baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Support HTTPRoute destination port matching

Browse source
This commit is contained in:
Kevin Pollet 2024-09-27 12:12:05 +02:00 committed by GitHub
parent eccfcc0924
commit d317cd90fc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 28 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
integration/conformance-reports/v1.2.0-rc2/experimental-v3.2-default-report.yaml
View file

@ -30,12 +30,13 @@ profiles:
result: success result: success
statistics: statistics:
Failed: 0 Failed: 0
Passed: 12 Passed: 13
Skipped: 0 Skipped: 0
supportedFeatures: supportedFeatures:
- GatewayPort8080 - GatewayPort8080
- HTTPRouteBackendProtocolH2C - HTTPRouteBackendProtocolH2C
- HTTPRouteBackendProtocolWebSocket - HTTPRouteBackendProtocolWebSocket
- HTTPRouteDestinationPortMatching
- HTTPRouteHostRewrite - HTTPRouteHostRewrite
- HTTPRouteMethodMatching - HTTPRouteMethodMatching
- HTTPRoutePathRedirect - HTTPRoutePathRedirect
@ -50,7 +51,6 @@ profiles:
- GatewayStaticAddresses - GatewayStaticAddresses
- HTTPRouteBackendRequestHeaderModification - HTTPRouteBackendRequestHeaderModification
- HTTPRouteBackendTimeout - HTTPRouteBackendTimeout
- HTTPRouteDestinationPortMatching
- HTTPRouteParentRefPort - HTTPRouteParentRefPort
- HTTPRouteRequestMirror - HTTPRouteRequestMirror
- HTTPRouteRequestMultipleMirrors - HTTPRouteRequestMultipleMirrors

1
pkg/provider/kubernetes/gateway/features.go
View file

@ -18,6 +18,7 @@ func SupportedFeatures() []features.FeatureName {
features.HTTPRouteResponseHeaderModificationFeature.Name, features.HTTPRouteResponseHeaderModificationFeature.Name,
features.HTTPRouteBackendProtocolH2CFeature.Name, features.HTTPRouteBackendProtocolH2CFeature.Name,
features.HTTPRouteBackendProtocolWebSocketFeature.Name, features.HTTPRouteBackendProtocolWebSocketFeature.Name,
features.HTTPRouteDestinationPortMatchingFeature.Name,
features.TLSRouteFeature.Name, features.TLSRouteFeature.Name,
} }
} }

11
pkg/provider/kubernetes/gateway/grpcroute.go
View file

@ -49,17 +49,16 @@ func (p *Provider) loadGRPCRoutes(ctx context.Context, gatewayListeners []gatewa
} }
for _, listener := range gatewayListeners { for _, listener := range gatewayListeners {
if !matchListener(listener, route.Namespace, parentRef) {
continue
}
accepted := true accepted := true
if !allowRoute(listener, route.Namespace, kindGRPCRoute) { if !matchListener(listener, route.Namespace, parentRef) {
accepted = false
}
if accepted && !allowRoute(listener, route.Namespace, kindGRPCRoute) {
parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNotAllowedByListeners)) parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNotAllowedByListeners))
accepted = false accepted = false
} }
hostnames, ok := findMatchingHostnames(listener.Hostname, route.Spec.Hostnames) hostnames, ok := findMatchingHostnames(listener.Hostname, route.Spec.Hostnames)
if !ok { if accepted && !ok {
parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNoMatchingListenerHostname)) parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNoMatchingListenerHostname))
accepted = false accepted = false
} }

