Add ipv4 and ipv6 tagged addresses for service lan and wan

hashicorp · Nov 20, 2019 · 616f554 · 616f554
1 parent ef39c80
commit 616f554
Show file tree

Hide file tree

Showing 4 changed files with 221 additions and 35 deletions.
diff --git a/agent/agent.go b/agent/agent.go
@@ -2232,6 +2232,26 @@ func (a *Agent) addServiceInternal(req *addServiceRequest) error {
 	a.PauseSync()
 	defer a.ResumeSync()
 
+	// Set default tagged addresses
+	serviceIP := net.ParseIP(service.Address)
+	serviceAddressIs4 := serviceIP != nil && serviceIP.To4() != nil
+	serviceAddressIs6 := serviceIP != nil && serviceIP.To4() == nil
+	if service.TaggedAddresses == nil {
+		service.TaggedAddresses = map[string]structs.ServiceAddress{}
+	}
+	if _, ok := service.TaggedAddresses[structs.TaggedAddressLANIPv4]; !ok && serviceAddressIs4 {
+		service.TaggedAddresses[structs.TaggedAddressLANIPv4] = structs.ServiceAddress{Address: service.Address, Port: service.Port}
+	}
+	if _, ok := service.TaggedAddresses[structs.TaggedAddressWANIPv4]; !ok && serviceAddressIs4 {
+		service.TaggedAddresses[structs.TaggedAddressWANIPv4] = structs.ServiceAddress{Address: service.Address, Port: service.Port}
+	}
+	if _, ok := service.TaggedAddresses[structs.TaggedAddressLANIPv6]; !ok && serviceAddressIs6 {
+		service.TaggedAddresses[structs.TaggedAddressLANIPv6] = structs.ServiceAddress{Address: service.Address, Port: service.Port}
+	}
+	if _, ok := service.TaggedAddresses[structs.TaggedAddressWANIPv6]; !ok && serviceAddressIs6 {
+		service.TaggedAddresses[structs.TaggedAddressWANIPv6] = structs.ServiceAddress{Address: service.Address, Port: service.Port}
+	}
+
 	// Take a snapshot of the current state of checks (if any), and when adding
 	// a check that already existed carry over the state before resuming
 	// anti-entropy.
@@ -2418,6 +2438,34 @@ func (a *Agent) validateService(service *structs.NodeService, chkTypes []*struct
 		}
 	}
 
+	// Check IPv4/IPv6 tagged addresses
+	if service.TaggedAddresses != nil {
+		if sa, ok := service.TaggedAddresses[structs.TaggedAddressLANIPv4]; ok {
+			ip := net.ParseIP(sa.Address)
+			if ip == nil || ip.To4() == nil {
+				return fmt.Errorf("Service tagged address %q must be a valid ipv4 address", structs.TaggedAddressLANIPv4)
+			}
+		}
+		if sa, ok := service.TaggedAddresses[structs.TaggedAddressWANIPv4]; ok {
+			ip := net.ParseIP(sa.Address)
+			if ip == nil || ip.To4() == nil {
+				return fmt.Errorf("Service tagged address %q must be a valid ipv4 address", structs.TaggedAddressWANIPv4)
+			}
+		}
+		if sa, ok := service.TaggedAddresses[structs.TaggedAddressLANIPv6]; ok {
+			ip := net.ParseIP(sa.Address)
+			if ip == nil || ip.To4() != nil {
+				return fmt.Errorf("Service tagged address %q must be a valid ipv6 address", structs.TaggedAddressLANIPv6)
+			}
+		}
+		if sa, ok := service.TaggedAddresses[structs.TaggedAddressLANIPv6]; ok {
+			ip := net.ParseIP(sa.Address)
+			if ip == nil || ip.To4() != nil {
+				return fmt.Errorf("Service tagged address %q must be a valid ipv6 address", structs.TaggedAddressLANIPv6)
+			}
+		}
+	}
+
 	return nil
 }
 

diff --git a/agent/agent_endpoint_test.go b/agent/agent_endpoint_test.go
@@ -3019,10 +3019,11 @@ func testAgent_RegisterService_UnmanagedConnectProxy(t *testing.T, extraHCL stri
 
