Skip to content

Commit 45651cb

Browse files
salonichf5salonichf5
committed
modify listener isolation rules
1 parent a4ae0c3 commit 45651cb

File tree

2 files changed

+428
-112
lines changed

2 files changed

+428
-112
lines changed

internal/mode/static/state/graph/route_common.go

Lines changed: 42 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -342,7 +342,8 @@ func bindRoutesToListeners(
342342
routes = append(routes, r)
343343
}
344344

345-
isolateL7RouteListeners(routes, gw.Listeners)
345+
listenerMap := getListenerHostPortMap(gw.Listeners)
346+
isolateL7RouteListeners(routes, listenerMap)
346347

347348
l4RouteSlice := make([]*L4Route, 0, len(l4Routes))
348349
for _, r := range l4Routes {
@@ -361,53 +362,73 @@ func bindRoutesToListeners(
361362
bindL4RouteToListeners(r, gw, namespaces, portHostnamesMap)
362363
}
363364

364-
isolateL4RouteListeners(l4RouteSlice, gw.Listeners)
365+
isolateL4RouteListeners(l4RouteSlice, listenerMap)
365366
}
366367

367-
// isolateL7RouteListeners ensures listener isolation for all L7Routes.
368-
func isolateL7RouteListeners(routes []*L7Route, listeners []*Listener) {
369-
listenerHostnameMap := make(map[string]string, len(listeners))
368+
type hostPort struct {
369+
hostname string
370+
port v1.PortNumber
371+
}
372+
373+
func getListenerHostPortMap(listeners []*Listener) map[string]hostPort {
374+
listenerHostPortMap := make(map[string]hostPort, len(listeners))
370375
for _, l := range listeners {
371-
listenerHostnameMap[l.Name] = getHostname(l.Source.Hostname)
376+
listenerHostPortMap[l.Name] = hostPort{
377+
hostname: getHostname(l.Source.Hostname),
378+
port: l.Source.Port,
379+
}
372380
}
381+
return listenerHostPortMap
382+
}
373383

384+
// isolateL7RouteListeners ensures listener isolation for all L7Routes.
385+
func isolateL7RouteListeners(routes []*L7Route, listenerHostPortMap map[string]hostPort) {
374386
for _, route := range routes {
375-
isolateHostnamesForParentRefs(route.ParentRefs, listenerHostnameMap)
387+
isolateHostnamesForParentRefs(route.ParentRefs, listenerHostPortMap, false)
376388
}
377389
}
378390

379391
// isolateL4RouteListeners ensures listener isolation for all L4Routes.
380-
func isolateL4RouteListeners(routes []*L4Route, listeners []*Listener) {
381-
listenerHostnameMap := make(map[string]string, len(listeners))
382-
for _, l := range listeners {
383-
listenerHostnameMap[l.Name] = getHostname(l.Source.Hostname)
384-
}
385-
392+
func isolateL4RouteListeners(routes []*L4Route, listenerHostPortMap map[string]hostPort) {
386393
for _, route := range routes {
387-
isolateHostnamesForParentRefs(route.ParentRefs, listenerHostnameMap)
394+
isolateHostnamesForParentRefs(route.ParentRefs, listenerHostPortMap, true)
388395
}
389396
}
390397

391398
// isolateHostnamesForParentRefs iterates through the parentRefs of a route to identify the list of accepted hostnames
392-
// for each listener. If any accepted hostname belongs to another listener,
399+
// for each listener. If any accepted hostname belongs to another listener with the same port, then
393400
// it removes those hostnames to ensure listener isolation.
394-
func isolateHostnamesForParentRefs(parentRef []ParentRef, listenerHostnameMap map[string]string) {
401+
func isolateHostnamesForParentRefs(parentRef []ParentRef, listenerHostnameMap map[string]hostPort, isL4Route bool) {
395402
for _, ref := range parentRef {
396-
acceptedHostnames := ref.Attachment.AcceptedHostnames
403+
// when sectionName is nil we allow all listeners to attach to the route
404+
if ref.SectionName == nil {
405+
continue
406+
}
397407

408+
acceptedHostnames := ref.Attachment.AcceptedHostnames
398409
hostnamesToRemoves := make(map[string]struct{})
399410
for listenerName, hostnames := range acceptedHostnames {
400411
if len(hostnames) == 0 {
401412
continue
402413
}
403414
for _, h := range hostnames {
404-
for lName, lHostname := range listenerHostnameMap {
415+
for lName, lHostPort := range listenerHostnameMap {
405416
// skip comparison if it is a catch all listener block
406-
if lHostname == "" {
417+
if lHostPort.hostname == "" {
407418
continue
408419
}
409-
if h == lHostname && listenerName != lName {
410-
hostnamesToRemoves[h] = struct{}{}
420+
421+
// for L4Routes, we only compare the hostname and listener name combination
422+
// because we do not allow l4Routes to attach to the same listener
423+
// if they share the same port and hostname.
424+
if isL4Route {
425+
if h == lHostPort.hostname && listenerName != lName {
426+
hostnamesToRemoves[h] = struct{}{}
427+
}
428+
} else {
429+
if h == lHostPort.hostname && listenerName != lName && lHostPort.port == ref.Attachment.ListenerPort {
430+
hostnamesToRemoves[h] = struct{}{}
431+
}
411432
}
412433
}
413434
}

0 commit comments

Comments
 (0)