revert(kuma-cp): do not use additional addresses (backport of #11601) (…

…#11611) Signed-off-by: Lukasz Dziedziak <[email protected]>
kumahq · Oct 1, 2024 · dbf6081 · dbf6081
1 parent c19c4f0
commit dbf6081
Show file tree

Hide file tree

Showing 6 changed files with 153 additions and 206 deletions.
diff --git a/pkg/xds/envoy/listeners/listener_configurers.go b/pkg/xds/envoy/listeners/listener_configurers.go
@@ -97,9 +97,3 @@ func TagsMetadata(tags map[string]string) ListenerBuilderOpt {
 		Tags: tags,
 	})
 }
-
-func AdditionalAddresses(addresses []mesh_proto.OutboundInterface) ListenerBuilderOpt {
-	return AddListenerConfigurer(&v3.AdditionalAddressConfigurer{
-		Addresses: addresses,
-	})
-}
diff --git a/pkg/xds/envoy/listeners/v3/additional_address_configuer.go b/pkg/xds/envoy/listeners/v3/additional_address_configuer.go
diff --git a/pkg/xds/envoy/listeners/v3/additional_address_configurer_test.go b/pkg/xds/envoy/listeners/v3/additional_address_configurer_test.go
diff --git a/pkg/xds/generator/outbound_proxy_generator.go b/pkg/xds/generator/outbound_proxy_generator.go
@@ -5,14 +5,12 @@ import (
 	"fmt"
 
 	"github.com/pkg/errors"
-	"golang.org/x/exp/maps"
 
 	mesh_proto "github.com/kumahq/kuma/api/mesh/v1alpha1"
 	"github.com/kumahq/kuma/pkg/core"
 	core_mesh "github.com/kumahq/kuma/pkg/core/resources/apis/mesh"
 	"github.com/kumahq/kuma/pkg/core/user"
 	model "github.com/kumahq/kuma/pkg/core/xds"
-	util_maps "github.com/kumahq/kuma/pkg/util/maps"
 	util_protocol "github.com/kumahq/kuma/pkg/util/protocol"
 	xds_context "github.com/kumahq/kuma/pkg/xds/context"
 	envoy_common "github.com/kumahq/kuma/pkg/xds/envoy"
@@ -49,11 +47,10 @@ func (g OutboundProxyGenerator) Generate(ctx context.Context, _ *model.ResourceS
 	// If we have same split in many HTTP matches we can use the same cluster with different weight
 	clusterCache := map[string]string{}
 
-	outboundsMultipleIPs := buildOutboundsWithMultipleIPs(proxy.Dataplane, outbounds, xdsCtx.Mesh.VIPDomains)
-	for _, outbound := range outboundsMultipleIPs {
+	for _, outbound := range outbounds {
 		// Determine the list of destination subsets
 		// For one outbound listener it may contain many subsets (ex. TrafficRoute to many destinations)
-		routes := g.determineRoutes(proxy, outbound.Addresses[0], clusterCache, xdsCtx.Mesh.Resource.ZoneEgressEnabled())
+		routes := g.determineRoutes(proxy, proxy.Dataplane.Spec.Networking.ToOutboundInterface(outbound), clusterCache, xdsCtx.Mesh.Resource.ZoneEgressEnabled())
 		clusters := routes.Clusters()
 
 		protocol := inferProtocol(xdsCtx.Mesh, clusters)
@@ -89,8 +86,8 @@ func (g OutboundProxyGenerator) Generate(ctx context.Context, _ *model.ResourceS
 	return resources, nil
 }
 
-func (OutboundProxyGenerator) generateLDS(ctx xds_context.Context, proxy *model.Proxy, routes envoy_common.Routes, outbound OutboundWithMultipleIPs, protocol core_mesh.Protocol) (envoy_common.NamedResource, error) {
-	oface := outbound.Addresses[0]
+func (OutboundProxyGenerator) generateLDS(ctx xds_context.Context, proxy *model.Proxy, routes envoy_common.Routes, outbound *mesh_proto.Dataplane_Networking_Outbound, protocol core_mesh.Protocol) (envoy_common.NamedResource, error) {
+	oface := proxy.Dataplane.Spec.Networking.ToOutboundInterface(outbound)
 	rateLimits := []*core_mesh.RateLimitResource{}
 	if rateLimit, exists := proxy.Policies.RateLimitsOutbound[oface]; exists {
 		rateLimits = append(rateLimits, rateLimit)
@@ -172,8 +169,7 @@ func (OutboundProxyGenerator) generateLDS(ctx xds_context.Context, proxy *model.
 	listener, err := envoy_listeners.NewOutboundListenerBuilder(proxy.APIVersion, oface.DataplaneIP, oface.DataplanePort, model.SocketAddressProtocolTCP).
 		Configure(envoy_listeners.FilterChain(filterChainBuilder)).
 		Configure(envoy_listeners.TransparentProxying(proxy.Dataplane.Spec.Networking.GetTransparentProxying())).
-		Configure(envoy_listeners.TagsMetadata(envoy_tags.Tags(outbound.Tags).WithoutTags(mesh_proto.MeshTag))).
-		Configure(envoy_listeners.AdditionalAddresses(outbound.AdditionalAddresses())).
+		Configure(envoy_listeners.TagsMetadata(envoy_tags.Tags(outbound.GetTags()).WithoutTags(mesh_proto.MeshTag))).
 		Build()
 	if err != nil {
 		return nil, errors.Wrapf(err, "could not generate listener %s for service %s", outboundListenerName, serviceName)
@@ -439,46 +435,3 @@ func (OutboundProxyGenerator) determineRoutes(
 
