From e608467b8e9ae4039718aa1e8f71838de3a3c978 Mon Sep 17 00:00:00 2001 From: "Huabing (Robin) Zhao" Date: Wed, 30 Jul 2025 09:05:24 +0000 Subject: [PATCH 1/6] rename route config Signed-off-by: Huabing (Robin) Zhao --- internal/xds/translator/listener.go | 28 ++++++++++++++++--- .../xds-ir/xds-name-scheme-v2.listeners.yaml | 2 +- .../out/xds-ir/xds-name-scheme-v2.routes.yaml | 2 +- internal/xds/translator/translator.go | 2 +- 4 files changed, 27 insertions(+), 7 deletions(-) diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go index f02784e29d..fb6eddd29b 100644 --- a/internal/xds/translator/listener.go +++ b/internal/xds/translator/listener.go @@ -360,7 +360,7 @@ func (t *Translator) addHCMToXDSListener( Rds: &hcmv3.Rds{ ConfigSource: makeConfigSource(), // Configure route name to be found via RDS. - RouteConfigName: routeConfigName(irListener), + RouteConfigName: routeConfigName(irListener, t.xdsNameSchemeV2()), }, }, HttpProtocolOptions: http1ProtocolOptions(irListener.HTTP1), @@ -500,8 +500,28 @@ func (t *Translator) addHCMToXDSListener( return nil } -func routeConfigName(irListener *ir.HTTPListener) string { - // TODO(zhaohuabing): change the routeConfig name for HTTP listeners because they are merged into one route config +func routeConfigName(irListener *ir.HTTPListener, nameSchemeV2 bool) string { + if irListener.TLS != nil { + return httpsListenerRouteConfigName(irListener) + } + return httpListenerRouteConfigName(irListener, nameSchemeV2) +} + + +// port value is used for the route config name for HTTP listeners. as multiple HTTP listeners on the same port are +// using the same route config. +func httpListenerRouteConfigName(irListener *ir.HTTPListener, nameSchemeV2 bool) string { + if nameSchemeV2 { + return fmt.Sprint(irListener.ExternalPort) + } + // For backward compatibility, we use the listener name as the route config name. + return irListener.Name +} + +// irListener name is used as the route config name for HTTPS listener, as HTTPS Listener is 1:1 mapping to the filter chain, +// and the HCM in each filter chain uses a unique route config. +// The Gateway API layer ensures that each listener has a unique combination of hostname and port. +func httpsListenerRouteConfigName(irListener *ir.HTTPListener) string { return irListener.Name } @@ -515,7 +535,7 @@ func httpListenerDefaultFilterChainName(irListener *ir.HTTPListener, nameSchemeV return irListener.Name } -// irListener name is used as the filter chain name for HTTPS listener, as Listener is 1:1 mapping to the filter chain +// irListener name is used as the filter chain name for HTTPS listener, as HTTPS Listener is 1:1 mapping to the filter chain. // The Gateway API layer ensures that each listener has a unique combination of hostname and port. func httpsListenerFilterChainName(irListener *ir.HTTPListener) string { return irListener.Name diff --git a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml index b1b39aa28e..3bc093ea60 100644 --- a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml @@ -25,7 +25,7 @@ configSource: ads: {} resourceApiVersion: V3 - routeConfigName: envoy-gateway/gateway-1/http1 + routeConfigName: "80" serverHeaderTransformation: PASS_THROUGH statPrefix: http-10080 useRemoteAddress: true diff --git a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml index 01d3a93d1b..9d66f828b7 100644 --- a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml @@ -1,5 +1,5 @@ - ignorePortInHostMatching: true - name: envoy-gateway/gateway-1/http1 + name: "80" virtualHosts: - domains: - foo.net diff --git a/internal/xds/translator/translator.go b/internal/xds/translator/translator.go index d04b7d965c..b3322b2905 100644 --- a/internal/xds/translator/translator.go +++ b/internal/xds/translator/translator.go @@ -446,7 +446,7 @@ func (t *Translator) processHTTPListenerXdsTranslation( routeCfgName = findXdsHTTPRouteConfigName(tcpXDSListener) // If the route config name is not found, we use the current ir Listener name as the route config name to