Revert "envoy per gateway (#404)"

This reverts commit 231e4fb.

Signed-off-by: danehans <[email protected]>

Author: danehans

internal/cmd/xdstest.go

@@ -187,19 +187,19 @@ func xDSTest() error {
 		for {
 			time.Sleep(10 * time.Second)
 			logger.Info("Updating the cache for first-listener with first-route")
-			err := snapCache.GenerateNewSnapshot("", cacheVersion1.GetXdsResources())
+			err := snapCache.GenerateNewSnapshot(cacheVersion1.GetXdsResources())
 			if err != nil {
 				logger.Error(err, "Something went wrong with generating a snapshot")
 			}
 			time.Sleep(10 * time.Second)
 			logger.Info("Updating the cache for first-listener with second-route")
-			err = snapCache.GenerateNewSnapshot("", cacheVersion2.GetXdsResources())
+			err = snapCache.GenerateNewSnapshot(cacheVersion2.GetXdsResources())
 			if err != nil {
 				logger.Error(err, "Something went wrong with generating a snapshot")
 			}
 			time.Sleep(10 * time.Second)
 			logger.Info("Updating the cache for second-listener with second-route")
-			err = snapCache.GenerateNewSnapshot("", cacheVersion3.GetXdsResources())
+			err = snapCache.GenerateNewSnapshot(cacheVersion3.GetXdsResources())
 			if err != nil {
 				logger.Error(err, "Something went wrong with generating a snapshot")
 			}

internal/crypto/certgen.go

@@ -21,7 +21,7 @@ const (
 	DefaultEnvoyGatewayDNSPrefix = config.EnvoyGatewayServiceName
 
 	// DefaultEnvoyDNSPrefix defines the default Envoy DNS prefix.
-	DefaultEnvoyDNSPrefix = "*"
+	DefaultEnvoyDNSPrefix = config.EnvoyServiceName
 
 	// DefaultNamespace is the default Namespace name where Envoy Gateway is running.
 	DefaultNamespace = config.EnvoyGatewayNamespace
@@ -112,7 +112,7 @@ func GenerateCerts(egCfg *v1alpha1.EnvoyGateway) (*Certificates, error) {
 		switch egProvider {
 		case v1alpha1.ProviderTypeKubernetes:
 			egDNSNames = kubeServiceNames(DefaultEnvoyGatewayDNSPrefix, DefaultNamespace, DefaultDNSSuffix)
-			envoyDNSNames = append(envoyDNSNames, fmt.Sprintf("*.%s", DefaultNamespace))
+			envoyDNSNames = kubeServiceNames(DefaultEnvoyDNSPrefix, DefaultNamespace, DefaultDNSSuffix)
 		default:
 			// Kubernetes is the only supported Envoy Gateway provider.
 			return nil, fmt.Errorf("unsupported provider type %v", egProvider)

internal/crypto/certgen_test.go

@@ -47,7 +47,7 @@ func TestGenerateCerts(t *testing.T) {
 	run(t, "no configuration - use defaults", testcase{
 		certConfig:              &Configuration{},
 		wantEnvoyGatewayDNSName: "envoy-gateway",
-		wantEnvoyDNSName:        "*.envoy-gateway-system",
+		wantEnvoyDNSName:        "envoy",
 	})
 }
 

internal/envoygateway/config/config.go

@@ -12,12 +12,12 @@ const (
 	EnvoyGatewayNamespace = "envoy-gateway-system"
 	// EnvoyGatewayServiceName is the name of the Envoy Gateway service.
 	EnvoyGatewayServiceName = "envoy-gateway"
+	// EnvoyServiceName is the name of the Envoy Service.
+	EnvoyServiceName = "envoy"
+	// EnvoyDeploymentName is the name of the Envoy Deployment.
+	EnvoyDeploymentName = "envoy"
 	// EnvoyConfigMapName is the name of the Envoy ConfigMap.
 	EnvoyConfigMapName = "envoy"
-	// EnvoyServicePrefix is the prefix applied to the Envoy Service.
-	EnvoyServicePrefix = "envoy"
-	// EnvoyDeploymentPrefix is the prefix applied to the Envoy Deployment.
-	EnvoyDeploymentPrefix = "envoy"
 )
 
