diff --git a/src/envoy/http/jwt_auth/auth_store.h b/src/envoy/http/jwt_auth/auth_store.h index 3bb66315882..da80c27958e 100644 --- a/src/envoy/http/jwt_auth/auth_store.h +++ b/src/envoy/http/jwt_auth/auth_store.h @@ -27,21 +27,24 @@ namespace Envoy { namespace Http { namespace JwtAuth { +typedef std::shared_ptr + JwtAuthenticationConstSharedPtr; + // The JWT auth store object to store config and caches. // It only has pubkey_cache for now. In the future it will have token cache. // It is per-thread and stored in thread local. class JwtAuthStore : public ThreadLocal::ThreadLocalObject { public: // Load the config from envoy config. - JwtAuthStore(const ::istio::envoy::config::filter::http::jwt_auth::v2alpha1:: - JwtAuthentication& config) - : config_(config), pubkey_cache_(config_), token_extractor_(config_) {} + JwtAuthStore(JwtAuthenticationConstSharedPtr config) + : config_(config), pubkey_cache_(*config_), token_extractor_(*config_) {} // Get the Config. const ::istio::envoy::config::filter::http::jwt_auth::v2alpha1:: JwtAuthentication& config() const { - return config_; + return *config_; } // Get the pubkey cache. @@ -52,8 +55,7 @@ class JwtAuthStore : public ThreadLocal::ThreadLocalObject { private: // Store the config. - const ::istio::envoy::config::filter::http::jwt_auth::v2alpha1:: - JwtAuthentication& config_; + JwtAuthenticationConstSharedPtr config_; // The public key cache, indexed by issuer. PubkeyCache pubkey_cache_; // The object to extract token. @@ -66,13 +68,13 @@ class JwtAuthStoreFactory : public Logger::Loggable { JwtAuthStoreFactory(const ::istio::envoy::config::filter::http::jwt_auth:: v2alpha1::JwtAuthentication& config, Server::Configuration::FactoryContext& context) - : config_( - std::make_shared<::istio::envoy::config::filter::http::jwt_auth:: - v2alpha1::JwtAuthentication>(config)), + : config_(std::make_shared( + config)), tls_(context.threadLocal().allocateSlot()) { tls_->set([config = this->config_](Event::Dispatcher&) -> ThreadLocal::ThreadLocalObjectSharedPtr { - return std::make_shared(*config); + return std::make_shared(config); }); ENVOY_LOG(debug, "Loaded JwtAuthConfig: {}", MessageUtil::getJsonStringFromMessage(*config_, true)); @@ -83,9 +85,7 @@ class JwtAuthStoreFactory : public Logger::Loggable { private: // The auth config. - std::shared_ptr<::istio::envoy::config::filter::http::jwt_auth::v2alpha1:: - JwtAuthentication> - config_; + JwtAuthenticationConstSharedPtr config_; // Thread local slot to store per-thread auth store ThreadLocal::SlotPtr tls_; }; diff --git a/src/envoy/http/jwt_auth/jwt_authenticator_test.cc b/src/envoy/http/jwt_auth/jwt_authenticator_test.cc index b4d9b3ec260..05bf3ad2fc3 100644 --- a/src/envoy/http/jwt_auth/jwt_authenticator_test.cc +++ b/src/envoy/http/jwt_auth/jwt_authenticator_test.cc @@ -292,11 +292,13 @@ class JwtAuthenticatorTest : public ::testing::Test { google::protobuf::util::Status status = ::google::protobuf::util::JsonStringToMessage(json_str, &config_); ASSERT_TRUE(status.ok()); - store_.reset(new JwtAuthStore(config_)); + config_ptr_ = std::make_shared(config_); + store_.reset(new JwtAuthStore(config_ptr_)); auth_.reset(new JwtAuthenticator(mock_cm_, *store_)); } JwtAuthentication config_; + JwtAuthenticationConstSharedPtr config_ptr_; std::unique_ptr store_; std::unique_ptr auth_; NiceMock mock_cm_; @@ -482,7 +484,8 @@ TEST_F(JwtAuthenticatorTest, TestForwardJwt) { // Confit forward_jwt flag config_.mutable_rules(0)->set_forward(true); // Re-create store and auth objects. - store_.reset(new JwtAuthStore(config_)); + config_ptr_ = std::make_shared(config_); + store_.reset(new JwtAuthStore(config_ptr_)); auth_.reset(new JwtAuthenticator(mock_cm_, *store_)); MockUpstream mock_pubkey(mock_cm_, kPublicKey); @@ -752,7 +755,8 @@ TEST_F(JwtAuthenticatorTest, TestInlineJwks) { local_jwks->set_inline_string(kPublicKey); // recreate store and auth with modified config. - store_.reset(new JwtAuthStore(config_)); + config_ptr_ = std::make_shared(config_); + store_.reset(new JwtAuthStore(config_ptr_)); auth_.reset(new JwtAuthenticator(mock_cm_, *store_)); MockUpstream mock_pubkey(mock_cm_, ""); diff --git a/src/envoy/http/mixer/control.cc b/src/envoy/http/mixer/control.cc index 26dec8496bc..32b7a384ab8 100644 --- a/src/envoy/http/mixer/control.cc +++ b/src/envoy/http/mixer/control.cc @@ -23,18 +23,22 @@ namespace Envoy { namespace Http { namespace Mixer { -Control::Control(const Config& config, Upstream::ClusterManager& cm, - Event::Dispatcher& dispatcher, +Control::Control(ControlDataSharedPtr control_data, + Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Runtime::RandomGenerator& random, Stats::Scope& scope, - Utils::MixerFilterStats& stats, const LocalInfo::LocalInfo& local_info) - : config_(config), + : control_data_(control_data), check_client_factory_(Utils::GrpcClientFactoryForCluster( - config_.check_cluster(), cm, scope, dispatcher.timeSystem())), + control_data_->config().check_cluster(), cm, scope, + dispatcher.timeSystem())), report_client_factory_(Utils::GrpcClientFactoryForCluster( - config_.report_cluster(), cm, scope, dispatcher.timeSystem())), - stats_obj_(dispatcher, stats, - config_.config_pb().transport().stats_update_interval(), + control_data_->config().report_cluster(), cm, scope, + dispatcher.timeSystem())), + stats_obj_(dispatcher, control_data_->stats(), + control_data_->config() + .config_pb() + .transport() + .stats_update_interval(), [this](::istio::mixerclient::Statistics* stat) -> bool { return GetStats(stat); }) { @@ -48,8 +52,8 @@ Control::Control(const Config& config, Upstream::ClusterManager& cm, ::istio::utils::SerializeForwardedAttributes(local_node, &serialized_forward_attributes_); - ::istio::control::http::Controller::Options options(config_.config_pb(), - local_node); + ::istio::control::http::Controller::Options options( + control_data_->config().config_pb(), local_node); Utils::CreateEnvironment(dispatcher, random, *check_client_factory_, *report_client_factory_, diff --git a/src/envoy/http/mixer/control.h b/src/envoy/http/mixer/control.h index ec52a3f1f78..e4c7c7edbed 100644 --- a/src/envoy/http/mixer/control.h +++ b/src/envoy/http/mixer/control.h @@ -32,14 +32,28 @@ namespace Envoy { namespace Http { namespace Mixer { +class ControlData { + public: + ControlData(std::unique_ptr config, Utils::MixerFilterStats stats) + : config_(std::move(config)), stats_(stats) {} + + const Config& config() { return *config_; } + Utils::MixerFilterStats& stats() { return stats_; } + + private: + std::unique_ptr config_; + Utils::MixerFilterStats stats_; +}; + +typedef std::shared_ptr ControlDataSharedPtr; + // The control object created per-thread. class Control final : public ThreadLocal::ThreadLocalObject { public: // The constructor. - Control(const Config& config, Upstream::ClusterManager& cm, + Control(ControlDataSharedPtr control_data, Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Runtime::RandomGenerator& random, - Stats::Scope& scope, Utils::MixerFilterStats& stats, - const LocalInfo::LocalInfo& local_info); + Stats::Scope& scope, const LocalInfo::LocalInfo& local_info); // Get low-level controller object. ::istio::control::http::Controller* controller() { return controller_.get(); } @@ -51,8 +65,8 @@ class Control final : public ThreadLocal::ThreadLocalObject { // Call controller to get statistics. bool GetStats(::istio::mixerclient::Statistics* stat); - // The mixer config. - const Config& config_; + // The control data. + ControlDataSharedPtr control_data_; // Pre-serialized attributes_for_mixer_proxy. std::string serialized_forward_attributes_; // async client factories diff --git a/src/envoy/http/mixer/control_factory.h b/src/envoy/http/mixer/control_factory.h index 04b3e3d09ec..2dc21057b98 100644 --- a/src/envoy/http/mixer/control_factory.h +++ b/src/envoy/http/mixer/control_factory.h @@ -36,32 +36,36 @@ class ControlFactory : public