Skip to content

Commit

Permalink
Honor the proxy peering listen address specified in the configuration (
Browse files Browse the repository at this point in the history
  • Loading branch information
espadolini authored Dec 2, 2024
1 parent 80907db commit ed55018
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 12 deletions.
5 changes: 1 addition & 4 deletions lib/service/service.go
Original file line number Diff line number Diff line change
Expand Up @@ -4020,10 +4020,7 @@ func (process *TeleportProcess) setupProxyListeners(networkingConfig types.Clust
}

if !cfg.Proxy.DisableReverseTunnel && tunnelStrategy == types.ProxyPeering {
addr, err := process.Config.Proxy.PeerAddr()
if err != nil {
return nil, trace.Wrap(err)
}
addr := process.Config.Proxy.PeerListenAddr()

listener, err := process.importOrCreateListener(ListenerProxyPeer, addr.String())
if err != nil {
Expand Down
22 changes: 14 additions & 8 deletions lib/service/servicecfg/proxy.go
Original file line number Diff line number Diff line change
Expand Up @@ -210,18 +210,15 @@ func (c ProxyConfig) KubeAddr() (string, error) {
}

// PublicPeerAddr attempts to returns the public address the proxy advertises
// for proxy peering clients if available. It falls back to PeerAddr othewise.
// for proxy peering clients if available; otherwise, it falls back to trying to
// guess an appropriate public address based on the listen address.
func (c ProxyConfig) PublicPeerAddr() (*utils.NetAddr, error) {
addr := &c.PeerPublicAddr
if addr.IsEmpty() || addr.IsHostUnspecified() {
return c.PeerAddr()
if !addr.IsEmpty() && !addr.IsHostUnspecified() {
return addr, nil
}
return addr, nil
}

// PeerAddr returns the address the proxy advertises for proxy peering clients.
func (c ProxyConfig) PeerAddr() (*utils.NetAddr, error) {
addr := &c.PeerAddress
addr = &c.PeerAddress
if addr.IsEmpty() {
addr = defaults.ProxyPeeringListenAddr()
}
Expand All @@ -243,6 +240,15 @@ func (c ProxyConfig) PeerAddr() (*utils.NetAddr, error) {
return addr, nil
}

// PeerListenAddr returns the proxy peering listen address that was configured,
// or the default one otherwise.
func (c ProxyConfig) PeerListenAddr() *utils.NetAddr {
if c.PeerAddress.IsEmpty() {
return defaults.ProxyPeeringListenAddr()
}
return &c.PeerAddress
}

// KubeProxyConfig specifies the Kubernetes configuration for Teleport's proxy service
type KubeProxyConfig struct {
// Enabled turns kubernetes proxy role on or off for this process
Expand Down

0 comments on commit ed55018

Please sign in to comment.