policy: Return Service metadata in OutboundPolicy responses (#10658)

When the OutboundPolicy API returns a policy for a `Service`, it should include the service's metadata (for metrics, etc).
2023-04-03 21:28:53 -07:00 · 2023-04-03 21:28:53 -07:00 · 3aa135fb71
parent df9b09b154
commit 3aa135fb71
7 changed files with 33 additions and 7 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1398,7 +1398,7 @@ dependencies = [
 [[package]]
 name = "linkerd2-proxy-api"
 version = "0.8.0"
-source = "git+https://github.com/linkerd/linkerd2-proxy-api?rev=9efe50fd769cf8fbba4f0eedf95fa8ca896d7355#9efe50fd769cf8fbba4f0eedf95fa8ca896d7355"
+source = "git+https://github.com/linkerd/linkerd2-proxy-api?branch=main#afca924a6df2434196e85a265ffb7c15a547a8fa"
 dependencies = [
 "http",
 "ipnet",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -13,4 +13,5 @@ members = [
 lto = "thin"

 [patch.crates-io]
+linkerd2-proxy-api = { git = "https://github.com/linkerd/linkerd2-proxy-api", branch = "main" }
 kubert = { git = "https://github.com/olix0r/kubert", rev = "8c582e42b6ae4aec76ac3af54e6742945d452207" }
--- a/policy-controller/core/src/outbound.rs
+++ b/policy-controller/core/src/outbound.rs
@ -21,6 +21,7 @@ pub type OutboundPolicyStream = Pin<Box<dyn Stream<Item = OutboundPolicy> + Send
 pub struct OutboundPolicy {
    pub http_routes: HashMap<String, HttpRoute>,
    pub authority: String,
+    pub name: String,
    pub namespace: String,
    pub opaque: bool,
 }
--- a/policy-controller/grpc/Cargo.toml
+++ b/policy-controller/grpc/Cargo.toml
@ -12,12 +12,15 @@ http = "0.2"
 drain = "0.1"
 hyper = { version = "0.14", features = ["http2", "server", "tcp"] }
 futures = { version = "0.3", default-features = false }
-linkerd2-proxy-api = { features = [
-    "inbound",
-    "outbound",
-], git = "https://github.com/linkerd/linkerd2-proxy-api", rev = "9efe50fd769cf8fbba4f0eedf95fa8ca896d7355" }
 linkerd-policy-controller-core = { path = "../core" }
 maplit = "1"
 tokio = { version = "1", features = ["macros"] }
 tonic = { version = "0.8", default-features = false }
 tracing = "0.1"
+
+[dependencies.linkerd2-proxy-api]
+version = "0.8"
+features = [
+    "inbound",
+    "outbound",
+]
--- a/policy-controller/grpc/src/outbound.rs
+++ b/policy-controller/grpc/src/outbound.rs
@ -15,8 +15,9 @@ use std::{net::SocketAddr, num::NonZeroU16, sync::Arc, time};

 #[derive(Clone, Debug)]
 pub struct OutboundPolicyServer<T> {
-    cluster_domain: Arc<str>,
    index: T,
+    // Used to parse named addresses into <svc>.<ns>.svc.<cluster-domain>.
+    cluster_domain: Arc<str>,
    drain: drain::Watch,
 }

@ -238,15 +239,28 @@ fn to_service(outbound: OutboundPolicy) -> outbound::OutboundPolicy {
                }),
                http1: Some(outbound::proxy_protocol::Http1 {
                    routes: http_routes.clone(),
+                    failure_accrual: None,
                }),
                http2: Some(outbound::proxy_protocol::Http2 {
                    routes: http_routes,
+                    failure_accrual: None,
                }),
            },
        )
    };

+    let metadata = Metadata {
+        kind: Some(metadata::Kind::Resource(api::meta::Resource {
+            group: "core".to_string(),
+            kind: "Service".to_string(),
+            namespace: outbound.namespace,
+            name: outbound.name,
+            ..Default::default()
+        })),
+    };
+
    outbound::OutboundPolicy {
+        metadata: Some(metadata),
        protocol: Some(outbound::ProxyProtocol { kind: Some(kind) }),
    }
 }
--- a/policy-controller/k8s/index/src/outbound/index.rs
+++ b/policy-controller/k8s/index/src/outbound/index.rs
@ -240,6 +240,7 @@ impl Namespace {
            let (sender, _) = watch::channel(OutboundPolicy {
                http_routes: Default::default(),
                authority,
+                name: sp.service.clone(),
                namespace: self.namespace.to_string(),
                opaque,
            });
--- a/policy-test/Cargo.toml
+++ b/policy-test/Cargo.toml
@ -14,7 +14,6 @@ k8s-gateway-api = "0.11"
 k8s-openapi = { version = "0.17", features = ["v1_20"] }
 linkerd-policy-controller-core = { path = "../policy-controller/core" }
 linkerd-policy-controller-k8s-api = { path = "../policy-controller/k8s/api" }
-linkerd2-proxy-api = { features = ["inbound", "outbound"], git="https://github.com/linkerd/linkerd2-proxy-api", rev = "9efe50fd769cf8fbba4f0eedf95fa8ca896d7355" }
 maplit = "1"
 rand = "0.8"
 serde = "1"
@ -30,5 +29,12 @@ version = "0.80"
 default-features = false
 features = ["client", "openssl-tls", "runtime", "ws"]

+[dependencies.linkerd2-proxy-api]
+version = "0.8"
+features = [
+    "inbound",
+    "outbound",
+]
+
 [dev-dependencies]
 tokio-test = "0.4"