solo-io / gloo

The Feature-rich, Kubernetes-native, Next-Generation API Gateway Built on Envoy
https://docs.solo.io/
Apache License 2.0
4.09k stars 442 forks source link

RateLimitConfig can be created with invalid spec #9890

Open htech7x opened 2 months ago

htech7x commented 2 months ago

Gloo Edge Product

Enterprise

Gloo Edge Version

1.16.13

Kubernetes Version

1.28.5

Describe the bug

RateLimitConfig can be created with the following spec without any issue/notification:

  spec:
    raw: null

In this case, RLC is accepted, but applying it to VirtualService causes the configuration to be rejected with the error:

...
status:
  statuses:
    gloo-system:
      reason: "1 error occurred:\n\t* VirtualHost Error: ProcessingError. Reason:
        invalid virtual host [gloo-system_pet-vs]: 1 error occurred:\n\t* failed to
        process RateLimitConfig resource with name [rate-test] in namespace [gloo-system]:
        unknown rate limit config type <nil>\n\n\n\n"
      reportedBy: gloo
      state: Rejected
      subresourceStatuses:
        '*v1.Proxy.gateway-proxy_gloo-system':
          reportedBy: gloo

Expected Behavior

RateLimitConfig should not be created with incorrect specifications

Steps to reproduce the bug

  1. Install Gloo Edge
  2. Create RateLimitConfig with the following spec:
    apiVersion: ratelimit.solo.io/v1alpha1
    kind: RateLimitConfig
    metadata:
    name: rate-test
    namespace: gloo-system
    spec:
    raw: null
  3. Apply RateLimitConfig to VirtualService:
    apiVersion: gateway.solo.io/v1
    kind: VirtualService
    metadata:
    name: pet-vs
    namespace: gloo-system
    spec:
    virtualHost:
    domains:
    - '*'
    options:
      rateLimitConfigs:
        refs:
        - name: rate-test
          namespace: gloo-system
    routes:
    - matchers:
      - prefix: /
      routeAction:
        single:
          upstream:
            name: default-petstore-8080
            namespace: gloo-system
  4. Check status of VS:
    apiVersion: gateway.solo.io/v1
    kind: VirtualService
    metadata:
    annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"gateway.solo.io/v1","kind":"VirtualService","metadata":{"annotations":{},"name":"pet-vs","namespace":"gloo-system"},"spec":{"virtualHost":{"domains":["*"],"options":{"rateLimitConfigs":{"refs":[{"name":"rate-test","namespace":"gloo-system"}]}},"routes":[{"matchers":[{"prefix":"/"}],"routeAction":{"single":{"upstream":{"name":"default-petstore-8080","namespace":"gloo-system"}}}}]}}}
    creationTimestamp: "2024-08-12T18:37:23Z"
    generation: 2
    name: pet-vs
    namespace: gloo-system
    resourceVersion: "45646540"
    uid: 843cb1ab-115a-4c5c-95ba-a199a260ac8b
    spec:
    virtualHost:
    domains:
    - '*'
    options:
      rateLimitConfigs:
        refs:
        - name: rate-test
          namespace: gloo-system
    routes:
    - matchers:
      - prefix: /
      routeAction:
        single:
          upstream:
            name: default-petstore-8080
            namespace: gloo-system
    status:
    statuses:
    gloo-system:
      reason: "1 error occurred:\n\t* VirtualHost Error: ProcessingError. Reason:
        invalid virtual host [gloo-system_pet-vs]: 1 error occurred:\n\t* failed to
        process RateLimitConfig resource with name [rate-test] in namespace [gloo-system]:
        unknown rate limit config type <nil>\n\n\n\n"
      reportedBy: gloo
      state: Rejected
      subresourceStatuses:
        '*v1.Proxy.gateway-proxy_gloo-system':
          reportedBy: gloo

Additional Environment Detail

No response

Additional Context

No response

soloio-bot commented 2 months ago

Zendesk ticket #4276 has been linked to this issue.