mirror of https://github.com/linkerd/linkerd2.git
7c0843a823
## Summary This changes the destination service to start indicating whether a profile is an opaque protocol or not. Currently, profiles returned by the destination service are built by chaining together updates coming from watching Profile and Traffic Split updates. With this change, we now also watch updates to Opaque Port annotations on pods and namespaces; if an update occurs this is now included in building a profile update and is sent to the client. ## Details Watching updates to Profiles and Traffic Splits is straightforward--we watch those resources and if an update occurs on one associated to a service we care about then the update is passed through. For Opaque Ports this is a little different because it is an annotation on pods or namespaces. To account for this, we watch the endpoints that we should care about. ### When host is a Pod IP When getting the profile for a Pod IP, we check for the opaque ports annotation on the pod and the pod's namespace. If one is found, we'll indicate if the profile is an opaque protocol if the requested port is in the annotation. We do not subscribe for updates to this pod IP. The only update we really care about is if the pod is deleted and this is already handled by the proxy. ### When host is a Service When getting the profile for a Service, we subscribe for updates to the endpoints of that service. For any ports set in the opaque ports annotation on any of the pods, we check if the requested port is present. Since the endpoints for a service can be added and removed, we do subscribe for updates to the endpoints of the service. Signed-off-by: Kevin Leimkuhler <kevin@kleimkuhler.com> |
||
|---|---|---|
| .. | ||
| destination | ||
| heartbeat | ||
| identity | ||
| proxy-injector | ||
| public-api | ||
| sp-validator | ||
| tap | ||
| main.go | ||