Skip to content

Commit

Permalink
pkg/envoy/lds: add error codes
Browse files Browse the repository at this point in the history
Adds error codes for errors related to Envoy LDS.

Part of openservicemesh#2866

Signed-off-by: jaellio <jaellio@microsoft.com>
  • Loading branch information
jaellio committed Jul 11, 2021
1 parent 7ef0c47 commit a371a6f
Show file tree
Hide file tree
Showing 11 changed files with 130 additions and 37 deletions.
4 changes: 3 additions & 1 deletion pkg/envoy/lds/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"github.com/golang/protobuf/ptypes"

"github.com/openservicemesh/osm/pkg/auth"
"github.com/openservicemesh/osm/pkg/errcode"
)

// getExtAuthzHTTPFilter returns an envoy HttpFilter given an ExternAuthConfig configuration
Expand Down Expand Up @@ -38,7 +39,8 @@ func getExtAuthzHTTPFilter(extAuthConfig auth.ExtAuthConfig) *xds_hcm.HttpFilter

extAuthMarshalled, err := ptypes.MarshalAny(extAuth)
if err != nil {
log.Error().Err(err).Msg("Failed to marshal External Authorization config")
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msg("Failed to marshal External Authorization config")
}

return &xds_hcm.HttpFilter{
Expand Down
7 changes: 5 additions & 2 deletions pkg/envoy/lds/connection_manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"github.com/openservicemesh/osm/pkg/configurator"
"github.com/openservicemesh/osm/pkg/constants"
"github.com/openservicemesh/osm/pkg/envoy"
"github.com/openservicemesh/osm/pkg/errcode"
)

// trafficDirection defines, for filter terms, the direction of the traffic from an application
Expand Down Expand Up @@ -79,13 +80,15 @@ func getHTTPConnectionManager(routeName string, cfg configurator.Configurator, h
if cfg.GetFeatureFlags().EnableWASMStats {
statsFilter, err := getStatsWASMFilter()
if err != nil {
log.Error().Err(err).Msg("failed to get stats WASM filter")
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingWASMFilter.String()).
Msg("failed to get stats WASM filter")
return connManager
}

headerFilter, err := getAddHeadersFilter(headers)
if err != nil {
log.Error().Err(err).Msg("Could not get Lua filter definition")
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingLuaFilter.String()).
Msg("Could not get Lua filter definition")
return connManager
}

Expand Down
7 changes: 5 additions & 2 deletions pkg/envoy/lds/egress.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (

"github.com/openservicemesh/osm/pkg/constants"
"github.com/openservicemesh/osm/pkg/envoy/rds/route"
"github.com/openservicemesh/osm/pkg/errcode"
"github.com/openservicemesh/osm/pkg/trafficpolicy"
)

Expand Down Expand Up @@ -84,7 +85,8 @@ func (lb *listenerBuilder) getEgressTCPFilterChain(match trafficpolicy.TrafficMa

marshalledTCPProxy, err := ptypes.MarshalAny(tcpProxy)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling TcpProxy for TrafficMatch %v", match)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling TcpProxy for TrafficMatch %v", match)
return nil, err
}

Expand All @@ -97,7 +99,8 @@ func (lb *listenerBuilder) getEgressTCPFilterChain(match trafficpolicy.TrafficMa
for _, ipRange := range match.DestinationIPRanges {
ip, ipNet, err := net.ParseCIDR(ipRange)
if err != nil {
log.Error().Err(err).Msgf("Error parsing IP range %s while building TCP filter chain for match %v, skipping", ipRange, match)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrInvalidEgressIPRange.String()).
Msgf("Error parsing IP range %s while building TCP filter chain for match %v, skipping", ipRange, match)
continue
}

Expand Down
4 changes: 3 additions & 1 deletion pkg/envoy/lds/gateway.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (

"github.com/openservicemesh/osm/pkg/constants"
"github.com/openservicemesh/osm/pkg/envoy"
"github.com/openservicemesh/osm/pkg/errcode"
"github.com/openservicemesh/osm/pkg/service"
)

Expand Down Expand Up @@ -51,7 +52,8 @@ func (lb *listenerBuilder) getMultiClusterGatewayFilterChainPerUpstream() []*xds
log.Trace().Msgf("Building outbound filter chain for upstream service %s for proxy with identity %s", upstream, lb.serviceIdentity)
protocolToPortMap, err := lb.meshCatalog.GetPortToProtocolMappingForService(upstream)
if err != nil {
log.Error().Err(err).Msgf("Error retrieving port to protocol mapping for upstream service %s", upstream)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServicePorts.String()).
Msgf("Error retrieving port to protocol mapping for upstream service %s", upstream)
continue
}

