-
Notifications
You must be signed in to change notification settings - Fork 4.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(logs): misleading acme deprecation logs in hybrid mode
When running kong in hybrid mode a plugin configuration is pushed from CP to DP. When introducing shorthand field expansion to Admin responses the deprecated fields (defined as shorthand fields) were also pushed from CP to DP which resulted in DP receiving config with both new fields and also old fields. It resulted with DP reporting in logs that the plugin is being configured with deprecated fields. It affected the plugins: - ACME - Rate-Limiting - Response-RateLimiting This commit disables deprecation warning on data planes since those nodes cannot be configured manually so this deprecation message is not actionable on data planes. KAG-4515
- Loading branch information
Showing
6 changed files
with
235 additions
and
2 deletions.
There are no files selected for viewing
3 changes: 3 additions & 0 deletions
3
changelog/unreleased/kong/fix-acme-misleading-deprecation-logs.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
message: "**ACME**: Fixed an issue of DP reporting that deprecated config fields are used when configuration from CP is pushed" | ||
type: bugfix | ||
scope: Plugin |
3 changes: 3 additions & 0 deletions
3
changelog/unreleased/kong/fix-response-rl-misleading-deprecation-logs.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
message: "**Response-RateLimiting**: Fixed an issue of DP reporting that deprecated config fields are used when configuration from CP is pushed" | ||
type: bugfix | ||
scope: Plugin |
3 changes: 3 additions & 0 deletions
3
changelog/unreleased/kong/fix-rl-misleading-deprecation-logs.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
message: "**Rate-Limiting**: Fixed an issue of DP reporting that deprecated config fields are used when configuration from CP is pushed" | ||
type: bugfix | ||
scope: Plugin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
115 changes: 115 additions & 0 deletions
115
spec/02-integration/09-hybrid_mode/13-deprecations_spec.lua
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
local helpers = require("spec.helpers") | ||
local cjson = require("cjson") | ||
local join = require("pl.stringx").join | ||
|
||
local ENABLED_PLUGINS = { "dummy" , "reconfiguration-completion"} | ||
|
||
for _, strategy in helpers.each_strategy({"postgres"}) do | ||
describe("deprecations are not reported on DP but on CP", function() | ||
local cp_prefix = "servroot1" | ||
local dp_prefix = "servroot2" | ||
local cp_logfile, dp_logfile, route | ||
|
||
lazy_setup(function() | ||
local bp = helpers.get_db_utils(strategy, { | ||
"services", | ||
"routes", | ||
"plugins", | ||
}, ENABLED_PLUGINS) | ||
|
||
local service = bp.services:insert { | ||
name = "example", | ||
host = helpers.mock_upstream_host, | ||
port = helpers.mock_upstream_port, | ||
} | ||
|
||
route = assert(bp.routes:insert { | ||
hosts = { "mock_upstream" }, | ||
protocols = { "http" }, | ||
service = service, | ||
}) | ||
|
||
assert(helpers.start_kong({ | ||
role = "control_plane", | ||
database = strategy, | ||
prefix = cp_prefix, | ||
cluster_cert = "spec/fixtures/kong_clustering.crt", | ||
cluster_cert_key = "spec/fixtures/kong_clustering.key", | ||
lua_ssl_trusted_certificate = "spec/fixtures/kong_clustering.crt", | ||
cluster_listen = "127.0.0.1:9005", | ||
cluster_telemetry_listen = "127.0.0.1:9006", | ||
plugins = "bundled," .. join(",", ENABLED_PLUGINS), | ||
nginx_conf = "spec/fixtures/custom_nginx.template", | ||
admin_listen = "0.0.0.0:9001", | ||
proxy_listen = "off", | ||
})) | ||
|
||
assert(helpers.start_kong({ | ||
role = "data_plane", | ||
database = "off", | ||
prefix = dp_prefix, | ||
cluster_cert = "spec/fixtures/kong_clustering.crt", | ||
cluster_cert_key = "spec/fixtures/kong_clustering.key", | ||
lua_ssl_trusted_certificate = "spec/fixtures/kong_clustering.crt", | ||
cluster_control_plane = "127.0.0.1:9005", | ||
cluster_telemetry_endpoint = "127.0.0.1:9006", | ||
plugins = "bundled," .. join(",", ENABLED_PLUGINS), | ||
admin_listen = "off", | ||
proxy_listen = "0.0.0.0:9002", | ||
})) | ||
dp_logfile = helpers.get_running_conf(dp_prefix).nginx_err_logs | ||
cp_logfile = helpers.get_running_conf(cp_prefix).nginx_err_logs | ||
end) | ||
|
||
lazy_teardown(function() | ||
helpers.stop_kong(dp_prefix) | ||
helpers.stop_kong(cp_prefix) | ||
end) | ||
|
||
describe("deprecations are not reported on DP but on CP", function() | ||
before_each(function() | ||