11
pkg/provider/kubernetes/gateway/httproute.go
View file

@ -53,17 +53,16 @@ func (p *Provider) loadHTTPRoutes(ctx context.Context, gatewayListeners []gatewa
} }
for _, listener := range gatewayListeners { for _, listener := range gatewayListeners {
if !matchListener(listener, route.Namespace, parentRef) {
continue
}
accepted := true accepted := true
if !allowRoute(listener, route.Namespace, kindHTTPRoute) { if !matchListener(listener, route.Namespace, parentRef) {
accepted = false
}
if accepted && !allowRoute(listener, route.Namespace, kindHTTPRoute) {
parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNotAllowedByListeners)) parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNotAllowedByListeners))
accepted = false accepted = false
} }
hostnames, ok := findMatchingHostnames(listener.Hostname, route.Spec.Hostnames) hostnames, ok := findMatchingHostnames(listener.Hostname, route.Spec.Hostnames)
if !ok { if accepted && !ok {
parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNoMatchingListenerHostname)) parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNoMatchingListenerHostname))
accepted = false accepted = false
} }

6
pkg/provider/kubernetes/gateway/kubernetes.go
View file

@ -112,6 +112,7 @@ type ExtensionBuilderRegistry interface {
type gatewayListener struct { type gatewayListener struct {
Name string Name string
Port gatev1.PortNumber
Protocol gatev1.ProtocolType Protocol gatev1.ProtocolType
TLS *gatev1.GatewayTLSConfig TLS *gatev1.GatewayTLSConfig
Hostname *gatev1.Hostname Hostname *gatev1.Hostname
@ -429,6 +430,7 @@ func (p *Provider) loadGatewayListeners(ctx context.Context, gateway *gatev1.Gat
GWName: gateway.Name, GWName: gateway.Name,
GWNamespace: gateway.Namespace, GWNamespace: gateway.Namespace,
GWGeneration: gateway.Generation, GWGeneration: gateway.Generation,
Port: listener.Port,
Protocol: listener.Protocol, Protocol: listener.Protocol,
TLS: listener.TLS, TLS: listener.TLS,
Hostname: listener.Hostname, Hostname: listener.Hostname,
@ -1118,6 +1120,10 @@ func matchListener(listener gatewayListener, routeNamespace string, parentRef ga
return false return false
} }
if parentRef.Port != nil && *parentRef.Port != listener.Port {
return false
}
return true return true
} }

9
pkg/provider/kubernetes/gateway/tcproute.go
View file

@ -49,12 +49,11 @@ func (p *Provider) loadTCPRoutes(ctx context.Context, gatewayListeners []gateway
} }
for _, listener := range gatewayListeners { for _, listener := range gatewayListeners {
if !matchListener(listener, route.Namespace, parentRef) {
continue
}
accepted := true accepted := true
if !allowRoute(listener, route.Namespace, kindTCPRoute) { if !matchListener(listener, route.Namespace, parentRef) {
accepted = false
}
if accepted && !allowRoute(listener, route.Namespace, kindTCPRoute) {
parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNotAllowedByListeners)) parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNotAllowedByListeners))
accepted = false accepted = false
} }

11
pkg/provider/kubernetes/gateway/tlsroute.go
View file

@ -49,17 +49,16 @@ func (p *Provider) loadTLSRoutes(ctx context.Context, gatewayListeners []gateway
} }
for _, listener := range gatewayListeners { for _, listener := range gatewayListeners {
if !matchListener(listener, route.Namespace, parentRef) {
continue
}
accepted := true accepted := true
if !allowRoute(listener, route.Namespace, kindTLSRoute) { if !matchListener(listener, route.Namespace, parentRef) {
accepted = false
}
if accepted && !allowRoute(listener, route.Namespace, kindTLSRoute) {
parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNotAllowedByListeners)) parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNotAllowedByListeners))
accepted = false accepted = false
} }
hostnames, ok := findMatchingHostnames(listener.Hostname, route.Spec.Hostnames) hostnames, ok := findMatchingHostnames(listener.Hostname, route.Spec.Hostnames)
if !ok { if accepted && !ok {
parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNoMatchingListenerHostname)) parentStatus.Conditions = updateRouteConditionAccepted(parentStatus.Conditions, string(gatev1.RouteReasonNoMatchingListenerHostname))
accepted = false accepted = false
} }