diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json index 1cfbb327fe..c696b07001 100644 --- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json +++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json @@ -386,6 +386,7 @@ "connectTimeout": "10s", "dnsLookupFamily": "V4_PREFERRED", "dnsRefreshRate": "30s", + "ignoreHealthOnHostRemoval": true, "lbPolicy": "LEAST_REQUEST", "loadAssignment": { "clusterName": "raw_githubusercontent_com_443", diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml index afddaa3f01..7c62e33666 100644 --- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml +++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml @@ -218,6 +218,7 @@ xds: connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: raw_githubusercontent_com_443 diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.cluster.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.cluster.yaml index a00e442729..09a796c66b 100644 --- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.cluster.yaml +++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.cluster.yaml @@ -44,6 +44,7 @@ xds: connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: raw_githubusercontent_com_443 diff --git a/internal/xds/translator/cluster.go b/internal/xds/translator/cluster.go index 5b24c996bb..3d32977dee 100644 --- a/internal/xds/translator/cluster.go +++ b/internal/xds/translator/cluster.go @@ -150,6 +150,9 @@ func buildXdsCluster(args *xdsClusterArgs) (*buildClusterResult, error) { CommonLbConfig: &clusterv3.Cluster_CommonLbConfig{}, PerConnectionBufferLimitBytes: buildBackandConnectionBufferLimitBytes(args.backendConnection), Metadata: buildXdsMetadata(args.metadata), + // Dont wait for a health check to determine health and remove these endpoints + // if the endpoint has been removed via EDS by the control plane or removed from DNS query results + IgnoreHealthOnHostRemoval: true, } if args.statName != nil { @@ -414,9 +417,6 @@ func buildXdsCluster(args *xdsClusterArgs) (*buildClusterResult, error) { }, }, } - // Dont wait for a health check to determine health and remove these endpoints - // if the endpoint has been removed via EDS by the control plane - cluster.IgnoreHealthOnHostRemoval = true default: cluster.ClusterDiscoveryType = &clusterv3.Cluster_Type{Type: clusterv3.Cluster_STRICT_DNS} cluster.DnsRefreshRate = durationpb.New(30 * time.Second) diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.clusters.yaml index fc81e62d38..a46650172b 100644 --- a/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.clusters.yaml index 0cc742ae88..2b07ab5328 100644 --- a/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.clusters.yaml @@ -31,6 +31,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.clusters.yaml index fc81e62d38..a46650172b 100644 --- a/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.clusters.yaml index fc81e62d38..a46650172b 100644 --- a/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-types.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-types.clusters.yaml index f7629863b5..b61e148e25 100644 --- a/internal/xds/translator/testdata/out/xds-ir/accesslog-types.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-types.clusters.yaml @@ -215,6 +215,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog_otel_0_3 @@ -255,6 +256,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog_otel_1_3 @@ -295,6 +297,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog_otel_2_3 diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.clusters.yaml index f3887e6b59..9a1f49a173 100644 --- a/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.clusters.yaml @@ -60,6 +60,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog.clusters.yaml index 16b3c2958e..c0d42c3c5d 100644 --- a/internal/xds/translator/testdata/out/xds-ir/accesslog.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/accesslog.clusters.yaml @@ -60,6 +60,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.clusters.yaml index 07a60bccf2..994a1804f6 100644 --- a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.clusters.yaml @@ -53,6 +53,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: two_example_com_443 @@ -95,6 +96,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: one_example_com_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.clusters.yaml index 07a60bccf2..994a1804f6 100644 --- a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.clusters.yaml @@ -53,6 +53,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: two_example_com_443 @@ -95,6 +96,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: one_example_com_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.clusters.yaml index 2195996acf..f2c5f7c339 100644 --- a/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.clusters.yaml @@ -5,6 +5,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: one_example_com_443 @@ -47,6 +48,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: two_example_com_80 diff --git a/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.clusters.yaml index 230d1e7184..b3048d3683 100644 --- a/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.clusters.yaml @@ -5,6 +5,7 @@ connectTimeout: 10s dnsLookupFamily: V6_ONLY dnsRefreshRate: 5s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: httproute/default/httproute-1/rule/0 @@ -36,6 +37,7 @@ connectTimeout: 10s dnsLookupFamily: V6_ONLY dnsRefreshRate: 5s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: grpcroute/default/grpcroute-1/rule/0 @@ -74,6 +76,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/envoy-gateway/policy-for-gateway-1/extauth/0 @@ -106,6 +109,7 @@ connectTimeout: 10s dnsLookupFamily: ALL dnsRefreshRate: 5s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: envoyextensionpolicy/default/policy-for-httproute/extproc/0 @@ -145,6 +149,7 @@ connectTimeout: 10s dnsLookupFamily: V4_ONLY dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: accesslog_otel_0_1 diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.clusters.yaml index 5b2e86b1d6..cc7fe609af 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.clusters.yaml @@ -77,6 +77,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/default/policy-for-http-route-1/default/grpc-backend @@ -120,6 +121,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/default/policy-for-gateway-1/envoy-gateway/http-backend diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.clusters.yaml index 736e3bad14..ccbaa56f1f 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.clusters.yaml @@ -77,6 +77,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/default/policy-for-http-route-1/default/grpc-backend @@ -117,6 +118,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/default/policy-for-gateway-1/envoy-gateway/http-backend diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.clusters.yaml index 736e3bad14..ccbaa56f1f 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.clusters.yaml @@ -77,6 +77,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/default/policy-for-http-route-1/default/grpc-backend @@ -117,6 +118,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/default/policy-for-gateway-1/envoy-gateway/http-backend diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.clusters.yaml index af1b3d65f1..43e2066acb 100644 --- a/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.clusters.yaml @@ -5,6 +5,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: first-route-dest diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.clusters.yaml index d94c71a083..46005d6dad 100644 --- a/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.clusters.yaml @@ -12,6 +12,7 @@ commonLbConfig: {} connectTimeout: 10s dnsLookupFamily: V4_PREFERRED + ignoreHealthOnHostRemoval: true lbPolicy: CLUSTER_PROVIDED loadBalancingPolicy: policies: diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.clusters.yaml index 4859433598..37462c99b6 100644 --- a/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: localhost_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.clusters.yaml index 77eb6e9258..97acccc24a 100644 --- a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.clusters.yaml @@ -53,6 +53,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: localhost_80 diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.clusters.yaml index cb66d7b6c8..7fb14db5b5 100644 --- a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.clusters.yaml @@ -53,6 +53,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: localhost_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-optional.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-optional.clusters.yaml index 4859433598..37462c99b6 100644 --- a/internal/xds/translator/testdata/out/xds-ir/jwt-optional.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/jwt-optional.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: localhost_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.clusters.yaml index 211a80c57b..ee09f2e223 100644 --- a/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.clusters.yaml @@ -110,6 +110,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.clusters.yaml index 4859433598..37462c99b6 100644 --- a/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: localhost_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.clusters.yaml index c9eef8f751..7a33724db5 100644 --- a/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/default/policy-for-route/jwt/0 diff --git a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.clusters.yaml index 013d8e8a18..5ee86a11b3 100755 --- a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.clusters.yaml @@ -101,6 +101,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: oauth_foo_com_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.clusters.yaml index 25b85801bd..cfb414870a 100644 --- a/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: oauth_foo_com_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.clusters.yaml index c19c1eefd7..ed1db48444 100644 --- a/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: securitypolicy/envoy-gateway/policy-for-gateway/0 diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc.clusters.yaml index 80eff9c9e6..db5f4b036e 100644 --- a/internal/xds/translator/testdata/out/xds-ir/oidc.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/oidc.clusters.yaml @@ -53,6 +53,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: oauth_foo_com_443 @@ -95,6 +96,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: oauth_bar_com_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.clusters.yaml index dd43b80611..16c7ed3419 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.clusters.yaml @@ -77,6 +77,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.clusters.yaml index ed9d549f4f..1bf27126c2 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.clusters.yaml @@ -77,6 +77,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.clusters.yaml index 011ffcc128..b0a5b95987 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.clusters.yaml @@ -83,6 +83,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.clusters.yaml index b0060aa2f1..9f62846ce7 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.clusters.yaml @@ -109,6 +109,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.clusters.yaml index ed9d549f4f..1bf27126c2 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.clusters.yaml @@ -77,6 +77,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.clusters.yaml index 011ffcc128..b0a5b95987 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.clusters.yaml @@ -83,6 +83,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.clusters.yaml index fa050dc3dc..39eedb3acf 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.clusters.yaml @@ -101,6 +101,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit.clusters.yaml index fa050dc3dc..39eedb3acf 100644 --- a/internal/xds/translator/testdata/out/xds-ir/ratelimit.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit.clusters.yaml @@ -101,6 +101,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: ratelimit_cluster diff --git a/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.clusters.yaml index a1a64c0f74..3318f090e7 100644 --- a/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: oidc_example_com_443 diff --git a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.clusters.yaml index 958ad3a8e8..9794eef1a8 100644 --- a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: tls-passthrough-bar-dest diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.clusters.yaml index 3ddd17bebc..2ba36023ec 100644 --- a/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: tracing-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.clusters.yaml index 59a7aa268c..dee628c1ca 100644 --- a/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.clusters.yaml @@ -31,6 +31,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: tracing-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.clusters.yaml index 1484ac87e4..7af17a6cb9 100644 --- a/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.clusters.yaml @@ -29,6 +29,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: tracing-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing.clusters.yaml index 8f91a2e62c..523ecad2b8 100644 --- a/internal/xds/translator/testdata/out/xds-ir/tracing.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/tracing.clusters.yaml @@ -30,6 +30,7 @@ connectTimeout: 15s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: tracing-0 diff --git a/internal/xds/translator/testdata/out/xds-ir/wasm.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/wasm.clusters.yaml index 88e3c014f0..9f2d856ee1 100755 --- a/internal/xds/translator/testdata/out/xds-ir/wasm.clusters.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/wasm.clusters.yaml @@ -53,6 +53,7 @@ connectTimeout: 10s dnsLookupFamily: V4_PREFERRED dnsRefreshRate: 30s + ignoreHealthOnHostRemoval: true lbPolicy: LEAST_REQUEST loadAssignment: clusterName: wasm_cluster diff --git a/release-notes/current.yaml b/release-notes/current.yaml index 67f6279973..faae3d094b 100644 --- a/release-notes/current.yaml +++ b/release-notes/current.yaml @@ -3,6 +3,7 @@ date: Pending # Changes that are expected to cause an incompatibility with previous versions, such as deletions or modifications to existing APIs. breaking changes: | Use gateway name as proxy fleet name for gateway namespace mode. + Endpoints that are absent from service discovery are removed even if their active health checks succeed. # Updates addressing vulnerabilities, security flaws, or compliance requirements. security updates: |