Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proposal: TrafficPolicy #1492

Closed
arkodg opened this issue Jun 5, 2023 · 7 comments
Closed

proposal: TrafficPolicy #1492

arkodg opened this issue Jun 5, 2023 · 7 comments
Assignees
Labels
area/api API-related issues area/policy kind/decision A record of a decision made by the community. kind/enhancement New feature or request no stalebot
Milestone

Comments

@arkodg
Copy link
Contributor

arkodg commented Jun 5, 2023

Description:
Introduce a hierarchical policy attachment called TrafficPolicy that can be applied to the Gateway and HTTPRoute / xRoute resources to further configure the traffic ingressing in which can be applied either for the downstream connection or upstream connection.

kind: TrafficPolicy
spec:
  default:
    downstream:
      keepalive: .....
    upstream:
      keepalive: .....
      cors:
      loadBalancer:
      tls:
  targetRef:
    kind: Gateway
    name: example

Relates to

@arkodg arkodg added the kind/enhancement New feature or request label Jun 5, 2023
@arkodg arkodg added area/api API-related issues kind/decision A record of a decision made by the community. labels Jun 5, 2023
@arkodg
Copy link
Contributor Author

arkodg commented Jun 5, 2023

ptal @envoyproxy/gateway-maintainers

@kflynn
Copy link
Contributor

kflynn commented Jun 29, 2023

@AliceProxy and I have done some preliminary work on how Gateway API compares to the extant Emissary configuration language here, which might be relevant to this discussion.

@kflynn
Copy link
Contributor

kflynn commented Jun 29, 2023

GEP-1897 is also worth noting.

@github-actions
Copy link

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

@github-actions github-actions bot added the stale label Jul 29, 2023
@arkodg arkodg removed the stale label Jul 31, 2023
@arkodg arkodg added this to the 0.6.0-rc1 milestone Jul 31, 2023
@arkodg
Copy link
Contributor Author

arkodg commented Aug 9, 2023

in the community meeting yesterday, @AliceProxy brought up a great way to split up this API

  • A Direct DownstreamTrafficPolicy API which can be applied only to the Gateway resource and holds downstream specific information applicable for the downstream listener
  • A UpstreamTrafficPolicy API which can be applied to the Gateway resource as well as the xRoute resource.

Im a big +1 on this approach, here are some open issues that need more debate

  • how do we deal with defaults and overrides when an UpstreamTrafficPolicy is applied to a Gateway as well a HTTPRoute that is attached to the same Gateway, which policy field wins ? Making this policy type a hierarchical policy attachment should solve this issue
  • An UpstreamTrafficPolicy applied to a xRoute will get applied for all backends attached to the route. So properties such as upstreamProxyProtocol, loadBalancing, circuitBreaker, outlierDetection, retry cannot be applied to a specific backend. This issue maybe circumvented by creating multiple HTTPRoute to split up intent or even create PolicyAttachment per HTTPRoute rule which might be possible soon once Update TargetREf in Policy GEP kubernetes-sigs/gateway-api#2147 is completed

@kflynn
Copy link
Contributor

kflynn commented Aug 10, 2023

@AliceProxy and I talked about this a bit offline, and I think it makes sense as well, FTR.

This was referenced Aug 29, 2023
@github-actions github-actions bot added the stale label Sep 9, 2023
@Xunzhuo Xunzhuo changed the title Hierarchical TrafficPolicy for Gateway and xRoute proposal: TrafficPolicy Sep 22, 2023
@envoyproxy envoyproxy deleted a comment from github-actions bot Sep 22, 2023
@arkodg
Copy link
Contributor Author

arkodg commented Oct 26, 2023

closing this for now since we have the completed this epic by introducing 3 new APIs -

  • ClientTrafficPolicy
  • BackendTrafficPolicy
  • SecurityPolicy

@arkodg arkodg closed this as completed Oct 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/api API-related issues area/policy kind/decision A record of a decision made by the community. kind/enhancement New feature or request no stalebot
Projects
None yet
Development

No branches or pull requests

4 participants