 	return routes
 }
-
-type OutboundWithMultipleIPs struct {
-	Tags      map[string]string
-	Addresses []mesh_proto.OutboundInterface
-}
-
-func (o OutboundWithMultipleIPs) AdditionalAddresses() []mesh_proto.OutboundInterface {
-	if len(o.Addresses) > 1 {
-		return o.Addresses[1:]
-	}
-	return nil
-}
-
-func buildOutboundsWithMultipleIPs(dataplane *core_mesh.DataplaneResource, outbounds []*mesh_proto.Dataplane_Networking_Outbound, meshVIPDomains []model.VIPDomains) []OutboundWithMultipleIPs {
-	kumaVIPs := map[string]bool{}
-	for _, vipDomain := range meshVIPDomains {
-		kumaVIPs[vipDomain.Address] = true
-	}
-
-	tagsToOutbounds := map[string]OutboundWithMultipleIPs{}
-	for _, outbound := range outbounds {
-		tags := maps.Clone(outbound.GetTags())
-		tags[mesh_proto.ServiceTag] = outbound.GetService()
-		tagsStr := mesh_proto.SingleValueTagSet(tags).String()
-		owmi := tagsToOutbounds[tagsStr]
-		owmi.Tags = tags
-		address := dataplane.Spec.Networking.ToOutboundInterface(outbound)
-		// add Kuma VIPs down the list, so if there is a non Kuma VIP (i.e. Kube Cluster IP), it goes as primary address.
-		if kumaVIPs[address.DataplaneIP] {
-			owmi.Addresses = append(owmi.Addresses, address)
-		} else {
-			owmi.Addresses = append([]mesh_proto.OutboundInterface{address}, owmi.Addresses...)
-		}
-		tagsToOutbounds[tagsStr] = owmi
-	}
-
-	// return sorted outbounds for a stable XDS config
-	var result []OutboundWithMultipleIPs
-	for _, key := range util_maps.SortedKeys(tagsToOutbounds) {
-		result = append(result, tagsToOutbounds[key])
-	}
-	return result
-}
diff --git a/pkg/xds/generator/testdata/outbound-proxy/08.envoy.golden.yaml b/pkg/xds/generator/testdata/outbound-proxy/08.envoy.golden.yaml
@@ -57,18 +57,109 @@ resources:
           idleTimeout: 0s
         explicitHttpConfig:
           http2ProtocolOptions: {}
+- name: outbound:240.0.0.0:80
+  resource:
+    '@type': type.googleapis.com/envoy.config.listener.v3.Listener
+    address:
+      socketAddress:
+        address: 240.0.0.0
+        portValue: 80
+    bindToPort: false
+    filterChains:
+    - filters:
+      - name: envoy.filters.network.http_connection_manager
+        typedConfig:
+          '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+          commonHttpProtocolOptions:
+            idleTimeout: 0s
+          httpFilters:
+          - name: envoy.filters.http.router
+            typedConfig:
+              '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
+          routeConfig:
+            name: outbound:es2
+            requestHeadersToAdd:
+            - header:
+                key: x-kuma-tags
+                value: '&kuma.io/service=web&'
+            validateClusters: false
+            virtualHosts:
+            - domains:
+              - '*'
+              name: es2
+              routes:
+              - match:
+                  prefix: /
+                route:
+                  autoHostRewrite: true
+                  timeout: 0s
+                  weightedClusters:
+                    clusters:
+                    - name: es2-b5516780eaf1ed13
+                      weight: 10
+                    - name: es2-d79214c8b3a5805b
+                      weight: 90
+          statPrefix: es2
+          streamIdleTimeout: 0s
+    metadata:
+      filterMetadata:
+        io.kuma.tags:
+          kuma.io/service: es2
+    name: outbound:240.0.0.0:80
+    trafficDirection: OUTBOUND
+- name: outbound:240.0.0.1:80
+  resource:
+    '@type': type.googleapis.com/envoy.config.listener.v3.Listener
+    address:
+      socketAddress:
+        address: 240.0.0.1
+        portValue: 80
+    bindToPort: false
+    filterChains:
+    - filters:
+      - name: envoy.filters.network.http_connection_manager
+        typedConfig:
+          '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+          commonHttpProtocolOptions:
+            idleTimeout: 0s
+          httpFilters:
+          - name: envoy.filters.http.router
+            typedConfig:
+              '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
+          routeConfig:
+            name: outbound:es2
+            requestHeadersToAdd:
+            - header:
+                key: x-kuma-tags
+                value: '&kuma.io/service=web&'
+            validateClusters: false
+            virtualHosts:
+            - domains:
+              - '*'
+              name: es2
+              routes:
+              - match:
+                  prefix: /
+                route:
+                  autoHostRewrite: true
+                  timeout: 0s
+                  weightedClusters:
+                    clusters:
+                    - name: es2-b5516780eaf1ed13
+                      weight: 10
+                    - name: es2-d79214c8b3a5805b
+                      weight: 90
+          statPrefix: es2
+          streamIdleTimeout: 0s
+    metadata:
+      filterMetadata:
+        io.kuma.tags:
+          kuma.io/service: es2
+    name: outbound:240.0.0.1:80
+    trafficDirection: OUTBOUND
 - name: outbound:240.0.0.2:80
   resource:
     '@type': type.googleapis.com/envoy.config.listener.v3.Listener
-    additionalAddresses:
-    - address:
-        socketAddress:
-          address: 240.0.0.1
-          portValue: 80
-    - address:
-        socketAddress:
-          address: 240.0.0.0
-          portValue: 80
     address:
       socketAddress:
         address: 240.0.0.2