[envoy/admin] Scaffolding for structured admin and config_dump endpoint #532
Conversation
envoy/admin/admin.proto
Outdated
| @@ -0,0 +1,17 @@ | |||
| syntax = "proto3"; | |||
There was a problem hiding this comment.
This should be envoy/admin/v2/admin.proto as per versioning elsewhere in data-plane-api.
There was a problem hiding this comment.
Kk. So basically the whole repo is v2?
There was a problem hiding this comment.
At this point, yep. In the future we may have independent subtrees evolve at different rates, but this is probably medium-long term.
envoy/admin/admin.proto
Outdated
| import "gogoproto/gogo.proto"; | ||
|
|
||
| message ConfigDump { | ||
| map<string, google.protobuf.Any> configs = 1 [(gogoproto.nullable) = false]; |
There was a problem hiding this comment.
Can you add comments? It's hard to know what this very general type is representing.
There was a problem hiding this comment.
+1. In general, we should add full comments here for which admin endpoints these map to, how they are used, etc. It's not completely clear to me whether we want strongly typed output (maybe we do) vs. something general like this type.
Signed-off-by: James Sedgwick <jsedgwick@lyft.com>
|
Moved to v2/ and added some comments. Btw, I tried to put in the protodoc |
envoy/admin/v2/admin.proto
Outdated
| @@ -0,0 +1,31 @@ | |||
| syntax = "proto3"; | |||
There was a problem hiding this comment.
Can we move this to config_dump.proto? I think we should have a discrete proto file for each endpoint in the admin package.
There was a problem hiding this comment.
Yeah, agreed, was just using a catch-all to punt on naming. Will do.
envoy/admin/v2/admin.proto
Outdated
|
|
||
| import "gogoproto/gogo.proto"; | ||
|
|
||
| // [#protodoc-title: ConfigDump] |
There was a problem hiding this comment.
I wouldn't worry about RST docs right now for this. There is a generally open item for how to document APIs in RST. Right now we don't really do it. We just document configuration. (In any case I don't think it's critical that these protos have HTML docs right now). We can figure it out in the context of https://github.com/envoyproxy/data-plane-api/issues/351.
There was a problem hiding this comment.
Sounds good. I didn't realize we weren't generating docs for the APIs, good that's it's on the list.
envoy/admin/v2/admin.proto
Outdated
|
|
||
| // The /config_dump admin endpoint uses this wrapper message to maintain and serve arbitrary | ||
| // configuration information from any component in Envoy. | ||
| message ConfigDump { |
There was a problem hiding this comment.
I don't think we need to do it right now, but in the future I think we want to make each endpoint a full RPC with a request and response message. This will allow us to serve both binary gRPC/REST and take parameters, etc. Can you potentially add a TODO here to that effect?
envoy/admin/v2/admin.proto
Outdated
| // routing subsystem might use "routes" as the key for its config, for which it uses the message | ||
| // RouteConfigDump as defined below. In the future, the key will also be used to filter the output | ||
| // of the /config_dump endpoint. | ||
| map<string, google.protobuf.Any> configs = 1 [(gogoproto.nullable) = false]; |
There was a problem hiding this comment.
@louiscryan advocated that we maintain these in a format suitable for replay. For that to work, I think the string here should be the type URL. We need to think how this is going to work with #527. We should have a doc for this by later this week. I think we might want this to be something like type URL -> resource name -> (resource proto x version) or something like this. It depends what we settle on for versioning in incremental xDS.
There was a problem hiding this comment.
Yeah +1 it would be nice to just have version be part of this, then we can also solve envoyproxy/envoy#2172.
There was a problem hiding this comment.
I originally had that but saw that Any has the type_url, as in https://gist.github.com/jsedgwick/3a46408a9728ccef9a63d32b4c463c2b
Now, it's missing the version - is that a deficiency of Any?
So currently it's more like resource name -> type URL -> resource proto'. Does it make more sense to group type_url` and the actual resource, just like with Any? The keep the resource name top level and bundle in the version at the end.
Anyways, bikeshedding, we can just hold on that until you guys settle on versioning.
There was a problem hiding this comment.
You don't need to wait on the versioning. Just update the map target to be a struct which contains a string version and an Any object.
There was a problem hiding this comment.
Hold on, what exactly is the version we're encoding? Or is that what's pending resolution? Shall I just fill the field with empty strings?
There was a problem hiding this comment.
I see. But in this case, those belong to RouteConfiguration, not RouteConfigDump, no? Which version would pair with the RouteConfigDump in the Any?
There was a problem hiding this comment.
RDS is a bit of a tricky one, since technically without ADS there can be multiple RDS streams, 1 per HTTP connection manager. In that case, yes, the version likely needs to go with the route configuration. For the other cases it could go at the top level (CDS, LDS, etc.).
