Add Client Status Discovery Service (CSDS) API definition#9383
Add Client Status Discovery Service (CSDS) API definition#9383htuch merged 51 commits intoenvoyproxy:masterfrom
Conversation
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
|
@fuqianggao can you look at CI? |
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
|
CI is passing. htuch@ PTAL. |
|
@fuqianggao thanks for this. This is interesting. To help with review, can you provide some more high level context on rationale, etc.? Thank you. /wait-any |
|
@mattklein123 The purpose of this API is to provide a way for control plane to expose its view on the status of clients connected to it. For example, in a service mesh with many Envoys, a standalone debug tool can connect to control plane and stream CSDS, to know which Envoys are actually connected to the control plane and what configs they are getting. This will be very helpful for debugging purpose. Istio has a similar command line tool: https://istio.io/docs/ops/diagnostic-tools/proxy-cmd/, I imagine they can possibly use CSDS. Besides configs, it's also possible to include other stats in CSDS, but there are other means to expose those (e.g. stackdriver). |
|
@fuqianggao agreed this is a very useful thing to add, thanks for the context. I'm tagging a bunch of people at Lyft who will be interested in this as we are looking at building out some behavior along these lines in a management tool. |
htuch
left a comment
htuch
left a comment
There was a problem hiding this comment.
@mattklein123 FWIW, I've already done some internal design discussion with @fuqianggao on this, definitely valuable to see what other orgs and potential users think.
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
Cool stuff. Generally LGTM w/ one question.
|
This pull request has been automatically marked as stale because it has not had activity in the last 7 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! |
stale
bot
added
the
stale
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
stale
bot
removed
the
stale
|
@htuch @mattklein123 Made a minor change: make MetadataMatcher inside NodeMatcher repeated to enable match on multiple metadata fields. PTAL again. Thanks! |
| StringMatcher node_id = 1; | ||
|
|
||
| // Specifies match criteria on the node metadata. | ||
| repeated MetadataMatcher node_metadatas = 2; |
There was a problem hiding this comment.
Is this AND semantics? Might it be the case that someone one day wants OR?
There was a problem hiding this comment.
Yes, this is intended to be AND. If OR is needed, one can have repeated NodeMatcher, and only include either node_id or node_metadatas in them.
There was a problem hiding this comment.
Can you clarify this in the docs per my other comment both here and there?
There was a problem hiding this comment.
Done. Thank you.
| "envoy.service.status.v2.ClientStatusRequest"; | ||
|
|
||
| // Management server can use these match criteria to identify clients. | ||
| repeated type.matcher.v3.NodeMatcher node_matchers = 1; |
There was a problem hiding this comment.
Do we need multiple of these if NodeMatcher is sufficiently expressive?
There was a problem hiding this comment.
I don't see how we could achieve requesting client status for multiple unique node ids with only a single NodeMatcher. For example, if I want to request client status for "client-abc", and "client-123", it's hard to come up with a match that will only select this two.
There was a problem hiding this comment.
So this is an OR match, right? Can you clarify this in the docs?
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
LGTM other than remaining doc comments. Please merge master as you will need to add another protodoc-title I think. Thank you.
/wait
| "envoy.service.status.v2.ClientStatusRequest"; | ||
|
|
||
| // Management server can use these match criteria to identify clients. | ||
| repeated type.matcher.v3.NodeMatcher node_matchers = 1; |
There was a problem hiding this comment.
So this is an OR match, right? Can you clarify this in the docs?
| StringMatcher node_id = 1; | ||
|
|
||
| // Specifies match criteria on the node metadata. | ||
| repeated MetadataMatcher node_metadatas = 2; |
There was a problem hiding this comment.
Can you clarify this in the docs per my other comment both here and there?
api/envoy/type/matcher/node.proto
Outdated
| option java_outer_classname = "NodeProto"; | ||
| option java_multiple_files = true; | ||
|
|
||
| // [#protodoc-title:NodeMatcher] |
There was a problem hiding this comment.
nit: "// [#protodoc-title: Node matcher]"
There was a problem hiding this comment.
I see that other files still have the original format, e.g.: https://github.com/envoyproxy/envoy/blob/master/api/envoy/type/matcher/v3/metadata.proto#L15
There was a problem hiding this comment.
Do you mind fixing the other one(s)? It's a doc nit but generally we try for human readable docs.
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
mattklein123
left a comment
mattklein123
left a comment
There was a problem hiding this comment.
LGTM other than small doc nit, thanks.
/wait
api/envoy/type/matcher/node.proto
Outdated
| option java_outer_classname = "NodeProto"; | ||
| option java_multiple_files = true; | ||
|
|
||
| // [#protodoc-title:NodeMatcher] |
There was a problem hiding this comment.
Do you mind fixing the other one(s)? It's a doc nit but generally we try for human readable docs.
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Signed-off-by: Fuqiang Gao <fuqianggao@google.com>
Done. Thanks for your review! |
Since envoyproxy#9383 merged, I've been unable to bazel build @envoy_api//... Upsteam fix at protocolbuffers/protobuf#7135 Adding as a patch to avoid having to bump protobuf version when that merges just for this. Risk level: Low Testing: bazel build @envoy_api//... Signed-off-by: Harvey Tuch <htuch@google.com>
Since #9383 merged, I've been unable to bazel build @envoy_api//... Upstream fix at protocolbuffers/protobuf#7135 Adding as a patch to avoid having to bump protobuf version when that merges just for this. Risk level: Low Testing: bazel build @envoy_api//... Signed-off-by: Harvey Tuch <htuch@google.com>
7 participants
Add Client Status Discovery Service (CSDS) API definition. This can be used by debug tools to obtain config information for specific clients from control plane.
Risk Level: Low
Testing: N/A
Docs Changes: N/A
Release Notes: N/A