diff --git a/.changelog/2796.txt b/.changelog/2796.txt new file mode 100644 index 0000000000..84646b502d --- /dev/null +++ b/.changelog/2796.txt @@ -0,0 +1,3 @@ +```release-note:bug +ingress-gateway: Adds missing PassiveHealthCheck to IngressGateways CRD and updates missing fields on ServiceDefaults CRD +``` \ No newline at end of file diff --git a/charts/consul/templates/crd-ingressgateways.yaml b/charts/consul/templates/crd-ingressgateways.yaml index a01fafd8dd..9fa5ef7edd 100644 --- a/charts/consul/templates/crd-ingressgateways.yaml +++ b/charts/consul/templates/crd-ingressgateways.yaml @@ -78,6 +78,43 @@ spec: while waiting for a connection to be established. format: int32 type: integer + passiveHealthCheck: + description: PassiveHealthCheck configuration determines how upstream + proxy instances will be monitored for removal from the load + balancing pool. + properties: + baseEjectionTime: + description: The base time that a host is ejected for. The + real time is equal to the base time multiplied by the number + of times the host has been ejected and is capped by max_ejection_time + (Default 300s). Defaults to 30s. + type: string + enforcingConsecutive5xx: + description: EnforcingConsecutive5xx is the % chance that + a host will be actually ejected when an outlier status is + detected through consecutive 5xx. This setting can be used + to disable ejection or to ramp it up slowly. Ex. Setting + this to 10 will make it a 10% chance that the host will + be ejected. + format: int32 + type: integer + interval: + description: Interval between health check analysis sweeps. + Each sweep may remove hosts or return hosts to the pool. + Ex. setting this to "10s" will set the interval to 10 seconds. + type: string + maxEjectionPercent: + description: The maximum % of an upstream cluster that can + be ejected due to outlier detection. Defaults to 10% but + will eject at least one host regardless of the value. + format: int32 + type: integer + maxFailures: + description: MaxFailures is the count of consecutive failures + that results in a host being removed from the pool. + format: int32 + type: integer + type: object type: object listeners: description: Listeners declares what ports the ingress gateway should @@ -157,6 +194,47 @@ spec: service is located. Partitioning is a Consul Enterprise feature. type: string + passiveHealthCheck: + description: PassiveHealthCheck configuration determines + how upstream proxy instances will be monitored for removal + from the load balancing pool. + properties: + baseEjectionTime: + description: The base time that a host is ejected + for. The real time is equal to the base time multiplied + by the number of times the host has been ejected + and is capped by max_ejection_time (Default 300s). + Defaults to 30s. + type: string + enforcingConsecutive5xx: + description: EnforcingConsecutive5xx is the % chance + that a host will be actually ejected when an outlier + status is detected through consecutive 5xx. This + setting can be used to disable ejection or to ramp + it up slowly. Ex. Setting this to 10 will make it + a 10% chance that the host will be ejected. + format: int32 + type: integer + interval: + description: Interval between health check analysis + sweeps. Each sweep may remove hosts or return hosts + to the pool. Ex. setting this to "10s" will set + the interval to 10 seconds. + type: string + maxEjectionPercent: + description: The maximum % of an upstream cluster + that can be ejected due to outlier detection. Defaults + to 10% but will eject at least one host regardless + of the value. + format: int32 + type: integer + maxFailures: + description: MaxFailures is the count of consecutive + failures that results in a host being removed from + the pool. + format: int32 + type: integer + type: object requestHeaders: description: Allow HTTP header manipulation to be configured. properties: diff --git a/charts/consul/templates/crd-servicedefaults.yaml b/charts/consul/templates/crd-servicedefaults.yaml index 3b5503eebe..2f5b8baa7d 100644 --- a/charts/consul/templates/crd-servicedefaults.yaml +++ b/charts/consul/templates/crd-servicedefaults.yaml @@ -257,18 +257,22 @@ spec: The real time is equal to the base time multiplied by the number of times