create a new route config. if routeCfgName == "" { - routeCfgName = routeConfigName(httpListener) + routeCfgName = routeConfigName(httpListener, t.xdsNameSchemeV2()) } // Create a route config if we have not found one yet From a153ed6e93341ac3639e115299fb0f1f55c55de9 Mon Sep 17 00:00:00 2001 From: "Huabing (Robin) Zhao" Date: Wed, 30 Jul 2025 09:22:10 +0000 Subject: [PATCH 2/6] rename HCM statPrefix Signed-off-by: Huabing (Robin) Zhao --- internal/xds/translator/listener.go | 23 ++++++++++--------- .../xds-ir/xds-name-scheme-v2.listeners.yaml | 10 ++++---- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go index fb6eddd29b..eeb6781656 100644 --- a/internal/xds/translator/listener.go +++ b/internal/xds/translator/listener.go @@ -335,23 +335,13 @@ func (t *Translator) addHCMToXDSListener( } // HTTP filter configuration - var statPrefix string - if irListener.TLS != nil { - statPrefix = "https" - } else { - statPrefix = "http" - } - - // Append port to the statPrefix. - statPrefix = strings.Join([]string{statPrefix, strconv.Itoa(int(irListener.Port))}, "-") - // Client IP detection useRemoteAddress := true originalIPDetectionExtensions := originalIPDetectionExtensions(irListener.ClientIPDetection) if originalIPDetectionExtensions != nil { useRemoteAddress = false } - + statPrefix := hcmStatPrefix(irListener, t.xdsNameSchemeV2()) mgr := &hcmv3.HttpConnectionManager{ AccessLog: al, CodecType: hcmv3.HttpConnectionManager_AUTO, @@ -507,6 +497,17 @@ func routeConfigName(irListener *ir.HTTPListener, nameSchemeV2 bool) string { return httpListenerRouteConfigName(irListener, nameSchemeV2) } +func hcmStatPrefix(irListener *ir.HTTPListener, nameSchemeV2 bool) string { + statPrefix := "http" + if irListener.TLS != nil { + statPrefix = "https" + } + + if nameSchemeV2 { + return fmt.Sprintf("%s-%d", statPrefix, irListener.ExternalPort) + } + return fmt.Sprintf("%s-%d", statPrefix, irListener.Port) +} // port value is used for the route config name for HTTP listeners. as multiple HTTP listeners on the same port are // using the same route config. diff --git a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml index 3bc093ea60..751dee84d3 100644 --- a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml @@ -27,7 +27,7 @@ resourceApiVersion: V3 routeConfigName: "80" serverHeaderTransformation: PASS_THROUGH - statPrefix: http-10080 + statPrefix: http-80 useRemoteAddress: true name: http-80 maxConnectionsToAcceptPerSocketEvent: 1 @@ -65,7 +65,7 @@ resourceApiVersion: V3 routeConfigName: envoy-gateway/gateway-1/https1 serverHeaderTransformation: PASS_THROUGH - statPrefix: https-10443 + statPrefix: https-443 useRemoteAddress: true name: envoy-gateway/gateway-1/https1 transportSocket: @@ -110,7 +110,7 @@ resourceApiVersion: V3 routeConfigName: envoy-gateway/gateway-1/https2 serverHeaderTransformation: PASS_THROUGH - statPrefix: https-10443 + statPrefix: https-443 useRemoteAddress: true name: envoy-gateway/gateway-1/https2 transportSocket: @@ -168,7 +168,7 @@ resourceApiVersion: V3 routeConfigName: envoy-gateway/gateway-2/https-http3 serverHeaderTransformation: PASS_THROUGH - statPrefix: https-11443 + statPrefix: https-1443 useRemoteAddress: true name: envoy-gateway/gateway-2/https-http3 transportSocket: @@ -222,7 +222,7 @@ resourceApiVersion: V3 routeConfigName: envoy-gateway/gateway-2/https-http3 serverHeaderTransformation: PASS_THROUGH - statPrefix: https-11443 + statPrefix: https-1443 useRemoteAddress: true name: envoy-gateway/gateway-2/https-http3 transportSocket: From c102c7ba52a4d86f9f425cc02066624083fc91db Mon Sep 17 00:00:00 2001 From: "Huabing (Robin) Zhao" Date: Wed, 30 Jul 2025 09:34:09 +0000 Subject: [PATCH 3/6] rename virtual host Signed-off-by: Huabing (Robin) Zhao --- internal/xds/translator/listener.go | 2 +- .../testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml | 10 +++++----- internal/xds/translator/translator.go | 7 +++++-- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go index eeb6781656..57b8370ed9 100644 --- a/internal/xds/translator/listener.go +++ b/internal/xds/translator/listener.go @@ -341,7 +341,7 @@ func (t *Translator) addHCMToXDSListener( if originalIPDetectionExtensions != nil { useRemoteAddress = false } - statPrefix := hcmStatPrefix(irListener, t.xdsNameSchemeV2()) + statPrefix := hcmStatPrefix(irListener, t.xdsNameSchemeV2()) mgr := &hcmv3.HttpConnectionManager{ AccessLog: al, CodecType: hcmv3.HttpConnectionManager_AUTO, diff --git a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml index 9d66f828b7..30527c0f15 100644 --- a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml @@ -3,7 +3,7 @@ virtualHosts: - domains: - foo.net - name: envoy-gateway/gateway-1/http1/foo_net + name: foo_net routes: - match: prefix: / @@ -14,7 +14,7 @@ - upgradeType: websocket - domains: - bar.net - name: envoy-gateway/gateway-1/http2/bar_net + name: bar_net routes: - match: prefix: / @@ -28,7 +28,7 @@ virtualHosts: - domains: - foo.com - name: envoy-gateway/gateway-1/https1/foo_com + name: foo_com routes: - match: prefix: / @@ -42,7 +42,7 @@ virtualHosts: - domains: - bar.com - name: envoy-gateway/gateway-1/https2/bar_com + name: bar_com routes: - match: prefix: / @@ -56,7 +56,7 @@ virtualHosts: - domains: - '*' - name: envoy-gateway/gateway-2/https-http3/* + name: '*' routes: - match: prefix: / diff --git a/internal/xds/translator/translator.go b/internal/xds/translator/translator.go index b3322b2905..f79bbd6618 100644 --- a/internal/xds/translator/translator.go +++ b/internal/xds/translator/translator.go @@ -504,7 +504,7 @@ func (t *Translator) addRouteToRouteConfig( underscoredHostname := strings.ReplaceAll(httpRoute.Hostname, ".", "_") // Allocate virtual host for this httpRoute. vHost = &routev3.VirtualHost{ - Name: virtualHostName(httpListener, underscoredHostname), + Name: virtualHostName(httpListener, underscoredHostname, t.xdsNameSchemeV2()), Domains: []string{httpRoute.Hostname}, Metadata: buildXdsMetadata(httpListener.Metadata), } @@ -656,7 +656,10 @@ func (t *Translator) addRouteToRouteConfig( return errs } -func virtualHostName(httpListener *ir.HTTPListener, underscoredHostname string) string { +func virtualHostName(httpListener *ir.HTTPListener, underscoredHostname string, xdsNameSchemeV2 bool) string { + if xdsNameSchemeV2 { + return underscoredHostname + } return fmt.Sprintf("%s/%s", httpListener.Name, underscoredHostname) } From c801fdf4ca000a2f1c1244a448f8a77719aee167 Mon Sep 17 00:00:00 2001 From: "Huabing (Robin) Zhao" Date: Thu, 31 Jul 2025 02:11:18 +0000 Subject: [PATCH 4/6] fix test Signed-off-by: Huabing (Robin) Zhao --- test/e2e/tests/connection_limit.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test/e2e/tests/connection_limit.go b/test/e2e/tests/connection_limit.go index 15e316fec4..1c5735973e 100644 --- a/test/e2e/tests/connection_limit.go +++ b/test/e2e/tests/connection_limit.go @@ -85,6 +85,9 @@ var ConnectionLimitTest = suite.ConformanceTest{ } prefix := "http-10080" + if XDSNameSchemeV2(){ + prefix = "http-80" + } gtwName := "connection-limit-gateway" promQL := fmt.Sprintf(`envoy_connection_limit_limited_connections{envoy_connection_limit_prefix="%s",gateway_envoyproxy_io_owning_gateway_name="%s"}`, prefix, gtwName) From 0e0b30a18214836e5c4d77a7263201ff11f43462 Mon Sep 17 00:00:00 2001 From: "Huabing (Robin) Zhao" Date: Thu, 31 Jul 2025 02:13:20 +0000 Subject: [PATCH 5/6] minor change Signed-off-by: Huabing (Robin) Zhao --- internal/xds/translator/listener.go | 14 +++++++------- test/e2e/tests/connection_limit.go | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go index 57b8370ed9..294e241a4f 100644 --- a/internal/xds/translator/listener.go +++ b/internal/xds/translator/listener.go @@ -490,13 +490,6 @@ func (t *Translator) addHCMToXDSListener( return nil } -func routeConfigName(irListener *ir.HTTPListener, nameSchemeV2 bool) string { - if irListener.TLS != nil { - return httpsListenerRouteConfigName(irListener) - } - return httpListenerRouteConfigName(irListener, nameSchemeV2) -} - func