Expand Down
15 changes: 10 additions & 5 deletions pkg/envoy/lds/ingress.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"github.com/openservicemesh/osm/pkg/constants"
"github.com/openservicemesh/osm/pkg/envoy"
"github.com/openservicemesh/osm/pkg/envoy/rds/route"
"github.com/openservicemesh/osm/pkg/errcode"
"github.com/openservicemesh/osm/pkg/service"
)

Expand All @@ -35,14 +36,16 @@ func getIngressTransportProtocol(forHTTPS bool) string {
func (lb *listenerBuilder) newIngressHTTPFilterChain(cfg configurator.Configurator, svc service.MeshService, svcPort uint32) *xds_listener.FilterChain {
marshalledDownstreamTLSContext, err := ptypes.MarshalAny(envoy.GetDownstreamTLSContext(lb.serviceIdentity, false /* TLS */))
if err != nil {
log.Error().Err(err).Msgf("Error marshalling DownstreamTLSContext object for proxy %s", svc)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling DownstreamTLSContext object for proxy %s", svc)
return nil
}

ingressConnManager := getHTTPConnectionManager(route.IngressRouteConfigName, cfg, nil, inbound)
marshalledIngressConnManager, err := ptypes.MarshalAny(ingressConnManager)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling ingress HttpConnectionManager object for proxy %s", svc)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling ingress HttpConnectionManager object for proxy %s", svc)
return nil
}

Expand Down Expand Up @@ -71,7 +74,8 @@ func (lb *listenerBuilder) getIngressFilterChains(svc service.MeshService) []*xd

protocolToPortMap, err := lb.meshCatalog.GetTargetPortToProtocolMappingForService(svc)
if err != nil {
log.Error().Err(err).Msgf("Error retrieving port to protocol mapping for service %s", svc)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServicePorts.String()).
Msgf("Error retrieving port to protocol mapping for service %s", svc)
return ingressFilterChains
}

Expand All @@ -94,8 +98,9 @@ func (lb *listenerBuilder) getIngressFilterChains(svc service.MeshService) []*xd
ingressFilterChains = append(ingressFilterChains, ingressFilterChainWithoutSNI)

default:
log.Error().Msgf("Cannot build ingress filter chain. Protocol %s is not supported for service %s on port %d",
appProtocol, svc, port)
log.Error().Str(errcode.Kind, errcode.ErrUnsupportedProtocolForIngress.String()).
Msgf("Cannot build ingress filter chain. Protocol %s is not supported for service %s on port %d",
appProtocol, svc, port)
}
}

Expand Down
31 changes: 21 additions & 10 deletions pkg/envoy/lds/inmesh.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
"github.com/openservicemesh/osm/pkg/constants"
"github.com/openservicemesh/osm/pkg/envoy"
"github.com/openservicemesh/osm/pkg/envoy/rds/route"
"github.com/openservicemesh/osm/pkg/errcode"
"github.com/openservicemesh/osm/pkg/service"
)

Expand All @@ -35,7 +36,8 @@ func (lb *listenerBuilder) getInboundMeshFilterChains(proxyService service.MeshS

protocolToPortMap, err := lb.meshCatalog.GetTargetPortToProtocolMappingForService(proxyService)
if err != nil {
log.Error().Err(err).Msgf("Error retrieving port to protocol mapping for service %s", proxyService)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServicePorts.String()).
Msgf("Error retrieving port to protocol mapping for service %s", proxyService)
return filterChains
}

Expand Down Expand Up @@ -86,7 +88,8 @@ func (lb *listenerBuilder) getInboundHTTPFilters(proxyService service.MeshServic
inboundConnManager := getHTTPConnectionManager(route.InboundRouteConfigName, lb.cfg, lb.statsHeaders, inbound)
marshalledInboundConnManager, err := ptypes.MarshalAny(inboundConnManager)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling inbound HttpConnectionManager for proxy service %s", proxyService)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling inbound HttpConnectionManager for proxy service %s", proxyService)
return nil, err
}
httpConnectionManagerFilter := &xds_listener.Filter{
Expand All @@ -111,7 +114,8 @@ func (lb *listenerBuilder) getInboundMeshHTTPFilterChain(proxyService service.Me
// Construct downstream TLS context
marshalledDownstreamTLSContext, err := ptypes.MarshalAny(envoy.GetDownstreamTLSContext(lb.serviceIdentity, true /* mTLS */))
if err != nil {
log.Error().Err(err).Msgf("Error marshalling DownstreamTLSContext for proxy service %s", proxyService)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling DownstreamTLSContext for proxy service %s", proxyService)
return nil, err
}