the host has been ejected and is capped by max_ejection_time (Default 300s). Defaults - to 30000ms or 30s. + to 30s. type: string enforcingConsecutive5xx: description: EnforcingConsecutive5xx is the % chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. + Ex. Setting this to 10 will make it a 10% chance that + the host will be ejected. format: int32 type: integer interval: description: Interval between health check analysis sweeps. Each sweep may remove hosts or return hosts to the pool. + Ex. setting this to "10s" will set the interval to 10 + seconds. type: string maxEjectionPercent: description: The maximum % of an upstream cluster that @@ -370,19 +374,22 @@ spec: The real time is equal to the base time multiplied by the number of times the host has been ejected and is capped by max_ejection_time (Default 300s). Defaults - to 30000ms or 30s. + to 30s. type: string enforcingConsecutive5xx: description: EnforcingConsecutive5xx is the % chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. + Ex. Setting this to 10 will make it a 10% chance that + the host will be ejected. format: int32 type: integer interval: description: Interval between health check analysis sweeps. Each sweep may remove hosts or return hosts - to the pool. + to the pool. Ex. setting this to "10s" will set the + interval to 10 seconds. type: string maxEjectionPercent: description: The maximum % of an upstream cluster that diff --git a/control-plane/api/v1alpha1/ingressgateway_types.go b/control-plane/api/v1alpha1/ingressgateway_types.go index c94b6e1458..69efb47a5a 100644 --- a/control-plane/api/v1alpha1/ingressgateway_types.go +++ b/control-plane/api/v1alpha1/ingressgateway_types.go @@ -74,6 +74,9 @@ type IngressServiceConfig struct { // will be allowed at a single point in time. Use this to limit HTTP/2 traffic, // since HTTP/2 has many requests per connection. MaxConcurrentRequests *uint32 `json:"maxConcurrentRequests,omitempty"` + // PassiveHealthCheck configuration determines how upstream proxy instances will + // be monitored for removal from the load balancing pool. + PassiveHealthCheck *PassiveHealthCheck `json:"passiveHealthCheck,omitempty"` } type GatewayTLSConfig struct { @@ -361,6 +364,7 @@ func (in IngressService) toConsul() capi.IngressService { MaxConnections: in.MaxConnections, MaxPendingRequests: in.MaxPendingRequests, MaxConcurrentRequests: in.MaxConcurrentRequests, + PassiveHealthCheck: in.PassiveHealthCheck.toConsul(), } } @@ -465,5 +469,6 @@ func (in *IngressServiceConfig) toConsul() *capi.IngressServiceConfig { MaxConnections: in.MaxConnections, MaxPendingRequests: in.MaxPendingRequests, MaxConcurrentRequests: in.MaxConcurrentRequests, + PassiveHealthCheck: in.PassiveHealthCheck.toConsul(), } } diff --git a/control-plane/api/v1alpha1/ingressgateway_types_test.go b/control-plane/api/v1alpha1/ingressgateway_types_test.go index 4942d38e11..37a23ff678 100644 --- a/control-plane/api/v1alpha1/ingressgateway_types_test.go +++ b/control-plane/api/v1alpha1/ingressgateway_types_test.go @@ -10,6 +10,7 @@ import ( "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/utils/pointer" ) func TestIngressGateway_MatchesConsul(t *testing.T) { @@ -67,6 +68,17 @@ func TestIngressGateway_MatchesConsul(t *testing.T) { MaxConnections: &defaultMaxConnections, MaxPendingRequests: &defaultMaxPendingRequests, MaxConcurrentRequests: &defaultMaxConcurrentRequests, + PassiveHealthCheck: &PassiveHealthCheck{ + Interval: metav1.Duration{ + Duration: 2 * time.Second, + }, + MaxFailures: uint32(20), + EnforcingConsecutive5xx: pointer.Uint32(100), + MaxEjectionPercent: pointer.Uint32(10), + BaseEjectionTime: &metav1.Duration{ + Duration: 10 * time.Second, + }, + }, }, Listeners: []IngressListener{ { @@ -167,6 +179,13 @@ func TestIngressGateway_MatchesConsul(t *testing.T) { MaxConnections: &defaultMaxConnections, MaxPendingRequests: &defaultMaxPendingRequests, MaxConcurrentRequests: &defaultMaxConcurrentRequests, + PassiveHealthCheck: &capi.PassiveHealthCheck{ + Interval: 2 * time.Second, + MaxFailures: uint32(20), + EnforcingConsecutive5xx: pointer.Uint32(100), + MaxEjectionPercent: pointer.Uint32(10), + BaseEjectionTime: pointer.Duration(10 * time.Second), + }, }, Listeners: []capi.IngressListener{ { @@ -329,6 +348,17 @@ func TestIngressGateway_ToConsul(t *testing.T) { MaxConnections: &defaultMaxConnections, MaxPendingRequests: &defaultMaxPendingRequests, MaxConcurrentRequests: &defaultMaxConcurrentRequests, + PassiveHealthCheck: &PassiveHealthCheck{ + Interval: metav1.Duration{ + Duration: 2 * time.Second, + }, + MaxFailures: uint32(20), + EnforcingConsecutive5xx: pointer.Uint32(100), + MaxEjectionPercent: pointer.Uint32(10), + BaseEjectionTime: &metav1.Duration{ + Duration: 10 * time.Second, + }, + }, }, Listeners: []IngressListener{ { @@ -428,6 +458,13 @@ func TestIngressGateway_ToConsul(t *testing.T) { MaxConnections: &defaultMaxConnections, MaxPendingRequests: &defaultMaxPendingRequests, MaxConcurrentRequests: &defaultMaxConcurrentRequests, + PassiveHealthCheck: &capi.PassiveHealthCheck{ + Interval: 2 * time.Second, + MaxFailures: uint32(20), + EnforcingConsecutive5xx: pointer.Uint32(100), + MaxEjectionPercent: pointer.Uint32(10), + BaseEjectionTime: pointer.Duration(10 * time.Second), + }, }, Listeners: []capi.IngressListener{ { diff --git a/control-plane/api/v1alpha1/servicedefaults_types.go b/control-plane/api/v1alpha1/servicedefaults_types.go index 3f1b8f1951..ced77e6c2b 100644 --- a/control-plane/api/v1alpha1/servicedefaults_types.go +++ b/control-plane/api/v1alpha1/servicedefaults_types.go @@ -164,7 +164,8 @@ type UpstreamLimits struct { // be monitored for removal from the load balancing pool. type PassiveHealthCheck struct { // Interval between health check analysis sweeps. Each sweep may remove - // hosts or return hosts to the pool. + // hosts or return hosts to the pool. Ex. setting this to "10s" will set + // the interval to 10 seconds. Interval metav1.Duration `json:"interval,omitempty"` // MaxFailures is the count of consecutive failures that results in a host // being removed from the pool. @@ -172,13 +173,14 @@ type PassiveHealthCheck struct { // EnforcingConsecutive5xx is the % chance that a host will be actually ejected // when an outlier status is detected through consecutive 5xx. // This setting can be used to disable ejection or to ramp it up slowly. + // Ex. Setting this to 10 will make it a 10% chance that the host will be ejected. EnforcingConsecutive5xx *uint32 `json:"enforcingConsecutive5xx,omitempty"` // The maximum % of an upstream cluster that can be ejected due to outlier detection. // Defaults to 10% but will eject at least one host regardless of the value. MaxEjectionPercent *uint32 `json:"maxEjectionPercent,omitempty"` // The base time that a host is ejected for. The real time is equal to the base time // multiplied by the number of times the host has been ejected and is capped by - // max_ejection_time (Default 300s). Defaults to 30000ms or 30s. + // max_ejection_time (Default 300s). Defaults to 30s. BaseEjectionTime *metav1.Duration `json:"baseEjectionTime,omitempty"` } diff --git a/control-plane/config/crd/bases/consul.hashicorp.com_ingressgateways.yaml b/control-plane/config/crd/bases/consul.hashicorp.com_ingressgateways.yaml index 16ac322090..96d88c0e06 100644 --- a/control-plane/config/crd/bases/consul.hashicorp.com_ingressgateways.yaml +++ b/control-plane/config/crd/bases/consul.hashicorp.com_ingressgateways.yaml @@ -71,6 +71,43 @@ spec: while waiting for a connection to be established. format: int32 type: integer + passiveHealthCheck: + description: PassiveHealthCheck configuration determines how upstream + proxy instances will be monitored for removal from the load + balancing pool. + properties: + baseEjectionTime: + description: The base time that a host is ejected for. The + real time is equal to the base time multiplied by the number + of times the host has been ejected and is capped by max_ejection_time + (Default 300s). Defaults to 30s. + type: string + enforcingConsecutive5xx: + description: EnforcingConsecutive5xx is the % chance that + a host will be actually ejected when an outlier status is + detected through consecutive 5xx. This setting can be used + to disable ejection or to ramp it up slowly. Ex. Setting + this to 10 will make it a 10% chance that the host will + be ejected. + format: int32 + type: integer + interval: + description: Interval between health check analysis sweeps. + Each sweep may remove hosts or