On demand loading of ScopedRouteConfiguration #12640
Conversation
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
chaoqin-li1123
changed the title
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
|
/cc stevenzzzz |
docs/root/configuration/http/http_filters/on_demand_updates_filter.rst
Outdated
Show resolved
Hide resolved
docs/root/configuration/http/http_filters/on_demand_updates_filter.rst
Outdated
Show resolved
Hide resolved
docs/root/configuration/http/http_filters/on_demand_updates_filter.rst
Outdated
Show resolved
Hide resolved
| data if RouteConfiguration is specified to be loaded on demand in the :ref:`Scoped RouteConfiguration <envoy_v3_api_msg_config.route.v3.ScopedRouteConfiguration>`. The | ||
| contents of the http header is used to find the scope and create the on-demand request. | ||
|
|
||
| On-demand VHDS and on-demand S/RDS can not be used at the same time at this point. |
There was a problem hiding this comment.
Do you have a tracking issue yet for converging the two?
| bool operator==(const ScopeKey& other) const; | ||
|
|
||
| private: | ||
| // Update the key's hash with the new fragment hash. |
There was a problem hiding this comment.
Arguably we should split this into interface/implementation, since there is a lot of low-level implementation logic here. We have precedence for doing it this way in some cases, e.g. header map, but strongly prefer to not put a ton of implementation logic (e.g. the hash function below) inside include/.
| std::function<void(bool)> route_config_updated_cb = [](bool) {}; | ||
| // Scope no longer exists after srds update. | ||
| std::function<void(bool)> route_config_updated_cb = [](bool scope_exist) { | ||
| EXPECT_FALSE(scope_exist); |
Signed-off-by: chaoqinli <chaoqinli@google.com>
There was a problem hiding this comment.
Agree with @stevenzzzz, this looks great and close to ready to ship.
/wait
| data if RouteConfiguration is specified to be loaded on demand in the :ref:`Scoped RouteConfiguration <envoy_v3_api_msg_config.route.v3.ScopedRouteConfiguration>`. The | ||
| contents of the http header is used to find the scope and create the on-demand request. | ||
|
|
||
| On-demand VHDS and on-demand S/RDS can not be used at the same time at this point. |
| @@ -1,15 +1,21 @@ | |||
| .. _config_http_filters_on_demand: | |||
|
|
|||
| On-demand VHDS Updates | |||
There was a problem hiding this comment.
We also need an entry in https://github.com/envoyproxy/envoy/blob/master/docs/root/version_history/current.rst
| test_server_->waitForCounterGe("http.config_test.rds.foo_route1.update_attempt", 1); | ||
| // Close the connection and destroy the active stream. | ||
| cleanupUpstreamAndDownstream(); | ||
| // Push rds update, on demand updated callback is post to worker thread. |
There was a problem hiding this comment.
Here's another situation I'm curious about. If I'm an untrusted client and I keep making requests that trigger on-demand behavior, then immediately shutdown the stream, and maybe the upstream is slow to respond, do we keep accumulate on-demand update callbacks on the main thread indefinitely?
There was a problem hiding this comment.
The callbacks will be cleared after the RouteConfiguration is fetched. I guess that wouldn't cause a problem if the management server is alive?
There was a problem hiding this comment.
True, I wonder if there is a possible combined attack where you take out the availability of the management server, and can then OOM the Envoy by unbounded growth of these per-stream resources that hang around when the stream is gone. Maybe a bit far fetched, it probably takes millions of requests to OOM given how tiny the closure is.
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
Signed-off-by: chaoqinli <chaoqinli@google.com>
|
LGTM modulo coverage validation. @stevenzzzz any additional comments? |
I have been talking to Chaoqin offline regularly, LGTM +1 modulo unresolved replies around clearer comments. |
Signed-off-by: chaoqinli <chaoqinli@google.com>
Commit Message:
Add a field to the current protobuf of ScopedRouteConfiguration to enable on demand scoped route table loading. The on demand scope route tables will be loaded lazily. The lazy loading feature of route table associated with scope is achieved by extending the current vhds on_demand filter to support lazy loading of RouteConfigurationscoped route discovery service.If a scoped route configuration is set to be loaded lazily, upon a http request using SRDS, when the corresponding route table of a scope is not found, post a callback to control plane, request the route table from the management server, after the route table has been initialized, continue the filter chain.
Additional Description: Design doc
Risk Level:
Testing: add unit tests and integration test to verifiy behavior changes
Docs Changes:
Release Notes:
[Optional Runtime guard:]
[Optional Fixes #Issue] on demand s/rds
[Optional Deprecated:]