 // Server wraps the EnvoyGateway configuration and additional parameters

internal/gatewayapi/runner/runner.go

@@ -95,24 +95,22 @@ func (r *Runner) subscribeAndTranslate(ctx context.Context) {
 			yamlInfraIR, _ := yaml.Marshal(&result.InfraIR)
 			r.Logger.WithValues("output", "infra-ir").Info(string(yamlInfraIR))
 
-			// Publish the IRs.
+			// Publish the IRs. Use the service name as the key
+			// to ensure there is always one element in the map.
 			// Also validate the ir before sending it.
-			for key, val := range result.InfraIR {
-				if err := val.Validate(); err != nil {
-					r.Logger.Error(err, "unable to validate infra ir, skipped sending it")
-				} else {
-					r.InfraIR.Store(key, val)
-				}
+			if err := result.InfraIR.Validate(); err != nil {
+				r.Logger.Error(err, "unable to validate infra ir, skipped sending it")
+			} else {
+				r.InfraIR.Store(r.Name(), result.InfraIR)
 			}
+
 			// Wait until all HTTPRoutes have been reconciled , else the translation
 			// result will be incomplete, and might cause churn in the data plane.
 			if r.xdsIRReady {
-				for key, val := range result.XdsIR {
-					if err := val.Validate(); err != nil {
-						r.Logger.Error(err, "unable to validate xds ir, skipped sending it")
-					} else {
-						r.XdsIR.Store(key, val)
-					}
+				if err := result.XdsIR.Validate(); err != nil {
+					r.Logger.Error(err, "unable to validate xds ir, skipped sending it")
+				} else {
+					r.XdsIR.Store(r.Name(), result.XdsIR)
 				}
 			}
 

internal/gatewayapi/runner/runner_test.go

@@ -7,7 +7,6 @@ import (
 	"time"
 
 	"github.com/stretchr/testify/require"
-	"k8s.io/apimachinery/pkg/types"
 
 	"github.com/envoyproxy/gateway/internal/envoygateway/config"
 	"github.com/envoyproxy/gateway/internal/ir"
@@ -33,22 +32,21 @@ func TestRunner(t *testing.T) {
 	require.NoError(t, err)
 
 	// IR is nil at start
-	require.Equal(t, map[string]*ir.Xds{}, xdsIR.LoadAll())
-	require.Equal(t, map[string]*ir.Infra{}, infraIR.LoadAll())
+	require.Equal(t, (*ir.Xds)(nil), xdsIR.Get())
+	require.Equal(t, (*ir.Infra)(nil), infraIR.Get())
 
 	// TODO: pass valid provider resources
 
-	// Reset gateway slice and update with a nil gateway to trigger a delete.
-	pResources.DeleteGateways()
-	key := types.NamespacedName{Namespace: "test", Name: "test"}
-	pResources.Gateways.Store(key, nil)
+	// Reset gatewayclass slice and update with a nil gatewayclass to trigger a delete
+	pResources.DeleteGatewayClasses()
+	pResources.GatewayClasses.Store("test", nil)
 	require.Eventually(t, func() bool {
-		out := xdsIR.LoadAll()
+		out := xdsIR.Get()
 		if out == nil {
 			return false
 		}
 		// Ensure ir is empty
-		return (reflect.DeepEqual(xdsIR.LoadAll(), map[string]*ir.Xds{})) && (reflect.DeepEqual(infraIR.LoadAll(), map[string]*ir.Infra{}))
+		return (reflect.DeepEqual(*xdsIR.Get(), ir.Xds{})) && (reflect.DeepEqual(*infraIR.Get(), ir.Infra{Proxy: nil}))
 	}, time.Second*1, time.Millisecond*20)
 
 }

internal/gatewayapi/testdata/gateway-allows-same-namespace-with-allowed-httproute.out.yaml

