From ad35743ff01c0dc16a785e421591d7d52f3cdda4 Mon Sep 17 00:00:00 2001 From: Arvind Bright Date: Wed, 9 Oct 2024 20:17:46 +0530 Subject: [PATCH] remove `include-xdstp-name-in-lds-experimental` flag (#66) --- main.go | 50 +++++++++++----------- main_test.go | 115 ++++++++++++++------------------------------------- 2 files changed, 56 insertions(+), 109 deletions(-) diff --git a/main.go b/main.go index 627274a..27b240e 100644 --- a/main.go +++ b/main.go @@ -51,10 +51,14 @@ var ( gceVM = flag.String("gce-vm-experimental", "", "GCE VM name to use, instead of reading it from the metadata server. This flag is EXPERIMENTAL and may be changed or removed in a later release.") configMesh = flag.String("config-mesh", "", "Dictates which Mesh resource to use.") generateMeshId = flag.Bool("generate-mesh-id", false, "When enabled, the CSM MeshID is generated. If config-mesh flag is specified, this flag would be ignored. Location and Cluster Name would be retrieved from the metadata server unless specified via gke-location and gke-cluster-name flags respectively.") - includeXDSTPNameInLDS = flag.Bool("include-xdstp-name-in-lds-experimental", true, "whether or not to use xdstp style name for listener resource name template. This flag is EXPERIMENTAL and may be changed or removed in a later release.") isTrustedXdsServer = flag.Bool("is-trusted-xds-server-experimental", false, "Whether to include the server feature trusted_xds_server for TD. This flag is EXPERIMENTAL and may be changed or removed in a later release.") ) +const ( + tdAuthority = "traffic-director-global.xds.googleapis.com" + c2pAuthority = "traffic-director-c2p.xds.googleapis.com" +) + func main() { nodeMetadata := make(map[string]string) flag.Var(newStringMapVal(&nodeMetadata), "node-metadata", @@ -200,7 +204,6 @@ func main() { deploymentInfo: deploymentInfo, configMesh: meshId, ipv6Capable: isIPv6Capable(), - includeXDSTPNameInLDS: *includeXDSTPNameInLDS, gitCommitHash: gitCommitHash, isTrustedXdsServer: *isTrustedXdsServer, } @@ -254,7 +257,6 @@ type configInput struct { deploymentInfo map[string]string configMesh string ipv6Capable bool - includeXDSTPNameInLDS bool gitCommitHash string isTrustedXdsServer bool } @@ -277,7 +279,7 @@ func generate(in configInput) ([]byte, error) { // Set xds_v3. xdsServer.ServerFeatures = append(xdsServer.ServerFeatures, "xds_v3") if in.isTrustedXdsServer { - xdsServer.ServerFeatures = append(xdsServer.ServerFeatures, "trusted_xds_server") + xdsServer.ServerFeatures = append(xdsServer.ServerFeatures, "trusted_xds_server") } if in.ignoreResourceDeletion { @@ -303,7 +305,24 @@ func generate(in configInput) ([]byte, error) { "TRAFFICDIRECTOR_GRPC_BOOTSTRAP_GENERATOR_SHA": in.gitCommitHash, }, }, - Authorities: make(map[string]Authority), + Authorities: map[string]Authority{ + tdAuthority: { + // Listener Resource Name format for normal TD usecases looks like: + // xdstp:///envoy.config.listener.v3.Listener//<(network)|(mesh:mesh_name)>/id + ClientListenerResourceNameTemplate: fmt.Sprintf("xdstp://%s/envoy.config.listener.v3.Listener/%d/%s/%%s", tdAuthority, in.gcpProjectNumber, networkIdentifier), + }, + c2pAuthority: { + // In the case of DirectPath, it is safe to assume that the operator is notified of missing resources. + // In other words, "ignore_resource_deletion" server_features is always set. + XdsServers: []server{{ + ServerUri: "dns:///directpath-pa.googleapis.com", + ChannelCreds: []creds{{Type: "google_default"}}, + ServerFeatures: []string{"xds_v3", "ignore_resource_deletion"}, + }}, + ClientListenerResourceNameTemplate: fmt.Sprintf("xdstp://%s/envoy.config.listener.v3.Listener/%%s", c2pAuthority), + }, + }, + ClientDefaultListenerResourceNameTemplate: fmt.Sprintf("xdstp://%s/envoy.config.listener.v3.Listener/%d/%s/%%s", tdAuthority, in.gcpProjectNumber, networkIdentifier), } for