Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enabled the multiple domains support on an inference service #3615

Merged
merged 16 commits into from
Apr 30, 2024
Merged

Enabled the multiple domains support on an inference service #3615

merged 16 commits into from
Apr 30, 2024

Conversation

houshengbo
Copy link
Contributor

@houshengbo houshengbo commented Apr 19, 2024
edited

What this PR does / why we need it:
Currently KServe supports setting only a single external host for inference services. After enabling the multi-host support, we can facilitate the use cases like migrating the inference services from one to another. This PR enables this feature on a global level with the field additionalIngressDomains in the configMap inferenceservice-config.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #2747

Type of changes
Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

Feature/Issue validation/testing:

Please describe the tests that you ran to verify your changes and relevant result summary. Provide instructions so it can be reproduced.
Please also list any relevant details for your test configuration.

  • Test A

  • Test B

  • Logs

Special notes for your reviewer:

  1. Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.

Checklist:

  • Have you added unit/e2e tests that prove your fix is effective or that this feature works?
  • Has code been commented, particularly in hard-to-understand areas?
  • Have you made corresponding changes to the documentation?

Release note:

Enable the multiple domains support on an inference service.

@houshengbo houshengbo force-pushed the enable-multiple-domain branch 3 times, most recently from 3833e49 to f28620c Compare April 19, 2024 20:17
@houshengbo houshengbo changed the title WIP: Added the field AdditionalIngressDomains into the struct IngressConfig WIP: Enabled the multiple domains support on an inference service Apr 19, 2024
@houshengbo houshengbo force-pushed the enable-multiple-domain branch 6 times, most recently from 9d7d588 to 8504c99 Compare April 22, 2024 14:27
@houshengbo houshengbo changed the title WIP: Enabled the multiple domains support on an inference service Enabled the multiple domains support on an inference service Apr 22, 2024
@houshengbo
Copy link
Contributor Author

/retest

spolti
spolti reviewed Apr 22, 2024
View reviewed changes
pkg/apis/serving/v1beta1/configmap_test.go Outdated
"ingressService": "test-destination",
"localGateway": "knative-serving/knative-local-gateway",
"localGatewayService": "knative-local-gateway.istio-system.svc.cluster.local",
"urlScheme": "https",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing indentation

spolti
spolti reviewed Apr 22, 2024
View reviewed changes
pkg/controller/v1beta1/inferenceservice/reconcilers/ingress/ingress_reconciler.go Outdated
@@ -432,6 +432,11 @@ func createIngress(isvc *v1beta1.InferenceService, useDefault bool, config *v1be
})
// Include ingressDomain to the domains (both internal and external) derived by KNative
hosts = append(hosts, url.Host)

// Include additional ingressDomain to the domains (both internal and external)
if config.AdditionalIngressDomains != nil && len(*config.AdditionalIngressDomains) > 0 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Guess we need to do some validation here before append.
We could relay in the k8s validator api, or, does istio validates it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This one should work the same as ingressConfig.IngressDomain. We just read the values from the CM and set them in this config. I did not find any validation for other fields. Do you see validation for other fields?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will create or update the ingress returned by createIngress. If there is validation issue, the creation or update will fail. That's my assumption, but need to verify.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

would help to verify if the values passed in additionalIngressDomain are valid URLs. This includes their length and presence of special characters

@houshengbo houshengbo force-pushed the enable-multiple-domain branch 6 times, most recently from 7c99b8e to 98d5657 Compare April 23, 2024 17:06
spolti
spolti reviewed Apr 23, 2024
View reviewed changes
pkg/controller/v1beta1/inferenceservice/reconcilers/ingress/ingress_reconciler.go Outdated
for _, domain := range *config.AdditionalIngressDomains {
host := fmt.Sprintf("%s.%s", prefix, domain)
if !IsValidHostURL(fmt.Sprintf("%s://%s", config.UrlScheme, host)) {
log.Error(fmt.Errorf("The domain name %s in the additionalIngressDomains is not a valid domain name.", domain),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
log.Error(fmt.Errorf("The domain name %s in the additionalIngressDomains is not a valid domain name.", domain),
log.Error(fmt.Errorf("The domain name %s in the additionalIngressDomains is not valid", domain),

spolti
spolti reviewed Apr 23, 2024
View reviewed changes
pkg/controller/v1beta1/inferenceservice/reconcilers/ingress/domain.go Outdated
@@ -62,3 +63,8 @@ func GenerateDomainName(name string, obj metav1.ObjectMeta, ingressConfig *v1bet

return buf.String(), nil
}

func IsValidHostURL(hostURL string) bool {
_, err := url.ParseRequestURI(hostURL)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

there is a package called validation in the apimachinery tool that could help with it.

