-
Notifications
You must be signed in to change notification settings - Fork 265
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Split base API package into sub-packages #421
Conversation
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
If we want to be serious about versioning, I recommend we follow https://cloud.google.com/apis/design/versioning. Specifically, one API version in one directory and no circular dependency, such as Please don't introduce packages like Another important thing about versioning is no breaking change within a version. Moving files around would break build badly. It should not be done when the API is being used. If we follow strict repository structure, we hardly ever need to move files. Google APIs repository has hundreds of API versions, we hardly ever moved any file once it is created. I recommend Envoy to have strict repository rules, so we don't need to do this kind of refactoring in the future. |
I don't think we will be independently versioning We are sensitive to the issue of avoiding build churn. Hopefully this is the last major move we do. I think we should also combine this with the I like the overall structure of this PR. |
^^ the above said, I think there is a case to be made for possible changing the |
Thinking about this a bit more, this is probably a good opportunity for discussion on how we want to handle API deprecation and stability. We already have some fields we'd like to deprecate (e.g. https://github.com/envoyproxy/data-plane-api/blob/master/api/bootstrap.proto#L222). Do we want to use versioning to provide immutable API versions or are we comfortable with treating the API like we do Envoy master, as a moving target that over point releases follows a well specified deprecation story? |
I agree with @htuch that overall I think this is a big improvement. We should have done this in the first place. Lesson learned.
Agreed. This really needs to be the last major churn. If we are going to churn and require people to fix up a bunch of code, just churn it now.
Personally, I'm not sure if this warrants split versioning. IMO we can handle enhanced discovery by adding new APIs and/or enhancing the existing APIs. I would prefer to try to keep everything in lockstep for simplicity.
This would be my preference, but I'm not sure it will be reasonable long term if there is substantial uptake of the APIs in other domains. IMO we should assume this now, which will allow us to iterate and keep things somewhat clean, but if there is major uptake in the future by other systems I think we will need to revisit. It would be nice to codify this somewhere. |
@kyessenov @htuch I haven't looked yet, but this will almost definitely have doc tool implications. I had wanted to revisit docs anyway to split out API docs from config docs, so I wouldn't worry about it too much, but we should at least make the docs look reasonably nice and close to what we have now until that is done. |
api/auth/BUILD
Outdated
name = "auth", | ||
proto = ":auth", | ||
deps = [ | ||
"//api:address_go_proto", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this at top level?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Go rules? I don't know why we have duplicate go/grpc rules throughout, seems to be an issue with go_rules.
ZOMG!! I am not signing up to update all the bazel references across envoy code base this time! Apart from that, What is the benefit of having route as a separate package or namespace, when we already have filter/http/ ? Since route is http only currently. if we add TCP weighted routing, its going to be fragmented. TCP stuff under filter/network/.. and http stuff sticking out at the top. And when the TCP weighted routing percolates to multiple L4 protos like redis/mongo, etc., we would need to push this up once more. Thinking out aloud, is there an opportunity to align the structure with the way Envoy high level design is? I doubt it, as this api is aligned with internal code structure. Which is fine, but from an end user looking at docs, its going to be bunch of abstractions to peruse through before they get to the point on how to configure a http listener. But may be thats a docs issue that can be handled separately. |
Smaller protos are generally best practice to avoid false dependencies, so
I think the split is beneficial?
Route is a fairly core concept, despite being technically HCM. So, I think
it makes sense as its own top level subpackage.
…On Wed, Jan 17, 2018 at 1:21 PM Shriram Rajagopalan < ***@***.***> wrote:
ZOMG!! I am not signing up to update all the bazel references across envoy
code base this time!
Apart from that,
what are the benefits of splitting up circuit breaker, outlier and cluster
as separate protos? Why not just put them all in one file?
What is the benefit of having route as a separate package or namespace,
when we already have filter/http/ ? Since route is http only currently. if
we add TCP weighted routing, its going to be fragmented. TCP stuff under
filter/network/.. and http stuff sticking out at the top. And when the TCP
weighted routing percolates to multiple L4 protos like redis/mongo, etc.,
we would need to push this up once more.
Thinking out aloud, is there an opportunity to align the structure with
the way Envoy high level design is? I doubt it, as this api is aligned with
internal code structure. Which is fine, but from an end user looking at
docs, its going to be bunch of abstractions to peruse through before they
get to the point on how to configure a http listener. But may be thats a
docs issue that can be handled separately.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#421 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AKaLvxWEKxQl2NPz9AdRVmIPTiX1Ho1dks5tLjoVgaJpZM4Rg7bJ>
.
|
@rshriram the intention behind packaging http route is that it signifies a well-defined logical concept, that can be reused horizontally and vertically across API. For example, both I have tried to keep the number of new packages to the minimum. It's possible to move route, cluster, listener, and cert back into the base. The only reason I isolated them is because there are enough definitions in each to warrant a separate namespace. |
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like this a lot.
deps = [":base_go_proto"], | ||
) | ||
|
||
api_proto_library( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggest a stats
subpackage (for metrics+stats).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, trying to keep control over the PR size, but can do it in one shot, too.
envoy/api/v2/BUILD
Outdated
) | ||
|
||
api_go_proto_library( | ||
name = "trace", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggest a tracing
subpackage in light of https://github.com/envoyproxy/data-plane-api/pull/345/files.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Created monitoring
subpackage
envoy/api/v2/BUILD
Outdated
has_services = 1, | ||
) | ||
|
||
api_go_grpc_library( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggest ratelimit
subpackage.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Created ratelimit
subpackage
|
||
// [#not-implemented-hide:] | ||
repeated Secret secrets = 3; | ||
repeated cert.Secret secrets = 3; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we want cert
subpackage or a more general security
one? @PiotrSikora
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think if we go with security
, we should put auth
in there, too.
envoy/api/v2/cluster/BUILD
Outdated
) | ||
|
||
api_proto_library( | ||
name = "cluster_def", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Prefer jsut cluster
, it's cleaner.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I was trying to keep //envoy/api/v2/cluster
as a package, but it's only used by docs.
envoy/api/v2/discovery/BUILD
Outdated
@@ -0,0 +1,155 @@ | |||
load("//bazel:api_build_system.bzl", "api_proto_library", "api_go_proto_library", "api_go_grpc_library") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could also make this envoy.api.v2.services
and put metrics/trace services and RLS here, WDYT? I don't have a strong preference.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think discovery
is more semantically loaded than services
, so is a better choice.
