inbound: Consolidate port-based switching

[olix0r]

The inbound::prevent_loop module implements predicates for switching
based on the target port. But there's no reason for this control flow to
be decoupled from our stack consruction.

In preparation for further changes to inbound-port-based policy, this
change eliminates the prevent_loop module. The tcp connection stack is
updated to handle loop detection (instead of the TCP forward stack) so
that we are totally unable to initiate looping connections (i.e. if some
higher part of the stack were to do something unexpected).

[olix0r]

These constraints are unnecessary and caused us to have to document T. Easier to just remove the constraints.

[olix0r]

This BoxFuture layer is redundant -- there's already a BoxFuture in the HTTP router where it's actually needed.

[codecov-commenter]

Codecov Report

Merging #1170 (241ab83) into main (6f7968f) will decrease coverage by 0.01%.
The diff coverage is 80.00%.

@@            Coverage Diff             @@
##             main    #1170      +/-   ##
==========================================
- Coverage   75.08%   75.06%   -0.02%     
==========================================
  Files         235      234       -1     
  Lines       15095    15085      -10     
==========================================
- Hits        11334    11324      -10     
  Misses       3761     3761              

Impacted Files	Coverage Δ
linkerd/app/inbound/src/lib.rs	86.77% <78.94%> (-2.21%)	⬇️
linkerd/app/core/src/svc.rs	75.58% <100.00%> (ø)
linkerd/app/inbound/src/direct.rs	37.07% <0.00%> (-1.13%)	⬇️
linkerd/proxy/tap/src/grpc/match_.rs	62.31% <0.00%> (+1.50%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6f7968f...241ab83. Read the comment docs.

[kleimkuhler]

👍

[mateiidavid]

Looks great!

[mateiidavid]

Thanks for the comment here! Before reviewing, I went through the inbound stack to see if I can figure out what's going on. The comment was really useful to test my understanding.

[mateiidavid]

I'm curious why these have been removed. If I understand correctly, check_new_service::<T, I> would check if our target T implements the same traits as a type I so we can check whether our target provides Peek, AsyncRead (and write).

First, I'm not sure if my understanding here is fully correct, I see that in the function implementation we say "stack serves T typed targets", which is another way of saying the target we have and the request type are fit for this stack?

Second, are these checks unnecessary because we have replaced the outer stack with a switch? (I guess checks is the wrong way to put it since the first two layers from the bottom are just allocating it all on the heap?)

Sorry for the long comment!

[olix0r]

These checks are really just compile-time assertions. They can be helpful for debugging when a stack doesn't compile, but there's no inherent benefit to having them aside from clarity. We could probably restore this without any issue, though....

[mateiidavid]

One more question for this stack: do we need to consider this closure arg? I don't see it being used, why not leave it as ignored? I think it makes more sense to not ignore it, as a newbie it helps me visualise it better so I'm just curious if it's for visibility.

[olix0r]

It's used below the diff (I combined two map_stacks into one). Our compilation settings (#[deny(warning)]) won't actually let us compile with unused variables :)