Import admiral generated hosts on Istio Sidecar egress for dependent …

…workloads (#113)
istio-ecosystem · Jun 17, 2020 · 97f3dc3 · 97f3dc3
1 parent 57eec64
commit 97f3dc3
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 9 deletions.
diff --git a/admiral/pkg/clusters/serviceentry.go b/admiral/pkg/clusters/serviceentry.go
@@ -131,11 +131,10 @@ func createServiceEntryForNewServiceOrPod(env string, sourceIdentity string, rem
 			}
 			//add virtual service for routing locally in within the cluster
 			createIngressOnlyVirtualService(rc, cname, serviceEntry, localFqdn, meshPorts)
-
 		}
 
 		for _, val := range dependents.Map() {
-			remoteRegistry.AdmiralCache.DependencyNamespaceCache.Put(val, serviceInstance.Namespace, localFqdn)
+			remoteRegistry.AdmiralCache.DependencyNamespaceCache.Put(val, serviceInstance.Namespace, localFqdn, map[string]string {cname: "1"})
 		}
 
 		if common.GetWorkloadSidecarUpdate() == "enabled" {
@@ -176,8 +175,18 @@ func modifySidecarForLocalClusterCommunication(sidecarNamespace string, sidecarE
 	//copy and add our new local FQDN
 	newSidecar := copySidecar(sidecar)
 
+	egressHosts := make(map[string]string)
+
 	for _, sidecarEgress := range sidecarEgressMap {
 		egressHost := sidecarEgress.Namespace + "/" + sidecarEgress.FQDN
+		egressHosts[egressHost] = egressHost
+		for cname, _ := range sidecarEgress.CNAMEs {
+			scopedCname := sidecarEgress.Namespace + "/" + cname
+			egressHosts[scopedCname] = scopedCname
+		}
+	}
+
+	for egressHost, _ := range egressHosts {
 		if !util.Contains(newSidecar.Spec.Egress[0].Hosts, egressHost) {
 			newSidecar.Spec.Egress[0].Hosts = append(newSidecar.Spec.Egress[0].Hosts, egressHost)
 		}

diff --git a/admiral/pkg/clusters/serviceentry_test.go b/admiral/pkg/clusters/serviceentry_test.go
@@ -375,7 +375,7 @@ func TestModifyExistingSidecarForLocalClusterCommunication(t *testing.T) {
 	if createdSidecar != nil {
 
 		sidecarEgressMap := make(map[string]common.SidecarEgress)
-		sidecarEgressMap["test-dependency-namespace"] = common.SidecarEgress{Namespace: "test-dependency-namespace", FQDN: "test-local-fqdn"}
+		sidecarEgressMap["test-dependency-namespace"] = common.SidecarEgress{Namespace: "test-dependency-namespace", FQDN: "test-local-fqdn", CNAMEs:map[string]string{"test.myservice.global": "1"}}
 		modifySidecarForLocalClusterCommunication("test-sidecar-namespace", sidecarEgressMap, remoteController)
 
 		updatedSidecar, error := sidecarController.IstioClient.NetworkingV1alpha3().Sidecars("test-sidecar-namespace").Get("default", v12.GetOptions{})
@@ -384,7 +384,7 @@ func TestModifyExistingSidecarForLocalClusterCommunication(t *testing.T) {
 			t.Fail()
 		}
 
-		hostList := append(createdSidecar.Spec.Egress[0].Hosts, "test-dependency-namespace/test-local-fqdn")
+		hostList := append(createdSidecar.Spec.Egress[0].Hosts, "test-dependency-namespace/test-local-fqdn", "test-dependency-namespace/test.myservice.global")
 		createdSidecar.Spec.Egress[0].Hosts = hostList
 
 		if !cmp.Equal(updatedSidecar, createdSidecar) {

diff --git a/admiral/pkg/controller/common/types.go b/admiral/pkg/controller/common/types.go
@@ -19,6 +19,7 @@ type MapOfMaps struct {
 type SidecarEgress struct {
 	Namespace string
 	FQDN      string
+	CNAMEs    map[string]string
 }
 
 //maintains a map from workload identity -> map[namespace]SidecarEgress
@@ -133,14 +134,14 @@ func (s *MapOfMaps) Map() map[string]*Map {
 	return s.cache
 }
 
-func (s *SidecarEgressMap) Put(identity string, namespace string, fqdn string) {
+func (s *SidecarEgressMap) Put(identity string, namespace string, fqdn string, cnames map[string]string) {
 	defer s.mutex.Unlock()
 	s.mutex.Lock()
 	var mapVal = s.cache[identity]
 	if mapVal == nil {
 		mapVal = make(map[string]SidecarEgress, 0)
 	}
-	mapVal[namespace] = SidecarEgress{Namespace: namespace, FQDN: fqdn}
+	mapVal[namespace] = SidecarEgress{Namespace: namespace, FQDN: fqdn, CNAMEs: cnames}
 	s.cache[identity] = mapVal
 }
 

diff --git a/admiral/pkg/controller/common/types_test.go b/admiral/pkg/controller/common/types_test.go
@@ -49,9 +49,10 @@ func TestEgressMap(t *testing.T) {
 	paymentsEnv, ordersEnv := "prod", "staging"
 	paymentsNs, ordersNs := payments + "-" + paymentsEnv, orders + "-" + ordersEnv
 	paymentsFqdn, ordersFqdn := payments + "." + paymentsNs + "." + "svc.cluster.local", orders + "." + ordersNs + "." + "svc.cluster.local"
-	paymentsSidecar, ordersSidecar := SidecarEgress{FQDN: paymentsFqdn, Namespace: paymentsNs}, SidecarEgress{FQDN: ordersFqdn, Namespace: ordersNs}
-	egressMap.Put(payments, paymentsNs, paymentsFqdn)
-	egressMap.Put(orders, ordersNs, ordersFqdn)
+	paymentsCname, ordersCname := paymentsEnv + "." + payments + ".global", ordersEnv + "." + orders + ".global"
+	paymentsSidecar, ordersSidecar := SidecarEgress{FQDN: paymentsFqdn, Namespace: paymentsNs, CNAMEs:map[string]string{paymentsCname: paymentsCname}}, SidecarEgress{FQDN: ordersFqdn, Namespace: ordersNs, CNAMEs:map[string]string{ordersCname: ordersCname}}
+	egressMap.Put(payments, paymentsNs, paymentsFqdn, map[string]string{paymentsCname: paymentsCname})
+	egressMap.Put(orders, ordersNs, ordersFqdn, map[string]string{ordersCname: ordersCname})
 
 	ordersEgress := egressMap.Get("orders");