transport: introduce Bind trait and move orig dst to the type level#957
transport: introduce Bind trait and move orig dst to the type level#957
Conversation
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
hawkw
changed the title
This fixes telemetry tests expecting the address to be 127.0.0.1:0 (which worked on my machine, for whatever reason?). Signed-off-by: Eliza Weisman <[email protected]>
olix0r
left a comment
olix0r
left a comment
There was a problem hiding this comment.
I need to give this a deeper read through, but my first impression is that we really should not need a GetAddrs trait to be exposed to all of the stacks... I.e., we should keep the same general signature for the stacks that they are constructed with a parameterized target and we shouldn't have to have all of the address filtering business in every stack.
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
how the HECK did i manage to break that, wtf?? Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
linkerd/app/inbound/src/lib.rs
Outdated
| + Param<OrigDstAddr> | ||
| + Clone | ||
| + Send, | ||
| B::Io: io::Peek + io::PeerAddr + Debug + Unpin, |
There was a problem hiding this comment.
we could avoid having to write these bounds out in as many places by just making them into bounds on the definition of the Bind trait, since it turns out everything requires these traits as well. I wasn't sure if it was worth making the trait definition more restrictive or not...
There was a problem hiding this comment.
also, we could try to figure out a way to get rid of the PeerAddr trait and just get client addresses from the target always. IDK if this matters or is worth doing...
There was a problem hiding this comment.
we need peeraddr for now at least, as the http server marks extensions with the client addr, but we can't have the http server created per-client (since we may need to do cached resolutions before this) -- so we'd either need to rework caching or have an Io type that supports extensions...
There was a problem hiding this comment.
yeah, i took a look at that on Monday and i think that we're better off keeping it, and if we are going to get rid of it, that's out of scope for this PR.
There was a problem hiding this comment.
@olix0r 7b16586 moves all the bounds on the Bind::Io type to the Bind trait so they're not repeated everywhere else (and removes some of the Bind::Addrs bounds that the Bind trait already requires).
We could also put the Param<Local<ServerAddr>> and Param<Remote<ClientAddr>> bounds on Bind::Addrs so they aren't repeated, but it felt a little weird to see it require only Param<OrigDstAddr> at use-sites; i could go either way on this...
hawkw
changed the title
|
What does the |
It just controls whether or not the |
Can the type live in the test crate? |
...yes, now i feel a bit silly for not thinking of that! |
Making the config types generic over the orig-dst strategy promulgates generics across all of the stacks. But the binding logic is only necessary at the very "top" of the stack where the accept loop is driven. This change eliminates the `GetAddrs` trait and modifies the `Bind` trait to take params that allow the binding implementation to be configured (i.e., from the environment). `OrigDstAddr` binding is provided as a `Bind` implementation that wraps the `BindTcp` strategy. This lets us eliminate the `mock-orig-dst` feature by moving the `MockOrigDst` helpers into the integration test suite.
Signed-off-by: Eliza Weisman <[email protected]>
| # may be set to `mock-orig-dst` for profiling builds, or to `multithreaded` to | ||
| # enable the multithreaded Tokio runtime. |
There was a problem hiding this comment.
I removed this part of the comment since the mock-orig-dst feature is now removed and the multithreaded feature is enabled by default.
|
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]> ; Conflicts: ; linkerd/app/integration/src/proxy.rs ; linkerd/app/src/admin.rs ; linkerd/app/src/env.rs ; linkerd/app/src/lib.rs ; linkerd/proxy/transport/Cargo.toml ; linkerd/proxy/transport/src/listen.rs
Signed-off-by: Eliza Weisman <[email protected]>
Signed-off-by: Eliza Weisman <[email protected]>
| let incoming = incoming.map(|res| { | ||
| let (inner, tcp) = res?; | ||
| let orig_dst = orig_dst_addr(&tcp)?; | ||
| let addrs = Addrs { inner, orig_dst }; | ||
| Ok((addrs, tcp)) | ||
| }); | ||
|
|
||
| Ok((addr, Box::pin(incoming))) |
There was a problem hiding this comment.
btw, I tried to get rid of the box, but this closure captures B (types -- not values) so we get a expected fn pointer found closure compiler error. if you know of a way to avoid the box, by all means...
