-
Notifications
You must be signed in to change notification settings - Fork 468
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unclear specification for a single host with weight=0 in HTTPRoute #596
Comments
Agree that we should clarify this a bit more. My interpretation of |
There is also a potential distinction between "process the request and send to no backend" and "realize there is no backend and drop the entire HTTPRoute". for example, if we had a filter with a side effect, etc |
Are there any use cases where we'd want to run a filter + have no valid backends? That seems like it could create some really confusing config. |
I hope not! I agree it's confusing. I think we should just treat the whole route as discarded if there is no backend with a non zero weight? It could be rejected by the webhook even potentially? |
Yeah good call, this probably could be handled by the webhook. |
Single backend, weight = 0 should probably be a valid config: Scenario: admin is adding a filter chain to protect their backend. They want to test it but not allow any requests to go through. (Think DoS attack on a production system). |
In my experience, processing filters and not forwarding requests to upstream service is a common use-case. 503 feels like the right one to me. How about advising that but not conforming it? |
So what I am hearing is the spec should be:
Is that accurate? |
I feel we should use MUST here but I'd love to hear thoughts from others.
I think so. |
I think the last bullet (503) should be qualified with the fact that in most cases, we would expect some filter in the chain to generate the actual response (e.g. 404 filter) |
That WFM, but would be good to hear from non-envoy implementations as well |
This reads pretty clearly to me. There's no traffic, therefore there can never be a 503 or 404 response (since a response would be generated by traffic). That seems to also be the consensus of the discussion above, so what still needs to happen? Change the should to a MUST? |
So, in the case that you have a weight of 0 on a single host, and no filters, then the config should be admitted but route no traffic? How do we surface that to the user? Feels like a Condition that says "This doesn't do anything, are you sure?" might be useful. |
It's not broken and it does what it says on the box, my preference would be to silently accept it. |
If that's the case, then we should change the spec like this, agreed: // If only one backend is specified and it has a weight greater than 0, 100%
- // of the traffic is forwarded to that backend. If weight is set to 0, no
- // traffic should be forwarded for this entry. If unspecified, weight
+ // of the traffic is forwarded to that backend. If weight is set to 0,
+ // traffic must not be be forwarded for this entry. If unspecified, weight
// defaults to 1. |
Seems like an easy PR if this language is clearer -- send away? (Github should do word-wise diff for this one) |
Done. |
* Do not forward the traffic to backend when weight is 0 As per kubernetes-sigs/gateway-api#596, the traffic should not be forwarded when weight is 0. This patch updates it. Fix #31745 * Add release note * Return 503 when total weight is zero * Add test
What happened:
As per spec comment:
gateway-api/apis/v1alpha1/httproute_types.go
Lines 624 to 627 in 1caea70
it seems that
weight = 0
for only one backend is not invalid but what error code is expected - 404, 503 or something else?Also, a single host with
weight = 0
should be invalid configuration?How to reproduce it (as minimally and precisely as possible):
1. deploy Gateway,GatewayClass,HTTPRoute (with weight=0) ,Deployments
It is not clear what error code (
404
503
or something else) the client gets.The text was updated successfully, but these errors were encountered: