Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: OSSM 2.4.0
Affects Version/s: None
Component/s: Customer Impact, Maistra
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
Documentation Type:

Release Notes
Release Note Type:
Release Note Not Required
Release Note Status:
Proposed
Steps to Reproduce:

Hide

Here the former associated ticket

See the blueprints attached to the case

Show
Here the former associated ticket See the blueprints attached to the case
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:

Linked to this ticket

It appears that instead of just the remote IPs, in our federation-egress gateway we're routing requests to extra IPs which point to its own federation-ingress.

Here an example of the egress-gateway logs

2023-03-23T18:35:57.901620Z	debug	federation	adding import for service {Name:nginx Namespace:bookinfo Hostname:nginx.bookinfo.svc.green-exports.local} as {Name:nginx Namespace:green-workload Hostname:nginx.green-workload.svc.red-imports.local}	component=federation-registry
2023-03-23T18:35:57.901639Z	debug	federation	adding endpoint for imported service: addr=35.180.219.47, port=15443, host=nginx.bookinfo.svc.green-exports.local	component=federation-registry
2023-03-23T18:35:57.901650Z	debug	federation	adding endpoint for imported service: addr=13.37.33.162, port=15443, host=nginx.bookinfo.svc.green-exports.local	component=federation-registry
2023-03-23T18:35:57.901659Z	debug	federation	adding endpoint for imported service: addr=15.236.147.201, port=15443, host=nginx.bookinfo.svc.green-exports.local	component=federation-registry
2023-03-23T18:35:57.901665Z	debug	federation	adding endpoint for imported service: addr=18.133.20.159, port=15443, host=nginx.bookinfo.svc.green-exports.local	component=federation-registry
2023-03-23T18:35:57.901670Z	debug	federation	adding endpoint for imported service: addr=35.177.165.55, port=15443, host=nginx.bookinfo.svc.green-exports.local	component=federation-registry
2023-03-23T18:35:57.901675Z	debug	federation	adding endpoint for imported service: addr=35.179.84.234, port=15443, host=nginx.bookinfo.svc.green-exports.local	component=federation-registry
2023-03-23T18:35:57.901683Z	debug	federation	adding endpoint for imported service: addr=10.129.2.31, port=15443, host=nginx.green-workload.svc.red-imports.local	component=federation-registry

In v2.1, we pulled the NetworkGateways from istio's env and filtered them using s.network.
In the next versions, we don't have this filter anymore (cf. v2.2 or v2.3) which causes the extra endpoints entries.

relates to

OSSM-3389 [OSSM] local federation gateway ip polluting federated service endpoints

Closed

mentioned on

Merge request - Updated 2 upstream sources

Merge request - Updated US source to: 8adc6d6 OSSM-3732: Add workaround script for Prow postcommit jobs (#785)

Merge request - Updated US source to: 51c756b OSSM-3599 Federation egress-gateway gets wrong network gateway endpoints (#775) (#781)

(13 mentioned on)

1.	Port egress-gateway wrong network gateway endpoints fix in maistra-2.3		Closed		Brian Mangoenpawiro
2.	Port egress-gateway wrong network gateway endpoints fix in maistra-2.2		Closed		Brian Mangoenpawiro

Assignee:: Brian Mangoenpawiro

Reporter:: Brian Mangoenpawiro

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2023/03/27 2:34 PM

Updated:: 2024/04/09 4:01 PM

Resolved:: 2023/04/11 10:21 AM

Details

Description

Attachments

Issue Links

Sub-Tasks

Activity

People

Dates