Skip to content

outbound: remove required identity from HttpLogical#683

Merged
olix0r merged 1 commit intomainfrom
eliza/extract-req-id
Sep 30, 2020
Merged

outbound: remove required identity from HttpLogical#683
olix0r merged 1 commit intomainfrom
eliza/extract-req-id

Conversation

@hawkw
Copy link
Contributor

@hawkw hawkw commented Sep 30, 2020

Presently, the proxy extracts the required identity from the
l5d-required-identity header into the HttpLogical target type when
it is present, and builds endpoint stacks which require that identity.
This was previously necessary because service discovery couldn't be
performed for pod IPs, only for authorities. However, this is no longer
the case, and we can now just use the identity returned by service
discovery for these stacks. This means the required identity can be
removed from the HttpLogical target, and identities in HttpEndpoint
targets are only provided by the destination metadata.

Fixes linkerd/linkerd2#5029

@hawkw hawkw requested a review from a team September 30, 2020 19:55
@olix0r olix0r merged commit 9359481 into main Sep 30, 2020
@olix0r olix0r deleted the eliza/extract-req-id branch September 30, 2020 20:34
olix0r added a commit to linkerd/linkerd2 that referenced this pull request Oct 2, 2020
This release includes changes to TCP metrics to ensure that peer
identities are encoded via the `client_id` and `server_id` labels.

---

* outbound: Explicitly ignore the source address for tap (linkerd/linkerd2-proxy#680)
* Update proxy-api and tonic (linkerd/linkerd2-proxy#682)
* http: Lazily build http/tcp stacks (linkerd/linkerd2-proxy#681)
* outbound: Remove required identity from HttpLogical (linkerd/linkerd2-proxy#683)
* profiles: Expose the fully_qualified_name (linkerd/linkerd2-proxy#684)
* request-filter: Support altering the request type (linkerd/linkerd2-proxy#685)
* tracing: Set contexts in new_service/make_service (linkerd/linkerd2-proxy#686)
* discover: Allow resolution streams to terminate (linkerd/linkerd2-proxy#689)
* metrics: add peer identities to all TLS metric labels (linkerd/linkerd2-proxy#687)
* outbound: Return a default endpoint on reject (linkerd/linkerd2-proxy#690)
* Skip endpoint resolution when profile lookup is rejected (linkerd/linkerd2-proxy#691)
olix0r added a commit to linkerd/linkerd2 that referenced this pull request Oct 2, 2020
This release includes changes to TCP metrics to ensure that peer
identities are encoded via the `client_id` and `server_id` labels.

---

* outbound: Explicitly ignore the source address for tap (linkerd/linkerd2-proxy#680)
* Update proxy-api and tonic (linkerd/linkerd2-proxy#682)
* http: Lazily build http/tcp stacks (linkerd/linkerd2-proxy#681)
* outbound: Remove required identity from HttpLogical (linkerd/linkerd2-proxy#683)
* profiles: Expose the fully_qualified_name (linkerd/linkerd2-proxy#684)
* request-filter: Support altering the request type (linkerd/linkerd2-proxy#685)
* tracing: Set contexts in new_service/make_service (linkerd/linkerd2-proxy#686)
* discover: Allow resolution streams to terminate (linkerd/linkerd2-proxy#689)
* metrics: add peer identities to all TLS metric labels (linkerd/linkerd2-proxy#687)
* outbound: Return a default endpoint on reject (linkerd/linkerd2-proxy#690)
* Skip endpoint resolution when profile lookup is rejected (linkerd/linkerd2-proxy#691)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

proxy: Extract require_identity from stack

2 participants