Listeners aren't updated when the LDS config file is copied (as opposed to being moved) #2241
Description
Description:
We are trying to use file watchers to updated the listeners config, specifically the cert/key of the listener. Until V2 we were using v1 LDS. When the listeners.yaml is updated copied (as opposed to moved) envoy fails to recreate the listeners with the new configuration.
Repro steps:
The following setup has two listeners configurations each using a different cert/key and specify a different stat prefix (something that we used to do previously with the V1 LDS to force recreation of the listeners since in our setup the path to the cert/key don't change)
Assuming you have the files in this gist in /envoy_config:
cd /envoy_config
cp listeners-1.yaml listeners.yaml # creates listeners.yaml which is used in the config
./envoy -c config.yaml --v2-config-only --service-cluster some-cluster --service-node some-node --log-level debug --drain-time-s 2 # start envoy
openssl s_client -connect localhost:61001 </dev/null 2>&1 | grep CN | head -n1 # outputs depth=0 CN = server.1
# switch the configurations
cp listeners-2.yaml listeners.yaml
openssl s_client -connect localhost:61001 </dev/null 2>&1 | grep CN | head -n1 # outputs depth=0 CN = server.1 instead of server.2
# restart envoy to make sure the configuration is correct
pkill -f envoy && ./envoy -c config.yaml --v2-config-only --service-cluster some-cluster --service-node some-node --log-level debug --drain-time-s 2 # restart envoy
openssl s_client -connect localhost:61001 </dev/null 2>&1 | grep CN | head -n1 # outputs depth=0 CN = server.2 Note: Replacing the above cp listeners-2.yaml listeners.yaml with mv listeners-2.yaml listeners.yaml works as expected
Config:
Shared above in the repro steps