6a81e1f137
Currently, the messages that the proxy logs on errors are often not
very useful. For example, when an error occurred that caused the proxy
to return HTTP 500, we log a message like this:
```
ERR! proxy={server=in listen=0.0.0.0:4143 remote=127.0.0.1:57416} linkerd2_proxy turning Error caused by underlying HTTP/2 error: protocol error: unexpected internal error encountered into 500
```
Note that:
+ Regardless of what the error actually was, the current log message
*always* says protocol error: unexpected internal error encountered,
which is both fairly unclear *and* often not actually the case.
+ Regardless of whether the error was encountered by an HTTP/1 or
HTTP/2 client, the error message always includes the string
"underlying HTTP/2 error". This is probably fairly confusing for
users who are, say, only proxying HTTP/1 traffic.
This branch fixes several related issues around the clarity of the
proxy's error messages:
+ A couple cases in the `transparency` module that returned
`io::Error::from(io::ErrorKind::Other)` have been replaced with
more descriptive errors that propagate the underlying error. This
necessitated adding bounds on some error types.
+ Introduced a new `transparency::client::Error` enum that can be
either a `h2::Error` or a `hyper::Error`, depending on whether
the client is HTTP/1 or HTTP/2, and proxies its' `std::error::Error`
impl to the wrapped error types. This way, we don't return a
`tower_h2::client::Error` (with format output that includes the
string "HTTP/2") from everything, and discard significantly less
error information.
Signed-off-by: Eliza Weisman <eliza@buoyant.io>
|
||
|---|---|---|
| .github | ||
| benches | ||
| futures-mpsc-lossy | ||
| router | ||
| src | ||
| tests | ||
| .dockerignore | ||
| .gitattributes | ||
| .gitignore | ||
| .travis.yml | ||
| CONTRIBUTING.md | ||
| Cargo.lock | ||
| Cargo.toml | ||
| DCO | ||
| Dockerfile | ||
| GOVERNANCE.md | ||
| LICENSE | ||
| MAINTAINERS.md | ||
| Makefile | ||
| README.md | ||
README.md
This repo contains the transparent proxy component of Linkerd2. While the Linkerd2 proxy is heavily influenced by the Linkerd 1.X proxy, it comprises an entirely new codebase implemented in the Rust programming language.
This proxy's features include:
- Transparent, zero-config proxying for HTTP, HTTP/2, and arbitrary TCP protocols.
- Automatic Prometheus metrics export for HTTP and TCP traffic;
- Transparent, zero-config WebSocket proxying;
- Automatic, latency-aware, layer-7 load balancing;
- Automatic layer-4 load balancing for non-HTTP traffic;
- Automatic TLS (experimental);
- An on-demand diagnostic
tapAPI.
This proxy is primarily intended to run on Linux in containerized environments like Kubernetes, though it may also work on other Unix-like systems (like macOS).
The proxy supports service discovery via DNS and the linkerd2
Destination gRPC API.
The Linkerd project is hosted by the Cloud Native Computing Foundation (CNCF).
Building the project
A Makefile is provided to automate most build tasks. It provides the
following targets:
make build-- Compiles the proxy on your local system usingcargomake test-- Runs unit and integration tests on your local system usingcargomake test-flakey-- Runs all tests, including those that may fail spuriouslymake package-- Builds a tarball attarget/release/linkerd2-proxy-${PACKAGE_VERSION}.tar.gz. IfPACKAGE_VERSIONis not set in the environment, the local git SHA is used.make docker-- Builds a Docker container image that can be used for testing. If theDOCKER_TAGenvironment variable is set, the image is given this name. Otherwise, the image is not named.
Cargo
Usually, Cargo, Rust's package manager, is used to build and test this project. If you don't have Cargo installed, we suggest getting it via https://rustup.rs/.
Artifacts
Each version of the master branch is published to
build.l5d.io/linkerd2-proxy/linkerd2-proxy-$PACKAGE_VERSION.tar.gz. The most recent
version (and the package's SHA256 sum) can be discovered via:
:; curl https://build.l5d.io/linkerd2-proxy/latest.txt
The SHA256 sum of each package version is found at:
:; curl https://build.l5d.io/linkerd2-proxy/linkerd2-proxy-$PACKAGE_VERSION.txt
Code of conduct
This project is for everyone. We ask that our users and contributors take a few minutes to review our code of conduct.
License
linkerd2-proxy is copyright 2018 the linkerd2-proxy authors. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use these files except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.