fix: listener on IPv6 first cluster #4573
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #4573 +/- ##
==========================================
- Coverage 65.47% 65.38% -0.09%
==========================================
Files 211 212 +1
Lines 31854 31930 +76
==========================================
+ Hits 20855 20878 +23
- Misses 9754 9804 +50
- Partials 1245 1248 +3 ☔ View full report in Codecov by Sentry. |
| @@ -46,6 +46,10 @@ spec: | |||
| - server | |||
| - --config-path=/config/envoy-gateway.yaml | |||
| env: | |||
| - name: POD_IP | |||
There was a problem hiding this comment.
its a little fragile to use Envoy Gateway IP type to determine IP type for Envoy Proxy.
instead can we add the env to Envoy Proxy
There was a problem hiding this comment.
does envoy support something like ${POD_IP} and check the POD_IP and change the listener address to ::1?
There was a problem hiding this comment.
yeah, chatgpt says yes, instead of listening on 0.0.0.0 or ::, you could listen on ${POD_IP}
There was a problem hiding this comment.
I can give a try, and we need POD_IP for dynamic listener.
There was a problem hiding this comment.
maybe I'm not smart as gpt, but envoy report error with malformed IP address: ${POD_IP}.
Signed-off-by: zirain <[email protected]>
Signed-off-by: zirain <[email protected]>
| if resp, err := http.Post(fmt.Sprintf("http://%s:%d/%s", | ||
| bootstrap.EnvoyAdminAddress, bootstrap.EnvoyAdminPort, path), "application/json", nil); err != nil { | ||
| bootstrap.AdminAddress(egv1a1.IPv4), bootstrap.EnvoyAdminPort, path), "application/json", nil); err != nil { |
There was a problem hiding this comment.
this may not right, what about change it to localhost? cc @arkodg @zhaohuabing
There was a problem hiding this comment.
+1 localhost make things easier
Signed-off-by: zirain <[email protected]>
| } | ||
|
|
||
| func PreferIPFamily(ipv6First bool, envoyProxy *egv1a1.EnvoyProxy) egv1a1.IPFamily { | ||
| if ipv6First { |
There was a problem hiding this comment.
To align with the IPFamily API docs, EG should default to IPv4.
// IPFamily specifies the IP family for the EnvoyProxy fleet.
// This setting only affects the Gateway listener port and does not impact
// other aspects of the Envoy proxy configuration.
// If not specified, the system will operate as follows:
// - It defaults to IPv4 only.
// - IPv6 and dual-stack environments are not supported in this default configuration.
// Note: To enable IPv6 or dual-stack functionality, explicit configuration is required.
// +kubebuilder:validation:Enum=IPv4;IPv6;DualStack
// +optional
IPFamily *IPFamily `json:"ipFamily,omitempty"`
Or do we want to change to:
Default to the IP family of the POD IP of the Envoy Proxy/Envoy Gateway?
This would have EG attempt to infer user's intented IP Family for the listening port of the Envoy proxy, which might not always be accurate.
Should we always default to IPv4 and require users to explicitly specify IPv6 if desired? It will make the IPFamily choice more explicit.
There was a problem hiding this comment.
Should we always default to IPv4 and require users to explicitly specify IPv6 if desired? It will make the IPFamily choice more explicit.
this will make it's hard to use on IPv6 first cluster.
There was a problem hiding this comment.
Yes, this approach requires one more IPFamily setting for users who want to use IPv6.
But if we make it implicit, "Default to the IP family of the POD IP of the Envoy Proxy/Envoy Gateway" may be challenging to clearly explain in the EG doc.
There was a problem hiding this comment.
yes, we should do that.
fix: #4565
xref: #4572
Separate from : #4550
::instead of0.0.0.0when IPv6 first.