return hosts to the pool. + Ex. setting this to "10s" will set the interval to 10 seconds. + type: string + maxEjectionPercent: + description: The maximum % of an upstream cluster that can + be ejected due to outlier detection. Defaults to 10% but + will eject at least one host regardless of the value. + format: int32 + type: integer + maxFailures: + description: MaxFailures is the count of consecutive failures + that results in a host being removed from the pool. + format: int32 + type: integer + type: object type: object listeners: description: Listeners declares what ports the ingress gateway should @@ -150,6 +187,47 @@ spec: service is located. Partitioning is a Consul Enterprise feature. type: string + passiveHealthCheck: + description: PassiveHealthCheck configuration determines + how upstream proxy instances will be monitored for removal + from the load balancing pool. + properties: + baseEjectionTime: + description: The base time that a host is ejected + for. The real time is equal to the base time multiplied + by the number of times the host has been ejected + and is capped by max_ejection_time (Default 300s). + Defaults to 30s. + type: string + enforcingConsecutive5xx: + description: EnforcingConsecutive5xx is the % chance + that a host will be actually ejected when an outlier + status is detected through consecutive 5xx. This + setting can be used to disable ejection or to ramp + it up slowly. Ex. Setting this to 10 will make it + a 10% chance that the host will be ejected. + format: int32 + type: integer + interval: + description: Interval between health check analysis + sweeps. Each sweep may remove hosts or return hosts + to the pool. Ex. setting this to "10s" will set + the interval to 10 seconds. + type: string + maxEjectionPercent: + description: The maximum % of an upstream cluster + that can be ejected due to outlier detection. Defaults + to 10% but will eject at least one host regardless + of the value. + format: int32 + type: integer + maxFailures: + description: MaxFailures is the count of consecutive + failures that results in a host being removed from + the pool. + format: int32 + type: integer + type: object requestHeaders: description: Allow HTTP header manipulation to be configured. properties: diff --git a/control-plane/config/crd/bases/consul.hashicorp.com_servicedefaults.yaml b/control-plane/config/crd/bases/consul.hashicorp.com_servicedefaults.yaml index 7324f0a296..c598691953 100644 --- a/control-plane/config/crd/bases/consul.hashicorp.com_servicedefaults.yaml +++ b/control-plane/config/crd/bases/consul.hashicorp.com_servicedefaults.yaml @@ -250,18 +250,22 @@ spec: The real time is equal to the base time multiplied by the number of times the host has been ejected and is capped by max_ejection_time (Default 300s). Defaults - to 30000ms or 30s. + to 30s. type: string enforcingConsecutive5xx: description: EnforcingConsecutive5xx is the % chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. + Ex. Setting this to 10 will make it a 10% chance that + the host will be ejected. format: int32 type: integer interval: description: Interval between health check analysis sweeps. Each sweep may remove hosts or return hosts to the pool. + Ex. setting this to "10s" will set the interval to 10 + seconds. type: string maxEjectionPercent: description: The maximum % of an upstream cluster that @@ -363,19 +367,22 @@ spec: The real time is equal to the base time multiplied by the number of times the host has been ejected and is capped by max_ejection_time (Default 300s). Defaults - to 30000ms or 30s. + to 30s. type: string enforcingConsecutive5xx: description: EnforcingConsecutive5xx is the % chance that a host will be actually ejected when an outlier status is detected through consecutive 5xx. This setting can be used to disable ejection or to ramp it up slowly. + Ex. Setting this to 10 will make it a 10% chance that + the host will be ejected. format: int32 type: integer interval: description: Interval between health check analysis sweeps. Each sweep may remove hosts or return hosts - to the pool. + to the pool. Ex. setting this to "10s" will set the + interval to 10 seconds. type: string maxEjectionPercent: description: The maximum % of an upstream cluster that