Logger::Loggable { public: ControlFactory(std::unique_ptr config, Server::Configuration::FactoryContext& context) - : config_(std::move(config)), - tls_(context.threadLocal().allocateSlot()), - stats_{ALL_MIXER_FILTER_STATS( - POOL_COUNTER_PREFIX(context.scope(), kHttpStatsPrefix))} { + : control_data_(std::make_shared( + std::move(config), + generateStats(kHttpStatsPrefix, context.scope()))), + tls_(context.threadLocal().allocateSlot()) { Upstream::ClusterManager& cm = context.clusterManager(); Runtime::RandomGenerator& random = context.random(); Stats::Scope& scope = context.scope(); const LocalInfo::LocalInfo& local_info = context.localInfo(); - tls_->set([config = this->config_, &stats = this->stats_, &cm, &random, - &scope, &local_info](Event::Dispatcher& dispatcher) + tls_->set([control_data = this->control_data_, &cm, &random, &scope, + &local_info](Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { - return std::make_shared(*config, cm, dispatcher, random, scope, - stats, local_info); + return std::make_shared(control_data, cm, dispatcher, random, + scope, local_info); }); } Control& control() { return tls_->getTyped(); } private: - // Own the config object. - std::shared_ptr config_; + // Generates stats struct. + static Utils::MixerFilterStats generateStats(const std::string& name, + Stats::Scope& scope) { + return {ALL_MIXER_FILTER_STATS(POOL_COUNTER_PREFIX(scope, name))}; + } + + // The control data object + ControlDataSharedPtr control_data_; // Thread local slot. ThreadLocal::SlotPtr tls_; - // This stats object. - Utils::MixerFilterStats stats_; }; } // namespace Mixer diff --git a/src/envoy/tcp/mixer/control.cc b/src/envoy/tcp/mixer/control.cc index 90a166a17f4..8b25c2fad1f 100644 --- a/src/envoy/tcp/mixer/control.cc +++ b/src/envoy/tcp/mixer/control.cc @@ -25,21 +25,24 @@ namespace Envoy { namespace Tcp { namespace Mixer { -Control::Control(const Config& config, Upstream::ClusterManager& cm, - Event::Dispatcher& dispatcher, +Control::Control(ControlDataSharedPtr control_data, + Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Runtime::RandomGenerator& random, Stats::Scope& scope, - Utils::MixerFilterStats& stats, const std::string& uuid, const LocalInfo::LocalInfo& local_info) - : config_(config), + : control_data_(control_data), dispatcher_(dispatcher), check_client_factory_(Utils::GrpcClientFactoryForCluster( - config_.check_cluster(), cm, scope, dispatcher.timeSystem())), + control_data_->config().check_cluster(), cm, scope, + dispatcher.timeSystem())), report_client_factory_(Utils::GrpcClientFactoryForCluster( - config_.report_cluster(), cm, scope, dispatcher.timeSystem())), - stats_obj_(dispatcher, stats, - config_.config_pb().transport().stats_update_interval(), - [this](Statistics* stat) -> bool { return GetStats(stat); }), - uuid_(uuid) { + control_data_->config().report_cluster(), cm, scope, + dispatcher.timeSystem())), + stats_obj_(dispatcher, control_data_->stats(), + control_data_->config() + .config_pb() + .transport() + .stats_update_interval(), + [this](Statistics* stat) -> bool { return GetStats(stat); }) { auto& logger = Logger::Registry::getLog(Logger::Id::config); LocalNode local_node; if (!Utils::ExtractNodeInfo(local_info.node(), &local_node)) { @@ -50,8 +53,8 @@ Control::Control(const Config& config, Upstream::ClusterManager& cm, ::istio::utils::SerializeForwardedAttributes(local_node, &serialized_forward_attributes_); - ::istio::control::tcp::Controller::Options options(config_.config_pb(), - local_node); + ::istio::control::tcp::Controller::Options options( + control_data_->config().config_pb(), local_node); Utils::CreateEnvironment(dispatcher, random, *check_client_factory_, *report_client_factory_, diff --git a/src/envoy/tcp/mixer/control.h b/src/envoy/tcp/mixer/control.h index 9e08a167f7a..42efb785bb0 100644 --- a/src/envoy/tcp/mixer/control.h +++ b/src/envoy/tcp/mixer/control.h @@ -30,28 +30,46 @@ namespace Envoy { namespace Tcp { namespace Mixer { +class ControlData { + public: + ControlData(std::unique_ptr config, Utils::MixerFilterStats stats, + const std::string& uuid) + : config_(std::move(config)), stats_(stats), uuid_(uuid) {} + + const Config& config() { return *config_; } + Utils::MixerFilterStats& stats() { return stats_; } + const std::string& uuid() { return uuid_; } + + private: + std::unique_ptr config_; + Utils::MixerFilterStats stats_; + // UUID of the Envoy TCP mixer filter. + const std::string uuid_; +}; + +typedef std::shared_ptr ControlDataSharedPtr; + class Control final : public ThreadLocal::ThreadLocalObject { public: // The constructor. - Control(const Config& config, Upstream::ClusterManager& cm, + Control(ControlDataSharedPtr control_data, Upstream::ClusterManager& cm, Event::Dispatcher& dispatcher, Runtime::RandomGenerator& random, - Stats::Scope& scope, Utils::MixerFilterStats& stats, - const std::string& uuid, const LocalInfo::LocalInfo& local_info); + Stats::Scope& scope, const LocalInfo::LocalInfo& local_info); ::istio::control::tcp::Controller* controller() { return controller_.get(); } Event::Dispatcher& dispatcher() { return dispatcher_; } - const std::string& uuid() const { return uuid_; } + const std::string& uuid() const { return control_data_->uuid(); } - const Config& config() const { return config_; } + const Config& config() const { return control_data_->config(); } private: // Call controller to get statistics. bool GetStats(::istio::mixerclient::Statistics* stat); - // The mixer config. - const Config& config_; + // The control data. + ControlDataSharedPtr control_data_; // dispatcher. Event::Dispatcher& dispatcher_; @@ -65,8 +83,7 @@ class Control final : public ThreadLocal::ThreadLocalObject { // statistics Utils::MixerStatsObject stats_obj_; - // UUID of the Envoy TCP mixer filter. - const std::string& uuid_; + // The mixer control std::unique_ptr<::istio::control::tcp::Controller> controller_; }; diff --git a/src/envoy/tcp/mixer/control_factory.h b/src/envoy/tcp/mixer/control_factory.h index f5ba66dfec3..ef131cf9f12 100644 --- a/src/envoy/tcp/mixer/control_factory.h +++ b/src/envoy/tcp/mixer/control_factory.h @@ -32,21 +32,20 @@ class ControlFactory : public Logger::Loggable { public: ControlFactory(std::unique_ptr config, Server::Configuration::FactoryContext& context) - : config_(std::move(config)), - cm_(context.clusterManager()), - tls_(context.threadLocal().allocateSlot()), - stats_(generateStats(kTcpStatsPrefix, context.scope())), - uuid_(context.random().uuid()) { + : control_data_(std::make_shared( + std::move(config), generateStats(kTcpStatsPrefix, context.scope()), + context.random().uuid())), + tls_(context.threadLocal().allocateSlot()) { Runtime::RandomGenerator& random = context.random(); Stats::Scope& scope = context.scope(); const LocalInfo::LocalInfo& local_info = context.localInfo(); - tls_->set([config = this->config_, &cm = this->cm_, uuid = this->uuid_, - &stats = this->stats_, &random, &scope, + tls_->set([control_data = this->control_data_, + &cm = context.clusterManager(), &random, &scope, &local_info](Event::Dispatcher& dispatcher) -> ThreadLocal::ThreadLocalObjectSharedPtr { - return ThreadLocal::ThreadLocalObjectSharedPtr(new Control( - *config, cm, dispatcher, random, scope, stats, uuid, local_info)); + return ThreadLocal::ThreadLocalObjectSharedPtr( + new Control(control_data, cm, dispatcher, random, scope, local_info)); }); } @@ -60,16 +59,10 @@ class ControlFactory : public Logger::Loggable { return {ALL_MIXER_FILTER_STATS(POOL_COUNTER_PREFIX(scope, name))}; } - // The config object - std::shared_ptr config_; - // The cluster manager - Upstream::ClusterManager& cm_; + // The control data object + ControlDataSharedPtr control_data_; // the thread local slots ThreadLocal::SlotPtr tls_; - // The statistics struct. - Utils::MixerFilterStats stats_; - // UUID of the Envoy TCP mixer filter. - const std::string uuid_; }; } // namespace Mixer