IIRC:

validation.IsDNS1123Subdomain()

That might be useful here, as we are validating domains for ingress controller.

wdyt @israel-hdez @yuzisun ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I change the way for us to validate the domain or subdomain.
The tricky part is how to get the subdomain. The safest way is to get the domain name for the existing hosts that knative serving generated, remove it and append the new additional ingress domain to get the new hosts.

@houshengbo houshengbo force-pushed the enable-multiple-domain branch 3 times, most recently from a9d1feb to 9401b99 Compare April 24, 2024 16:29
@houshengbo
Added the field AdditionalIngressDomains into the struct IngressConfig
13caf74 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Added the additional ingress domains into the hosts
5bf9055 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Fixed the indentation
1460d70 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Added isvc name and namespace into the domain name
41af4a7 
* Added the validation for the URLs

Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Validate the domain in the additionalIngressDomains
f412b96 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Create the hosts from the list of additionalIngressDomains
aa1e05e 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Change the way to validate the host
4259679 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Change the validation error message
4839230 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Revert the name to url
5536719 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Get all the available domain list
1144116 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
gofmt -s -w the file
39d427e 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Add additionalIngressDomains into the charts
fe25da9 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Added the comments and refactor the tests
b56f4c6 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Regenerate the manifests
33b303b 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Modify createHTTPMatchRequest, the charts and the test cases
3036579 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@houshengbo
Run make generate
f589c58 
Signed-off-by: Vincent Hou <shou73@bloomberg.net>
@israel-hdez
Copy link
Contributor

I quickly scanned the code and looks like it would work.

However, I'm wondering if we could try to rely less on Istio implementation and prefer using Knative resources? Knative already has some features to manage and customize domains.

I'd like to write a proposal for this. If it would be accepted, this PR code may become obsolete.

@houshengbo
Copy link
Contributor Author

Kserve leverages istio as the default ingress, and knative serving is just one of options provisioning the services. It may not be enough if you only think of knative.

@yuzisun
Copy link
Member

yuzisun commented Apr 30, 2024

I quickly scanned the code and looks like it would work.

However, I'm wondering if we could try to rely less on Istio implementation and prefer using Knative resources? Knative already has some features to manage and customize domains.

I'd like to write a proposal for this. If it would be accepted, this PR code may become obsolete.

I think we still want an optional routing layer for KServe specific needs, we have implemented features like path based routing and logic for routing to different inference components. The virtual service can be disabled if not needed and in future we can migrate to gateway API so it does not rely on istio.

@yuzisun
Copy link
Member

yuzisun commented Apr 30, 2024

Nice work on the first major kserve PR! @houshengbo
/lgtm
/approve

@oss-prow-bot oss-prow-bot bot added the lgtm label Apr 30, 2024
@oss-prow-bot OSS-prow-bot
Copy link

oss-prow-bot bot commented Apr 30, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alexagriffith, houshengbo, yuzisun

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@yuzisun yuzisun merged commit 36a3e6d into kserve:master Apr 30, 2024
57 of 58 checks passed
@israel-hdez
Copy link
Contributor

we have implemented features like path based routing

Hmm... OK, I hadn't this feature in mind.
Sorry for the noise.

asd981256 pushed a commit to asd981256/kserve that referenced this pull request May 14, 2024
@houshengbo @asd981256
Enabled the multiple domains support on an inference service (kserve#…
1337105 
…3615)

* Added the field AdditionalIngressDomains into the struct IngressConfig

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Added the additional ingress domains into the hosts

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Fixed the indentation

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Added isvc name and namespace into the domain name

* Added the validation for the URLs

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Validate the domain in the additionalIngressDomains

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Create the hosts from the list of additionalIngressDomains

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Change the way to validate the host

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Change the validation error message

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Revert the name to url

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Get all the available domain list

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* gofmt -s -w the file

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Add additionalIngressDomains into the charts

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Added the comments and refactor the tests

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Regenerate the manifests

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Modify createHTTPMatchRequest, the charts and the test cases

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

* Run make generate

Signed-off-by: Vincent Hou <shou73@bloomberg.net>

---------

Signed-off-by: Vincent Hou <shou73@bloomberg.net>
Signed-off-by: asd981256 <asd981256@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spolti spolti spolti left review comments

@sukumargaonkar sukumargaonkar sukumargaonkar left review comments

@yuzisun yuzisun yuzisun left review comments

@alexagriffith alexagriffith alexagriffith approved these changes

@rachitchauhan43 rachitchauhan43 Awaiting requested review from rachitchauhan43

@terrytangyuan terrytangyuan Awaiting requested review from terrytangyuan

Assignees

@yuzisun yuzisun

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow setting multiple domains on an inference service
6 participants
@houshengbo @israel-hdez @yuzisun @spolti @sukumargaonkar @alexagriffith