 func testDefaultSidecar(svc string, port int, fns ...func(*structs.NodeService)) *structs.NodeService {
 	ns := &structs.NodeService{
-		ID:      svc + "-sidecar-proxy",
-		Kind:    structs.ServiceKindConnectProxy,
-		Service: svc + "-sidecar-proxy",
-		Port:    2222,
+		ID:              svc + "-sidecar-proxy",
+		Kind:            structs.ServiceKindConnectProxy,
+		Service:         svc + "-sidecar-proxy",
+		Port:            2222,
+		TaggedAddresses: map[string]structs.ServiceAddress{},
 		Weights: &structs.Weights{
 			Passing: 1,
 			Warning: 1,
@@ -3383,9 +3384,10 @@ func testAgent_RegisterServiceDeregisterService_Sidecar(t *testing.T, extraHCL s
 			// Note here that although the registration here didn't register it, we
 			// should still see the NodeService we pre-registered here.
 			wantNS: &structs.NodeService{
-				ID:      "web-sidecar-proxy",
-				Service: "fake-sidecar",
-				Port:    9999,
+				ID:              "web-sidecar-proxy",
+				Service:         "fake-sidecar",
+				Port:            9999,
+				TaggedAddresses: map[string]structs.ServiceAddress{},
 				Weights: &structs.Weights{
 					Passing: 1,
 					Warning: 1,
@@ -3425,6 +3427,7 @@ func testAgent_RegisterServiceDeregisterService_Sidecar(t *testing.T, extraHCL s
 				Service:                    "web-sidecar-proxy",
 				LocallyRegisteredAsSidecar: true,
 				Port:                       6666,
+				TaggedAddresses:            map[string]structs.ServiceAddress{},
 				Weights: &structs.Weights{
 					Passing: 1,
 					Warning: 1,

diff --git a/agent/agent_test.go b/agent/agent_test.go
@@ -670,6 +670,134 @@ func testAgent_AddServiceNoRemoteExec(t *testing.T, extraHCL string) {
 	}
 }
 
