kuma-cp: pick a single the most specific TrafficRoute for every outbound interface of a Dataplane #421

yskopets · 2019-11-11T00:41:45Z

Summary

pick a single the most specific TrafficRoute for every outbound interface of a Dataplane
- match by an exact value is more specific than match by *
  - e.g., service: backend wins over service: *
- match by N+1 tags is more specific than match by N tags
  - e.g., service: backend, version: v1 wins over service: backend
- if 2 selectors have the same number of tags, the one that has more exact values is more specific
  - e.g., service: backend, version: v1 wins over service: backend, version: *
- to compare a combination of source and destination selectors we sum up their numbers of exact and wildcard matching tags
  - e.g.,
    - given TrafficRoute 1:
      sources: - match: service: web version: '*' destinations: - match: service: backend
    - and TrafficRoute 2:
      sources: - match: service: web version: '*' destinations: - match: service: '*'
    - TrafficRoute 1 is more specific since it has 3 tags but only 1 wildcard vs 3 tags and 2 wildcards in case of TrafficRoute 2
- when resolving a tie we consider lexicographical order of Namespace and Name of involved TrafficRoutes
  - e.g., in case of tie,
    - TrafficRoute from the namespace demo wins over a rule from the namespace test
    - when in the same namespace, TrafficRoute named Alice wins over TrafficRoute named Bob

…und interface of a Dataplane

jakubdyszkiewicz

I like the tests, it helped me understand the code.

jakubdyszkiewicz · 2019-11-11T09:06:55Z

pkg/xds/topology/router.go

+		if ok {
+			for _, destination := range route.Spec.Conf {
+				service, ok := destination.Destination[mesh_proto.ServiceTag]
+				if ok {


What happens if there is no service tag here? I guess this should be caught be validation, but can we then log it if it's wrong or even fail with panic?

I'm against a panic: a single invalid Dataplane resource should not crash the entire Control Plane.
Logging creates too much noise. A metric might be a proper solution here.
Although, Dataplane resource is invalid in the first place. So, users must have already been alarmed even without this implementation-specific metric.

I'm adding a TODO here to consider exposing a metric

jakubdyszkiewicz · 2019-11-12T08:28:31Z

pkg/xds/topology/outbound.go

+				// skip dataplanes with invalid configuration
+				continue
+			}
+			// TODO(yskopets): do we need to dedup?


I guess it would be safer to do it. Can you maybe add an issue so we don't forget about it?

https://github.com/Kong/kuma/issues/427

jakubdyszkiewicz · 2019-11-12T08:32:38Z

pkg/xds/topology/router.go

+				},
+				Spec: mesh_proto.TrafficRoute{
+					Sources: []*mesh_proto.Selector{{
+						Match: mesh_proto.MatchService(mesh_proto.MatchAllTag),


maybe mesh_proto.MatchAll()?

added MatchAnyService()

pkg/xds/topology/router.go

yskopets requested a review from a team November 11, 2019 00:41

yskopets force-pushed the feature/select-the-most-specific-traffic-route-per-outbound-interface branch from 4497fa7 to dfa44b6 Compare November 11, 2019 00:58

yskopets assigned jakubdyszkiewicz Nov 11, 2019

yskopets added the kuma-cp label Nov 11, 2019

yskopets added this to the 0.3.0 milestone Nov 11, 2019

yskopets requested a review from jakubdyszkiewicz November 11, 2019 01:01

yskopets unassigned jakubdyszkiewicz Nov 11, 2019

kuma-cp: pick a single the most specific TrafficRoute for every outbo…

e22dd9a

…und interface of a Dataplane

yskopets force-pushed the feature/select-the-most-specific-traffic-route-per-outbound-interface branch from dfa44b6 to e22dd9a Compare November 11, 2019 10:28

yskopets changed the base branch from feature/migrate-to-the-latest-go-control-plane to master November 11, 2019 13:02

jakubdyszkiewicz approved these changes Nov 12, 2019

View reviewed changes

golangcibot reviewed Nov 12, 2019

View reviewed changes

pkg/xds/topology/router.go Outdated Show resolved Hide resolved

yskopets force-pushed the feature/select-the-most-specific-traffic-route-per-outbound-interface branch from bacbfd0 to 2d8c64b Compare November 12, 2019 10:04

yskopets added 2 commits November 12, 2019 11:18

code review: add TODOs for decisions that might require follow-up

acf3697

code review: refactoring

d48f59b

yskopets force-pushed the feature/select-the-most-specific-traffic-route-per-outbound-interface branch from 2d8c64b to d48f59b Compare November 12, 2019 10:19

yskopets merged commit be14f7b into master Nov 12, 2019

yskopets deleted the feature/select-the-most-specific-traffic-route-per-outbound-interface branch December 19, 2019 19:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

kuma-cp: pick a single the most specific TrafficRoute for every outbound interface of a Dataplane #421

kuma-cp: pick a single the most specific TrafficRoute for every outbound interface of a Dataplane #421

yskopets commented Nov 11, 2019

jakubdyszkiewicz left a comment

jakubdyszkiewicz Nov 11, 2019

yskopets Nov 12, 2019

yskopets Nov 12, 2019

jakubdyszkiewicz Nov 12, 2019

yskopets Nov 12, 2019

jakubdyszkiewicz Nov 12, 2019

yskopets Nov 12, 2019

kuma-cp: pick a single the most specific TrafficRoute for every outbound interface of a Dataplane #421

kuma-cp: pick a single the most specific TrafficRoute for every outbound interface of a Dataplane #421

Conversation

yskopets commented Nov 11, 2019

Summary

jakubdyszkiewicz left a comment

Choose a reason for hiding this comment

jakubdyszkiewicz Nov 11, 2019

Choose a reason for hiding this comment

yskopets Nov 12, 2019

Choose a reason for hiding this comment

yskopets Nov 12, 2019

Choose a reason for hiding this comment

jakubdyszkiewicz Nov 12, 2019

Choose a reason for hiding this comment

yskopets Nov 12, 2019

Choose a reason for hiding this comment

jakubdyszkiewicz Nov 12, 2019

Choose a reason for hiding this comment

yskopets Nov 12, 2019

Choose a reason for hiding this comment