Uploaded image for project: 'OpenShift Service Mesh'
  1. OpenShift Service Mesh
  2. OSSM-2473

federation: exported service names can clash when importing from >1 mesh

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Major
    • None
    • None
    • Customer Impact, Maistra
    • None

    Description

      Every imported federation service has two names: an exported service name that's defined by the exporting mesh, and an imported service name based on the alias given when importing. Both of these are not just names, but actual services in istiod's service registry.

      We construct the exported service name on the exporting side from given aliased service and namespace names plus (and here's the problem) a domain suffix based on the target mesh's name. So a service exported from mesh3 to mesh2 will have an exported name like this:

      ratings.bookinfo.svc.mesh2-exports.local

      Now, if you have another service with the same name and alias exported from mesh1 to mesh2 it'll have the exact same name, because the domain suffix is based on the target mesh:

      ratings.bookinfo.svc.mesh2-exports.local

      This causes problems in the service registry because those two services should always be distinct. You'll see istiod logs like this:

          "pilot_duplicate_envoy_clusters": {
        "outbound_.27017_._.mongodb.bookinfo.svc.mesh2-exports.local": {
            "proxy": "mesh1-ingress-694d868d57-rmcgx.mesh2-system",
            "message": "Duplicate cluster outbound_.27017_._.mongodb.bookinfo.svc.mesh2-exports.local found while pushing CDS"
        },
        "outbound_.9080_._.ratings.bookinfo.svc.mesh2-exports.local": {
            "proxy": "mesh1-ingress-694d868d57-rmcgx.mesh2-system",
            "message": "Duplicate cluster outbound_.9080_._.ratings.bookinfo.svc.mesh2-exports.local found while pushing CDS"
        },
        "outbound|27017||mongodb.bookinfo.svc.mesh2-exports.local": {
            "proxy": "mesh1-ingress-694d868d57-rmcgx.mesh2-system",
            "message": "Duplicate cluster outbound|27017||mongodb.bookinfo.svc.mesh2-exports.local found while pushing CDS"
        },
        "outbound|9080||ratings.bookinfo.svc.mesh2-exports.local": {
            "proxy": "mesh1-ingress-694d868d57-rmcgx.mesh2-system",
            "message": "Duplicate cluster outbound|9080||ratings.bookinfo.svc.mesh2-exports.local found while pushing CDS"
        }
    }

      We should find another way to determine the exported domain suffix so that there can't be clashes.

      Attachments

        Issue Links

          relates to

          Task - Represents a small unit of work that is not end-user facing. MAISTRA-2440 Verify importing services from multiple meshes into the same name works

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              Unassigned Unassigned
              dgrimm@redhat.com Daniel Grimm
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: