From a371a6fe982fc49842223bfa298590decc03a297 Mon Sep 17 00:00:00 2001 From: jaellio Date: Fri, 9 Jul 2021 10:03:44 -0700 Subject: [PATCH] pkg/envoy/lds: add error codes Adds error codes for errors related to Envoy LDS. Part of #2866 Signed-off-by: jaellio --- pkg/envoy/lds/auth.go | 4 +- pkg/envoy/lds/connection_manager.go | 7 ++- pkg/envoy/lds/egress.go | 7 ++- pkg/envoy/lds/gateway.go | 4 +- pkg/envoy/lds/ingress.go | 15 ++++-- pkg/envoy/lds/inmesh.go | 31 +++++++++---- pkg/envoy/lds/listener.go | 7 ++- pkg/envoy/lds/rbac.go | 10 ++-- pkg/envoy/lds/response.go | 6 ++- pkg/envoy/lds/tracing.go | 4 +- pkg/errcode/errcode.go | 72 +++++++++++++++++++++++++---- 11 files changed, 130 insertions(+), 37 deletions(-) diff --git a/pkg/envoy/lds/auth.go b/pkg/envoy/lds/auth.go index c82c99d941..2d41dd39a2 100644 --- a/pkg/envoy/lds/auth.go +++ b/pkg/envoy/lds/auth.go @@ -10,6 +10,7 @@ import ( "github.com/golang/protobuf/ptypes" "github.com/openservicemesh/osm/pkg/auth" + "github.com/openservicemesh/osm/pkg/errcode" ) // getExtAuthzHTTPFilter returns an envoy HttpFilter given an ExternAuthConfig configuration @@ -38,7 +39,8 @@ func getExtAuthzHTTPFilter(extAuthConfig auth.ExtAuthConfig) *xds_hcm.HttpFilter extAuthMarshalled, err := ptypes.MarshalAny(extAuth) if err != nil { - log.Error().Err(err).Msg("Failed to marshal External Authorization config") + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msg("Failed to marshal External Authorization config") } return &xds_hcm.HttpFilter{ diff --git a/pkg/envoy/lds/connection_manager.go b/pkg/envoy/lds/connection_manager.go index 738119ad20..8ec5d59449 100644 --- a/pkg/envoy/lds/connection_manager.go +++ b/pkg/envoy/lds/connection_manager.go @@ -14,6 +14,7 @@ import ( "github.com/openservicemesh/osm/pkg/configurator" "github.com/openservicemesh/osm/pkg/constants" "github.com/openservicemesh/osm/pkg/envoy" + "github.com/openservicemesh/osm/pkg/errcode" ) // trafficDirection defines, for filter terms, the direction of the traffic from an application @@ -79,13 +80,15 @@ func getHTTPConnectionManager(routeName string, cfg configurator.Configurator, h if cfg.GetFeatureFlags().EnableWASMStats { statsFilter, err := getStatsWASMFilter() if err != nil { - log.Error().Err(err).Msg("failed to get stats WASM filter") + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingWASMFilter.String()). + Msg("failed to get stats WASM filter") return connManager } headerFilter, err := getAddHeadersFilter(headers) if err != nil { - log.Error().Err(err).Msg("Could not get Lua filter definition") + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingLuaFilter.String()). + Msg("Could not get Lua filter definition") return connManager } diff --git a/pkg/envoy/lds/egress.go b/pkg/envoy/lds/egress.go index c77e9a197b..7b5410a492 100644 --- a/pkg/envoy/lds/egress.go +++ b/pkg/envoy/lds/egress.go @@ -13,6 +13,7 @@ import ( "github.com/openservicemesh/osm/pkg/constants" "github.com/openservicemesh/osm/pkg/envoy/rds/route" + "github.com/openservicemesh/osm/pkg/errcode" "github.com/openservicemesh/osm/pkg/trafficpolicy" ) @@ -84,7 +85,8 @@ func (lb *listenerBuilder) getEgressTCPFilterChain(match trafficpolicy.TrafficMa marshalledTCPProxy, err := ptypes.MarshalAny(tcpProxy) if err != nil { - log.Error().Err(err).Msgf("Error marshalling TcpProxy for TrafficMatch %v", match) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling TcpProxy for TrafficMatch %v", match) return nil, err } @@ -97,7 +99,8 @@ func (lb *listenerBuilder) getEgressTCPFilterChain(match trafficpolicy.TrafficMa for _, ipRange := range match.DestinationIPRanges { ip, ipNet, err := net.ParseCIDR(ipRange) if err != nil { - log.Error().Err(err).Msgf("Error parsing IP range %s while building TCP filter chain for match %v, skipping", ipRange, match) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrInvalidEgressIPRange.String()). + Msgf("Error parsing IP range %s while building TCP filter chain for match %v, skipping", ipRange, match) continue } diff --git a/pkg/envoy/lds/gateway.go b/pkg/envoy/lds/gateway.go index 381b34308b..190a00eb52 100644 --- a/pkg/envoy/lds/gateway.go +++ b/pkg/envoy/lds/gateway.go @@ -10,6 +10,7 @@ import ( "github.com/openservicemesh/osm/pkg/constants" "github.com/openservicemesh/osm/pkg/envoy" + "github.com/openservicemesh/osm/pkg/errcode" "github.com/openservicemesh/osm/pkg/service" ) @@ -51,7 +52,8 @@ func (lb *listenerBuilder) getMultiClusterGatewayFilterChainPerUpstream() []*xds log.Trace().Msgf("Building outbound filter chain for upstream service %s for proxy with identity %s", upstream, lb.serviceIdentity) protocolToPortMap, err := lb.meshCatalog.GetPortToProtocolMappingForService(upstream) if err != nil { - log.Error().Err(err).Msgf("Error retrieving port to protocol mapping for upstream service %s", upstream) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServicePorts.String()). + Msgf("Error retrieving port to protocol mapping for upstream service %s", upstream) continue } diff --git a/pkg/envoy/lds/ingress.go b/pkg/envoy/lds/ingress.go index d70c9f015a..9b01b0b101 100644 --- a/pkg/envoy/lds/ingress.go +++ b/pkg/envoy/lds/ingress.go @@ -14,6 +14,7 @@ import ( "github.com/openservicemesh/osm/pkg/constants" "github.com/openservicemesh/osm/pkg/envoy" "github.com/openservicemesh/osm/pkg/envoy/rds/route" + "github.com/openservicemesh/osm/pkg/errcode" "github.com/openservicemesh/osm/pkg/service" ) @@ -35,14 +36,16 @@ func getIngressTransportProtocol(forHTTPS bool) string { func (lb *listenerBuilder) newIngressHTTPFilterChain(cfg configurator.Configurator, svc service.MeshService, svcPort uint32) *xds_listener.FilterChain { marshalledDownstreamTLSContext, err := ptypes.MarshalAny(envoy.GetDownstreamTLSContext(lb.serviceIdentity, false /* TLS */)) if err != nil { - log.Error().Err(err).Msgf("Error marshalling DownstreamTLSContext object for proxy %s", svc) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling DownstreamTLSContext object for proxy %s", svc) return nil } ingressConnManager := getHTTPConnectionManager(route.IngressRouteConfigName, cfg, nil, inbound) marshalledIngressConnManager, err := ptypes.MarshalAny(ingressConnManager) if err != nil { - log.Error().Err(err).Msgf("Error marshalling ingress HttpConnectionManager object for proxy %s", svc) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling ingress HttpConnectionManager object for proxy %s", svc) return nil } @@ -71,7 +74,8 @@ func (lb *listenerBuilder) getIngressFilterChains(svc service.MeshService) []*xd protocolToPortMap, err := lb.meshCatalog.GetTargetPortToProtocolMappingForService(svc) if err != nil { - log.Error().Err(err).Msgf("Error retrieving port to protocol mapping for service %s", svc) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServicePorts.String()). + Msgf("Error retrieving port to protocol mapping for service %s", svc) return ingressFilterChains } @@ -94,8 +98,9 @@ func (lb *listenerBuilder) getIngressFilterChains(svc service.MeshService) []*xd ingressFilterChains = append(ingressFilterChains, ingressFilterChainWithoutSNI) default: - log.Error().Msgf("Cannot build ingress filter chain. Protocol %s is not supported for service %s on port %d", - appProtocol, svc, port) + log.Error().Str(errcode.Kind, errcode.ErrUnsupportedProtocolForIngress.String()). + Msgf("Cannot build ingress filter chain. Protocol %s is not supported for service %s on port %d", + appProtocol, svc, port) } } diff --git a/pkg/envoy/lds/inmesh.go b/pkg/envoy/lds/inmesh.go index aebdfcf504..5f74bba685 100644 --- a/pkg/envoy/lds/inmesh.go +++ b/pkg/envoy/lds/inmesh.go @@ -18,6 +18,7 @@ import ( "github.com/openservicemesh/osm/pkg/constants" "github.com/openservicemesh/osm/pkg/envoy" "github.com/openservicemesh/osm/pkg/envoy/rds/route" + "github.com/openservicemesh/osm/pkg/errcode" "github.com/openservicemesh/osm/pkg/service" ) @@ -35,7 +36,8 @@ func (lb *listenerBuilder) getInboundMeshFilterChains(proxyService service.MeshS protocolToPortMap, err := lb.meshCatalog.GetTargetPortToProtocolMappingForService(proxyService) if err != nil { - log.Error().Err(err).Msgf("Error retrieving port to protocol mapping for service %s", proxyService) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServicePorts.String()). + Msgf("Error retrieving port to protocol mapping for service %s", proxyService) return filterChains } @@ -86,7 +88,8 @@ func (lb *listenerBuilder) getInboundHTTPFilters(proxyService service.MeshServic inboundConnManager := getHTTPConnectionManager(route.InboundRouteConfigName, lb.cfg, lb.statsHeaders, inbound) marshalledInboundConnManager, err := ptypes.MarshalAny(inboundConnManager) if err != nil { - log.Error().Err(err).Msgf("Error marshalling inbound HttpConnectionManager for proxy service %s", proxyService) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling inbound HttpConnectionManager for proxy service %s", proxyService) return nil, err } httpConnectionManagerFilter := &xds_listener.Filter{ @@ -111,7 +114,8 @@ func (lb *listenerBuilder) getInboundMeshHTTPFilterChain(proxyService service.Me // Construct downstream TLS context marshalledDownstreamTLSContext, err := ptypes.MarshalAny(envoy.GetDownstreamTLSContext(lb.serviceIdentity, true /* mTLS */)) if err != nil { - log.Error().Err(err).Msgf("Error marshalling DownstreamTLSContext for proxy service %s", proxyService) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling DownstreamTLSContext for proxy service %s", proxyService) return nil, err } @@ -172,7 +176,8 @@ func (lb *listenerBuilder) getInboundMeshTCPFilterChain(proxyService service.Mes // Construct downstream TLS context marshalledDownstreamTLSContext, err := ptypes.MarshalAny(envoy.GetDownstreamTLSContext(lb.serviceIdentity, true /* mTLS */)) if err != nil { - log.Error().Err(err).Msgf("Error marshalling DownstreamTLSContext for proxy service %s", proxyService) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling DownstreamTLSContext for proxy service %s", proxyService) return nil, err } @@ -239,7 +244,8 @@ func (lb *listenerBuilder) getInboundTCPFilters(proxyService service.MeshService } marshalledTCPProxy, err := ptypes.MarshalAny(tcpProxy) if err != nil { - log.Error().Err(err).Msgf("Error marshalling TcpProxy object for egress HTTPS filter chain") + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling TcpProxy object for egress HTTPS filter chain") return nil, err } tcpProxyFilter := &xds_listener.Filter{ @@ -259,7 +265,8 @@ func (lb *listenerBuilder) getOutboundHTTPFilter(routeConfigName string) (*xds_l marshalledFilter, err = ptypes.MarshalAny( getHTTPConnectionManager(routeConfigName, lb.cfg, lb.statsHeaders, outbound)) if err != nil { - log.Error().Err(err).Msgf("Error marshalling HTTP connection manager object") + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling HTTP connection manager object") return nil, err } @@ -282,13 +289,15 @@ func (lb *listenerBuilder) getOutboundFilterChainMatchForService(dstSvc service. endpoints, err := lb.meshCatalog.GetResolvableServiceEndpoints(dstSvc) if err != nil { - log.Error().Err(err).Msgf("Error getting GetResolvableServiceEndpoints for %q", dstSvc) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingResolvableServiceEndpoints.String()). + Msgf("Error getting GetResolvableServiceEndpoints for %q", dstSvc) return nil, err } if len(endpoints) == 0 { err := errors.Errorf("Endpoints not found for service %q", dstSvc) - log.Error().Err(err).Msgf("Error constructing HTTP filter chain match for service %q", dstSvc) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrEndpointsNotFound.String()). + Msgf("Error constructing HTTP filter chain match for service %q", dstSvc) return nil, err } @@ -391,7 +400,8 @@ func (lb *listenerBuilder) getOutboundTCPFilter(upstream service.MeshService) (* marshalledTCPProxy, err := ptypes.MarshalAny(tcpProxy) if err != nil { - log.Error().Err(err).Msgf("Error marshalling TcpProxy object needed by outbound TCP filter for upstream service %s", upstream) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling TcpProxy object needed by outbound TCP filter for upstream service %s", upstream) return nil, err } @@ -416,7 +426,8 @@ func (lb *listenerBuilder) getOutboundFilterChainPerUpstream() []*xds_listener.F log.Trace().Msgf("Building outbound filter chain for upstream service %s for proxy with identity %s", upstreamSvc, lb.serviceIdentity) protocolToPortMap, err := lb.meshCatalog.GetPortToProtocolMappingForService(upstreamSvc) if err != nil { - log.Error().Err(err).Msgf("Error retrieving port to protocol mapping for upstream service %s", upstreamSvc) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServicePorts.String()). + Msgf("Error retrieving port to protocol mapping for upstream service %s", upstreamSvc) continue } diff --git a/pkg/envoy/lds/listener.go b/pkg/envoy/lds/listener.go index 79d0397ba9..d8efc45fcd 100644 --- a/pkg/envoy/lds/listener.go +++ b/pkg/envoy/lds/listener.go @@ -14,6 +14,7 @@ import ( "github.com/openservicemesh/osm/pkg/constants" "github.com/openservicemesh/osm/pkg/envoy" + "github.com/openservicemesh/osm/pkg/errcode" "github.com/openservicemesh/osm/pkg/trafficpolicy" ) @@ -125,7 +126,8 @@ func newInboundListener() *xds_listener.Listener { func buildPrometheusListener(connManager *xds_hcm.HttpConnectionManager) (*xds_listener.Listener, error) { marshalledConnManager, err := ptypes.MarshalAny(connManager) if err != nil { - log.Error().Err(err).Msgf("Error marshalling HttpConnectionManager object") + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling HttpConnectionManager object") return nil, err } @@ -157,7 +159,8 @@ func getDefaultPassthroughFilterChain() (*xds_listener.FilterChain, error) { } marshalledTCPProxy, err := ptypes.MarshalAny(tcpProxy) if err != nil { - log.Error().Err(err).Msgf("Error marshalling TcpProxy object for egress HTTPS filter chain") + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling TcpProxy object for egress HTTPS filter chain") return nil, err } diff --git a/pkg/envoy/lds/rbac.go b/pkg/envoy/lds/rbac.go index 86a079dbda..dbcb107526 100644 --- a/pkg/envoy/lds/rbac.go +++ b/pkg/envoy/lds/rbac.go @@ -10,6 +10,7 @@ import ( "github.com/golang/protobuf/ptypes" "github.com/openservicemesh/osm/pkg/envoy/rbac" + "github.com/openservicemesh/osm/pkg/errcode" "github.com/openservicemesh/osm/pkg/identity" "github.com/openservicemesh/osm/pkg/trafficpolicy" ) @@ -25,7 +26,8 @@ func (lb *listenerBuilder) buildRBACFilter() (*xds_listener.Filter, error) { marshalledNetworkRBACPolicy, err := ptypes.MarshalAny(networkRBACPolicy) if err != nil { - log.Error().Err(err).Msgf("Error marshalling RBAC policy: %v", networkRBACPolicy) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling RBAC policy: %v", networkRBACPolicy) return nil, err } @@ -42,7 +44,8 @@ func (lb *listenerBuilder) buildInboundRBACPolicies() (*xds_network_rbac.RBAC, e proxyIdentity := identity.ServiceIdentity(lb.serviceIdentity.String()) trafficTargets, err := lb.meshCatalog.ListInboundTrafficTargetsWithRoutes(lb.serviceIdentity) if err != nil { - log.Error().Err(err).Msgf("Error listing allowed inbound traffic targets for proxy identity %s", proxyIdentity) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingInboundTrafficTargets.String()). + Msgf("Error listing allowed inbound traffic targets for proxy identity %s", proxyIdentity) return nil, err } @@ -50,7 +53,8 @@ func (lb *listenerBuilder) buildInboundRBACPolicies() (*xds_network_rbac.RBAC, e // Build an RBAC policies based on SMI TrafficTarget policies for _, targetPolicy := range trafficTargets { if policy, err := buildRBACPolicyFromTrafficTarget(targetPolicy); err != nil { - log.Error().Err(err).Msgf("Error building RBAC policy for proxy identity %s from TrafficTarget %s", proxyIdentity, targetPolicy.Name) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrBuildingRBACPolicy.String()). + Msgf("Error building RBAC policy for proxy identity %s from TrafficTarget %s", proxyIdentity, targetPolicy.Name) } else { rbacPolicies[targetPolicy.Name] = policy } diff --git a/pkg/envoy/lds/response.go b/pkg/envoy/lds/response.go index 50d6322d62..1ddcf87e84 100644 --- a/pkg/envoy/lds/response.go +++ b/pkg/envoy/lds/response.go @@ -9,6 +9,7 @@ import ( "github.com/openservicemesh/osm/pkg/configurator" "github.com/openservicemesh/osm/pkg/envoy" "github.com/openservicemesh/osm/pkg/envoy/registry" + "github.com/openservicemesh/osm/pkg/errcode" "github.com/openservicemesh/osm/pkg/identity" ) @@ -20,7 +21,8 @@ import ( func NewResponse(meshCatalog catalog.MeshCataloger, proxy *envoy.Proxy, _ *xds_discovery.DiscoveryRequest, cfg configurator.Configurator, _ certificate.Manager, proxyRegistry *registry.ProxyRegistry) ([]types.Resource, error) { proxyIdentity, err := envoy.GetServiceIdentityFromProxyCertificate(proxy.GetCertificateCommonName()) if err != nil { - log.Error().Err(err).Msgf("Error retrieving ServiceAccount for proxy %s", proxy.String()) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrGettingServiceIdentity.String()). + Msgf("Error retrieving ServiceAccount for proxy %s", proxy.String()) return nil, err } @@ -56,7 +58,7 @@ func NewResponse(meshCatalog catalog.MeshCataloger, proxy *envoy.Proxy, _ *xds_d svcList, err := proxyRegistry.ListProxyServices(proxy) if err != nil { - log.Error().Err(err).Msgf("Error looking up MeshService for proxy %s", proxy.String()) + log.Error().Err(err).Str(errcode.Kind, errcode.ErrFetchingServiceList.String()).Msgf("Error looking up MeshService for proxy %s", proxy.String()) return nil, err } // Create inbound filter chains per service behind proxy diff --git a/pkg/envoy/lds/tracing.go b/pkg/envoy/lds/tracing.go index 920abce281..b9e187fe85 100644 --- a/pkg/envoy/lds/tracing.go +++ b/pkg/envoy/lds/tracing.go @@ -7,6 +7,7 @@ import ( "github.com/openservicemesh/osm/pkg/configurator" "github.com/openservicemesh/osm/pkg/constants" + "github.com/openservicemesh/osm/pkg/errcode" ) // GetTracingConfig returns a configuration tracing struct for a connection manager to use @@ -19,7 +20,8 @@ func GetTracingConfig(cfg configurator.Configurator) (*xds_hcm.HttpConnectionMan zipkinConfMarshalled, err := ptypes.MarshalAny(zipkinTracingConf) if err != nil { - log.Error().Err(err).Msgf("Error marshalling Zipkin config") + log.Error().Err(err).Str(errcode.Kind, errcode.ErrMarshallingXDSResource.String()). + Msgf("Error marshalling Zipkin config") return nil, err } diff --git a/pkg/errcode/errcode.go b/pkg/errcode/errcode.go index 6451ae641c..c0fc394421 100644 --- a/pkg/errcode/errcode.go +++ b/pkg/errcode/errcode.go @@ -71,6 +71,10 @@ const ( // ErrFetchingServiceForTrafficTargetDestination indicates an error retrieving services associated with a TrafficTarget destination ErrFetchingServiceForTrafficTargetDestination + + // ErrGettingInboundTrafficTargets indicates the inbound traffic targets composed of its routes for a given + // desitination ServiceIdentity could not be obtained + ErrGettingInboundTrafficTargets ) // Range 3000-3500 is reserved for errors related to k8s constructs (service accounts, namespaces, etc.) @@ -80,6 +84,15 @@ const ( // ErrNoMatchingServiceForServiceAccount indicates there are no services associated with the service account ErrNoMatchingServiceForServiceAccount + + // ErrGettingResolvableServiceEndpoints indicates the resolvable set of endpoints over which the service is accessible using its FQDN cannot be obtained + ErrGettingResolvableServiceEndpoints + + // ErrEndpointsNotFound indicates resolvable service endpoints could not be found + ErrEndpointsNotFound + + // ErrGettingServicePorts indicates the mapping of a service's ports to their corresponding application protocol could not be obtained + ErrGettingServicePorts ) // Range 4000-4100 reserved for errors related to certificate providers @@ -219,9 +232,6 @@ const ( // ErrParsingDiscoveryReqVersion indicates the discovery request response version could not be parsed ErrParsingDiscoveryReqVersion - // ErrGettingServicePorts indicates the mapping of a service's ports to their corresponding application protocol could not be obtained - ErrGettingServicePorts - // ErrGettingOrgDstEgressCluster indicates that an Envoy egress cluster that routes traffic to its original destination could not be configured ErrGettingOrgDstEgressCluster @@ -239,6 +249,18 @@ const ( // ErrDuplicateluster indicates Envoy clusters with the same name were found ErrDuplicateClusters + + // ErrUnsupportedProtocolForIngress indicates a port's corresponding application protocol is not supported + ErrUnsupportedProtocolForIngress + + // ErrBuildingRBACPolicy indicates the XDS RBAC policy could not be created from a given traffic target policy + ErrBuildingRBACPolicy + + // ErrGettingLuaFilter indicates the Lua XDS HttpFilter could not be configured + ErrGettingLuaFilter + + // ErrGettingWASMFilter indicates the WASM XDS HttpFilter could not be configured + ErrGettingWASMFilter ) // String returns the error code as a string, ex. E1000 @@ -355,6 +377,11 @@ The associated route was ignored by the system. The system was unable to lookup the services associated with the destination specified in the SMI TrafficTarget policy. The associated SMI TrafficTarget policy was ignored by the system. +`, + + ErrGettingInboundTrafficTargets: ` +The inbound TrafficTargets composed of their routes for a given destination +ServiceIdentity could not be configured. `, // @@ -371,6 +398,20 @@ service was found. A service matches a service account if the pods backing the s belong to the service account. `, + ErrGettingResolvableServiceEndpoints: ` +The expexted endpoints that are reached when the service's FQDN is resolved could not be +retrieved by the system. +`, + + ErrGettingServicePorts: ` +The mapping of ports the application is exposing a service on to their corresponding +application protocol could not be obtained for a specified service. +`, + + // ErrEndpointsNotFound indicates resolvable service endpoints could not be found + ErrEndpointsNotFound: ` +The system found 0 endpoints to be reached when the service's FQDN was resolved. +`, // // Range 4000-4100 // @@ -561,11 +602,6 @@ The TypeURL of the resource being requested in the DiscoveryRequest is invalid. ErrParsingDiscoveryReqVersion: ` The version of the DiscoveryRequest could not be parsed by ADS. -`, - - ErrGettingServicePorts: ` -The mapping of ports the application is exposing a service on to their corresponding -application protocol could not be obtained for a specified service. `, ErrGettingOrgDstEgressCluster: ` @@ -595,5 +631,25 @@ An Envoy cluster for a local service behind an Envoy proxy could not be configur ErrDuplicateClusters: ` Multiple Envoy clusters with the same name were configured. The duplicate clusters will not be sent to the Envoy proxy in a ClusterDiscovery response. +`, + + ErrUnsupportedProtocolForIngress: ` +The application protocol specified for a port is not supported for ingress +traffic. The XDS filter chain for ingress traffic to the port is not created. +`, + + ErrBuildingRBACPolicy: ` +A XDS RBAC policy could not be generated from the specified traffic target +policy. +`, + + // ErrGettingLuaFilter indicates the Lua XDS HttpFilter could not be configured + ErrGettingLuaFilter: ` +The Lua XDS HttpFilter could not be configured. +`, + + // ErrGettingWASMFilter indicates the WASM XDS HttpFilter could not be configured + ErrGettingWASMFilter: ` +The WASM XDS HttpFilter could not be configured. `, }