-
Notifications
You must be signed in to change notification settings - Fork 4.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
agent: use bind over advertise for src #3028
agent: use bind over advertise for src #3028
Conversation
command/agent/config.go
Outdated
|
||
// inaddr_any checks if the given ip address is an IPv4 or IPv6 ANY address. ip | ||
// can be either a *net.IP or a string. It panics on another type. | ||
func inaddr_any(ip interface{}) bool { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems like an odd name with an underscore. Maybe isAddrANY
?
command/agent/config.go
Outdated
if ip == nil { | ||
return false | ||
} | ||
var ips string |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the path where a string gets passed in here?
default: | ||
panic(fmt.Sprintf("invalid type: %T", ip)) | ||
} | ||
return ips == "0.0.0.0" || ips == "::" || ips == "[::]" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Realized that there's https://golang.org/pkg/net/#IP.IsUnspecified which looks to be doing the same thing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suspected as much but couldn't find it. Thx
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That doesn't work with [::]
. I'll use my helper for now.
This patch configures consul to use the bind address as the source address for outgoing connections. Fixes #2822
1bebf34
to
8941f12
Compare
Use the bind address as source address for outgoing RPC connections unless it is INADDR_ANY. The current code uses the advertise address which will not work in certain environments where the advertise address is not routable in the network of the agent, e.g. NAT environment, container... After all, that is the purpose of the advertise address. See #2822
8941f12
to
6777373
Compare
@slackpad would you mind bumping the official-images docker library for this please? |
Hi @allandrick we are mid-cycle for 0.8.4 so this should be out in a couple weeks and we will bump it at that time. We currently don't update any existing images, we just release new ones as we release new Consul versions. |
This is a follow-up of #2822 which uses the bind address as source and not the advertise address since that won't work in NAT environments.