Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

initial TLSRoute support #10648

Merged
merged 37 commits into from
Feb 27, 2025
Merged

initial TLSRoute support #10648

merged 37 commits into from
Feb 27, 2025

Conversation

puertomontt
Copy link
Contributor

@puertomontt puertomontt commented Feb 18, 2025
edited
Loading

Description

Crossport of solo-io#10601

Adds initial support for TLSRoutes. TLSRoutes are similar to TCPRoutes, but the distinction between them is that TLSRoutes allows routing decisions by SNI. See docs.

This PR adds support for TLS Passthrough on a TLS listener using a TLSRoute.

API changes

Code changes

CI changes

Docs changes

Context

Interesting decisions

Testing steps

Notes for reviewers

Checklist:

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works

@puertomontt puertomontt marked this pull request as ready for review February 25, 2025 21:53
@puertomontt puertomontt changed the title tls route initial TLSRoute support Feb 25, 2025
@nfuden nfuden requested review from danehans and jenshu February 25, 2025 22:02
@puertomontt puertomontt mentioned this pull request Feb 26, 2025
Merged
5 tasks
yuval-k
yuval-k reviewed Feb 26, 2025
View reviewed changes
Copy link
Contributor

@yuval-k yuval-k left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

initial comments. over all looks good. need more tests - would be good to have an e2e test as well to prove the code.

internal/kgateway/query/query.go
var hostnames []string
if l == nil || hr == nil {
if l == nil {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we check len(hr) == 0 here? (not sure, asking because there was a conditional before)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no, because empty list is treated as "select all" . So I maintained that behavior. Later we check :

if len(routeHostnames) == 0 {
		return true, []string{listenerHostname}
	}

internal/kgateway/translator/listener/gateway_listener_translator.go
routeInfos []*query.RouteInfo,
reporter reports.ListenerReporter,
) {
var validRouteInfos []*query.RouteInfo
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you add a yaml tests for that in https://github.com/kgateway-dev/kgateway/blob/main/internal/kgateway/translator/gateway/gateway_translator_test.go ?
can this be unit-tested as well?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@jenshu jenshu added this pull request to the merge queue Feb 27, 2025
Merged via the queue into kgateway-dev:main with commit 304f84c Feb 27, 2025
9 checks passed
@puertomontt puertomontt deleted the puertomontt/tls-route branch February 27, 2025 22:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shashankram shashankram shashankram left review comments

@yuval-k yuval-k yuval-k approved these changes

@danehans danehans Awaiting requested review from danehans

@jenshu jenshu Awaiting requested review from jenshu

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@puertomontt @yuval-k @shashankram @jenshu