Expand Down Expand Up @@ -172,7 +176,8 @@ func (lb *listenerBuilder) getInboundMeshTCPFilterChain(proxyService service.Mes
// Construct downstream TLS context
marshalledDownstreamTLSContext, err := ptypes.MarshalAny(envoy.GetDownstreamTLSContext(lb.serviceIdentity, true /* mTLS */))
if err != nil {
log.Error().Err(err).Msgf("Error marshalling DownstreamTLSContext for proxy service %s", proxyService)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling DownstreamTLSContext for proxy service %s", proxyService)
return nil, err
}

Expand Down Expand Up @@ -239,7 +244,8 @@ func (lb *listenerBuilder) getInboundTCPFilters(proxyService service.MeshService
}
marshalledTCPProxy, err := ptypes.MarshalAny(tcpProxy)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling TcpProxy object for egress HTTPS filter chain")
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling TcpProxy object for egress HTTPS filter chain")
return nil, err
}
tcpProxyFilter := &xds_listener.Filter{
Expand All @@ -259,7 +265,8 @@ func (lb *listenerBuilder) getOutboundHTTPFilter(routeConfigName string) (*xds_l
marshalledFilter, err = ptypes.MarshalAny(
getHTTPConnectionManager(routeConfigName, lb.cfg, lb.statsHeaders, outbound))
if err != nil {
log.Error().Err(err).Msgf("Error marshalling HTTP connection manager object")
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling HTTP connection manager object")
return nil, err
}

Expand All @@ -282,13 +289,15 @@ func (lb *listenerBuilder) getOutboundFilterChainMatchForService(dstSvc service.

endpoints, err := lb.meshCatalog.GetResolvableServiceEndpoints(dstSvc)
if err != nil {
log.Error().Err(err).Msgf("Error getting GetResolvableServiceEndpoints for %q", dstSvc)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingResolvableServiceEndpoints.String()).
Msgf("Error getting GetResolvableServiceEndpoints for %q", dstSvc)
return nil, err
}

if len(endpoints) == 0 {
err := errors.Errorf("Endpoints not found for service %q", dstSvc)
log.Error().Err(err).Msgf("Error constructing HTTP filter chain match for service %q", dstSvc)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrEndpointsNotFound.String()).
Msgf("Error constructing HTTP filter chain match for service %q", dstSvc)
return nil, err
}

Expand Down Expand Up @@ -391,7 +400,8 @@ func (lb *listenerBuilder) getOutboundTCPFilter(upstream service.MeshService) (*

marshalledTCPProxy, err := ptypes.MarshalAny(tcpProxy)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling TcpProxy object needed by outbound TCP filter for upstream service %s", upstream)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling TcpProxy object needed by outbound TCP filter for upstream service %s", upstream)
return nil, err
}

Expand All @@ -416,7 +426,8 @@ func (lb *listenerBuilder) getOutboundFilterChainPerUpstream() []*xds_listener.F
log.Trace().Msgf("Building outbound filter chain for upstream service %s for proxy with identity %s", upstreamSvc, lb.serviceIdentity)
protocolToPortMap, err := lb.meshCatalog.GetPortToProtocolMappingForService(upstreamSvc)
if err != nil {
log.Error().Err(err).Msgf("Error retrieving port to protocol mapping for upstream service %s", upstreamSvc)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServicePorts.String()).
Msgf("Error retrieving port to protocol mapping for upstream service %s", upstreamSvc)
continue
}

Expand Down
7 changes: 5 additions & 2 deletions pkg/envoy/lds/listener.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (

"github.com/openservicemesh/osm/pkg/constants"
"github.com/openservicemesh/osm/pkg/envoy"
"github.com/openservicemesh/osm/pkg/errcode"
"github.com/openservicemesh/osm/pkg/trafficpolicy"
)

Expand Down Expand Up @@ -125,7 +126,8 @@ func newInboundListener() *xds_listener.Listener {
func buildPrometheusListener(connManager *xds_hcm.HttpConnectionManager) (*xds_listener.Listener, error) {
marshalledConnManager, err := ptypes.MarshalAny(connManager)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling HttpConnectionManager object")
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling HttpConnectionManager object")
return nil, err
}

Expand Down Expand Up @@ -157,7 +159,8 @@ func getDefaultPassthroughFilterChain() (*xds_listener.FilterChain, error) {
}
marshalledTCPProxy, err := ptypes.MarshalAny(tcpProxy)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling TcpProxy object for egress HTTPS filter chain")
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling TcpProxy object for egress HTTPS filter chain")
return nil, err
}

Expand Down
10 changes: 7 additions & 3 deletions pkg/envoy/lds/rbac.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"github.com/golang/protobuf/ptypes"