This looks great! Should definitely clear up the dependency issues in protoc-gen-go and simplify generation given the matching directory hierarchy. 👍 |
Signed-off-by: Kuat Yessenov <kuat@google.com>
While it is feasible to bump version for many packages at once, it is really unnecessary in practice, considering how much time to create Envoy API v2. If each package has its own version, we can easily increment version at package level, then versioning become much less a drama. That is how we do with https://github.com/googleapis/googleapis. Just FYI. For individual features, I suggest we use doc annotations, such as In practice, it is much easier to deprecate a few API elements than deprecating entire version. While this is against semantic versioning theory, I think it is the better thing to do. Deprecating a version breaks everyone, no matter how we look at it. When theory conflicts with practice, practice always wins. :) |
I will defer to @wora on the right way of laying this out. I really don't care that much, beyond wanting this to really, truly be the last time we do a move of this size. So if there are learnings let's just use them. @kyessenov can you sync with @wora and update as needed? |
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Can you update the top commit message to fix an issue in "Service configurations are moved to independently versioned packages:"; the non-bootstrap configs are in the |
Done, thanks |
Actually, I did place them into |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is awesome, LGTM modulo a few small comments.
|
||
import "envoy/service/discovery/v2/common.proto"; | ||
|
||
// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you file an issue on protobuf GH and include it in all these comments, together with a TODO to cleanup at some point?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
envoy/service/discovery/v2/eds.proto
Outdated
} | ||
|
||
// An Endpoint that Envoy can route traffic to. | ||
message LbEndpoint { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think LbEndpoint (and below LocalityLbEndpoints) are fairly core concepts in the API, so belong over in envoy.api.v2.endpoint
. CluserLoadAssignment can probably stay as it's only used as a response message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I like that. Will apply that.
// These are stats Envoy reports to GLB every so often. Report frequency is | ||
// defined by | ||
// :ref:`LoadStatsResponse.load_reporting_interval<envoy_api_field_LoadStatsResponse.load_reporting_interval>`. | ||
// :ref:`LoadStatsResponse.load_reporting_interval<envoy_api_field_load_stats.LoadStatsResponse.load_reporting_interval>`. | ||
// Stats per upstream region/zone and optionally per subzone. | ||
// [#not-implemented-hide:] Not configuration. TBD how to doc proto APIs. | ||
message UpstreamLocalityStats { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These could probably live in envoy.api.v2.endpoint
within a file called load_report.proto
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Signed-off-by: Kuat Yessenov <kuat@google.com>
Updated envoyproxy/envoy#2430 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ready to ship once @mattklein123 and @wora sign-off. Really appreciate the heavy lifting here, the APIs are in much better shape as a result.
+1 from me. @kyessenov thanks for slogging through this. Agreed this is a huge improvement. Can you do one final master merge (we will hold all other merges at this point). Also please quadruple check that we aren't dropping any recent changes with this PR - it's very difficult to review from that aspect (and I would imagine that it would be easy to accidentally miss something during merge). Thank you! |
Thanks for the feedback! I compared last several commit diffs with the tip of the PR, and everything seems to be in place. |
/lgtm |
This PR re-structures the core API proto files around several sub-packages:
envoy/api/v2/auth
contains certificate management definitions, previously located in SDS APIenvoy/api/v2/endpoint
contains endpoint definitions, as well as load report definitionenvoy/api/v2/cluster
contains cluster definitionsenvoy/api/v2/route
contains HTTP route definitionsenvoy/api/v2/listener
contains listener definitionsenvoy/api/v2/ratelimit
for the rate limit descriptorsServices are moved to independently versioned packages:
envoy/service/discovery/v2
contains definitions of all xDS servicesenvoy/service/ratelimit/v2
for the rate limit serviceenvoy/service/accesslog/v2
for the accesslog service (previously located in accesslog filter config)envoy/service/auth/v2
for the external auth service (previously located in core auth package)envoy/service/load_stats/v2
for the load reporting service (previously located in EDS)envoy/service/trace/v2
for distributed trace reportingenvoy/service/metrics/v2
for the metrics serviceService configurations are moved to independently versioned packages:
envoy/config/bootstrap/v2
for the bootstrap configurationenvoy/config/accesslog/v2
for the accesslog service proxy configurationenvoy/config/metrics/v2
for the metrics service configuration, as well as statsdenvoy/config/trace/v2
for the trace service configuration, as well as zipkin, lightstep, etcenvoy/config/ratelimit/v2
for the ratelimit service configurationNo changes are made to existing
filter
definitions, except what was necessary to make the build pass.The goal of this PR is to:
api/auth.proto
); circular dependencies force global packages in languages like goThe following detailed changes have been made:
envoy/api/v2
to align the package name with the directory pathDependency diagram:
TODO:
LbEndpoint
,HDS
, andhealth_check.proto
fixes #420