wasm/extensions: Wasm extension policy. #13526
Conversation
Signed-off-by: Harvey Tuch <htuch@google.com>
|
CC @envoyproxy/maintainers @envoyproxy/wasm-dev |
|
SG, what about foreign functions and custom Wasm contexts? Where should those live to be shared? |
What do you mean by this exactly? |
|
Wasm can be extended in downstream envoy forks. I think the modules for those downstream envoys may not run on upstream envoy. This is done via https://github.com/envoyproxy/envoy/blob/319a9a647f19036d831a75f68350c90e98bfc365/source/extensions/common/wasm/foreign.cc and https://github.com/istio/proxy/blob/master/src/envoy/extensions/wasm/context.h#L23. We can clarify later how to deal with these (needs some sort of capability declaration). |
|
@kyessenov I think we can do these ABI extensions in the main Envoy repo, but they should be self-contained and have few external dependencies. This is different to the general case of a Wasm extension to do something like Oauth. Also, ideally we are aiming for as many of these to be part of the ABI directionally, but there will always be proxy specific bits. |
|
I still don't understand what downstream forks have to do with extensions in the main repo? If a fork does something in the fork how does that matter to us? |
|
@mattklein123 The problem is the portability of extensions. FFI and custom contexts effectively extend ABI in ways that can make extensions for downstream proxies not be compatible with Envoy. |
|
I think that is the problem of downstream forks, not us. Anything that is in the "real" ABI must be upstream. |
* master: (22 commits) http: using CONNECT_ERROR for HTTP/2 (envoyproxy#13519) listener: respect address.pipe.mode (it didn't work) (envoyproxy#13493) examples: Fix more deprecations/warnings in configs (envoyproxy#13529) overload: tcp connection refusal overload action (envoyproxy#13311) tcp: towards pluggable upstreams (envoyproxy#13331) conn_pool: fixing comments (envoyproxy#13520) Prevent SEGFAULT when disabling listener (envoyproxy#13515) Convert overload manager config literals to YAML (envoyproxy#13518) Fix runtime feature variable name (envoyproxy#13533) dependencies: refactor repository location schema utils, cleanups. (envoyproxy#13452) router: fix an invalid ASSERT when encoding metadata frames in the router. (envoyproxy#13511) http2: Proactively disconnect connections flooded when resetting stream (envoyproxy#13482) ci use azp to sync filter example (envoyproxy#13501) mongo_proxy: support configurable command list for metrics (envoyproxy#13494) http local rate limit: note token bucket is shared (envoyproxy#13525) wasm/extensions: Wasm extension policy. (envoyproxy#13526) http: removing envoy.reloadable_features.http1_flood_protection (envoyproxy#13508) build: update ppc64le CI build status shield (envoyproxy#13521) dependencies: enforce dependency shepherd sign-off via RepoKitteh. (envoyproxy#13522) Add no_traffic_healthy_interval (envoyproxy#13336) ... Signed-off-by: Michael Puncel <mpuncel@squareup.com>
Signed-off-by: Harvey Tuch htuch@google.com