This release fixes a caching issue in the outbound proxy's "ingress mode" that could cause the incorrect client to be used for requests. This caching has been fixed so that clients cannot be incorrectly reused across logical destinations. --- * transport: introduce Bind trait and move orig dst to the type level (linkerd/linkerd2-proxy#957) * Initial fuzzer integration (linkerd/linkerd2-proxy#961) * Fix caching in ingress mode (linkerd/linkerd2-proxy#965)
This release fixes a caching issue in the outbound proxy's "ingress mode" that could cause the incorrect client to be used for requests. This caching has been fixed so that clients cannot be incorrectly reused across logical destinations. --- * transport: introduce Bind trait and move orig dst to the type level (linkerd/linkerd2-proxy#957) * Initial fuzzer integration (linkerd/linkerd2-proxy#961) * Fix caching in ingress mode (linkerd/linkerd2-proxy#965)
This release fixes a caching issue in the outbound proxy's "ingress mode" that could cause the incorrect client to be used for requests. This caching has been fixed so that clients cannot be incorrectly reused across logical destinations. --- * transport: introduce Bind trait and move orig dst to the type level (linkerd/linkerd2-proxy#957) * Initial fuzzer integration (linkerd/linkerd2-proxy#961) * Fix caching in ingress mode (linkerd/linkerd2-proxy#965)
This release fixes a caching issue in the outbound proxy's "ingress mode" that could cause the incorrect client to be used for requests. This caching has been fixed so that clients cannot be incorrectly reused across logical destinations. --- * transport: introduce Bind trait and move orig dst to the type level (linkerd/linkerd2-proxy#957) * Initial fuzzer integration (linkerd/linkerd2-proxy#961) * Fix caching in ingress mode (linkerd/linkerd2-proxy#965) Signed-off-by: Jijeesh <[email protected]>
This release fixes a caching issue in the outbound proxy's "ingress mode" that could cause the incorrect client to be used for requests. This caching has been fixed so that clients cannot be incorrectly reused across logical destinations. --- * transport: introduce Bind trait and move orig dst to the type level (linkerd/linkerd2-proxy#957) * Initial fuzzer integration (linkerd/linkerd2-proxy#961) * Fix caching in ingress mode (linkerd/linkerd2-proxy#965)
This release fixes a caching issue in the outbound proxy's "ingress mode" that could cause the incorrect client to be used for requests. This caching has been fixed so that clients cannot be incorrectly reused across logical destinations. --- * transport: introduce Bind trait and move orig dst to the type level (linkerd/linkerd2-proxy#957) * Initial fuzzer integration (linkerd/linkerd2-proxy#961) * Fix caching in ingress mode (linkerd/linkerd2-proxy#965)
2 participants
This branch introduces a new
transport::listen::Bindtrait thatabstracts over binding and listening on a socket. Now, rather than
owning an instance of the
BindTcptype,ServerConfigs are passed asa parameter to a type implementing the
Bindtrait. This willeventually allow end-to-end testing without creating actual TCP sockets,
as
Bindproduces aStreamof an IO type and anAddrstype.PR #955 changed the proxy stacks to be a target type which implements
the
Paramtrait for various types of address, rather than a fixedtype. This PR also changes the inbound and outbound proxies to take
targets which implement
Param<OrigDstAddr>, rather than requiringParam<Option<OrigDstAddr>>and punting fallibility to every pointwhere original dst addresses are used.
The
BindTcptype is now generic over a more generalGetAddrstrait,rather than a
SO_ORIGINAL_DST-specificOrigDstAddrtrait. Ratherthan always producing a
listen::Addrswith anOption<OrigDstAddr>,we now produce a variable addresses type, which may or may not incldue
the original destination address (the admin and tap servers don't
require SO_ORIGINAL_DST). This allows whether or not original
destination addresses are included to be determined at compile time
rather than at runtime.
Finally, the incorrect feature flagging of mock original destination
addresses has been fixed, The "mock-orig-dst" feature has been removed,
and the integration tests now simply construct their own mock
GetAddrsfunction that's used to configure the test proxy. In the future, we
should be able to refactor the tests to avoid this by simply passing in
their own mock
Bindtypes which produce streams of in-memory mockconnections, rather than actual TCP connections.