helpers.clean_logfile(dp_logfile) | ||
end) | ||
|
||
it("deprecation warnings are only fired on CP not DP", function() | ||
local proxy_client, admin_client = helpers.make_synchronized_clients({ | ||
proxy_client = helpers.proxy_client(nil, 9002), | ||
admin_client = helpers.admin_client(nil, 9001) | ||
}) | ||
local res = assert(admin_client:send { | ||
method = "POST", | ||
path = "/plugins", | ||
body = { | ||
name = "dummy", | ||
route = { id = route.id }, | ||
config = { | ||
old_field = 10, | ||
append_body = "appended from body filtering" | ||
}, | ||
}, | ||
headers = { | ||
["Content-Type"] = "application/json", | ||
} | ||
}) | ||
assert.res_status(201, res) | ||
|
||
local res = assert(proxy_client:send { | ||
method = "GET", | ||
path = "/status/200", | ||
headers = { | ||
["Host"] = "mock_upstream", | ||
} | ||
}) | ||
local body = assert.res_status(200, res) | ||
|
||
-- TEST: ensure that the dummy plugin was executed by checking | ||
-- that the body filtering phase has run | ||
|
||
assert.matches("appended from body filtering", body, nil, true) | ||
|
||
assert.logfile(cp_logfile).has.line("dummy: old_field is deprecated", true, 10) | ||
assert.logfile(dp_logfile).has.no.line("dummy: old_field is deprecated", true, 10) | ||
end) | ||
end) | ||
end) | ||
end |
108 changes: 108 additions & 0 deletions
108
spec/03-plugins/23-rate-limiting/07-hybrid_mode_spec.lua
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,108 @@ | ||
local helpers = require "spec.helpers" | ||
|
||
local REDIS_HOST = helpers.redis_host | ||
local REDIS_PORT = helpers.redis_port | ||
|
||
for _, strategy in helpers.each_strategy({"postgres"}) do | ||
describe("Plugin: rate-limiting (handler.access) worked with [#" .. strategy .. "]", function() | ||
local dp_prefix = "servroot2" | ||
local dp_logfile, bp, db, route | ||
|
||
lazy_setup(function() | ||
bp, db = helpers.get_db_utils(strategy, { | ||
"services", | ||
"routes", | ||
"plugins", | ||
}, { "rate-limiting", }) | ||
|
||
local service = assert(bp.services:insert { | ||
host = helpers.mock_upstream_host, | ||
port = helpers.mock_upstream_port, | ||
}) | ||
|
||
route = assert(bp.routes:insert { | ||
paths = { "/rate-limit-test" }, | ||
service = service | ||
}) | ||
|
||
assert(helpers.start_kong({ | ||
role = "control_plane", | ||
database = strategy, | ||
cluster_cert = "spec/fixtures/kong_clustering.crt", | ||
cluster_cert_key = "spec/fixtures/kong_clustering.key", | ||
lua_ssl_trusted_certificate = "spec/fixtures/kong_clustering.crt", | ||
cluster_listen = "127.0.0.1:9005", | ||
cluster_telemetry_listen = "127.0.0.1:9006", | ||
nginx_conf = "spec/fixtures/custom_nginx.template", | ||
admin_listen = "0.0.0.0:9001", | ||
proxy_listen = "off", | ||
})) | ||
|
||
assert(helpers.start_kong({ | ||
role = "data_plane", | ||
database = "off", | ||
prefix = dp_prefix, | ||
cluster_cert = "spec/fixtures/kong_clustering.crt", | ||
cluster_cert_key = "spec/fixtures/kong_clustering.key", | ||
lua_ssl_trusted_certificate = "spec/fixtures/kong_clustering.crt", | ||
cluster_control_plane = "127.0.0.1:9005", | ||
cluster_telemetry_endpoint = "127.0.0.1:9006", | ||
admin_listen = "off", | ||
proxy_listen = "0.0.0.0:9002", | ||
})) | ||
dp_logfile = helpers.get_running_conf(dp_prefix).nginx_err_logs | ||
end) | ||
|
||
lazy_teardown(function() | ||
helpers.stop_kong("servroot2") | ||
helpers.stop_kong() | ||
end) | ||
|
||
describe("\"redis\" storage mode in Hybrid mode", function() | ||
lazy_setup(function () | ||
local admin_client = helpers.admin_client(nil, 9001) | ||
local res = assert(admin_client:send { | ||
method = "POST", | ||
path = "/plugins", | ||
body = { | ||
name = "rate-limiting", | ||
route = { | ||
id = route.id | ||
}, | ||
config = { | ||
minute = 2, | ||
policy = "redis", | ||
redis = { | ||
host = REDIS_HOST, | ||
port = REDIS_PORT, | ||
} | ||
}, | ||
}, | ||
headers = { | ||
["Content-Type"] = "application/json", | ||
} | ||
}) | ||
assert.res_status(201, res) | ||
admin_client:close() | ||
end) | ||
|
||
lazy_teardown(function () | ||
db:truncate("plugins") | ||
end) | ||
|
||
before_each(function() | ||
helpers.clean_logfile(dp_logfile) | ||
end) | ||
|
||
it("sanity test - check if old fields are not pushed & visible in logs as deprecation warnings", function() | ||
helpers.wait_until(function() | ||
local proxy_client = helpers.proxy_client(nil, 9002) | ||
local res = assert(proxy_client:get("/rate-limit-test")) | ||
proxy_client:close() | ||
|
||
return res.status == 429 | ||
end, 10, 1) | ||
end) | ||
end) | ||
end) | ||
end |