListener.Destination.Name, settings: tcpListener.Destination.Settings, tSocket: nil, - endpointType: EndpointTypeStatic, + endpointType: buildEndpointType(tcpListener.Destination.Settings), }); err != nil && !errors.Is(err, ErrXdsClusterExists) { errs = errors.Join(errs, err) } @@ -402,7 +402,7 @@ func processUDPListenerXdsTranslation(tCtx *types.ResourceVersionTable, udpListe name: udpListener.Destination.Name, settings: udpListener.Destination.Settings, tSocket: nil, - endpointType: EndpointTypeStatic, + endpointType: buildEndpointType(udpListener.Destination.Settings), }); err != nil && !errors.Is(err, ErrXdsClusterExists) { errs = errors.Join(errs, err) } @@ -495,17 +495,6 @@ func findXdsEndpoint(tCtx *types.ResourceVersionTable, name string) *endpointv3. // processXdsCluster processes a xds cluster by its endpoint address type. func processXdsCluster(tCtx *types.ResourceVersionTable, httpRoute *ir.HTTPRoute, http1Settings *ir.HTTP1Settings) error { - // Get endpoint address type for xds cluster by returning the first DestinationSetting's AddressType, - // since there's no Mixed AddressType among all the DestinationSettings. - addrTypeState := httpRoute.Destination.Settings[0].AddressType - - var endpointType EndpointType - if addrTypeState != nil && *addrTypeState == ir.FQDN { - endpointType = EndpointTypeDNS - } else { - endpointType = EndpointTypeStatic - } - var tSocket *corev3.TransportSocket if httpRoute.Destination.Settings[0].TLS != nil { @@ -528,7 +517,7 @@ func processXdsCluster(tCtx *types.ResourceVersionTable, httpRoute *ir.HTTPRoute name: httpRoute.Destination.Name, settings: httpRoute.Destination.Settings, tSocket: tSocket, - endpointType: endpointType, + endpointType: buildEndpointType(httpRoute.Destination.Settings), loadBalancer: httpRoute.LoadBalancer, proxyProtocol: httpRoute.ProxyProtocol, circuitBreaker: httpRoute.CircuitBreaker,