xds: allow "*" to indicate a wildcard subscription #16861
Conversation
Signed-off-by: Mark D. Roth <[email protected]>
docs/root/api-docs/xds_protocol.rst
Outdated
| The incremental protocol also provides a mechanism for lazy loading of resources. For details on | ||
| the incremental protocol, see :ref:`Incremental xDS <xds_protocol_delta>` below. | ||
| interested in with each request, and the server must return all resources the client has | ||
| subscribed to in each request (in LDS/CDS). This means that if the client is already subscribing |
There was a problem hiding this comment.
I think (in LDS/CDS) part makes the sentence confusing. Perhaps it's worth clarifying that in LDS/CDS there could be multiple resources in a reply, while for RDS/EDS it's always one?
There was a problem hiding this comment.
To be clear, even in RDS and EDS, it's totally valid to have multiple resources per reply; for example, if the client is subscribed to 5 EDS resources and 2 of those resources change, the server can send a response including those two resources. The thing that's special about LDS and CDS is that the server is required to send all resources that the client is subscribed to in every response, even the ones that haven't changed. So if a client is subscribed to 5 LDS resources and 2 of them change, the server must send a response that includes all 5 resources. (This is because the SotW protocol doesn't provide a way for the server to explicitly indicate to the client that a resource has been removed, so the only way to remove an LDS or CDS resource is by not including it in a response. And the removal criteria for RDS and EDS resources is even messier; see the "Deleting Resources" section below.)
Anyway, I've attempted to reword this a bit to clarify it, but I haven't changed the phraseology about the condition this is discussing, because that was already correct.
There was a problem hiding this comment.
Thanks for the rewording, I think it's much clearer now.
To be clear, even in RDS and EDS, it's totally valid to have multiple resources per reply
Hmm, not according to the implementation (rds: https://github.com/envoyproxy/envoy/blob/main/source/common/router/rds_impl.cc#L227, eds: https://github.com/envoyproxy/envoy/blob/main/source/common/upstream/eds.cc#L166): updates with more than resource will be dropped.
There was a problem hiding this comment.
I believe that Envoy currently creates a separate stream for each resource when using non-aggregated EDS, as per #2943, and the same may be true of RDS. However, this is a limitation of Envoy's implementation, not of the xDS protocol. There is no protocol-level reason why there cannot be more than one resource send per response for any resource type.
Note that when using ADS, Envoy does support multiple resources per response for EDS and RDS. But nothing about that functionality is actually tied to ADS; the exact same thing could be done in non-aggregated streams.
docs/root/api-docs/xds_protocol.rst
Outdated
| subscribed to in each request (in LDS/CDS). This means that if the client is already subscribing | ||
| to 99 resources and wants to add an additional one, it must send a request with all 100 resource | ||
| names, rather than just the one new one. And the server must then respond by sending all 100 | ||
| resources, even if the 99 that were already subscribed to have not changed (in LDS/CDS). This |
There was a problem hiding this comment.
ditto here re: (in LDS/CDS).
There was a problem hiding this comment.
Updated wording here too.
|
lgtm, other than a small nit: re LDS/CDS clarification. |
|
The wording sounds better than mine, thanks. Should the change get an entry in |
Signed-off-by: Mark D. Roth <[email protected]>
I don't think it needs one, since it's not an implementation change, just a spec change. |
|
lgtm. |
docs/root/api-docs/xds_protocol.rst
Outdated
|
|
||
| For historical reasons, if the initial request on the stream for a given resource type contains no | ||
| resource names, the server should treat that as a subscription to "*". A client may later | ||
| unsubscribe to "*", or it may later add a subscription to an additional resource name. |
There was a problem hiding this comment.
Note that we are going to break any existing setup that names a singleton resource *. Seems a bit far fetched, but technically a breaking change. If we instead used something like xds_internal://* here as a name (or something unlikely to collide), we might stand a lower chance of collision but don't feel super strong on this one.
There was a problem hiding this comment.
I think that no matter what name we pick here, collisions are possible. I'd rather keep the name short and intuitive.
| that once a stream has entered wildcard mode for a given resource type, there is no way to change | ||
| the stream out of wildcard mode; resource names specified in any subsequent request on the stream | ||
| will be ignored. | ||
| types, there is also a "wildcard" subscription, which is triggered when subscribing to the special |
There was a problem hiding this comment.
Do we cover how * and on-demand work together in a SotW request in this spec?
There was a problem hiding this comment.
Also how non-explicit * and explicit * subscriptions can be converted or used interchangeably? E.g. can I subscribe to {} but unsubscribe from *?
There was a problem hiding this comment.
This change isn't really about on-demand; it's just about how to represent a wildcard subscription as a discrete name that can coexist with other subscriptions for the same resource type on the same stream. This mechanism is a prerequisite for on-demand CDS, but it's not actually part of the same feature.
I've made some changes in the next paragraph to attempt to clarify the semantics, and I've added some examples to help illustrate.
Signed-off-by: Mark D. Roth <[email protected]>
Signed-off-by: Mark D. Roth <[email protected]>
|
The CI failure looks unrelated to this PR. Is there a way to retry it? |
|
/retest |
|
Retrying Azure Pipelines: |
| explicitly subscribed to "*". However, once the client does explicitly subscribe to a resource | ||
| name (whether it be "*" or any other name), then this legacy semantic is no longer available; at | ||
| that point, clearing the list of subscribed resources is interpretted as an unsubscription (see | ||
| :ref:`Unsubscribing From Resources<xds_protocol_unsubscribing>`) rather than as a subscription |
There was a problem hiding this comment.
there is a case this is not true:
- client subscribes A, B, C
- client unsubs A, B, C, connection broke, reconnection happens
- on reconnection, client send empty init_resource_versions and subscribes, it's treated as wildcard client now.
