-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Client Status Discovery Service (CSDS) API definition #9383
Conversation
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
@fuqianggao can you look at CI? |
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
CI is passing. htuch@ PTAL. |
@fuqianggao thanks for this. This is interesting. To help with review, can you provide some more high level context on rationale, etc.? Thank you. /wait-any |
@mattklein123 The purpose of this API is to provide a way for control plane to expose its view on the status of clients connected to it. For example, in a service mesh with many Envoys, a standalone debug tool can connect to control plane and stream CSDS, to know which Envoys are actually connected to the control plane and what configs they are getting. This will be very helpful for debugging purpose. Istio has a similar command line tool: https://istio.io/docs/ops/diagnostic-tools/proxy-cmd/, I imagine they can possibly use CSDS. Besides configs, it's also possible to include other stats in CSDS, but there are other means to expose those (e.g. stackdriver). |
@fuqianggao agreed this is a very useful thing to add, thanks for the context. I'm tagging a bunch of people at Lyft who will be interested in this as we are looking at building out some behavior along these lines in a management tool. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mattklein123 FWIW, I've already done some internal design discussion with @fuqianggao on this, definitely valuable to see what other orgs and potential users think.
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cool stuff. Generally LGTM w/ one question.
This pull request has been automatically marked as stale because it has not had activity in the last 7 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! |
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
@htuch @mattklein123 Made a minor change: make MetadataMatcher inside NodeMatcher repeated to enable match on multiple metadata fields. PTAL again. Thanks! |
StringMatcher node_id = 1; | ||
|
||
// Specifies match criteria on the node metadata. | ||
repeated MetadataMatcher node_metadatas = 2; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this AND
semantics? Might it be the case that someone one day wants OR
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, this is intended to be AND. If OR is needed, one can have repeated NodeMatcher, and only include either node_id or node_metadatas in them.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you clarify this in the docs per my other comment both here and there?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done. Thank you.
"envoy.service.status.v2.ClientStatusRequest"; | ||
|
||
// Management server can use these match criteria to identify clients. | ||
repeated type.matcher.v3.NodeMatcher node_matchers = 1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need multiple of these if NodeMatcher
is sufficiently expressive?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't see how we could achieve requesting client status for multiple unique node ids with only a single NodeMatcher. For example, if I want to request client status for "client-abc", and "client-123", it's hard to come up with a match that will only select this two.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So this is an OR match, right? Can you clarify this in the docs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM other than remaining doc comments. Please merge master as you will need to add another protodoc-title I think. Thank you.
/wait
"envoy.service.status.v2.ClientStatusRequest"; | ||
|
||
// Management server can use these match criteria to identify clients. | ||
repeated type.matcher.v3.NodeMatcher node_matchers = 1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So this is an OR match, right? Can you clarify this in the docs?
StringMatcher node_id = 1; | ||
|
||
// Specifies match criteria on the node metadata. | ||
repeated MetadataMatcher node_metadatas = 2; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you clarify this in the docs per my other comment both here and there?
api/envoy/type/matcher/node.proto
Outdated
option java_outer_classname = "NodeProto"; | ||
option java_multiple_files = true; | ||
|
||
// [#protodoc-title:NodeMatcher] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: "// [#protodoc-title: Node matcher]"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see that other files still have the original format, e.g.: https://github.com/envoyproxy/envoy/blob/master/api/envoy/type/matcher/v3/metadata.proto#L15
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you mind fixing the other one(s)? It's a doc nit but generally we try for human readable docs.
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM other than small doc nit, thanks.
/wait
api/envoy/type/matcher/node.proto
Outdated
option java_outer_classname = "NodeProto"; | ||
option java_multiple_files = true; | ||
|
||
// [#protodoc-title:NodeMatcher] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you mind fixing the other one(s)? It's a doc nit but generally we try for human readable docs.
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Done. Thanks for your review! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Since envoyproxy#9383 merged, I've been unable to bazel build @envoy_api//... Upsteam fix at protocolbuffers/protobuf#7135 Adding as a patch to avoid having to bump protobuf version when that merges just for this. Risk level: Low Testing: bazel build @envoy_api//... Signed-off-by: Harvey Tuch <htuch@google.com>
Since #9383 merged, I've been unable to bazel build @envoy_api//... Upstream fix at protocolbuffers/protobuf#7135 Adding as a patch to avoid having to bump protobuf version when that merges just for this. Risk level: Low Testing: bazel build @envoy_api//... Signed-off-by: Harvey Tuch <htuch@google.com>
Add Client Status Discovery Service (CSDS) API definition. This can be used by debug tools to obtain config information for specific clients from control plane.
Risk Level: Low
Testing: N/A
Docs Changes: N/A
Release Notes: N/A