"github.com/openservicemesh/osm/pkg/envoy/rbac"
"github.com/openservicemesh/osm/pkg/errcode"
"github.com/openservicemesh/osm/pkg/identity"
"github.com/openservicemesh/osm/pkg/trafficpolicy"
)
Expand All @@ -25,7 +26,8 @@ func (lb *listenerBuilder) buildRBACFilter() (*xds_listener.Filter, error) {

marshalledNetworkRBACPolicy, err := ptypes.MarshalAny(networkRBACPolicy)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling RBAC policy: %v", networkRBACPolicy)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling RBAC policy: %v", networkRBACPolicy)
return nil, err
}

Expand All @@ -42,15 +44,17 @@ func (lb *listenerBuilder) buildInboundRBACPolicies() (*xds_network_rbac.RBAC, e
proxyIdentity := identity.ServiceIdentity(lb.serviceIdentity.String())
trafficTargets, err := lb.meshCatalog.ListInboundTrafficTargetsWithRoutes(lb.serviceIdentity)
if err != nil {
log.Error().Err(err).Msgf("Error listing allowed inbound traffic targets for proxy identity %s", proxyIdentity)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingInboundTrafficTargets.String()).
Msgf("Error listing allowed inbound traffic targets for proxy identity %s", proxyIdentity)
return nil, err
}

rbacPolicies := make(map[string]*xds_rbac.Policy)
// Build an RBAC policies based on SMI TrafficTarget policies
for _, targetPolicy := range trafficTargets {
if policy, err := buildRBACPolicyFromTrafficTarget(targetPolicy); err != nil {
log.Error().Err(err).Msgf("Error building RBAC policy for proxy identity %s from TrafficTarget %s", proxyIdentity, targetPolicy.Name)
log.Error().Err(err).Str(errcode.Kind, errcode.ErrBuildingRBACPolicy.String()).
Msgf("Error building RBAC policy for proxy identity %s from TrafficTarget %s", proxyIdentity, targetPolicy.Name)
} else {
rbacPolicies[targetPolicy.Name] = policy
}
Expand Down
6 changes: 4 additions & 2 deletions pkg/envoy/lds/response.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"github.com/openservicemesh/osm/pkg/configurator"
"github.com/openservicemesh/osm/pkg/envoy"
"github.com/openservicemesh/osm/pkg/envoy/registry"
"github.com/openservicemesh/osm/pkg/errcode"
"github.com/openservicemesh/osm/pkg/identity"
)

Expand All @@ -20,7 +21,8 @@ import (
func NewResponse(meshCatalog catalog.MeshCataloger, proxy *envoy.Proxy, _ *xds_discovery.DiscoveryRequest, cfg configurator.Configurator, _ certificate.Manager, proxyRegistry *registry.ProxyRegistry) ([]types.Resource, error) {
proxyIdentity, err := envoy.GetServiceIdentityFromProxyCertificate(proxy.GetCertificateCommonName())
if err != nil {
log.Error().Err(err).Msgf("Error retrieving ServiceAccount for proxy %s", proxy.String())
log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServiceIdentity.String()).
Msgf("Error retrieving ServiceAccount for proxy %s", proxy.String())
return nil, err
}

Expand Down Expand Up @@ -56,7 +58,7 @@ func NewResponse(meshCatalog catalog.MeshCataloger, proxy *envoy.Proxy, _ *xds_d

svcList, err := proxyRegistry.ListProxyServices(proxy)
if err != nil {
log.Error().Err(err).Msgf("Error looking up MeshService for proxy %s", proxy.String())
log.Error().Err(err).Str(errcode.Kind, errcode.ErrFetchingServiceList.String()).Msgf("Error looking up MeshService for proxy %s", proxy.String())
return nil, err
}
// Create inbound filter chains per service behind proxy
Expand Down
4 changes: 3 additions & 1 deletion pkg/envoy/lds/tracing.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (

"github.com/openservicemesh/osm/pkg/configurator"
"github.com/openservicemesh/osm/pkg/constants"
"github.com/openservicemesh/osm/pkg/errcode"
)

// GetTracingConfig returns a configuration tracing struct for a connection manager to use
Expand All @@ -19,7 +20,8 @@ func GetTracingConfig(cfg configurator.Configurator) (*xds_hcm.HttpConnectionMan

zipkinConfMarshalled, err := ptypes.MarshalAny(zipkinTracingConf)
if err != nil {
log.Error().Err(err).Msgf("Error marshalling Zipkin config")
log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()).
Msgf("Error marshalling Zipkin config")
return nil, err
}

Expand Down
Loading

0 comments on commit a371a6f

Please sign in to comment.