+func TestAddServiceIPv4TaggedDefault(t *testing.T) {
+	t.Helper()
+
+	a := NewTestAgent(t, t.Name(), "")
+	defer a.Shutdown()
+	testrpc.WaitForTestAgent(t, a.RPC, "dc1")
+
+	srv := &structs.NodeService{
+		Service: "my_service",
+		ID:      "my_service_id",
+		Port:    8100,
+		Address: "10.0.1.2",
+	}
+
+	err := a.AddService(srv, []*structs.CheckType{}, false, "", ConfigSourceRemote)
+	require.Nil(t, err)
+
+	ns := a.State.Service("my_service_id")
+	require.NotNil(t, ns)
+
+	svcAddr := structs.ServiceAddress{Address: srv.Address, Port: srv.Port}
+	require.Equal(t, svcAddr, ns.TaggedAddresses[structs.TaggedAddressLANIPv4])
+	require.Equal(t, svcAddr, ns.TaggedAddresses[structs.TaggedAddressWANIPv4])
+	_, ok := ns.TaggedAddresses[structs.TaggedAddressLANIPv6]
+	require.False(t, ok)
+	_, ok = ns.TaggedAddresses[structs.TaggedAddressWANIPv6]
+	require.False(t, ok)
+}
+
+func TestAddServiceIPv6TaggedDefault(t *testing.T) {
+	t.Helper()
+
+	a := NewTestAgent(t, t.Name(), "")
+	defer a.Shutdown()
+	testrpc.WaitForTestAgent(t, a.RPC, "dc1")
+
+	srv := &structs.NodeService{
+		Service: "my_service",
+		ID:      "my_service_id",
+		Port:    8100,
+		Address: "::5",
+	}
+
+	err := a.AddService(srv, []*structs.CheckType{}, false, "", ConfigSourceRemote)
+	require.Nil(t, err)
+
+	ns := a.State.Service("my_service_id")
+	require.NotNil(t, ns)
+
+	svcAddr := structs.ServiceAddress{Address: srv.Address, Port: srv.Port}
+	require.Equal(t, svcAddr, ns.TaggedAddresses[structs.TaggedAddressLANIPv6])
+	require.Equal(t, svcAddr, ns.TaggedAddresses[structs.TaggedAddressWANIPv6])
+	_, ok := ns.TaggedAddresses[structs.TaggedAddressLANIPv4]
+	require.False(t, ok)
+	_, ok = ns.TaggedAddresses[structs.TaggedAddressWANIPv4]
+	require.False(t, ok)
+}
+
+func TestAddServiceIPv4TaggedSet(t *testing.T) {
+	t.Helper()
+
+	a := NewTestAgent(t, t.Name(), "")
+	defer a.Shutdown()
+	testrpc.WaitForTestAgent(t, a.RPC, "dc1")
+
+	srv := &structs.NodeService{
+		Service: "my_service",
+		ID:      "my_service_id",
+		Port:    8100,
+		Address: "10.0.1.2",
+		TaggedAddresses: map[string]structs.ServiceAddress{
+			structs.TaggedAddressWANIPv4: {
+				Address: "10.100.200.5",
+				Port:    8100,
+			},
+		},
+	}
+
+	err := a.AddService(srv, []*structs.CheckType{}, false, "", ConfigSourceRemote)
+	require.Nil(t, err)
+
+	ns := a.State.Service("my_service_id")
+	require.NotNil(t, ns)
+
+	svcAddr := structs.ServiceAddress{Address: srv.Address, Port: srv.Port}
+	require.Equal(t, svcAddr, ns.TaggedAddresses[structs.TaggedAddressLANIPv4])
+	require.Equal(t, structs.ServiceAddress{Address: "10.100.200.5", Port: 8100}, ns.TaggedAddresses[structs.TaggedAddressWANIPv4])
+	_, ok := ns.TaggedAddresses[structs.TaggedAddressLANIPv6]
+	require.False(t, ok)
+	_, ok = ns.TaggedAddresses[structs.TaggedAddressWANIPv6]
+	require.False(t, ok)
+}
+
+func TestAddServiceIPv6TaggedSet(t *testing.T) {
+	t.Helper()
+
+	a := NewTestAgent(t, t.Name(), "")
+	defer a.Shutdown()
+	testrpc.WaitForTestAgent(t, a.RPC, "dc1")
+
+	srv := &structs.NodeService{
+		Service: "my_service",
+		ID:      "my_service_id",
+		Port:    8100,
+		Address: "::5",
+		TaggedAddresses: map[string]structs.ServiceAddress{
+			structs.TaggedAddressWANIPv6: {
+				Address: "::6",
+				Port:    8100,
+			},
+		},
+	}
+
+	err := a.AddService(srv, []*structs.CheckType{}, false, "", ConfigSourceRemote)
+	require.Nil(t, err)
+
+	ns := a.State.Service("my_service_id")
+	require.NotNil(t, ns)
+
+	svcAddr := structs.ServiceAddress{Address: srv.Address, Port: srv.Port}
+	require.Equal(t, svcAddr, ns.TaggedAddresses[structs.TaggedAddressLANIPv6])
+	require.Equal(t, structs.ServiceAddress{Address: "::6", Port: 8100}, ns.TaggedAddresses[structs.TaggedAddressWANIPv6])
+	_, ok := ns.TaggedAddresses[structs.TaggedAddressLANIPv4]
+	require.False(t, ok)
+	_, ok = ns.TaggedAddresses[structs.TaggedAddressWANIPv4]
+	require.False(t, ok)
+}
+
 func TestAgent_RemoveService(t *testing.T) {
 	t.Run("normal", func(t *testing.T) {
 		t.Parallel()
@@ -1903,11 +2031,12 @@ func testAgent_persistedService_compat(t *testing.T, extraHCL string) {
 	defer a.Shutdown()
 
 	svc := &structs.NodeService{
-		ID:      "redis",
-		Service: "redis",
-		Tags:    []string{"foo"},
-		Port:    8000,
-		Weights: &structs.Weights{Passing: 1, Warning: 1},
+		ID:              "redis",
+		Service:         "redis",
+		Tags:            []string{"foo"},
+		Port:            8000,
+		TaggedAddresses: map[string]structs.ServiceAddress{},
+		Weights:         &structs.Weights{Passing: 1, Warning: 1},
 	}
 