k, v := range in.metadataLabels { @@ -330,27 +349,6 @@ func generate(in configInput) ([]byte, error) { c.Node.Metadata["TRAFFIC_DIRECTOR_CLIENT_ENVIRONMENT"] = in.deploymentInfo } - if in.includeXDSTPNameInLDS { - tdAuthority := "traffic-director-global.xds.googleapis.com" - c.Authorities[tdAuthority] = Authority{ - // Listener Resource Name format for normal TD usecases looks like: - // xdstp:///envoy.config.listener.v3.Listener//<(network)|(mesh:mesh_name)>/id - ClientListenerResourceNameTemplate: fmt.Sprintf("xdstp://%s/envoy.config.listener.v3.Listener/%d/%s/%%s", tdAuthority, in.gcpProjectNumber, networkIdentifier), - } - c.ClientDefaultListenerResourceNameTemplate = fmt.Sprintf("xdstp://%s/envoy.config.listener.v3.Listener/%d/%s/%%s", tdAuthority, in.gcpProjectNumber, networkIdentifier) - } - - c2pAuthority := "traffic-director-c2p.xds.googleapis.com" - c.Authorities[c2pAuthority] = Authority{ - // In the case of DirectPath, it is safe to assume that the operator is notified of missing resources. - // In other words, "ignore_resource_deletion" server_features is always set. - XdsServers: []server{{ - ServerUri: "dns:///directpath-pa.googleapis.com", - ChannelCreds: []creds{{Type: "google_default"}}, - ServerFeatures: []string{"xds_v3", "ignore_resource_deletion"}, - }}, - ClientListenerResourceNameTemplate: fmt.Sprintf("xdstp://%s/envoy.config.listener.v3.Listener/%%s", c2pAuthority), - } if in.ipv6Capable { c.Node.Metadata["TRAFFICDIRECTOR_DIRECTPATH_C2P_IPV6_CAPABLE"] = true } diff --git a/main_test.go b/main_test.go index b97fd14..ea81f50 100644 --- a/main_test.go +++ b/main_test.go @@ -145,6 +145,9 @@ func TestGenerate(t *testing.T) { } ], "client_listener_resource_name_template": "xdstp://traffic-director-c2p.xds.googleapis.com/envoy.config.listener.v3.Listener/%s" + }, + "traffic-director-global.xds.googleapis.com": { + "client_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/thedefault/%s" } }, "node": { @@ -171,19 +174,20 @@ func TestGenerate(t *testing.T) { } } }, - "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s" + "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s", + "client_default_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/thedefault/%s" }`, }, { desc: "Server feature for Trusted xds server", input: configInput{ - xdsServerUri: "example.com:443", - gcpProjectNumber: 123456789012345, - vpcNetworkName: "thedefault", - ip: "10.9.8.7", - zone: "uscentral-5", - metadataLabels: map[string]string{"k1": "v1", "k2": "v2"}, - gitCommitHash: "7202b7c611ebd6d382b7b0240f50e9824200bffd", + xdsServerUri: "example.com:443", + gcpProjectNumber: 123456789012345, + vpcNetworkName: "thedefault", + ip: "10.9.8.7", + zone: "uscentral-5", + metadataLabels: map[string]string{"k1": "v1", "k2": "v2"}, + gitCommitHash: "7202b7c611ebd6d382b7b0240f50e9824200bffd", isTrustedXdsServer: true, }, wantOutput: `{ @@ -218,6 +222,9 @@ func TestGenerate(t *testing.T) { } ], "client_listener_resource_name_template": "xdstp://traffic-director-c2p.xds.googleapis.com/envoy.config.listener.v3.Listener/%s" + }, + "traffic-director-global.xds.googleapis.com": { + "client_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/thedefault/%s" } }, "node": { @@ -244,7 +251,8 @@ func TestGenerate(t *testing.T) { } } }, - "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s" + "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s", + "client_default_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/thedefault/%s" }`, }, { @@ -289,6 +297,9 @@ func TestGenerate(t *testing.T) { } ], "client_listener_resource_name_template": "xdstp://traffic-director-c2p.xds.googleapis.com/envoy.config.listener.v3.Listener/%s" + }, + "traffic-director-global.xds.googleapis.com": { + "client_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/thedefault/%s" } }, "node": { @@ -313,7 +324,8 @@ func TestGenerate(t *testing.T) { } } }, - "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s" + "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s", + "client_default_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/thedefault/%s" }`, }, { @@ -365,6 +377,9 @@ func TestGenerate(t *testing.T) { } ], "client_listener_resource_name_template": "xdstp://traffic-director-c2p.xds.googleapis.com/envoy.config.listener.v3.Listener/%s" + }, + "traffic-director-global.xds.googleapis.com": { + "client_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/thedefault/%s" } }, "node": { @@ -397,7 +412,8 @@ func TestGenerate(t *testing.T) { } } }, - "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s" + "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s", + "client_default_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/thedefault/%s" }`, }, { @@ -450,6 +466,9 @@ func TestGenerate(t *testing.T) { } ], "client_listener_resource_name_template": "xdstp://traffic-director-c2p.xds.googleapis.com/envoy.config.listener.v3.Listener/%s" + }, + "traffic-director-global.xds.googleapis.com": { + "client_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/mesh:testmesh/%s" } }, "node": { @@ -482,7 +501,8 @@ func TestGenerate(t *testing.T) { } } }, - "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s" + "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s", + "client_default_listener_resource_name_template": "xdstp://traffic-director-global.xds.googleapis.com/envoy.config.listener.v3.Listener/123456789012345/mesh:testmesh/%s" }`, }, { @@ -511,76 +531,6 @@ func TestGenerate(t *testing.T) { ] } ], - "authorities": { - "traffic-director-c2p.xds.googleapis.com": { - "xds_servers": [ - { - "server_uri": "dns:///directpath-pa.googleapis.com", - "channel_creds": [ - { - "type": "google_default" - } - ], - "server_features": [ - "xds_v3", - "ignore_resource_deletion" - ] - } - ], - "client_listener_resource_name_template": "xdstp://traffic-director-c2p.xds.googleapis.com/envoy.config.listener.v3.Listener/%s" - } - }, - "node": { - "id": "projects/123456789012345/networks/thedefault/nodes/52fdfc07-2182-454f-963f-5f0f9a621d72", - "cluster": "cluster", - "metadata": { - "INSTANCE_IP": "10.9.8.7", - "TRAFFICDIRECTOR_GRPC_BOOTSTRAP_GENERATOR_SHA": "7202b7c611ebd6d382b7b0240f50e9824200bffd" - }, - "locality": { - "zone": "uscentral-5" - } - }, - "certificate_providers": { - "google_cloud_private_spiffe": { - "plugin_name": "file_watcher", - "config": { - "certificate_file": "certificates.pem", - "private_key_file": "private_key.pem", - "ca_certificate_file": "ca_certificates.pem", - "refresh_interval": "600s" - } - } - }, - "server_listener_resource_name_template": "grpc/server?xds.resource.listening_address=%s" -}`, - }, - { - desc: "happy case with federation support with TDOM using xdstp style name", - input: configInput{ - xdsServerUri: "trafficdirector.googleapis.com:443", - gcpProjectNumber: 123456789012345, - vpcNetworkName: "thedefault", - ip: "10.9.8.7", - zone: "uscentral-5", - ipv6Capable: true, - includeXDSTPNameInLDS: true, - gitCommitHash: "7202b7c611ebd6d382b7b0240f50e9824200bffd", - }, - wantOutput: `{ - "xds_servers": [ - { - "server_uri": "trafficdirector.googleapis.com:443", - "channel_creds": [ - { - "type": "google_default" - } - ], - "server_features": [ - "xds_v3" - ] - } - ], "authorities": { "traffic-director-c2p.xds.googleapis.com": { "xds_servers": [ @@ -608,7 +558,6 @@ func TestGenerate(t *testing.T) { "cluster": "cluster", "metadata": { "INSTANCE_IP": "10.9.8.7", - "TRAFFICDIRECTOR_DIRECTPATH_C2P_IPV6_CAPABLE": true, "TRAFFICDIRECTOR_GRPC_BOOTSTRAP_GENERATOR_SHA": "7202b7c611ebd6d382b7b0240f50e9824200bffd" }, "locality": {