linkerd2

History

Oliver Gould 75bbbb9146 policy: Provide a default route for servers with no HTTPRoutes (#9036 ) Currently, if no `HTTPRoute` resources reference a `Server`, the policy controller returns an empty list of routes. This results in the proxy 404ing HTTP traffic. Instead, we should return a default empty route in this case. This branch changes the policy controller to return a default route for `Server`s which are not referenced by any `HTTPRoute`s. The default route defines a single `HttpRouteRule` with no matches and no filters, so it will match any HTTP request. The default route does not define any authorizations, as they would potentially clobber authorizations defined by other resources that define authorization policies targeting that `Server` --- if it is not targeted by any other resource defining authorization policies, the `Server` itself will still get the default authz policy. In addition, this branch changes the various `${Resource}Ref` enums so that their `Default` variants take a `&'static str` rather than a `String`, to minimize string copying, since the default names are always pre-defined. It also adds an `InboundHttpRouteRef` type which is used as a key in the maps of `HTTPRoute`s (instead of `String`s), since we now define default routes as well. Signed-off-by: Eliza Weisman <eliza@buoyant.io> Co-authored-by: Oliver Gould <ver@buoyant.io>	2022-07-29 14:24:52 -07:00
..
src	policy: Provide a default route for servers with no HTTPRoutes (#9036 )	2022-07-29 14:24:52 -07:00
Cargo.toml	Update linkerd2-proxy-api to v0.6.0 (#8880 )	2022-07-14 08:24:07 -07:00

policy: Provide a default route for servers with no HTTPRoutes (#9036 )

Currently, if no `HTTPRoute` resources reference a `Server`, the policy
controller returns an empty list of routes. This results in the proxy
404ing HTTP traffic. Instead, we should return a default empty route in
this case.

This branch changes the policy controller to return a default route for
`Server`s which are not referenced by any `HTTPRoute`s. The default
route defines a single `HttpRouteRule` with no matches and no filters,
so it will match any HTTP request. The default route does *not* define
any authorizations, as they would potentially clobber authorizations
defined by other resources that define authorization policies targeting
that `Server` --- if it is not targeted by any other resource defining
authorization policies, the `Server` itself will still get the default
authz policy.

In addition, this branch changes the various `${Resource}Ref` enums so
that their `Default` variants take a `&'static str` rather than a
`String`, to minimize string copying, since the default names are always
pre-defined. It also adds an `InboundHttpRouteRef` type which is used as
a key in the maps of `HTTPRoute`s (instead of `String`s), since we now
define default routes as well.

Signed-off-by: Eliza Weisman <eliza@buoyant.io>
Co-authored-by: Oliver Gould <ver@buoyant.io>

2022-07-29 14:24:52 -07:00

src

policy: Provide a default route for servers with no HTTPRoutes (#9036 )

2022-07-29 14:24:52 -07:00

Cargo.toml

Update linkerd2-proxy-api to v0.6.0 (#8880 )

2022-07-14 08:24:07 -07:00