Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gateway API: Fix for Listener/Route hostname isolation #6162

Conversation

sunjayBhatia
Copy link
Member

Requests should be "isolated" to the most specific Listener and it's attached routes. This means our existing logic on finding intersecting route and Listener hostnames needs an update to factor in the other Listeners on a Gateway that the route in question may not actually be attached to.

Fix for conformance test: kubernetes-sigs/gateway-api#2669

kubernetes-sigs/gateway-api#2465 for spec

@sunjayBhatia sunjayBhatia added the release-note/minor A minor change that needs about a paragraph of explanation in the release notes. label Feb 7, 2024
Copy link

codecov bot commented Feb 7, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.62%. Comparing base (7530c06) to head (7573ae4).

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #6162      +/-   ##
==========================================
+ Coverage   81.60%   81.62%   +0.01%     
==========================================
  Files         133      133              
  Lines       15842    15857      +15     
==========================================
+ Hits        12928    12943      +15     
  Misses       2620     2620              
  Partials      294      294              
Files Coverage Δ
internal/dag/gatewayapi_processor.go 93.28% <100.00%> (+0.07%) ⬆️

@sunjayBhatia
Copy link
Member Author

Just a rough implementation whipped up, might need some improvements but for now we have something that works with the existing structure

Copy link

The Contour project currently lacks enough contributors to adequately respond to all PRs.

This bot triages PRs according to the following rules:

  • After 14d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the PR is closed

You can:

  • Ensure your PR is passing all CI checks. PRs that are fully green are more likely to be reviewed. If you are having trouble with CI checks, reach out to the #contour channel in the Kubernetes Slack workspace.
  • Mark this PR as fresh by commenting or pushing a commit
  • Close this PR
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 24, 2024
@sunjayBhatia sunjayBhatia removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 26, 2024
Copy link

The Contour project currently lacks enough contributors to adequately respond to all PRs.

This bot triages PRs according to the following rules:

  • After 14d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the PR is closed

You can:

  • Ensure your PR is passing all CI checks. PRs that are fully green are more likely to be reviewed. If you are having trouble with CI checks, reach out to the #contour channel in the Kubernetes Slack workspace.
  • Mark this PR as fresh by commenting or pushing a commit
  • Close this PR
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Mar 12, 2024
Copy link

The Contour project currently lacks enough contributors to adequately respond to all PRs.

This bot triages PRs according to the following rules:

  • After 14d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the PR is closed

You can:

  • Ensure your PR is passing all CI checks. PRs that are fully green are more likely to be reviewed. If you are having trouble with CI checks, reach out to the #contour channel in the Kubernetes Slack workspace.
  • Mark this PR as fresh by commenting or pushing a commit
  • Close this PR
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

@github-actions github-actions bot closed this Apr 11, 2024
@sunjayBhatia sunjayBhatia removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Apr 12, 2024
@sunjayBhatia sunjayBhatia reopened this Apr 12, 2024
Copy link

The Contour project currently lacks enough contributors to adequately respond to all PRs.

This bot triages PRs according to the following rules:

  • After 14d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the PR is closed

You can:

  • Ensure your PR is passing all CI checks. PRs that are fully green are more likely to be reviewed. If you are having trouble with CI checks, reach out to the #contour channel in the Kubernetes Slack workspace.
  • Mark this PR as fresh by commenting or pushing a commit
  • Close this PR
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Apr 29, 2024
@sunjayBhatia sunjayBhatia removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 3, 2024
@skriss
Copy link
Member

skriss commented May 3, 2024

I think this impl makes sense? Is it passing the latest version of the upstream conformance (kubernetes-sigs/gateway-api#3047)?

@sunjayBhatia
Copy link
Member Author

I think this impl makes sense? Is it passing the latest version of the upstream conformance (kubernetes-sigs/gateway-api#3047)?

it was before that PR got recreated, I'll rebase etc. on the version bump PR and see if it still does!

@sunjayBhatia sunjayBhatia force-pushed the gw-listener-route-hostname-isolation branch from c294f1e to 082db77 Compare May 3, 2024 19:39
@sunjayBhatia
Copy link
Member Author

I think this impl makes sense? Is it passing the latest version of the upstream conformance (kubernetes-sigs/gateway-api#3047)?

it was before that PR got recreated, I'll rebase etc. on the version bump PR and see if it still does!

passed in https://github.com/projectcontour/contour/actions/runs/8944042687/job/24570214238

@skriss
Copy link
Member

skriss commented May 3, 2024

Nice, LGTM

Requests should be "isolated" to the most specific Listener and it's
attached routes. This means our existing logic on finding intersecting
route and Listener hostnames needs an update to factor in the other
Listeners on a Gateway that the route in question may not actually be
attached to.

Fix for conformance test: kubernetes-sigs/gateway-api#2669

kubernetes-sigs/gateway-api#2465 for spec

Signed-off-by: Sunjay Bhatia <[email protected]>
Signed-off-by: Sunjay Bhatia <[email protected]>
Signed-off-by: Sunjay Bhatia <[email protected]>
@sunjayBhatia sunjayBhatia force-pushed the gw-listener-route-hostname-isolation branch from 082db77 to 8831bce Compare May 17, 2024 18:19
Signed-off-by: Sunjay Bhatia <[email protected]>
@sunjayBhatia sunjayBhatia marked this pull request as ready for review May 17, 2024 19:30
@sunjayBhatia sunjayBhatia requested a review from a team as a code owner May 17, 2024 19:30
@sunjayBhatia sunjayBhatia removed the request for review from a team May 17, 2024 19:30
@sunjayBhatia sunjayBhatia requested review from tsaarni, skriss, a team, davinci26 and clayton-gonsalves and removed request for a team May 17, 2024 19:30
@sunjayBhatia sunjayBhatia merged commit 3d1c646 into projectcontour:main May 17, 2024
27 checks passed
@sunjayBhatia sunjayBhatia deleted the gw-listener-route-hostname-isolation branch May 17, 2024 20:18
SamMHD pushed a commit to SamMHD/contour that referenced this pull request Sep 8, 2024
…r#6162)

Requests should be "isolated" to the most specific Listener and it's
attached routes. This means our existing logic on finding intersecting
route and Listener hostnames needs an update to factor in the other
Listeners on a Gateway that the route in question may not actually be
attached to.

Fix for conformance test: kubernetes-sigs/gateway-api#2669

kubernetes-sigs/gateway-api#2465 for spec

Signed-off-by: Sunjay Bhatia <[email protected]>
Signed-off-by: Saman Mahdanian <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release-note/minor A minor change that needs about a paragraph of explanation in the release notes.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants