feat: Support adding a proxy server in between when forwarding requests to upstream (#2710)

Co-authored-by: 澄潭 <zty98751@alibaba-inc.com>
2026-06-09 20:57:32 +08:00 · 2025-08-15 16:15:42 +08:00
parent 995bcc2168
commit 5822868f87
21 changed files with 1097 additions and 253 deletions
--- a/registry/direct/watcher.go
+++ b/registry/direct/watcher.go
@@ -94,6 +94,12 @@ func WithSNI(sni string) WatcherOption {
 	}
 }

+func WithProxyName(proxyName string) WatcherOption {
+	return func(w *watcher) {
+		w.ProxyName = proxyName
+	}
+}
+
 func (w *watcher) Run() {
 	w.mutex.Lock()
 	defer w.mutex.Unlock()
@@ -108,12 +114,14 @@ func (w *watcher) Run() {
 				ServiceKey:      ingress.CreateMcpServiceKey(host, int32(w.Port)),
 			}
 		}
-		w.cache.UpdateServiceWrapper(host, &memory.ServiceWrapper{
+		proxyConfig := w.generateProxyConfig(serviceEntry)
+		w.cache.UpdateServiceWrapper(host, &ingress.ServiceWrapper{
 			ServiceName:            w.Name,
 			ServiceEntry:           serviceEntry,
 			Suffix:                 w.Type,
 			RegistryType:           w.Type,
 			RegistryName:           w.Name,
+			ProxyConfig:            proxyConfig,
 			DestinationRuleWrapper: destinationRuleWrapper,
 		})
 		w.UpdateService()
@@ -197,11 +205,7 @@ func (w *watcher) generateDestinationRule(se *v1alpha3.ServiceEntry) *v1alpha3.D
 	if !common.Protocol(se.Ports[0].Protocol).IsHTTPS() {
 		return nil
 	}
-	sni := w.Sni
-	// DNS type, automatically sets SNI based on domain name.
-	if sni == "" && w.Type == string(registry.DNS) && len(se.Endpoints) == 1 {
-		sni = w.Domain
-	}
+	sni := w.getSni(se)
 	return &v1alpha3.DestinationRule{
 		Host: se.Hosts[0],
 		TrafficPolicy: &v1alpha3.TrafficPolicy{
@@ -218,7 +222,26 @@ func (w *watcher) generateDestinationRule(se *v1alpha3.ServiceEntry) *v1alpha3.D
 			},
 		},
 	}
+}

+func (w *watcher) generateProxyConfig(entry *v1alpha3.ServiceEntry) *ingress.ServiceProxyConfig {
+	if w.ProxyName == "" {
+		return nil
+	}
+	return &ingress.ServiceProxyConfig{
+		ProxyName:        w.ProxyName,
+		UpstreamProtocol: common.ParseProtocol(entry.Ports[0].Protocol),
+		UpstreamSni:      w.getSni(entry),
+	}
+}
+
+func (w *watcher) getSni(se *v1alpha3.ServiceEntry) string {
+	sni := w.Sni
+	// DNS type, automatically sets SNI based on domain name.
+	if sni == "" && w.Type == string(registry.DNS) && len(se.Endpoints) == 1 {
+		sni = w.Domain
+	}
+	return sni
 }

 func (w *watcher) GetRegistryType() string {