Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update peering establishment to maybe use gateways #14981

Merged
merged 8 commits into from
Oct 14, 2022
Merged

Update peering establishment to maybe use gateways #14981

merged 8 commits into from
Oct 14, 2022

Commits on Oct 13, 2022

  1. Update peering establishment to maybe use gateways 

    When peering through mesh gateways we expect outbound dials to peer
servers to flow through the local mesh gateway addresses.

Now when establishing a peering we get a list of dial addresses as a
ring buffer that includes local mesh gateway addresses if the local DC
is configured to peer through mesh gateways. The ring buffer includes
the mesh gateway addresses first, but also includes the remote server
addresses as a fallback.

This fallback is present because it's possible that direct egress from
the servers may be allowed. If not allowed then the leader will cycle
back to a mesh gateway address through the ring.

When attempting to dial the remote servers we retry up to a fixed
timeout. If using mesh gateways we also have an initial wait in
order to allow for the mesh gateways to configure themselves.

Note that if we encounter a permission denied error we do not retry
since that error indicates that the secret in the peering token is
invalid.
    @freddygv
    freddygv committed Oct 13, 2022
    Configuration menu
    Copy the full SHA
    e69bc72 View commit details
    Browse the repository at this point in the history

  2. Update leader routine to maybe use gateways

    @freddygv
    freddygv committed Oct 13, 2022
    Configuration menu
    Copy the full SHA
    2c99a21 View commit details
    Browse the repository at this point in the history

  3. Add integ test for peering through gateways

    @freddygv
    freddygv committed Oct 13, 2022
    Configuration menu
    Copy the full SHA
    472a8e8 View commit details
    Browse the repository at this point in the history

  4. Fix CA init error code

    @freddygv
    freddygv committed Oct 13, 2022
    Configuration menu
    Copy the full SHA
    96fdd37 View commit details
    Browse the repository at this point in the history

  5. Lint

    @freddygv
    freddygv committed Oct 13, 2022
    Configuration menu
    Copy the full SHA
    573aa40 View commit details
    Browse the repository at this point in the history

  6. Add changelog entry

    @freddygv
    freddygv committed Oct 13, 2022
    Configuration menu
    Copy the full SHA
    f48d7fb View commit details
    Browse the repository at this point in the history

  7. Use split wildcard partition name 

    This way OSS avoids passing a non-empty label, which will be rejected in
OSS consul.
    @freddygv
    freddygv committed Oct 13, 2022
    Configuration menu
    Copy the full SHA
    bf51021 View commit details
    Browse the repository at this point in the history

  8. Use split var in tests

    @freddygv
    freddygv committed Oct 13, 2022
    Configuration menu
    Copy the full SHA
    c77123a View commit details
    Browse the repository at this point in the history