There was a problem hiding this comment.
If the client is no longer subscribed to any resources of a given resource type, then it will not send any request for that resource type when it reconnects, so that's not an issue.
| - Client sends a request with :ref:`resource_names_subscribe <envoy_v3_api_field_service.discovery.v3.DeltaDiscoveryRequest.resource_names_subscribe>` unset. Server interprets this as a subscription to "*". | ||
| - Client sends a request with :ref:`resource_names_subscribe <envoy_v3_api_field_service.discovery.v3.DeltaDiscoveryRequest.resource_names_subscribe>` set to "A". Server interprets this as continuing the existing subscription to "*" and adding a new subscription to "A". | ||
| - Client sends a request with :ref:`resource_names_unsubscribe <envoy_v3_api_field_service.discovery.v3.DeltaDiscoveryRequest.resource_names_unsubscribe>` set to "*". Server interprets this as unsubscribing to "*" and continuing the existing subscription to "A". | ||
| - Client sends a request with :ref:`resource_names_unsubscribe <envoy_v3_api_field_service.discovery.v3.DeltaDiscoveryRequest.resource_names_unsubscribe>` set to "A". Server interprets this as unsubscribing to "A" (i.e., the client has now unsubscribed to all resources). Although the set of subscribed resources is now empty, just as it was after the initial request, it is not interpreted as a wildcard subscription, because there has previously been a request on this stream for this resource type that set the :ref:`resource_names_subscribe <envoy_v3_api_field_service.discovery.v3.DeltaDiscoveryRequest.resource_names_subscribe>` field. |
There was a problem hiding this comment.
reconnection will make things messy here if we dont explicitly say it's wildcard or not.
Could you clarify on this more?
Consider this case:
- Client subscribes: A, *
- Server sends: A, B, C, D
- Client removes: *
- Server has update for B, C, -D, and new resource E, now does it send (update B, C, remove D) to the client or not?
Also noteworthy that reconnection for the above scenario would become tricky:
- reconnect happens, now client has A, B, C, D in the intial_resource_versions, Server will keep sending updates for A, B, C, D to the client.
There was a problem hiding this comment.
reconnection will make things messy here if we dont explicitly say it's wildcard or not.
Could you clarify on this more?
Consider this case:1. Client subscribes: A, * 2. Server sends: A, B, C, D 3. Client removes: * 4. Server has update for B, C, -D, and new resource E, now does it send (update B, C, remove D) to the client or not?
I'm not sure. I would say that either "server sends (remove B, C and D)" or "server sends (remove *)" and client takes care of dropping wildcard resources from its cache.
Also noteworthy that reconnection for the above scenario would become tricky:
1. reconnect happens, now client has A, B, C, D in the intial_resource_versions, Server will keep sending updates for A, B, C, D to the client.
I'd say that once client unsubscribes from wildcard, it should drop the wildcard resources it has, so if reconnect happens, only A should be in initial resources.
There was a problem hiding this comment.
Consider this case:
- Client subscribes: A, *
- Server sends: A, B, C, D
- Client removes: *
- Server has update for B, C, -D, and new resource E, now does it send (update B, C, remove D) to the client or not?
As per the clarification I added in #17983, the server does not need to send anything for B, C, D, or E in this case.
Also noteworthy that reconnection for the above scenario would become tricky:
- reconnect happens, now client has A, B, C, D in the intial_resource_versions, Server will keep sending updates for A, B, C, D to the client.
Once the client reconnects, it sends only A in resource_names_subscribe, so this is not an issue. Even if the other resources were somehow present in initial_resource_versions, that field does not affect the set of resources that the client is actually subscribed to.
| subscribed to is determined by the server instead of the client, so there is no mechanism | ||
| for the client to unsubscribe from resources. | ||
| subscribed to is determined by the server instead of the client, so the client cannot unsubscribe | ||
| from those resources individually; it can only unsubscribe from the wildcard as a whole. |
There was a problem hiding this comment.
could you elaborate how to effectively unsubscribe resources that are "included " in the "wildcard subscription" when the client unsubscribes "*"?
There was a problem hiding this comment.
I'd say that the client should be more or less able to track which resources are from wildcard subscription, so it should be able to drop them from its caches when unsubscribing from *.
There was a problem hiding this comment.
Yes, @krnowak is correct. The client already knows which specific non-wildcard resources it is subscribed to, so when it unsubscribes from *, it can immediately drop all other resources from its cache.
Update xDS spec to say that * indicates a wildcard subscription and the existing behavior of specifying no resource names to subscribe to is just a syntactic alias for subscribing to *. Signed-off-by: Mark D. Roth <[email protected]>
Signed-off-by: Mark D. Roth [email protected]
Commit Message: xds: allow
*to indicate a wildcard subscriptionAdditional Description: Update xDS spec to say that
*indicates a wildcard subscription and the existing behavior of specifying no resource names to subscribe to is just a syntactic alias for subscribing to*.Risk Level: Low
Testing: N/A
Docs Changes: Included in PR
Release Notes: N/A
Platform Specific Features: N/A
Alternative doc proposal for #16855. CC @krnowak