If you are implementing the Service Mesh functionality of Consul, you are more than likely using Envoy, an open source edge and service proxy designed for cloud-native applications, as the default proxy in setting up the Connect sidecars. Previous versions of Consul supported both v2 and v3 variants of the Envoy XDS Transport Protocol. In Consul 1.11, support for Envoy 1.16 is removed and consequently v2 is no longer supported. What this means is that if you have generated your Envoy bootstrap files using the Consul CLI that is newer than 1.10, you must make sure that you upgrade Consul and Envoy per the Stairstep Upgrade Path before upgrading to Consul 1.11. When upgrading to Consul 1.10, you must ensure that the Envoy sidecars are restarted and bootstrapped using a version of the Consul CLI >= 1.10. This ensures your sidecars are supported by Consul 1.11.
The best way to upgrade Envoy would be through the config files which define the global proxy-defaults config_entries. An example of a config entry that returns the v2 of envoy_tracing_json is the following:
{
"Kind": "proxy-defaults",
"Name": "global",
"Config": {
"envoy_extra_static_clusters_json": "{\"connect_timeout\": \"3.000s\",\"dns_lookup_family\": \"V4_ONLY\",\"lb_policy\": \"ROUND_ROBIN\",\"load_assignment\": {\"cluster_name\": \"datadog_8126\",\"endpoints\": [{\"lb_endpoints\": [{\"endpoint\": {\"address\": {\"socket_address\": {\"address\": \"datadog-apm.service.owf-dev\",\"port_value\": 8126,\"protocol\": \"TCP\"}}}}]}]},\"name\": \"datadog_8126\",\"type\": \"STRICT_DNS\"}",
"envoy_tracing_json": "{\"http\": {\"name\": \"envoy.tracers.datadog\",\"config\": {\"collector_cluster\": \"datadog_8126\",\"service_name\": \"envoy\"}}}",
"protocol": "http"
},
"MeshGateway": {},
"Expose": {},
"CreateIndex": 65504642,
"ModifyIndex": 65504642
}
From there, you would need to issue a consul config write to edit the config entry(which can be found in the Consul agent's data directory so that tracing is added).
$ cat /tmp/consul.proxy-defaults.config.new.json
{
"Kind": "proxy-defaults",
"Name": "global",
"Config": {
"envoy_extra_static_clusters_json": "{\"connect_timeout\": \"3.000s\",\"dns_lookup_family\": \"V4_ONLY\",\"lb_policy\": \"ROUND_ROBIN\",\"load_assignment\": {\"cluster_name\": \"datadog_8126\",\"endpoints\": [{\"lb_endpoints\": [{\"endpoint\": {\"address\": {\"socket_address\": {\"address\": \"datadog-apm.service.owf-dev\",\"port_value\": 8126,\"protocol\": \"TCP\"}}}}]}]},\"name\": \"datadog_8126\",\"type\": \"STRICT_DNS\"}",
"envoy_tracing_json": "{\"http\": {\"name\": \"envoy.tracers.datadog\",\"typed_config\": {\"@type\": \"type.googleapis.com/envoy.config.trace.v3.DatadogConfig\", \"collector_cluster\": \"datadog_8126\",\"service_name\": \"envoy\"}}}",
"protocol": "http"
},
"MeshGateway": {},
"Expose": {},
"CreateIndex": 65504642,
"ModifyIndex": 65504642
}
consul config write /tmp/consul.proxy-defaults.config.new.json
Config entry written: proxy-defaults/global
consul config read -kind proxy-defaults -name global
{
"Kind": "proxy-defaults",
"Name": "global",
"Namespace": "default",
"Config": {
"envoy_extra_static_clusters_json": "{\"connect_timeout\": \"3.000s\",\"dns_lookup_family\": \"V4_ONLY\",\"lb_policy\": \"ROUND_ROBIN\",\"load_assignment\": {\"cluster_name\": \"datadog_8126\",\"endpoints\": [{\"lb_endpoints\": [{\"endpoint\": {\"address\": {\"socket_address\": {\"address\": \"datadog-apm.service.owf-dev\",\"port_value\": 8126,\"protocol\": \"TCP\"}}}}]}]},\"name\": \"datadog_8126\",\"type\": \"STRICT_DNS\"}",
"envoy_tracing_json": "{\"http\": {\"name\": \"envoy.tracers.datadog\",\"typed_config\": {\"@type\": \"type.googleapis.com/envoy.config.trace.v3.DatadogConfig\", \"collector_cluster\": \"datadog_8126\",\"service_name\": \"envoy\"}}}",
"protocol": "http"
},
"MeshGateway": {},
"Expose": {},
"CreateIndex": 65504642,
"ModifyIndex": 168677014
}
To verify that the config was indeed updated, you run the consul config read -kind proxy-defaults -name global command to fetch the value of that config entry. Once that is updated in the Consul state store, you would then have to trigger a re-bootstrap of the various envoy configs and re-start the envoy sidecars to pick up the change.
Additional Information