diff --git a/WORKSPACE b/WORKSPACE index f16ce1285bd..fd87526d5b1 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -34,14 +34,14 @@ bind( # When updating envoy sha manually please update the sha in istio.deps file also # -# Determine SHA256 `wget https://github.com/envoyproxy/envoy/archive/COMMIT.zip && sha256sum COMMIT.zip` -ENVOY_SHA = "2a2ad48a7d4b57512bc10a9593e852fe950b1c8d" -ENVOY_SHA256 = "a86dd396bd3db8401d45f9d387d3177ba1eb8298520ef684c1deaf7b91a1af1d" +# Determine SHA256 `wget https://github.com/envoyproxy/envoy/archive/COMMIT.tar.gz && sha256sum COMMIT.tar.gz` +ENVOY_SHA = "bbf5674c2c9a901ec4e964e4dd1d845516e672b2" +ENVOY_SHA256 = "a4e56688cd274db367a5ab905e4d02da6d271189c564ae05e87812c63790c7d6" http_archive( name = "envoy", strip_prefix = "envoy-" + ENVOY_SHA, - url = "https://github.com/envoyproxy/envoy/archive/" + ENVOY_SHA + ".zip", + url = "https://github.com/envoyproxy/envoy/archive/" + ENVOY_SHA + ".tar.gz", sha256 = ENVOY_SHA256, ) diff --git a/istio.deps b/istio.deps index 4c497bdc97e..efc024fdb39 100644 --- a/istio.deps +++ b/istio.deps @@ -4,13 +4,13 @@ "name": "ISTIO_API", "repoName": "api", "file": "repositories.bzl", - "lastStableSHA": "1a7788d738d2c6b07ba22106fca19bfef3843fa1" + "lastStableSHA": "aec9db9d9a57faf688b4d5606fddede85d4d3855" }, { "_comment": "", "name": "ENVOY_SHA", "repoName": "envoyproxy/envoy", "file": "WORKSPACE", - "lastStableSHA": "2a2ad48a7d4b57512bc10a9593e852fe950b1c8d" + "lastStableSHA": "bbf5674c2c9a901ec4e964e4dd1d845516e672b2" } ] diff --git a/protobuf.bzl b/protobuf.bzl index b556cdbfb91..786bb25f222 100644 --- a/protobuf.bzl +++ b/protobuf.bzl @@ -17,8 +17,8 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") # Match SHA used by Envoy -PROTOBUF_SHA = "fa252ec2a54acb24ddc87d48fed1ecfd458445fd" -PROTOBUF_SHA256 = "3d610ac90f8fa16e12490088605c248b85fdaf23114ce4b3605cdf81f7823604" +PROTOBUF_SHA = "7492b5681231c79f0265793fa57dc780ae2481d6" +PROTOBUF_SHA256 = "46f1da3a6a6db66dd240cf95a5553198f7c6e98e6ac942fceb8a1cf03291d96e" def protobuf_repositories(load_repo=True, bind=True): if load_repo: diff --git a/repositories.bzl b/repositories.bzl index 42d7b1b6296..37fb808b3bd 100644 --- a/repositories.bzl +++ b/repositories.bzl @@ -19,7 +19,7 @@ load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") GOOGLETEST = "d225acc90bc3a8c420a9bcd1f033033c1ccd7fe0" GOOGLETEST_SHA256 = "01508c8f47c99509130f128924f07f3a60be05d039cff571bb11d60bb11a3581" -def googletest_repositories(bind=True): +def googletest_repositories(bind = True): BUILD = """ # Copyright 2017 Istio Authors. All Rights Reserved. # @@ -102,7 +102,7 @@ cc_library( ISTIO_API = "056eb85d96f09441775d79283c149d93fcbd0982" ISTIO_API_SHA256 = "df491c399f0a06bb2b85f43f5328c880c8e5cb5b3ce972efbd1ce137f83ebc52" -def mixerapi_repositories(bind=True): +def mixerapi_repositories(bind = True): BUILD = """ # Copyright 2018 Istio Authors. All Rights Reserved. # @@ -233,9 +233,9 @@ load(":cc_gogo_protobuf.bzl", "cc_gogoproto_repositories") load(":x_tools_imports.bzl", "go_x_tools_imports_repositories") load(":googleapis.bzl", "googleapis_repositories") -def mixerapi_dependencies(): - protobuf_repositories(load_repo=True, bind=True) - cc_gogoproto_repositories() - go_x_tools_imports_repositories() - googleapis_repositories() - mixerapi_repositories() +def mixerapi_dependencies(): + protobuf_repositories(load_repo = True, bind = True) + cc_gogoproto_repositories() + go_x_tools_imports_repositories() + googleapis_repositories() + mixerapi_repositories() diff --git a/src/envoy/http/jwt_auth/auth_store.h