Skip to content

Commit c79cf0d

Browse files
sshversshver
authored
Adding Envoy Variable for using dualstack endpoints and enabling admin access for IPv6 (#579)
1 parent ebe03ff commit c79cf0d

File tree

10 files changed

+350
-0
lines changed

10 files changed

+350
-0
lines changed

config/helm/appmesh-controller/templates/deployment.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,8 @@ spec:
6868
- --readiness-probe-period={{ .Values.sidecar.probes.readinessProbePeriod }}
6969
- --envoy-admin-access-port={{ .Values.sidecar.envoyAdminAccessPort }}
7070
- --envoy-admin-access-log-file={{ .Values.sidecar.envoyAdminAccessLogFile }}
71+
- --envoy-admin-access-enable-ipv6={{ .Values.sidecar.envoyAdminAccessEnableIPv6 }}
72+
- --dual-stack-endpoint={{ .Values.sidecar.useDualStackEndpoint }}
7173
- --preview={{ .Values.preview }}
7274
- --enable-sds={{ .Values.sds.enabled }}
7375
- --sds-uds-path={{ .Values.sds.udsPath }}

config/helm/appmesh-controller/test.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,8 @@ sidecar:
2121
logLevel: info
2222
envoyAdminAccessPort: 9901
2323
envoyAdminAccessLogFile: /tmp/envoy_admin_access.log
24+
envoyAdminAccessEnableIPv6: false
25+
useDualStackEndpoint: false
2426
resources:
2527
# sidecar.resources.requests: Envoy CPU and memory requests
2628
requests:

config/helm/appmesh-controller/values.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,8 @@ sidecar:
2121
logLevel: info
2222
envoyAdminAccessPort: 9901
2323
envoyAdminAccessLogFile: /tmp/envoy_admin_access.log
24+
envoyAdminAccessEnableIPv6: false
25+
useDualStackEndpoint: false
2426
resources:
2527
# sidecar.resources.requests: Envoy CPU and memory requests
2628
requests:

pkg/inject/config.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,8 @@ const (
2424
flagReadinessProbePeriod = "readiness-probe-period"
2525
flagEnvoyAdminAccessPort = "envoy-admin-access-port"
2626
flagEnvoyAdminAccessLogFile = "envoy-admin-access-log-file"
27+
flagEnvoyAdminAccessEnableIpv6 = "envoy-admin-access-enable-ipv6"
28+
flagDualStackEndpoint = "dual-stack-endpoint"
2729

2830
flagInitImage = "init-image"
2931
flagIgnoredIPs = "ignored-ips"
@@ -73,6 +75,8 @@ type Config struct {
7375
ReadinessProbePeriod int32
7476
EnvoyAdminAcessPort int32
7577
EnvoyAdminAccessLogFile string
78+
DualStackEndpoint bool
79+
EnvoyAdminAccessEnableIPv6 bool
7680

7781
// Init container settings
7882
InitImage string
@@ -181,6 +185,8 @@ func (cfg *Config) BindFlags(fs *pflag.FlagSet) {
181185
"DogStatsD Agent tracing port")
182186
fs.StringVar(&cfg.StatsDSocketPath, flagStatsDSocketPath, "",
183187
"DogStatsD Agent unix domain socket")
188+
fs.BoolVar(&cfg.DualStackEndpoint, flagDualStackEndpoint, false, "Use DualStack Endpoint")
189+
fs.BoolVar(&cfg.DualStackEndpoint, flagEnvoyAdminAccessEnableIpv6, false, "Enable Admin access when using IPv6")
184190
fs.StringVar(&cfg.ClusterName, flagClusterName, "", "ClusterName in context")
185191
}
186192

pkg/inject/envoy.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,8 @@ type envoyMutatorConfig struct {
4646
statsDSocketPath string
4747
controllerVersion string
4848
k8sVersion string
49+
useDualStackEndpoint bool
50+
enableAdminAccessIPv6 bool
4951
}
5052

5153
func newEnvoyMutator(mutatorConfig envoyMutatorConfig, ms *appmesh.Mesh, vn *appmesh.VirtualNode) *envoyMutator {
@@ -113,6 +115,7 @@ func (m *envoyMutator) buildTemplateVariables(pod *corev1.Pod) EnvoyTemplateVari
113115
meshName := m.getAugmentedMeshName()
114116
virtualNodeName := aws.StringValue(m.vn.Spec.AWSName)
115117
preview := m.getPreview(pod)
118+
useDualStackEndpoint := m.getUseDualStackEndpoint(m.mutatorConfig.useDualStackEndpoint)
116119
sdsEnabled := m.mutatorConfig.enableSDS
117120
if m.mutatorConfig.enableSDS && isSDSDisabled(pod) {
118121
sdsEnabled = false
@@ -146,6 +149,8 @@ func (m *envoyMutator) buildTemplateVariables(pod *corev1.Pod) EnvoyTemplateVari
146149
StatsDSocketPath: m.mutatorConfig.statsDSocketPath,
147150
ControllerVersion: m.mutatorConfig.controllerVersion,
148151
K8sVersion: m.mutatorConfig.k8sVersion,
152+
UseDualStackEndpoint: useDualStackEndpoint,
153+
EnableAdminAccessForIpv6: m.mutatorConfig.enableAdminAccessIPv6,
149154
}
150155
}
151156

@@ -246,3 +251,11 @@ func (m *envoyMutator) getVolumeMounts(pod *corev1.Pod) (map[string]string, erro
246251
}
247252
return volumeMounts, nil
248253
}
254+
255+
func (m *envoyMutator) getUseDualStackEndpoint(useDualStackEndpoint bool) string {
256+
if useDualStackEndpoint {
257+
return "1"
258+
} else {
259+
return "0"
260+
}
261+
}

0 commit comments

Comments
 (0)