 	// Encode the NodeService directly. This is what previous versions

diff --git a/agent/service_manager_test.go b/agent/service_manager_test.go
@@ -50,9 +50,10 @@ func TestServiceManager_RegisterService(t *testing.T) {
 	redisService := a.State.Service("redis")
 	require.NotNil(redisService)
 	require.Equal(&structs.NodeService{
-		ID:      "redis",
-		Service: "redis",
-		Port:    8000,
+		ID:              "redis",
+		Service:         "redis",
+		Port:            8000,
+		TaggedAddresses: map[string]structs.ServiceAddress{},
 		Weights: &structs.Weights{
 			Passing: 1,
 			Warning: 1,
@@ -114,10 +115,11 @@ func TestServiceManager_RegisterSidecar(t *testing.T) {
 	sidecarService := a.State.Service("web-sidecar-proxy")
 	require.NotNil(sidecarService)
 	require.Equal(&structs.NodeService{
-		Kind:    structs.ServiceKindConnectProxy,
-		ID:      "web-sidecar-proxy",
-		Service: "web-sidecar-proxy",
-		Port:    21000,
+		Kind:            structs.ServiceKindConnectProxy,
+		ID:              "web-sidecar-proxy",
+		Service:         "web-sidecar-proxy",
+		Port:            21000,
+		TaggedAddresses: map[string]structs.ServiceAddress{},
 		Proxy: structs.ConnectProxyConfig{
 			DestinationServiceName: "web",
 			DestinationServiceID:   "web",
@@ -180,10 +182,11 @@ func TestServiceManager_RegisterMeshGateway(t *testing.T) {
 	gateway := a.State.Service("mesh-gateway")
 	require.NotNil(gateway)
 	require.Equal(&structs.NodeService{
-		Kind:    structs.ServiceKindMeshGateway,
-		ID:      "mesh-gateway",
-		Service: "mesh-gateway",
-		Port:    443,
+		Kind:            structs.ServiceKindMeshGateway,
+		ID:              "mesh-gateway",
+		Service:         "mesh-gateway",
+		Port:            443,
+		TaggedAddresses: map[string]structs.ServiceAddress{},
 		Proxy: structs.ConnectProxyConfig{
 			Config: map[string]interface{}{
 				"foo":      int64(1),
@@ -270,10 +273,11 @@ func TestServiceManager_PersistService_API(t *testing.T) {
 	}
 
 	expectState := &structs.NodeService{
-		Kind:    structs.ServiceKindConnectProxy,
-		ID:      "web-sidecar-proxy",
-		Service: "web-sidecar-proxy",
-		Port:    21000,
+		Kind:            structs.ServiceKindConnectProxy,
+		ID:              "web-sidecar-proxy",
+		Service:         "web-sidecar-proxy",
+		Port:            21000,
+		TaggedAddresses: map[string]structs.ServiceAddress{},
 		Proxy: structs.ConnectProxyConfig{
 			DestinationServiceName: "web",
 			DestinationServiceID:   "web",
@@ -478,10 +482,11 @@ func TestServiceManager_PersistService_ConfigFiles(t *testing.T) {
 	svcID := "web-sidecar-proxy"
 
 	expectState := &structs.NodeService{
-		Kind:    structs.ServiceKindConnectProxy,
-		ID:      "web-sidecar-proxy",
-		Service: "web-sidecar-proxy",
-		Port:    21000,
+		Kind:            structs.ServiceKindConnectProxy,
+		ID:              "web-sidecar-proxy",
+		Service:         "web-sidecar-proxy",
+		Port:            21000,
+		TaggedAddresses: map[string]structs.ServiceAddress{},
 		Proxy: structs.ConnectProxyConfig{
 			DestinationServiceName: "web",
 			DestinationServiceID:   "web",
@@ -627,10 +632,11 @@ func TestServiceManager_Disabled(t *testing.T) {
 	sidecarService := a.State.Service("web-sidecar-proxy")
 	require.NotNil(sidecarService)
 	require.Equal(&structs.NodeService{
-		Kind:    structs.ServiceKindConnectProxy,
-		ID:      "web-sidecar-proxy",
-		Service: "web-sidecar-proxy",
-		Port:    21000,
+		Kind:            structs.ServiceKindConnectProxy,
+		ID:              "web-sidecar-proxy",
+		Service:         "web-sidecar-proxy",
+		Port:            21000,
+		TaggedAddresses: map[string]structs.ServiceAddress{},
 		Proxy: structs.ConnectProxyConfig{
 			DestinationServiceName: "web",
 			DestinationServiceID:   "web",