diff --git a/changelog/v1.19.0-beta4/otel-tracing-grpc-authority.yaml b/changelog/v1.19.0-beta4/otel-tracing-grpc-authority.yaml new file mode 100644 index 00000000000..e31d964d923 --- /dev/null +++ b/changelog/v1.19.0-beta4/otel-tracing-grpc-authority.yaml @@ -0,0 +1,9 @@ +changelog: + - type: NEW_FEATURE + description: | + Add support for setting the authority field on gRPC requests made to OTEL Collectors during tracing. + When the authority field is set, the gRPC client will use the specified value as the :authority header + when making requests to the collector. This is useful when the collector is behind a reverse proxy that + requires a specific authority to be set on incoming requests. + issueLink: https://github.com/solo-io/solo-projects/issues/7740 + resolvesIssue: true \ No newline at end of file diff --git a/test/kubernetes/e2e/features/tracing/suite.go b/test/kubernetes/e2e/features/tracing/suite.go index 45e99e32809..6fbcac2f850 100644 --- a/test/kubernetes/e2e/features/tracing/suite.go +++ b/test/kubernetes/e2e/features/tracing/suite.go @@ -251,18 +251,34 @@ func (s *testingSuite) TestGatewayWithoutOtelTracingGrpcAuthority() { } func (s *testingSuite) TestGatewayWithOtelTracingGrpcAuthority() { + // create new gateway with grpc authority set err := s.testInstallation.Actions.Kubectl().ApplyFile(s.ctx, gatewayAuthorityConfigManifest, "-n", s.testInstallation.Metadata.InstallNamespace) - s.NoError(err, "can apply service/gateway-proxy-tracing") + s.NoError(err, "can create gateway and service") + s.testInstallation.Assertions.EventuallyResourceStatusMatchesState( + func() (resources.InputResource, error) { + return s.testInstallation.ResourceClients.GatewayClient().Read( + s.testInstallation.Metadata.InstallNamespace, "gateway-proxy-tracing-authority", clients.ReadOpts{Ctx: s.ctx}) + }, + core.Status_Accepted, + gloo_defaults.GlooReporter, + ) + + s.T().Cleanup(func() { + // cleanup the gateway + err = s.testInstallation.Actions.Kubectl().DeleteFile(s.ctx, gatewayAuthorityConfigManifest, + "-n", s.testInstallation.Metadata.InstallNamespace) + s.Assertions.NoError(err, "can delete gateway config") + }) s.testInstallation.Assertions.AssertEventuallyConsistentCurlResponse(s.ctx, testdefaults.CurlPodExecOpt, []curl.Option{ curl.WithHost(kubeutils.ServiceFQDN(metav1.ObjectMeta{ - Name: gatewayProxyHost, + Name: gatewayAuthorityProxyHost, Namespace: s.testInstallation.Metadata.InstallNamespace, })), curl.WithHostHeader("example.com"), - curl.WithPort(gatewayProxyPort), + curl.WithPort(gatewayAuthorityProxyPort), curl.WithPath(pathWithRouteDescriptor), curl.Silent(), }, @@ -273,7 +289,8 @@ func (s *testingSuite) TestGatewayWithOtelTracingGrpcAuthority() { ) s.EventuallyWithT(func(c *assert.CollectT) { - logs, err := s.testInstallation.Actions.Kubectl().GetContainerLogs(s.ctx, otelcolPod.ObjectMeta.GetNamespace(), otelcolPod.ObjectMeta.GetName()) + logs, err := s.testInstallation.Actions.Kubectl().GetContainerLogs(s.ctx, + otelcolPod.ObjectMeta.GetNamespace(), otelcolPod.ObjectMeta.GetName()) assert.NoError(c, err, "can get otelcol logs") fmt.Printf("logs: %s\n", logs) diff --git a/test/kubernetes/e2e/features/tracing/testdata/gateway-authority.yaml b/test/kubernetes/e2e/features/tracing/testdata/gateway-authority.yaml new file mode 100644 index 00000000000..653809c9e06 --- /dev/null +++ b/test/kubernetes/e2e/features/tracing/testdata/gateway-authority.yaml @@ -0,0 +1,27 @@ +# Avoid using the default gateway because we don't want to destroy it when this +# test is over - that will break other tests that depend on the default gateway +# existing. +apiVersion: gateway.solo.io/v1 +kind: Gateway +metadata: + labels: + app: gloo + app.kubernetes.io/name: gateway-proxy-tracing-authority + name: gateway-proxy-tracing-authority +spec: + bindAddress: '::' + bindPort: 18082 + proxyNames: + - gateway-proxy + httpGateway: + virtualServiceSelector: + gateway-type: tracing + options: + httpConnectionManagerSettings: + tracing: + openTelemetryConfig: + collectorUpstreamRef: + name: opentelemetry-collector + namespace: default + grpcService: + authority: test-authority \ No newline at end of file diff --git a/test/kubernetes/e2e/features/tracing/testdata/gw-proxy-tracing-service.yaml b/test/kubernetes/e2e/features/tracing/testdata/gw-proxy-tracing-service.yaml index cc00e679877..d4d8c8e057b 100644 --- a/test/kubernetes/e2e/features/tracing/testdata/gw-proxy-tracing-service.yaml +++ b/test/kubernetes/e2e/features/tracing/testdata/gw-proxy-tracing-service.yaml @@ -17,4 +17,24 @@ spec: selector: gateway-proxy-id: gateway-proxy gateway-proxy: live +--- +apiVersion: v1 +kind: Service +metadata: + name: gateway-proxy-tracing-authority + labels: + app.kubernetes.io/name: gateway-proxy-tracing-authority-service +spec: + type: LoadBalancer + ports: + # This service exposes the Port 18080, used by the Gateway defined in ./gateway.yaml + - name: gateway-proxy-tracing-authority + port: 18082 + protocol: TCP + targetPort: 18082 + # This selector is meant to match the Selector of the deployed gateway-proxy Service + # We intend to route traffic to the gateway-proxy pod(s) that are deployed at install time + selector: + gateway-proxy-id: gateway-proxy + gateway-proxy: live --- \ No newline at end of file diff --git a/test/kubernetes/e2e/features/tracing/types.go b/test/kubernetes/e2e/features/tracing/types.go index 46c5da7c15c..ef69d42128e 100644 --- a/test/kubernetes/e2e/features/tracing/types.go +++ b/test/kubernetes/e2e/features/tracing/types.go @@ -14,6 +14,8 @@ const ( routeDescriptorSpanName = "THISISAROUTEDESCRIPTOR" gatewayProxyHost = "gateway-proxy-tracing" gatewayProxyPort = 18080 + gatewayAuthorityProxyHost = "gateway-proxy-tracing-authority" + gatewayAuthorityProxyPort = 18082 ) var (