hcmStatPrefix(irListener *ir.HTTPListener, nameSchemeV2 bool) string { statPrefix := "http" if irListener.TLS != nil { @@ -509,6 +502,13 @@ func hcmStatPrefix(irListener *ir.HTTPListener, nameSchemeV2 bool) string { return fmt.Sprintf("%s-%d", statPrefix, irListener.Port) } +func routeConfigName(irListener *ir.HTTPListener, nameSchemeV2 bool) string { + if irListener.TLS != nil { + return httpsListenerRouteConfigName(irListener) + } + return httpListenerRouteConfigName(irListener, nameSchemeV2) +} + // port value is used for the route config name for HTTP listeners. as multiple HTTP listeners on the same port are // using the same route config. func httpListenerRouteConfigName(irListener *ir.HTTPListener, nameSchemeV2 bool) string { diff --git a/test/e2e/tests/connection_limit.go b/test/e2e/tests/connection_limit.go index 1c5735973e..c60dfaf2ce 100644 --- a/test/e2e/tests/connection_limit.go +++ b/test/e2e/tests/connection_limit.go @@ -85,7 +85,7 @@ var ConnectionLimitTest = suite.ConformanceTest{ } prefix := "http-10080" - if XDSNameSchemeV2(){ + if XDSNameSchemeV2() { prefix = "http-80" } gtwName := "connection-limit-gateway" From 2c33217d4fc1a6e7ca4c72b8918d2daca7c1321a Mon Sep 17 00:00:00 2001 From: "Huabing (Robin) Zhao" Date: Fri, 1 Aug 2025 00:25:59 +0000 Subject: [PATCH 6/6] address comment Signed-off-by: Huabing (Robin) Zhao --- internal/xds/translator/listener.go | 22 +++---------------- .../xds-ir/xds-name-scheme-v2.listeners.yaml | 2 +- .../out/xds-ir/xds-name-scheme-v2.routes.yaml | 2 +- 3 files changed, 5 insertions(+), 21 deletions(-) diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go index 294e241a4f..943e46cc5e 100644 --- a/internal/xds/translator/listener.go +++ b/internal/xds/translator/listener.go @@ -502,28 +502,12 @@ func hcmStatPrefix(irListener *ir.HTTPListener, nameSchemeV2 bool) string { return fmt.Sprintf("%s-%d", statPrefix, irListener.Port) } +// use the same name for the route config as the filter chain name, as they're 1:1 mapping. func routeConfigName(irListener *ir.HTTPListener, nameSchemeV2 bool) string { if irListener.TLS != nil { - return httpsListenerRouteConfigName(irListener) + return httpsListenerFilterChainName(irListener) } - return httpListenerRouteConfigName(irListener, nameSchemeV2) -} - -// port value is used for the route config name for HTTP listeners. as multiple HTTP listeners on the same port are -// using the same route config. -func httpListenerRouteConfigName(irListener *ir.HTTPListener, nameSchemeV2 bool) string { - if nameSchemeV2 { - return fmt.Sprint(irListener.ExternalPort) - } - // For backward compatibility, we use the listener name as the route config name. - return irListener.Name -} - -// irListener name is used as the route config name for HTTPS listener, as HTTPS Listener is 1:1 mapping to the filter chain, -// and the HCM in each filter chain uses a unique route config. -// The Gateway API layer ensures that each listener has a unique combination of hostname and port. -func httpsListenerRouteConfigName(irListener *ir.HTTPListener) string { - return irListener.Name + return httpListenerDefaultFilterChainName(irListener, nameSchemeV2) } // port value is used for the default filter chain name for HTTP listeners, as multiple HTTP listeners are merged into diff --git a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml index 751dee84d3..51f8b8f0e9 100644 --- a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.listeners.yaml @@ -25,7 +25,7 @@ configSource: ads: {} resourceApiVersion: V3 - routeConfigName: "80" + routeConfigName: http-80 serverHeaderTransformation: PASS_THROUGH statPrefix: http-80 useRemoteAddress: true diff --git a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml index 30527c0f15..5c5dbe25f6 100644 --- a/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml +++ b/internal/xds/translator/testdata/out/xds-ir/xds-name-scheme-v2.routes.yaml @@ -1,5 +1,5 @@ - ignorePortInHostMatching: true - name: "80" + name: http-80 virtualHosts: - domains: - foo.net