Another way of doing it, probably better, would be to track the discovery response version that carried a discrete cluster, route, listener, etc. and print that along with each object. This would work for incremental updates better. So maybe that's that we should do. In light of that I would take a look at the message structure and figure out a nesting that works. I don't think you need to wait until the incremental stuff is decided.
There was a problem hiding this comment.
@mattklein123 One of the possible incremental xDS option is to have a version at resource level. Let's discuss there and circle back here.
envoy/admin/v2/admin.proto
Outdated
| message ConfigDump { | ||
| // This map is serialized and dumped in its entirety at the /config_dump endpoint. | ||
| // | ||
| // Keys should be a short descriptor of the config object they map to. For example, envoy's HTTP |
envoy/admin/v2/admin.proto
Outdated
| // their RouteConnfiguration objects. Static routes configured in the bootstrap configuration are | ||
| // separated from those configured dynamically via RDS. This message is available at the | ||
| // /config_dump admin endpoint. | ||
| message RouteConfigDump { |
There was a problem hiding this comment.
This is a good point; we want to be able to dump static and dynamic information. What if we have an endpoint to dump the entire bootstrap? Would that be sufficient for covering the static requirements?
There was a problem hiding this comment.
Yes we should definitely have a bootstrap dump option. I could go either way on whether that covers though, because for example a route table can come as part of a static LDS route. I think it's probably OK for "routes" to dump both static and dynamic.
There was a problem hiding this comment.
Yes, the Bootstrap should definitely have a dump. Is that the sort of thing I should be opening issues for? I'm keeping notes locally so I don't forget.
More to the point, it seems helpful to have this distinction available without going for the bootstrap dump. IMO RouteConfiguration could use a flag indicating its static/dynamic origin but maybe that ship has sailed.
Signed-off-by: James Sedgwick <jsedgwick@lyft.com>
|
@jsedgwick my advice is to mark this proto as "draft" type (see other examples) and go ahead and finish up the envoy side PR. We can add in version info next as we are saying the proto is not finalized. |
Signed-off-by: James Sedgwick <jsedgwick@lyft.com>
There was a problem hiding this comment.
LGTM. Thanks. @htuch any further comments? We can add version info in a follow up once we finalize that proposal.
| // This map is serialized and dumped in its entirety at the /config_dump endpoint. | ||
| // | ||
| // Keys should be a short descriptor of the config object they map to. For example, envoy's HTTP | ||
| // routing subsystem might use "routes" as the key for its config, for which it uses the message |
There was a problem hiding this comment.
I think we should consider making this a type URL in the future. I'm still after a config that could be effectively replayed via an xDS management server.
This is a step towards dumping configs in proto form. There is a new config_dump endpoint, which spits out all registered configs. It's pretty-printed JSON for now; obviously we can play with format/serialization. Anyone can add a config via the ConfigTracker object that hangs off Admin. ConfigTracker makes the whole thing RAII-y, so that the list of config providers is maintained opaquely. This means the end user doesn't have to worry about ownership, capturing this, etc. Contrast with current unenforced pair of addHandler/removeHandler. This sort of managed weak ownership can be useful all over envoy; just in this diff I left a comment where something like ConfigTracker would delete a bunch of fragile code and confusion. I will genericize it in a future diff though, so let's focus on the functionality here and try to punt on extended discussion of this component and its possibilities. To demonstrate all the structured admin/config dumping scaffolding, I implemented it all for routes. See the data-plane-api PR (envoyproxy/data-plane-api#532) for context. But you can see how other config_dump handlers and, hopefully, all admin endpoints can be turned into structured, arbitrarily consumable proto via this setup. Risk Level: Medium. New feature on admin subsystem, intended to be minimally intrusive into rest of server Testing: New + existing unit. Tested locally with sudo ./bazel-bin/source/exe/envoy-static -c examples/front-proxy/front-envoy.yaml Output looks like: https://gist.github.com/jsedgwick/3a46408a9728ccef9a63d32b4c463c2b Docs Changes: I put TODO doxme everywhere I plan to add docs once the code/API is agreed upon. I won't merge this PR until docs are in. Release Notes: TODO pending consensus on this PR Issues: Makes progress on #2421, #2172 API Changes:] envoyproxy/data-plane-api#532 Deprecated: Current routes endpoint should be considered marked for deletion, but I'll do that in a subsequent PR. There should be some nice cleanup in addition to code deletion with this change. Signed-off-by: James Sedgwick <jsedgwick@lyft.com>
See envoyproxy/envoy#2771 for context
I will add documentation once the interfaces and placement of these things is settled. Current location (new admin package) was agreed upon as a good start with @htuch but i don't feel strongly about that or naming.
Signed-off-by: James Sedgwick jsedgwick@lyft.com