@@ -54,33 +54,31 @@ httpRoutes:
               reason: Accepted
               message: Route is accepted
 xdsIR:
-  envoy-gateway-gateway-1:
-    http:
-      - name: envoy-gateway-gateway-1-http
-        address: 0.0.0.0
-        port: 10080
-        hostnames:
-          - "*"
-        routes:
-          - name: envoy-gateway-httproute-1-rule-0-match-0-*
-            pathMatch:
-              prefix: "/"
-            destinations:
-              - host: 7.7.7.7
-                port: 8080
-                weight: 1
+  http:
+    - name: envoy-gateway-gateway-1-http
+      address: 0.0.0.0
+      port: 10080
+      hostnames:
+        - "*"
+      routes:
+        - name: envoy-gateway-httproute-1-rule-0-match-0-*
+          pathMatch:
+            prefix: "/"
+          destinations:
+            - host: 7.7.7.7
+              port: 8080
+              weight: 1
 infraIR:
-  envoy-gateway-gateway-1:
-    proxy:
-      metadata:
-        labels:
-          gateway.envoyproxy.io/owning-gateway: gateway-1
-      name: envoy-gateway-gateway-1
-      image: envoyproxy/envoy:v1.23-latest
-      listeners:
-        - address: ""
-          ports:
-            - name: envoy-gateway-gateway-1
-              protocol: "HTTP"
-              servicePort: 80
-              containerPort: 10080
+  proxy:
+    metadata:
+      labels:
+        gateway.envoyproxy.io/owning-gatewayclass: envoy-gateway-class
+    name: envoy-gateway-class
+    image: envoyproxy/envoy:v1.23-latest
+    listeners:
+      - address: ""
+        ports:
+          - name: envoy-gateway-gateway-1
+            protocol: "HTTP"
+            servicePort: 80
+            containerPort: 10080

internal/gatewayapi/testdata/gateway-allows-same-namespace-with-disallowed-httproute.out.yaml

@@ -54,25 +54,23 @@ httpRoutes:
         reason: NotAllowedByListeners
         message: No listeners included by this parent ref allowed this attachment.
 xdsIR:
-  envoy-gateway-gateway-1:
-    http:
-    - name: envoy-gateway-gateway-1-http
-      address: 0.0.0.0
-      hostnames:
-      - "*"
-      port: 10080
+  http:
+  - name: envoy-gateway-gateway-1-http
+    address: 0.0.0.0
+    hostnames:
+    - "*"
+    port: 10080
 infraIR:
-  envoy-gateway-gateway-1:
-    proxy:
-      metadata:
-        labels:
-          gateway.envoyproxy.io/owning-gateway: gateway-1
-      name: envoy-gateway-gateway-1
-      image: envoyproxy/envoy:v1.23-latest
-      listeners:
-      - address: ""
-        ports:
-        - name: envoy-gateway-gateway-1
-          protocol: "HTTP"
-          servicePort: 80
-          containerPort: 10080
+  proxy:
+    metadata:
+      labels:
+        gateway.envoyproxy.io/owning-gatewayclass: envoy-gateway-class
+    name: envoy-gateway-class
+    image: envoyproxy/envoy:v1.23-latest
+    listeners:
+    - address: ""
+      ports:
+      - name: envoy-gateway-gateway-1
+        protocol: "HTTP"
+        servicePort: 80
+        containerPort: 10080

internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-namespaces-selector.out.yaml

@@ -59,15 +59,13 @@ httpRoutes:
               status: "False"
               reason: NoReadyListeners
               message: There are no ready listeners for this parent ref
-xdsIR:
-  envoy-gateway-gateway-1: {}
+xdsIR: {}
 infraIR:
-  envoy-gateway-gateway-1:
-    proxy:
-      metadata:
-        labels:
-          gateway.envoyproxy.io/owning-gateway: gateway-1
-      name: envoy-gateway-gateway-1
-      image: envoyproxy/envoy:v1.23-latest
-      listeners:
-        - address: ""
+  proxy:
+    metadata:
+      labels:
+        gateway.envoyproxy.io/owning-gatewayclass: envoy-gateway-class
+    name: envoy-gateway-class
+    image: envoyproxy/envoy:v1.23-latest
+    listeners:
+      - address: ""

internal/gatewayapi/testdata/gateway-with-listener-with-invalid-allowed-routes-group.out.yaml

@@ -57,15 +57,13 @@ httpRoutes:
               status: "False"
               reason: NoReadyListeners
               message: There are no ready listeners for this parent ref
-xdsIR:
-  envoy-gateway-gateway-1: {}
+xdsIR: {}
 infraIR:
-  envoy-gateway-gateway-1:
-    proxy:
-      metadata:
-        labels:
-          gateway.envoyproxy.io/owning-gateway: gateway-1
-      name: envoy-gateway-gateway-1
-      image: envoyproxy/envoy:v1.23-latest
-      listeners:
-        - address: ""
+  proxy:
+    metadata:
+      labels:
+        gateway.envoyproxy.io/owning-gatewayclass: envoy-gateway-class
+    name: envoy-gateway-class
+    image: envoyproxy/envoy:v1.23-latest
+    listeners:
+      - address: ""