b/src/envoy/http/jwt_auth/auth_store.h index 2410929e4eb..da80c27958e 100644 --- a/src/envoy/http/jwt_auth/auth_store.h +++ b/src/envoy/http/jwt_auth/auth_store.h @@ -27,21 +27,24 @@ namespace Envoy { namespace Http { namespace JwtAuth { +typedef std::shared_ptr + JwtAuthenticationConstSharedPtr; + // The JWT auth store object to store config and caches. // It only has pubkey_cache for now. In the future it will have token cache. // It is per-thread and stored in thread local. class JwtAuthStore : public ThreadLocal::ThreadLocalObject { public: // Load the config from envoy config. - JwtAuthStore(const ::istio::envoy::config::filter::http::jwt_auth::v2alpha1:: - JwtAuthentication& config) - : config_(config), pubkey_cache_(config_), token_extractor_(config_) {} + JwtAuthStore(JwtAuthenticationConstSharedPtr config) + : config_(config), pubkey_cache_(*config_), token_extractor_(*config_) {} // Get the Config. const ::istio::envoy::config::filter::http::jwt_auth::v2alpha1:: JwtAuthentication& config() const { - return config_; + return *config_; } // Get the pubkey cache. @@ -52,8 +55,7 @@ class JwtAuthStore : public ThreadLocal::ThreadLocalObject { private: // Store the config. - const ::istio::envoy::config::filter::http::jwt_auth::v2alpha1:: - JwtAuthentication& config_; + JwtAuthenticationConstSharedPtr config_; // The public key cache, indexed by issuer. PubkeyCache pubkey_cache_; // The object to extract token. @@ -66,13 +68,16 @@ class JwtAuthStoreFactory : public Logger::Loggable { JwtAuthStoreFactory(const ::istio::envoy::config::filter::http::jwt_auth:: v2alpha1::JwtAuthentication& config, Server::Configuration::FactoryContext& context) - : config_(config), tls_(context.threadLocal().allocateSlot()) { - tls_->set( - [this](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { - return std::make_shared(config_); - }); + : config_(std::make_shared( + config)), + tls_(context.threadLocal().allocateSlot()) { + tls_->set([config = this->config_](Event::Dispatcher&) + -> ThreadLocal::ThreadLocalObjectSharedPtr { + return std::make_shared(config); + }); ENVOY_LOG(debug, "Loaded JwtAuthConfig: {}", - MessageUtil::getJsonStringFromMessage(config_, true)); + MessageUtil::getJsonStringFromMessage(*config_, true)); } // Get per-thread auth store object. @@ -80,8 +85,7 @@ class JwtAuthStoreFactory : public Logger::Loggable { private: // The auth config. - ::istio::envoy::config::filter::http::jwt_auth::v2alpha1::JwtAuthentication - config_; + JwtAuthenticationConstSharedPtr config_; // Thread local slot to store per-thread auth store ThreadLocal::SlotPtr tls_; }; diff --git a/src/envoy/http/jwt_auth/integration_test/envoy.conf b/src/envoy/http/jwt_auth/integration_test/envoy.conf index 225c4db7023..763be2a7a97 100644 --- a/src/envoy/http/jwt_auth/integration_test/envoy.conf +++ b/src/envoy/http/jwt_auth/integration_test/envoy.conf @@ -1,65 +1,85 @@ { - "listeners": [ - { - "address": "tcp://{{ ip_loopback_address }}:0", - "bind_to_port": true, - "filters": [ - { - "type": "read", - "name": "http_connection_manager", - "config": { - "codec_type": "auto", - "stat_prefix": "ingress_http", - "route_config": { - "virtual_hosts": [ - { - "name": "backend", - "domains": ["*"], - "routes": [ + "admin": { + "access_log_path": "/dev/null", + "address": { + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": 0 + } + } + }, + "static_resources": { + "listeners": [ + { + "address": { + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": 0 + } + }, + "bind_to_port": true, + "filter_chains": [ + { + "filters": [ + { + "type": "read", + "name": "envoy.http_connection_manager", + "config": { + "codec_type": "auto", + "stat_prefix": "ingress_http", + "route_config": { + "virtual_hosts": [ + { + "routes": [ + { + "match": { + "prefix": "/" + }, + "route": { + "cluster": "service1" + } + } + ] + } + ] + }, + "access_log": [ + { + "name": "envoy.file_access_log", + "config": { + "path": "/dev/null" + } + } + ], + "http_filters": [ { - "prefix": "/", - "cluster": "service1" + "name": "jwt-auth", + "config": {} + }, + { + "name": "envoy.router", + "config": {} } ] } - ] - }, - "access_log": [ - { - "path": "/dev/stdout" - } - ], - "filters": [ - { - "type": "decoder", - "name": "jwt-auth", - "config": {} - }, - { - "type": "decoder", - "name": "router", - "config": {} } ] } - } - ] - } - ], - "admin": { - "access_log_path": "/dev/stdout", - "address": "tcp://{{ ip_loopback_address }}:0" - }, - "cluster_manager": { + ] + } + ], "clusters": [ { "name": "service1", - "connect_timeout_ms": 5000, + "connect_timeout": "5s", "type": "static", - "lb_type": "round_robin", + "lb_policy": "round_robin", "hosts": [ { - "url": "tcp://{{ ip_loopback_address }}:{{ upstream_0 }}" + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": "{{ upstream_0 }}" + } } ] } diff --git a/src/envoy/http/jwt_auth/integration_test/envoy.conf.jwk b/src/envoy/http/jwt_auth/integration_test/envoy.conf.jwk index e78dbc395aa..8a547c855a0 100644 --- a/src/envoy/http/jwt_auth/integration_test/envoy.conf.jwk +++ b/src/envoy/http/jwt_auth/integration_test/envoy.conf.jwk @@ -1,97 +1,123 @@ { - "listeners": [ - { - "address": "tcp://{{ ip_loopback_address }}:0", - "bind_to_port": true, - "filters": [ - { - "name": "http_connection_manager", - "config": { - "codec_type": "auto", - "stat_prefix": "ingress_http", - "route_config": { - "virtual_hosts": [ - { - "name": "backend", - "domains": ["*"], - "routes": [ - { - "prefix": "/", - "cluster": "service1" - } - ] - } - ] - }, - "access_log": [ - { - "path": "/dev/null" - } - ], + "admin": { + "access_log_path": "/dev/null", + "address": { + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": 0 + } + } + }, + "static_resources": { + "listeners": [ + { + "address": { + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": 0 + } + }, + "filter_chains": [ + { "filters": [ { - "type": "decoder", - "name": "jwt-auth", + "name": "envoy.http_connection_manager", "config": { - "rules": [ - { - "issuer": "https://example.com", - "audiences": [ - "example_service" - ], - "remote_jwks": { - "http_uri": { - "uri": "http://example.com/foobar_cert", - "cluster": "example_issuer" + "codec_type": "auto", + "stat_prefix": "ingress_http", + "route_config": { + "virtual_hosts": [ + { + "name": "backend", + "domains": [ + "*" + ], + "routes": [ + { + "match": { + "prefix": "/" + }, + "route": { + "cluster": "service1" + } } - }, - "forward_payload_header": "test-jwt-payload-output" - } - ] - } - }, - { - "type": "decoder", - "name": "router", - "config": {} + ] + } + ] + }, + "access_log": [ + { + "name": "envoy.file_access_log", + "config": { + "path": "/dev/null" + } + } + ], + "http_filters": [ + { + "name": "jwt-auth", + "config": { + "rules": [ + { + "issuer": "https://example.com", + "audiences": [ + "example_service" + ], + "remote_jwks": { + "http_uri": { + "uri": "http://example.com/foobar_cert", + "cluster": "example_issuer" + } + }, + "forward_payload_header": "test-jwt-payload-output" + } + ] + } + }, + { + "name": "envoy.router", + "config": {} + } + ] + } } ] } - } - ] - } - ], - "admin": { - "access_log_path": "/dev/null", - "address": "tcp://{{ ip_loopback_address }}:0" - }, - "cluster_manager": { + ] + } + ], "clusters": [ { "name": "service1", - "connect_timeout_ms": 5000, + "connect_timeout": "5s", "type": "static", - "lb_type": "round_robin", + "lb_policy": "round_robin", "hosts": [ { - "url": "tcp://{{ ip_loopback_address }}:{{ upstream_0 }}" + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": "{{ upstream_0 }}" + } } ] }, { "name": "example_issuer", - "connect_timeout_ms": 5000, + "connect_timeout": "5s", "type": "static", - "circuit_breakers": { - "default": { - "max_pending_requests": 10000, - "max_requests": 10000 - } - }, - "lb_type": "round_robin", + "circuit_breakers": { + "thresholds": { + "max_pending_requests": 10000, + "max_requests": 10000 + } + }, + "lb_policy": "round_robin", "hosts": [ { - "url": "tcp://{{ ip_loopback_address }}:{{ upstream_1 }}" + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": "{{ upstream_1 }}" + } } ] } diff --git a/src/envoy/http/jwt_auth/integration_test/envoy_allow_missing_or_failed_jwt.conf.jwk b/src/envoy/http/jwt_auth/integration_test/envoy_allow_missing_or_failed_jwt.conf.jwk index a6ce794147d..9f49cc80f5c 100644 --- a/src/envoy/http/jwt_auth/integration_test/envoy_allow_missing_or_failed_jwt.conf.jwk +++ b/src/envoy/http/jwt_auth/integration_test/envoy_allow_missing_or_failed_jwt.conf.jwk @@ -1,98 +1,124 @@ { - "listeners": [ - { - "address": "tcp://{{ ip_loopback_address }}:0", - "bind_to_port": true, - "filters": [ - { - "name": "http_connection_manager", - "config": { - "codec_type": "auto", - "stat_prefix": "ingress_http", - "route_config": { - "virtual_hosts": [ - { - "name": "backend", - "domains": ["*"], - "routes": [ - { - "prefix": "/", - "cluster": "service1" - } - ] - } - ] - }, - "access_log": [ - { - "path": "/dev/null" - } - ], + "admin": { + "access_log_path": "/dev/null", + "address": { + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": 0 + } + } + }, + "static_resources": { + "listeners": [ + { + "address": { + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": 0 + } + }, + "filter_chains": [ + { "filters": [ { - "type": "decoder", - "name": "jwt-auth", + "name": "envoy.http_connection_manager", "config": { - "rules": [ - { - "issuer": "https://example.com", - "audiences": [ - "example_service" - ], - "remote_jwks": { - "http_uri": { - "uri": "http://example.com/foobar_cert", - "cluster": "example_issuer" - } - }, - "forward_payload_header": "test-jwt-payload-output" + "codec_type": "auto", + "stat_prefix": "ingress_http", + "route_config": { + "virtual_hosts": [ + { + "name": "backend", + "domains": [ + "*" + ], + "routes": [ + { + "match": { + "prefix": "/" + }, + "route": { + "cluster": "service1" + } + } + ] } - ], - "allow_missing_or_failed": true - } - }, - { - "type": "decoder", - "name": "router", - "config": {} + ] + }, + "access_log": [ + { + "name": "envoy.file_access_log", + "config": { + "path": "/dev/null" + } + } + ], + "http_filters": [ + { + "name": "jwt-auth", + "config": { + "rules": [ + { + "issuer": "https://example.com", + "audiences": [ + "example_service" + ], + "remote_jwks": { + "http_uri": { + "uri": "http://example.com/foobar_cert", + "cluster": "example_issuer" + } + }, + "forward_payload_header": "test-jwt-payload-output" + } + ], + "allow_missing_or_failed": true + } + }, + { + "name": "envoy.router", + "config": {} + } + ] + } } ] } - } - ] - } - ], - "admin": { - "access_log_path": "/dev/null", - "address": "tcp://{{ ip_loopback_address }}:0" - }, - "cluster_manager": { + ] + } + ], "clusters": [ { "name": "service1", - "connect_timeout_ms": 5000, + "connect_timeout": "5s", "type": "static", - "lb_type": "round_robin", + "lb_policy": "round_robin", "hosts": [ { - "url": "tcp://{{ ip_loopback_address }}:{{ upstream_0 }}" + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": "{{ upstream_0 }}" + } } ] }, { "name": "example_issuer", - "connect_timeout_ms": 5000, + "connect_timeout": "5s", "type": "static", - "circuit_breakers": { - "default": { - "max_pending_requests": 10000, - "max_requests": 10000 - } - }, - "lb_type": "round_robin", + "circuit_breakers": { + "thresholds": { + "max_pending_requests": 10000, + "max_requests": 10000 + } + }, + "lb_policy": "round_robin", "hosts": [ { - "url": "tcp://{{ ip_loopback_address }}:{{ upstream_1 }}" + "socket_address": { + "address": "{{ ntop_ip_loopback_address }}", + "port_value": "{{ upstream_1 }}" + } } ] } diff --git a/src/envoy/http/jwt_auth/jwt_authenticator_test.cc b/src/envoy/http/jwt_auth/jwt_authenticator_test.cc index b4d9b3ec260..05bf3ad2fc3 100644 --- a/src/envoy/http/jwt_auth/jwt_authenticator_test.cc +++ b/src/envoy/http/jwt_auth/jwt_authenticator_test.cc @@ -292,11 +292,13 @@ class JwtAuthenticatorTest : public ::testing::Test { google::protobuf::util::Status status = ::google::protobuf::util::JsonStringToMessage(json_str, &config_); ASSERT_TRUE(status.ok()); - store_.reset(new JwtAuthStore(config_)); + config_ptr_ = std::make_shared(config_); + store_.reset(new JwtAuthStore(config_ptr_)); auth_.reset(new JwtAuthenticator(mock_cm_, *store_)); } JwtAuthentication config_; + JwtAuthenticationConstSharedPtr config_ptr_; std::unique_ptr store_; std::unique_ptr auth_; NiceMock mock_cm_; @@ -482,7 +484,8 @@ TEST_F(JwtAuthenticatorTest, TestForwardJwt) { // Confit forward_jwt flag config_.mutable_rules(0)->set_forward(true); // Re-create store and auth objects. - store_.reset(new JwtAuthStore(config_)); + config_ptr_ = std::make_shared(config_); + store_.reset(new JwtAuthStore(config_ptr_)); auth_.reset(new JwtAuthenticator(mock_cm_, *store_)); MockUpstream mock_pubkey(mock_cm_, kPublicKey); @@ -752,7 +755,8 @@ TEST_F(JwtAuthenticatorTest, TestInlineJwks) { local_jwks->set_inline_string(kPublicKey); // recreate store and auth with modified config. - store_.reset(new JwtAuthStore(config_)); + config_ptr_ = std::make_shared(config_); + store_.reset(new JwtAuthStore(config_ptr_)); auth_.reset(new JwtAuthenticator(mock_cm_, *store_)); MockUpstream mock_pubkey(mock_cm_, ""); diff --git a/src/envoy/http/mixer/control.cc b/src/envoy/http/mixer/control.cc index 26dec8496bc..32b7a384ab8 100644 --- a/src/envoy/http/mixer/control.cc +++ b/src/envoy/http/mixer/control.cc @@ -23,18 +23,22 @@ namespace Envoy { namespace Http { namespace Mixer { -Control::Control(const Config& config, Upstream::ClusterManager& cm, - Event::Dispatcher& dispatcher, +Control::Control(ControlDataSharedPtr control_data, + Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Runtime::RandomGenerator& random, Stats::Scope& scope, - Utils::MixerFilterStats& stats, const LocalInfo::LocalInfo& local_info) - : config_(config), + : control_data_(control_data), check_client_factory_(Utils::GrpcClientFactoryForCluster( - config_.check_cluster(), cm, scope, dispatcher.timeSystem())), + control_data_->config().check_cluster(), cm, scope, + dispatcher.timeSystem())), report_client_factory_(Utils::GrpcClientFactoryForCluster( - config_.report_cluster(), cm, scope, dispatcher.timeSystem())), - stats_obj_(dispatcher, stats, - config_.config_pb().transport().stats_update_interval(), + control_data_->config().report_cluster(), cm, scope, + dispatcher.timeSystem())), + stats_obj_(dispatcher, control_data_->stats(), + control_data_->config() + .config_pb() + .transport() + .stats_update_interval(), [this](::istio::mixerclient::Statistics* stat) -> bool { return GetStats(stat); }) { @@ -48,8 +52,8 @@ Control::Control(const Config& config, Upstream::ClusterManager& cm, ::istio::utils::SerializeForwardedAttributes(local_node, &serialized_forward_attributes_); - ::istio::control::http::Controller::Options options(config_.config_pb(), - local_node); + ::istio::control::http::Controller::Options options( + control_data_->config().config_pb(), local_node); Utils::CreateEnvironment(dispatcher, random, *check_client_factory_, *report_client_factory_, diff --git a/src/envoy/http/mixer/control.h b/src/envoy/http/mixer/control.h index ec52a3f1f78..e4c7c7edbed 100644 --- a/src/envoy/http/mixer/control.h +++ b/src/envoy/http/mixer/control.h @@ -32,14 +32,28 @@ namespace Envoy { namespace Http { namespace Mixer { +class ControlData { + public: + ControlData(std::unique_ptr config, Utils::MixerFilterStats stats) + : config_(std::move(config)), stats_(stats) {} + + const Config& config() { return *config_; } + Utils::MixerFilterStats& stats() { return stats_; } + + private: + std::unique_ptr config_; + Utils::MixerFilterStats stats_; +}; + +typedef std::shared_ptr ControlDataSharedPtr; + // The control object created per-thread. class Control final : public ThreadLocal::ThreadLocalObject { public: // The constructor. - Control(const Config& config, Upstream::ClusterManager& cm, + Control(ControlDataSharedPtr control_data, Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Runtime::RandomGenerator& random, - Stats::Scope& scope, Utils::MixerFilterStats& stats, - const LocalInfo::LocalInfo& local_info); + Stats::Scope& scope, const LocalInfo::LocalInfo& local_info); // Get low-level controller object. ::istio::control::http::Controller* controller() { return controller_.get(); } @@ -51,8 +65,8 @@ class Control final : public ThreadLocal::ThreadLocalObject { // Call controller to get statistics. bool GetStats(::istio::mixerclient::Statistics* stat); - // The mixer config. - const Config& config_; + // The control data. + ControlDataSharedPtr control_data_; // Pre-serialized attributes_for_mixer_proxy. std::string serialized_forward_attributes_; // async client factories diff --git a/src/envoy/http/mixer/control_factory.h b/src/envoy/http/mixer/control_factory.h index 83ff0e84ee9..2dc21057b98 100644 --- a/src/envoy/http/mixer/control_factory.h +++ b/src/envoy/http/mixer/control_factory.h @@ -36,32 +36,36 @@ class ControlFactory : public Logger::Loggable { public: ControlFactory(std::unique_ptr config, Server::Configuration::FactoryContext& context) - : config_(std::move(config)), - tls_(context.threadLocal().allocateSlot()), - stats_{ALL_MIXER_FILTER_STATS( - POOL_COUNTER_PREFIX(context.scope(), kHttpStatsPrefix))} { + : control_data_(std::make_shared( + std::move(config), + generateStats(kHttpStatsPrefix, context.scope()))), + tls_(context.threadLocal().allocateSlot()) { Upstream::ClusterManager& cm = context.clusterManager(); Runtime::RandomGenerator& random = context.random(); Stats::Scope& scope = context.scope(); const LocalInfo::LocalInfo& local_info = context.localInfo(); - tls_->set( - [this, &cm, &random, &scope, &local_info](Event::Dispatcher& dispatcher) - -> ThreadLocal::ThreadLocalObjectSharedPtr { - return std::make_shared(*config_, cm, dispatcher, random, - scope, stats_, local_info); - }); + tls_->set([control_data = this->control_data_, &cm, &random, &scope, + &local_info](Event::Dispatcher& dispatcher) + -> ThreadLocal::ThreadLocalObjectSharedPtr { + return std::make_shared(control_data, cm, dispatcher, random, + scope, local_info); + }); } Control& control() { return tls_->getTyped(); } private: - // Own the config object. - std::unique_ptr config_; + // Generates stats struct. + static Utils::MixerFilterStats generateStats(const std::string& name, + Stats::Scope& scope) { + return {ALL_MIXER_FILTER_STATS(POOL_COUNTER_PREFIX(scope, name))}; + } + + // The control data object + ControlDataSharedPtr control_data_; // Thread local slot. ThreadLocal::SlotPtr tls_; - // This stats object. - Utils::MixerFilterStats stats_; }; } // namespace Mixer diff --git a/src/envoy/tcp/mixer/control.cc b/src/envoy/tcp/mixer/control.cc index 90a166a17f4..8b25c2fad1f 100644 --- a/src/envoy/tcp/mixer/control.cc +++ b/src/envoy/tcp/mixer/control.cc @@ -25,21 +25,24 @@ namespace Envoy { namespace Tcp { namespace Mixer { -Control::Control(const Config& config, Upstream::ClusterManager& cm, - Event::Dispatcher& dispatcher, +Control::Control(ControlDataSharedPtr control_data, + Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Runtime::RandomGenerator& random, Stats::Scope& scope, - Utils::MixerFilterStats& stats, const std::string& uuid, const LocalInfo::LocalInfo& local_info) - : config_(config), + : control_data_(control_data), dispatcher_(dispatcher), check_client_factory_(Utils::GrpcClientFactoryForCluster( - config_.check_cluster(), cm, scope, dispatcher.timeSystem())), + control_data_->config().check_cluster(), cm, scope, + dispatcher.timeSystem())), report_client_factory_(Utils::GrpcClientFactoryForCluster( - config_.report_cluster(), cm, scope, dispatcher.timeSystem())), - stats_obj_(dispatcher, stats, - config_.config_pb().transport().stats_update_interval(), - [this](Statistics* stat) -> bool { return GetStats(stat); }), - uuid_(uuid) { + control_data_->config().report_cluster(), cm, scope, + dispatcher.timeSystem())), + stats_obj_(dispatcher, control_data_->stats(), + control_data_->config() + .config_pb() + .transport() + .stats_update_interval(), + [this](Statistics* stat) -> bool { return GetStats(stat); }) { auto& logger = Logger::Registry::getLog(Logger::Id::config); LocalNode local_node; if (!Utils::ExtractNodeInfo(local_info.node(), &local_node)) { @@ -50,8 +53,8 @@ Control::Control(const Config& config, Upstream::ClusterManager& cm, ::istio::utils::SerializeForwardedAttributes(local_node, &serialized_forward_attributes_); - ::istio::control::tcp::Controller::Options options(config_.config_pb(), - local_node); + ::istio::control::tcp::Controller::Options options( + control_data_->config().config_pb(), local_node); Utils::CreateEnvironment(dispatcher, random, *check_client_factory_, *report_client_factory_, diff --git a/src/envoy/tcp/mixer/control.h b/src/envoy/tcp/mixer/control.h index 9e08a167f7a..42efb785bb0 100644 --- a/src/envoy/tcp/mixer/control.h +++ b/src/envoy/tcp/mixer/control.h @@ -30,28 +30,46 @@ namespace Envoy { namespace Tcp { namespace Mixer { +class ControlData { + public: + ControlData(std::unique_ptr config, Utils::MixerFilterStats stats, + const std::string& uuid) + : config_(std::move(config)), stats_(stats), uuid_(uuid) {} + + const Config& config() { return *config_; } + Utils::MixerFilterStats& stats() { return