ingress: Restore original dst address routing (#1016)

In f8cc918, we started requiring the `l5d-dst-override` header. As
described in linkerd/linkerd2#6157, this breaks some ingress
configurations, especially those that may route to out-of-cluster
resources.

This change restores original-dst-addr routing for requests that do not
include the `l5d-dst-override` header.

Internally, this change centralizes the `DST_OVERRIDE_HEADER` and
related utilities to the ingress module, as no other modules should have
to know anything about it.

Author: olix0r

linkerd/app/core/src/lib.rs

@@ -52,7 +52,6 @@ pub mod transport;
 pub use self::addr_match::{AddrMatch, IpMatch, NameMatch};
 
 pub const CANONICAL_DST_HEADER: &str = "l5d-dst-canonical";
-pub const DST_OVERRIDE_HEADER: &str = "l5d-dst-override";
 
 const DEFAULT_PORT: u16 = 80;
 
@@ -65,17 +64,6 @@ pub struct ProxyRuntime {
     pub drain: drain::Watch,
 }
 
-pub fn http_request_l5d_override_dst_name_addr<B>(
-    req: &http::Request<B>,
-) -> Result<NameAddr, addr::Error> {
-    proxy::http::authority_from_header(req, DST_OVERRIDE_HEADER)
-        .ok_or_else(|| {
-            tracing::trace!("{} not in request headers", DST_OVERRIDE_HEADER);
-            addr::Error::InvalidHost
-        })
-        .and_then(|a| NameAddr::from_authority_with_default_port(&a, DEFAULT_PORT))
-}
-
 pub fn http_request_authority_addr<B>(req: &http::Request<B>) -> Result<Addr, addr::Error> {
     req.uri()
         .authority()

linkerd/app/core/src/svc.rs

@@ -28,6 +28,11 @@ pub use tower::{
 
 pub type Buffer<Req, Rsp, E> = TowerBuffer<BoxService<Req, Rsp, E>, Req>;
 
+pub type BoxHttp<B = http::BoxBody> =
+    BoxService<http::Request<B>, http::Response<http::BoxBody>, Error>;
+
+pub type BoxNewHttp<T, B = http::BoxBody> = BoxNewService<T, BoxHttp<B>>;
+
 #[derive(Clone, Debug)]
 pub struct Layers<L>(L);
 

linkerd/app/inbound/src/http/mod.rs

@@ -19,7 +19,7 @@ use linkerd_app_core::{
     proxy::{http, tap},
     reconnect,
     svc::{self, Param},
-    Error, DST_OVERRIDE_HEADER,
+    Error,
 };
 use tracing::debug_span;
 
@@ -227,9 +227,6 @@ where
                     .push(http::BoxResponse::layer()),
             )
             .check_new_service::<Target, http::Request<http::BoxBody>>()
-            // Removes the override header after it has been used to
-            // determine a request target.
-            .push_on_response(strip_header::request::layer(DST_OVERRIDE_HEADER))
             // Routes each request to a target, obtains a service for that
             // target, and dispatches the request.
             .instrument_from_target()

linkerd/app/outbound/src/http/endpoint.rs

@@ -8,14 +8,7 @@ use linkerd_app_core::{
 use tokio::io;
 
 impl<C> Outbound<C> {
-    pub fn push_http_endpoint<T, B>(
-        self,
-    ) -> Outbound<
-        svc::BoxNewService<
-            T,
-            svc::BoxService<http::Request<B>, http::Response<http::BoxBody>, Error>,
-        >,
-    >
+    pub fn push_http_endpoint<T, B>(self) -> Outbound<svc::BoxNewHttp<T, B>>
     where
         T: Clone + Send + Sync + 'static,
         T: svc::Param<http::client::Settings>

linkerd/app/outbound/src/http/logical.rs

@@ -8,20 +8,12 @@ use linkerd_app_core::{
         http,
         resolve::map_endpoint,
     },
-    retry, svc, Error, Never, DST_OVERRIDE_HEADER,
+    retry, svc, Error, Never,
 };
 use tracing::debug_span;
 
 impl<E> Outbound<E> {
-    pub fn push_http_logical<B, ESvc, R>(
-        self,
-        resolve: R,
-    ) -> Outbound<
-        svc::BoxNewService<
-            Logical,
-            svc::BoxService<http::Request<B>, http::Response<http::BoxBody>, Error>,
-        >,
-    >
+    pub fn push_http_logical<B, ESvc, R>(self, resolve: R) -> Outbound<svc::BoxNewHttp<Logical, B>>
     where
         B: http::HttpBody<Error = Error> + std::fmt::Debug + Default + Send + 'static,
         B::Data: Send + 'static,
@@ -144,11 +136,7 @@ impl<E> Outbound<E> {
             // canonical-dst-header. The response body is boxed unify the profile
             // stack's response type. withthat of to endpoint stack.
             .push(http::NewHeaderFromTarget::<CanonicalDstHeader, _>::layer())
-            .push_on_response(
-                svc::layers()
-                    .push(http::strip_header::request::layer(DST_OVERRIDE_HEADER))
-                    .push(http::BoxResponse::layer()),
-            )
+            .push_on_response(svc::layers().push(http::BoxResponse::layer()))
             .instrument(|l: &Logical| debug_span!("logical", dst = %l.logical_addr))
             .push_on_response(svc::BoxService::layer())
             .push(svc::BoxNewService::layer());