diff --git a/.changelog/188.txt b/.changelog/188.txt new file mode 100644 index 00000000..f039a85f --- /dev/null +++ b/.changelog/188.txt @@ -0,0 +1,3 @@ +```release-note:improvement +In order to support Windows, write Envoy bootstrap configuration to a regular file instead of a named pipe. +``` diff --git a/Makefile b/Makefile index f02999d7..a9b86d3d 100644 --- a/Makefile +++ b/Makefile @@ -8,8 +8,8 @@ GOBIN ?= $(GOPATH)/bin # Get local ARCH; on Intel Mac, 'uname -m' returns x86_64 which we turn into amd64. # Not using 'go env GOOS/GOARCH' here so 'make docker' will work without local Go install. -ARCH = $(shell A=$$(uname -m); [ $$A = x86_64 ] && A=amd64; echo $$A) -OS = $(shell uname | tr [[:upper:]] [[:lower:]]) +ARCH ?= $(shell A=$$(uname -m); [ $$A = x86_64 ] && A=amd64; echo $$A) +OS ?= $(shell uname | tr [[:upper:]] [[:lower:]]) PLATFORM = $(OS)/$(ARCH) DIST = dist/$(PLATFORM) BIN = $(DIST)/$(BIN_NAME) @@ -89,6 +89,7 @@ copy-bootstrap-config: sed '/github.com\/hashicorp\/consul\/api/d' | \ sed 's/api.IntentionDefaultNamespace/"default"/g' | \ sed '1s:^:// Code generated by make copy-bootstrap-config. DO NOT EDIT.\n:' | \ + sed '/"initial_metadata": \[/,/\]/d' | \ gofmt \ > $(BOOTSTRAP_PACKAGE_DIR)/$$file; \ done diff --git a/internal/bootstrap/bootstrap_tpl.go b/internal/bootstrap/bootstrap_tpl.go index dc374f5a..f575c407 100644 --- a/internal/bootstrap/bootstrap_tpl.go +++ b/internal/bootstrap/bootstrap_tpl.go @@ -292,12 +292,6 @@ const bootstrapTemplate = `{ "api_type": "DELTA_GRPC", "transport_api_version": "V3", "grpc_services": { - "initial_metadata": [ - { - "key": "x-consul-token", - "value": "{{ .Token }}" - } - ], "envoy_grpc": { "cluster_name": "{{ .LocalAgentClusterName }}" } diff --git a/pkg/consuldp/testdata/TestBootstrapConfig/access-logs.golden b/pkg/consuldp/testdata/TestBootstrapConfig/access-logs.golden index 68187aa0..5fabf464 100644 --- a/pkg/consuldp/testdata/TestBootstrapConfig/access-logs.golden +++ b/pkg/consuldp/testdata/TestBootstrapConfig/access-logs.golden @@ -167,12 +167,6 @@ "api_type": "DELTA_GRPC", "transport_api_version": "V3", "grpc_services": { - "initial_metadata": [ - { - "key": "x-consul-token", - "value": "" - } - ], "envoy_grpc": { "cluster_name": "consul-dataplane" } diff --git a/pkg/consuldp/testdata/TestBootstrapConfig/basic.golden b/pkg/consuldp/testdata/TestBootstrapConfig/basic.golden index ca0741a3..1cbfb573 100644 --- a/pkg/consuldp/testdata/TestBootstrapConfig/basic.golden +++ b/pkg/consuldp/testdata/TestBootstrapConfig/basic.golden @@ -155,12 +155,6 @@ "api_type": "DELTA_GRPC", "transport_api_version": "V3", "grpc_services": { - "initial_metadata": [ - { - "key": "x-consul-token", - "value": "" - } - ], "envoy_grpc": { "cluster_name": "consul-dataplane" } diff --git a/pkg/consuldp/testdata/TestBootstrapConfig/central-telemetry-config.golden b/pkg/consuldp/testdata/TestBootstrapConfig/central-telemetry-config.golden index 8ed91715..a0eee8ef 100644 --- a/pkg/consuldp/testdata/TestBootstrapConfig/central-telemetry-config.golden +++ b/pkg/consuldp/testdata/TestBootstrapConfig/central-telemetry-config.golden @@ -169,12 +169,6 @@ "api_type": "DELTA_GRPC", "transport_api_version": "V3", "grpc_services": { - "initial_metadata": [ - { - "key": "x-consul-token", - "value": "" - } - ], "envoy_grpc": { "cluster_name": "consul-dataplane" } diff --git a/pkg/consuldp/testdata/TestBootstrapConfig/custom-prometheus-scrape-path.golden b/pkg/consuldp/testdata/TestBootstrapConfig/custom-prometheus-scrape-path.golden index f21bdabe..da7ff049 100644 --- a/pkg/consuldp/testdata/TestBootstrapConfig/custom-prometheus-scrape-path.golden +++ b/pkg/consuldp/testdata/TestBootstrapConfig/custom-prometheus-scrape-path.golden @@ -244,12 +244,6 @@ "api_type": "DELTA_GRPC", "transport_api_version": "V3", "grpc_services": { - "initial_metadata": [ - { - "key": "x-consul-token", - "value": "" - } - ], "envoy_grpc": { "cluster_name": "consul-dataplane" } diff --git a/pkg/consuldp/testdata/TestBootstrapConfig/hcp-metrics.golden b/pkg/consuldp/testdata/TestBootstrapConfig/hcp-metrics.golden index c37671de..45bb9fe2 100644 --- a/pkg/consuldp/testdata/TestBootstrapConfig/hcp-metrics.golden +++ b/pkg/consuldp/testdata/TestBootstrapConfig/hcp-metrics.golden @@ -193,12 +193,6 @@ "api_type": "DELTA_GRPC", "transport_api_version": "V3", "grpc_services": { - "initial_metadata": [ - { - "key": "x-consul-token", - "value": "" - } - ], "envoy_grpc": { "cluster_name": "consul-dataplane" } diff --git a/pkg/consuldp/testdata/TestBootstrapConfig/ready-listener.golden b/pkg/consuldp/testdata/TestBootstrapConfig/ready-listener.golden index 1d45d37d..b33288a2 100644 --- a/pkg/consuldp/testdata/TestBootstrapConfig/ready-listener.golden +++ b/pkg/consuldp/testdata/TestBootstrapConfig/ready-listener.golden @@ -244,12 +244,6 @@ "api_type": "DELTA_GRPC", "transport_api_version": "V3", "grpc_services": { - "initial_metadata": [ - { - "key": "x-consul-token", - "value": "" - } - ], "envoy_grpc": { "cluster_name": "consul-dataplane" } diff --git a/pkg/consuldp/testdata/TestBootstrapConfig/unix-socket-xds-server.golden b/pkg/consuldp/testdata/TestBootstrapConfig/unix-socket-xds-server.golden index 4affbca5..7400bb4e 100644 --- a/pkg/consuldp/testdata/TestBootstrapConfig/unix-socket-xds-server.golden +++ b/pkg/consuldp/testdata/TestBootstrapConfig/unix-socket-xds-server.golden @@ -154,12 +154,6 @@ "api_type": "DELTA_GRPC", "transport_api_version": "V3", "grpc_services": { - "initial_metadata": [ - { - "key": "x-consul-token", - "value": "" - } - ], "envoy_grpc": { "cluster_name": "consul-dataplane" } diff --git a/pkg/envoy/get_process_attr.go b/pkg/envoy/get_process_attr.go new file mode 100644 index 00000000..abafca21 --- /dev/null +++ b/pkg/envoy/get_process_attr.go @@ -0,0 +1,12 @@ +//go:build !windows +// +build !windows + +package envoy + +import "syscall" + +func getProcessAttr() *syscall.SysProcAttr { + return &syscall.SysProcAttr{ + Setpgid: true, + } +} diff --git a/pkg/envoy/get_process_attr_windows.go b/pkg/envoy/get_process_attr_windows.go new file mode 100644 index 00000000..f3d9d18a --- /dev/null +++ b/pkg/envoy/get_process_attr_windows.go @@ -0,0 +1,12 @@ +//go:build windows +// +build windows + +package envoy + +import "syscall" + +func getProcessAttr() *syscall.SysProcAttr { + return &syscall.SysProcAttr{ + CreationFlags: syscall.CREATE_NEW_PROCESS_GROUP, + } +} diff --git a/pkg/envoy/proxy.go b/pkg/envoy/proxy.go index dc31e001..22fde437 100644 --- a/pkg/envoy/proxy.go +++ b/pkg/envoy/proxy.go @@ -8,13 +8,13 @@ import ( "errors" "fmt" "io" + "log" "net/http" "os" "os/exec" "path/filepath" "strings" "sync/atomic" - "syscall" "time" "github.com/hashicorp/go-hclog" @@ -158,9 +158,7 @@ func (p *Proxy) Run(ctx context.Context) error { // Start Envoy in its own process group to avoid directly receiving // SIGTERM intended for consul-dataplane, let proxy manager handle // graceful shutdown if configured. - p.cmd.SysProcAttr = &syscall.SysProcAttr{ - Setpgid: true, - } + p.cmd.SysProcAttr = getProcessAttr() p.cfg.Logger.Debug("running envoy proxy", "command", strings.Join(p.cmd.Args, " ")) if err := p.cmd.Start(); err != nil { @@ -343,32 +341,9 @@ func writeBootstrapConfig(cfg []byte) (string, func() error, error) { os.TempDir(), fmt.Sprintf("envoy-%x-bootstrap.json", time.Now().UnixNano()+int64(os.Getpid())), ) - if err := syscall.Mkfifo(path, 0600); err != nil { - return "", nil, err - } - - // O_WRONLY causes OpenFile to block until there's a reader (Envoy). Opening - // the pipe with O_RDWR wouldn't block but would result in just sending stuff - // to ourself. - // - // TODO(boxofrad): We don't have a way to cancel this goroutine. If the Envoy - // process never opens the other end of the pipe this will hang forever. The - // workaround we use in `consul connect envoy` is to write to the pipe in a - // subprocess that self-destructs after 10 minutes. - go func() { - file, err := os.OpenFile(path, os.O_WRONLY|os.O_APPEND, 0600) - if err != nil { - os.Remove(path) - return - } - - _, err = file.Write(cfg) - file.Close() - if err != nil { - os.Remove(path) - } - }() + log.Printf("bootstrap config path: %s", path) + err := os.WriteFile(path, cfg, 0600) return path, func() error { err := os.Remove(path) @@ -376,7 +351,7 @@ func writeBootstrapConfig(cfg []byte) (string, func() error, error) { return nil } return err - }, nil + }, err } // buildCommand builds the exec.Cmd to run Envoy with the relevant arguments