stats_; } + const std::string& uuid() { return uuid_; } + + private: + std::unique_ptr config_; + Utils::MixerFilterStats stats_; + // UUID of the Envoy TCP mixer filter. + const std::string uuid_; +}; + +typedef std::shared_ptr ControlDataSharedPtr; + class Control final : public ThreadLocal::ThreadLocalObject { public: // The constructor. - Control(const Config& config, Upstream::ClusterManager& cm, + Control(ControlDataSharedPtr control_data, Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Runtime::RandomGenerator& random, - Stats::Scope& scope, Utils::MixerFilterStats& stats, - const std::string& uuid, const LocalInfo::LocalInfo& local_info); + Stats::Scope& scope, const LocalInfo::LocalInfo& local_info); ::istio::control::tcp::Controller* controller() { return controller_.get(); } Event::Dispatcher& dispatcher() { return dispatcher_; } - const std::string& uuid() const { return uuid_; } + const std::string& uuid() const { return control_data_->uuid(); } - const Config& config() const { return config_; } + const Config& config() const { return control_data_->config(); } private: // Call controller to get statistics. bool GetStats(::istio::mixerclient::Statistics* stat); - // The mixer config. - const Config& config_; + // The control data. + ControlDataSharedPtr control_data_; // dispatcher. Event::Dispatcher& dispatcher_; @@ -65,8 +83,7 @@ class Control final : public ThreadLocal::ThreadLocalObject { // statistics Utils::MixerStatsObject stats_obj_; - // UUID of the Envoy TCP mixer filter. - const std::string& uuid_; + // The mixer control std::unique_ptr<::istio::control::tcp::Controller> controller_; }; diff --git a/src/envoy/tcp/mixer/control_factory.h b/src/envoy/tcp/mixer/control_factory.h index a33c08151c6..ef131cf9f12 100644 --- a/src/envoy/tcp/mixer/control_factory.h +++ b/src/envoy/tcp/mixer/control_factory.h @@ -32,20 +32,20 @@ class ControlFactory : public Logger::Loggable { public: ControlFactory(std::unique_ptr config, Server::Configuration::FactoryContext& context) - : config_(std::move(config)), - cm_(context.clusterManager()), - tls_(context.threadLocal().allocateSlot()), - stats_(generateStats(kTcpStatsPrefix, context.scope())), - uuid_(context.random().uuid()) { + : control_data_(std::make_shared( + std::move(config), generateStats(kTcpStatsPrefix, context.scope()), + context.random().uuid())), + tls_(context.threadLocal().allocateSlot()) { Runtime::RandomGenerator& random = context.random(); Stats::Scope& scope = context.scope(); const LocalInfo::LocalInfo& local_info = context.localInfo(); - tls_->set([this, &random, &scope, + tls_->set([control_data = this->control_data_, + &cm = context.clusterManager(), &random, &scope, &local_info](Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { - return ThreadLocal::ThreadLocalObjectSharedPtr(new Control( - *config_, cm_, dispatcher, random, scope, stats_, uuid_, local_info)); + return ThreadLocal::ThreadLocalObjectSharedPtr( + new Control(control_data, cm, dispatcher, random, scope, local_info)); }); } @@ -59,16 +59,10 @@ class ControlFactory : public Logger::Loggable { return {ALL_MIXER_FILTER_STATS(POOL_COUNTER_PREFIX(scope, name))}; } - // The config object - std::unique_ptr config_; - // The cluster manager - Upstream::ClusterManager& cm_; + // The control data object + ControlDataSharedPtr control_data_; // the thread local slots ThreadLocal::SlotPtr tls_; - // The statistics struct. - Utils::MixerFilterStats stats_; - // UUID of the Envoy TCP mixer filter. - const std::string uuid_; }; } // namespace Mixer