-
Notifications
You must be signed in to change notification settings - Fork 589
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add support for HTTPRouteTimeoutBackendRequest #5243
Conversation
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #5243 +/- ##
======================================
Coverage ? 69.6%
======================================
Files ? 176
Lines ? 22710
Branches ? 0
======================================
Hits ? 15828
Misses ? 5942
Partials ? 940 ☔ View full report in Codecov by Sentry. |
0b2b8bc
to
1af087f
Compare
1af087f
to
e81c3ee
Compare
e81c3ee
to
7d63ac2
Compare
e2cb0bd
to
9889f6a
Compare
49ba4a1
to
d96c09a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that we may overlooked that we shouldn't simply iterate over all rules of an HTTPRoute and apply the timeouts to every Kong Service that originated from a given HTTPRoute. It's possible we'll have multiple Kong Services generated from a single HTTPRoute and I think we should apply the timeouts to them separately, taking into account whether a Kong Service originates from the rule with timeout defined ("belong to the same group"). The pattern used for generating Kong Services from an HTTPRoute is httpRoute.<httpRoute.namespace>.<httpRoute.name>.<firstRuleInGroup.idx>
- we generate one Service per HTTPRoute rules group (where group is a set of rules that have common backends).
To make it clear I'll provide an example. Let's say we have an HTTPRoute with two rules, each pointing at different Kubernetes Service, and one more pointing at another:
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: httproute-testing
namespace: default
annotations:
konghq.com/strip-path: "true"
spec:
parentRefs:
- name: kong
rules:
- matches:
- path:
type: PathPrefix
value: /httproute-testing
backendRefs:
- name: httpbin
kind: Service
port: 80
weight: 75
- name: nginx
kind: Service
port: 8080
weight: 25
- matches:
- path:
type: PathPrefix
value: /httpbin-only-1
backendRefs:
- name: httpbin
kind: Service
port: 80
- matches:
- path:
type: PathPrefix
value: /httbin-only-2
backendRefs:
- name: httpbin
kind: Service
port: 80
KIC will translate them to more or less this configuration (only services extracted):
_format_version: "3.0"
services:
# This service is generated out of `/httpbin-only-1` and `/httbin-only-2` rules that had the same backendRefs and settings.
- connect_timeout: 60000
host: httproute.default.httproute-testing.1
id: 672dc964-a7f8-5a80-a518-96fc39500cc8
name: httproute.default.httproute-testing.1
port: 80
protocol: http
read_timeout: 60000
retries: 5
routes:
- https_redirect_status_code: 426
id: 4deff45c-4095-55d2-80ab-aea40c0ac7bd
name: httproute.default.httproute-testing.1.0
path_handling: v0
paths:
- ~/httpbin-only-1$
- /httpbin-only-1/
- ~/httbin-only-2$
- /httbin-only-2/
preserve_host: true
protocols:
- http
- https
strip_path: true
write_timeout: 60000
# This service is generated out of `/httproute-testing` rule that has multiple backendRefs.
- connect_timeout: 60000
host: httproute.default.httproute-testing.0
id: 4e3cb785-a8d0-5866-aa05-117f7c64f24d
name: httproute.default.httproute-testing.0
port: 8080
protocol: http
read_timeout: 60000
retries: 5
routes:
- https_redirect_status_code: 426
id: 073fc413-1c03-50b4-8f44-43367c13daba
name: httproute.default.httproute-testing.0.0
path_handling: v0
paths:
- ~/httproute-testing$
- /httproute-testing/
preserve_host: true
protocols:
- http
- https
strip_path: true
Please note the comments in the resulting config. If there were multiple rules in a single HTTPRoute that would use the same Kubernetes Service, they'd be merged into one Service, but it must be the same one (or the same set of Services when multiple backends are used). This part of the Translator is responsible for this grouping mechanism.
Given that, I think we have to make sure that we do not override other Kong Service's timeouts unintentionally like it's currently implemented.
#4914 (comment) |
After discussing with @czeslavo and @mflendrich, we have reached a consensus. This feature is experimental and in an early stage. Both the upstream specification and KIC may make modifications in the future. More thought is needed to change the default behavior of KIC for it. Currently, we can keep this implementation but add a restriction that users can only set them to the same value, otherwise, it will be rejected, so there will be no overlapping situations. e.g.
this one will be rejected.
this one will be allowed I will increase this restriction through admission and create an issue for tracking. Once we have other modifications, the admission can be removed. |
d96c09a
to
c39fa90
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall looks good to me now! 👍 Just minor nits regarding TODOs and code cosmetics.
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com> Co-authored-by: Grzegorz Burzyński <czeslavo@gmail.com>
dcf0693
to
1212a5a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🚢
What this PR does / why we need it:
Which issue this PR fixes:
fixes: #4914
Special notes for your reviewer:
PR Readiness Checklist:
Complete these before marking the PR as
ready to review
:CHANGELOG.md
release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR