-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
extension: Add stateful session extension #18207
Conversation
Signed-off-by: wbpcode <wbphub@live.com>
Signed-off-by: wbpcode <wbphub@live.com>
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to |
Some problems to be solved: 🤔 Should this new API route level or filter level ? In the current implementation, the new API is at the filter level, which is part of the router filter API. But should it be part of the route? 🤔 I added a new extension to support different types of session state, and provide cookie based session state as a basic implementation, which requires the support of maintainer. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for taking this on.
I wonder if we'd be better off putting most of the stateful session implementation in an http filter? Certainly the cookie lookup and generation could be done there. We'd need a way for the session filter to pass an OverrideHost
(or equivalent) to the LoadBalancerContext
implementation in the router filter. We already have FilterState
and dynamic metadata available in StreamInfo
or we could introduce a method in Stream[Encoder]FilterCallbacks
.
The advantage to using a separate filter would be to reuse the existing implementation of the route's typed_per_filter_config
to allow stateful sessions to be enabled/disabled per route (and perhaps even to allow more advanced config difference across routes, like altering the allowed health or even the cookie name).
@snowp do you have any opinions on this?
(I added some grammar-related review comments below, but those are absolutely lower priority than this discussion. I just didn't want to lose track of them.)
api/envoy/extensions/http/stateful_session/cookie/v3/cookie.proto
Outdated
Show resolved
Hide resolved
api/envoy/extensions/http/stateful_session/cookie/v3/cookie.proto
Outdated
Show resolved
Hide resolved
api/envoy/extensions/http/stateful_session/cookie/v3/cookie.proto
Outdated
Show resolved
Hide resolved
api/envoy/extensions/http/stateful_session/cookie/v3/cookie.proto
Outdated
Show resolved
Hide resolved
Sounds great. |
+1 from me if we can easily implement this as a filter + FS, I think that would make it easier to use this feature in various creative ways vs it being specifically for stateful load balancing |
Yes, based on this function, we can do more hacks on load balancing. If we hope that |
update comments Co-authored-by: Stephan Zuercher <zuercher@gmail.com> Signed-off-by: wbpcode <wbphub@live.com>
9a9b387
to
a084c5d
Compare
Signed-off-by: wbpcode <wbphub@live.com>
@zuercher Hi, I completed the refactoring of this PR. Now, I use a http filter to implement |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall I think this looks pretty good. I took a first pass of comments below.
Unortunately, I don't have the bandwidth to take on maintainer-ship of this feature.
api/envoy/extensions/filters/http/stateful_session/v3/stateful_session.proto
Outdated
Show resolved
Hide resolved
api/envoy/extensions/filters/http/stateful_session/v3/stateful_session.proto
Show resolved
Hide resolved
api/envoy/extensions/filters/http/stateful_session/v3/stateful_session.proto
Outdated
Show resolved
Hide resolved
api/envoy/extensions/filters/http/stateful_session/v3/stateful_session.proto
Outdated
Show resolved
Hide resolved
api/envoy/extensions/filters/http/stateful_session/v3/stateful_session.proto
Outdated
Show resolved
Hide resolved
api/envoy/extensions/http/stateful_session/cookie/v3/cookie.proto
Outdated
Show resolved
Hide resolved
@zuercher Thanks for your detailed code review 🌹 . I will find a maintainer to help me sponsor this feature. |
@wbpcode any progress here on finding an appropriate maintainer sponsor? Wondering if we should close this out or move forward with review. |
There is currently no clear progress. May be we can close this temporarily. If there is result later, I will reopen this PR. I still want to land this feature eventually. |
@dio Thanks, dio, thanks 🌷. I will update this PR this Friday. |
Signed-off-by: wbpcode <wbphub@live.com>
Signed-off-by: wbpcode <wbphub@live.com>
@zuercher since you've already been looking at this, assigning your way for senior maintainer approval/merge. Thanks. |
docs/root/configuration/http/http_filters/stateful_session_filter.rst
Outdated
Show resolved
Hide resolved
docs/root/configuration/http/http_filters/stateful_session_filter.rst
Outdated
Show resolved
Hide resolved
docs/root/configuration/http/http_filters/stateful_session_filter.rst
Outdated
Show resolved
Hide resolved
docs/root/configuration/http/http_filters/stateful_session_filter.rst
Outdated
Show resolved
Hide resolved
docs/root/configuration/http/http_filters/stateful_session_filter.rst
Outdated
Show resolved
Hide resolved
docs/root/configuration/http/http_filters/stateful_session_filter.rst
Outdated
Show resolved
Hide resolved
@@ -0,0 +1,80 @@ | |||
.. _config_http_filters_stateful_session: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if we should include a note in this documentation that this type of sticky session is an anti-pattern and that operators should avoid using this feature when possible?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this function is not that special, and there are similar functions among other proxies. But I can add a note to let users use this feature with caution.
Similar function in other proxy: https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#enabling-session-persistence
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's add it. Something like:
.. note::
Stateful sessions can result in imbalanced load across upstreams and allow external actors to direct requests to
specific upstream hosts. Operators should carefully consider the security and reliability implications of stateful
sessions before enabling this feature.
Thanks for your detailed review. @zuercher |
Signed-off-by: wbpcode <wbphub@live.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks. I think the code is good -- just some details to finish off.
CODEOWNERS
Outdated
@@ -195,6 +197,8 @@ extensions/filters/http/oauth2 @rgs1 @derekargueta @snowp | |||
/*/extensions/matching/input_matchers/ip @aguinet @snowp | |||
# Key Value store | |||
/*/extensions/key_value @alyssawilk @ryantheoptimist | |||
# Stateful session | |||
/*/extensions/http/stateful_session/cookie @wbpcode @dio @zuercher |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, this one as well.
/*/extensions/http/stateful_session/cookie @wbpcode @dio @zuercher | |
/*/extensions/http/stateful_session/cookie @wbpcode @dio |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry, it's my negligence.
@@ -0,0 +1,80 @@ | |||
.. _config_http_filters_stateful_session: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's add it. Something like:
.. note::
Stateful sessions can result in imbalanced load across upstreams and allow external actors to direct requests to
specific upstream hosts. Operators should carefully consider the security and reliability implications of stateful
sessions before enabling this feature.
Signed-off-by: wbpcode <wbphub@live.com>
@dio can you look at what's changed since your approval and if you're happy, go ahead and merge. |
Hi, @dio , can you take a look again when you have free time? Thanks. 🌷 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Introduce a new stateful session extension. This is a change after envoyproxy#17848 envoyproxy#17290. In envoyproxy#17290, we added a new cross-priority host map for fast host searching. In envoyproxy#17848, we extend `LoadBalancerContext` interface to provide an override host and to select the upstream host by the override host. Finally, in this change, we expand a new API to allow users to extract the state of the session from the request and change the result of load balancing by setting the override host value. Related doc: https://docs.google.com/document/d/1IU4b76AgOXijNa4sew1gfBfSiOMbZNiEt5Dhis8QpYg/edit?usp=sharing. Risk Level: Medium Testing: Added Docs Changes: Added Release Notes: Added Platform-Specific Features: N/A. Signed-off-by: wbpcode <wbphub@live.com> Signed-off-by: Josh Perry <josh.perry@mx.com>
Stateful session will try to parse upstream address from downstream request directly and override the result of load balancing algorithm by the LoadBalancerContext::overrideHostToSelect API. To avoid the load balancer selecting hosts that in unexpected statuses, specifying some expected statuses are necessary. In the previous design, we will provide expected statuses of override host by the LoadBalancerContext::overrideHostToSelect API. And in the PR #18207, after some discussion with @htuch, we found may be cluster-level config may be more reasonable design and implementation. Ref some more details: #18207 (comment) So this PR try to close previous discussion in the #18207: Refactoring LoadBalancerContext::overrideHostToSelect API to remove expected statuses for the return value. Add new common lb config override_host_status and related implementation. Risk Level: Mid. Testing: N/A. Docs Changes: N/A. Release Notes: N/A. Platform Specific Features: N/A. @wbpcode Signed-off-by: wbpcode <wbphub@live.com>
…roxy#19665) Stateful session will try to parse upstream address from downstream request directly and override the result of load balancing algorithm by the LoadBalancerContext::overrideHostToSelect API. To avoid the load balancer selecting hosts that in unexpected statuses, specifying some expected statuses are necessary. In the previous design, we will provide expected statuses of override host by the LoadBalancerContext::overrideHostToSelect API. And in the PR envoyproxy#18207, after some discussion with @htuch, we found may be cluster-level config may be more reasonable design and implementation. Ref some more details: envoyproxy#18207 (comment) So this PR try to close previous discussion in the envoyproxy#18207: Refactoring LoadBalancerContext::overrideHostToSelect API to remove expected statuses for the return value. Add new common lb config override_host_status and related implementation. Risk Level: Mid. Testing: N/A. Docs Changes: N/A. Release Notes: N/A. Platform Specific Features: N/A. @wbpcode Signed-off-by: wbpcode <wbphub@live.com> Signed-off-by: kuochunghsu <kuochunghsu@pinterest.com>
Commit Message: "extension: new extensions for stateful session sticky"
Additional Description:
PR after #17848 ##17290.
In the #17290, we added new cross priority host map for fast host searching.
In the #17848, we extend
LoadBalancerContext
interface to provide override host and select upstream host by the override host.Finally, in this PR, we expanded a new API to allow users to extract the state of the session from the request, and change the result of load balancing by setting the override host value.
Related doc: https://docs.google.com/document/d/1IU4b76AgOXijNa4sew1gfBfSiOMbZNiEt5Dhis8QpYg/edit?usp=sharing
Risk Level: Mid.
Testing: Added.
Docs Changes: Waiting.
Release Notes: Waiting.
Platform Specific Features: N/A.