Skip to content

Commit 5717ef2

Browse files
scotwellsclaude
andcommitted
docs(extension-server): trim connector route comments to why-only
Remove step-by-step narration; keep the higher-level rationale (route to a deterministic 503 instead of an endpoint-less cluster, action-only replace preserves match/metadata, idempotent because direct_responses carry no cluster). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
1 parent 834d37d commit 5717ef2

1 file changed

Lines changed: 16 additions & 34 deletions

File tree

internal/extensionserver/mutate/connector.go

Lines changed: 16 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -72,16 +72,11 @@ func ReplaceConnectorClusters(
7272
}
7373

7474
// ApplyConnectorRoutes applies connector route mutations to a RouteConfiguration:
75-
// - Online (replaced) connector found in a VH: prepend a CONNECT upgrade route
76-
// targeting the replaced cluster and append info.TargetHost to VH domains.
77-
// - Offline connector found in a VH: prepend a direct_response 503 CONNECT
78-
// route (for CONNECT/tunnel-control clients) AND rewrite the user-facing
79-
// forwarding routes that target the (endpoint-less) offline connector
80-
// cluster into an immediate direct_response 503. Without the latter, a
81-
// normal user GET falls through to the prefix:"/" route, which still targets
82-
// the zero-endpoint cluster — Envoy then returns a generic 503
83-
// no_healthy_upstream (UH) instead of a deterministic tunnel-offline
84-
// response, and the empty cluster triggers retries/cluster-stat noise.
75+
// - Online (replaced) connector: prepend a CONNECT upgrade route targeting the
76+
// replaced cluster and append info.TargetHost to VH domains.
77+
// - Offline connector: prepend a CONNECT direct_response 503 (tunnel-control
78+
// clients) and rewrite the user-facing forwarding routes to a 503
79+
// direct_response (see the offline branch for why).
8580
//
8681
// Returns the number of VirtualHosts mutated and the number of forwarding
8782
// routes converted to a tunnel-offline direct_response.
@@ -126,26 +121,18 @@ func ApplyConnectorRoutes(
126121
// NOT a synthetic .connector.local domain.
127122
vh.Domains = appendUnique(vh.Domains, info.TargetHost)
128123
} else {
129-
// Offline: prepend the direct_response 503 connect_matcher route so
130-
// CONNECT (tunnel-control) clients still get "Tunnel not online".
124+
// Offline connect_matcher route for tunnel-control clients.
131125
newRoute, err = buildOfflineRoute("connector-offline-" + sanitizeID(vh.GetName()))
132126
if err != nil {
133127
return mutated, converted, fmt.Errorf("build offline route for %q: %w", vh.GetName(), err)
134128
}
135129
vh.Routes = append([]*routev3.Route{newRoute}, vh.Routes...)
136-
// No domain appended for offline connectors (no live tunnel).
137130

138-
// Rewrite the user-facing forwarding route(s) that target the
139-
// endpoint-less offline connector cluster into an immediate 503
140-
// direct_response. Otherwise a normal GET falls through to the
141-
// prefix:"/" route, hits the zero-endpoint cluster, and Envoy
142-
// returns a generic 503 no_healthy_upstream (UH) plus retry/stat
143-
// noise. We only replace the route's Action oneof, so each route's
144-
// match, metadata, and typed_per_filter_config are preserved.
145-
//
146-
// Idempotent: the prepended connect_matcher route and any already
147-
// converted forwarding route are direct_responses, so routeCluster
148-
// returns "" for them and they never re-match connectorCluster.
131+
// Route user traffic to a deterministic 503 instead of the
132+
// endpoint-less offline cluster, which would yield a generic
133+
// no_healthy_upstream plus retry/cluster-stat noise. Replacing only
134+
// the Action oneof preserves each route's match/metadata; idempotent
135+
// because direct_responses carry no cluster to re-match.
149136
for _, rt := range vh.GetRoutes() {
150137
if routeCluster(rt) != connectorCluster {
151138
continue
@@ -262,11 +249,9 @@ func buildConnectRoute(name, cluster string) (*routev3.Route, error) {
262249
return rt, nil
263250
}
264251

265-
// offlineResponseBody is the inline body returned for tunnel-offline 503
266-
// responses. Shared by the connect_matcher offline route (buildOfflineRoute)
267-
// and the user-facing forwarding-route conversion (setRouteDirectResponse) so
268-
// both paths return an identical body. The exact string is part of the
269-
// STATE.md metadata contract.
252+
// offlineResponseBody is the inline body for tunnel-offline 503 responses,
253+
// shared by both offline paths so they return an identical body. The exact
254+
// string is part of the STATE.md metadata contract.
270255
const offlineResponseBody = "Tunnel not online"
271256

272257
// buildOfflineRoute builds the offline CONNECT route (direct_response 503
@@ -284,11 +269,8 @@ func buildOfflineRoute(name string) (*routev3.Route, error) {
284269
return rt, nil
285270
}
286271

287-
// setRouteDirectResponse rewrites a route's action to an immediate
288-
// direct_response with the given status and inline body. Only the Action oneof
289-
// is replaced, so the route's match, metadata, and typed_per_filter_config are
290-
// preserved. Used to convert a forwarding route that targets an endpoint-less
291-
// offline connector cluster into a deterministic tunnel-offline response.
272+
// setRouteDirectResponse swaps a route's action for a direct_response. Only the
273+
// Action oneof is replaced, so match/metadata/typed_per_filter_config survive.
292274
func setRouteDirectResponse(rt *routev3.Route, status uint32, body string) error {
293275
j := fmt.Sprintf(`{ "status": %d, "body": { "inline_string": %q } }`, status, body)
294276
dr := &routev3.DirectResponseAction{}

0 commit comments

Comments
 (0)