API changes for refactoring Envoy DNS resolution as first class extension #17272
Conversation
…NS resolver in API definition. This configuration is to support DNS resolution as a first class Envoy extension. This API change is the first step for that task. This configuration is to replace above dns_resolution_config. By default envoy supports c-ares DNS or apple DNS resolvers. This extension can be used to configure other DNS resolver types. This configuration is optional. In case it is missing, the default behavior is in place, which means Envoy will either use c-ares DNS library or apple DNS library based on the compiling flag. When this configuration is in place, Envoy will use the configured DNS resolver carried in the extension typed_config field. In case both typed_dns_resolver_config and dns_resolution_config are configured, typed_dns_resolver_config take precedence. Testing: The code change passed bazel test. Release Notes: N/A Issues: envoyproxy#14310 Fix : N/A Signed-off-by: Yanjun Xiang <[email protected]>
Signed-off-by: Yanjun Xiang <[email protected]>
…sion. Signed-off-by: Yanjun Xiang <[email protected]>
|
/assign @htuch @yanavlasov @jmarantz @adisuissa |
…efactorying Signed-off-by: Yanjun Xiang <[email protected]>
…ges implemented Signed-off-by: Yanjun Xiang <[email protected]>
Signed-off-by: Yanjun Xiang <[email protected]>
|
/retest |
|
Retrying Azure Pipelines: |
|
@envoyproxy/api-shepherds PTAL |
| // During the transition period when both *dns_resolution_config* and *typed_dns_resolver_config* exists, | ||
| // this configuration is optional. | ||
| // When *typed_dns_resolver_config* is in place, Envoy will use it and ignore *dns_resolution_config*. | ||
| // when *typed_dns_resolver_config* is missing, the default behavior is in place. Envoy will either use |
There was a problem hiding this comment.
nit: s/when/When here and in the other places.
BTW: do you mean the default behavior will be in effect when both typed_dns_resolver_config and dns_resolution_config are missing?
There was a problem hiding this comment.
ACK. That's right.
Signed-off-by: Yanjun Xiang <[email protected]>
…efactorying Signed-off-by: Yanjun Xiang <[email protected]>
There was a problem hiding this comment.
@htuch I may not be understanding how this is to be configured.
Is the idea that there will be ifdef-controlled selection of apple DNS vs C-Ares, and then on to top of that there would be a configuration-controlled DNS option also?
I had this really naive notion that we could plumb in a dns resolver library in a fashion parallel to the way we plumb in a ThreadFactory, as a pure interface passed into MainCommon. I guess the limitation of that is that there it captures only platform-based differences in resolver type, and would not allow different resolvers to be used per cluster or per-listener, and so the proto-based config allows for that flexibility.
But I don't have as clear a picture as I would like, looking at this proto change, of how this all fits together.
Should we have a doc describing the bigger picture of how this all works?
One thing, for example, I'd like to be able to do is depending on platform, not have C-Ares linked in at all into the codebase. Is that possible with the strategy you are driving?
| // or any other DNS resolver types and the related parameters. When c-ares DNS is configured, | ||
| // :ref:'dns_resolution_config <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.dns_resolution_config>' | ||
| // will be enclosed in this *typed_dns_resolver_config*. | ||
| // This configuration is to replace the *dns_resolution_config* configuration eventually. |
There was a problem hiding this comment.
s/is to/will/
Express this as a TODO and/or an issue to track it?
| // When *typed_dns_resolver_config* is in place, Envoy will use it and ignore *dns_resolution_config*. | ||
| // When *typed_dns_resolver_config* is missing, the default behavior is in place. Envoy will either use | ||
| // c-ares DNS library or apple DNS library based on the compiling flag. | ||
| // [#not-implemented-hide:] |
There was a problem hiding this comment.
can we also track the addition of a null DNS configuration mode, where no DNS library is compiled in, and DNS resolutions all fail gracefully?
There was a problem hiding this comment.
Yes, we can support the NULL DNS configuration mode if the new typed_dns_resolver_config configuration is in place, and check it and have DNS resolutions fail gracefully.
However, in the case if this configuration is missing, IIUC there is no information for us to identify NULL DNS configuration mode, then, the existing logic (#ifdef) will be executed.
BTW, to make this change backward compatible, this new typed configuration is an optional field for now.
Signed-off-by: Yanjun Xiang <[email protected]>
Signed-off-by: Yanjun Xiang <[email protected]>
|
/retest |
|
Retrying Azure Pipelines: |
|
@jmarantz why should DNS be any different than any other extension point? I was envisaging just using static linking/registration, the same way we do with network/HTTP filters, cluster types, transport sockets etc. This is likely flexible enough for everything we need and matches Envoys extensibility model. You can, at build time, decide to use c-ares or Apple DNS resolvers and link or don't link. We should eliminate all |
| core.v3.DnsResolutionConfig dns_resolution_config = 30; | ||
|
|
||
| // DNS resolver type configuration extension. This extension can be used to configure c-ares, apple, | ||
| // or any other DNS resolver types and the related parameters. When c-ares DNS is configured, | ||
| // :ref:'dns_resolution_config <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.dns_resolution_config>' |
There was a problem hiding this comment.
This should be <envoy_api_field_core.DnsResultionConfig> instead of <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.dns_resolution_config>
The same issue is in the other proto files.
There was a problem hiding this comment.
Yeah, that's right. Thanks!
I did some research and found the complete syntax is: :ref:DnsResolutionConfig <envoy_v3_api_msg_config.core.v3.DnsResolutionConfig> and made the change.
Please let me know whether this look good.
Signed-off-by: Yanjun Xiang <[email protected]>
Signed-off-by: Yanjun Xiang <[email protected]>
…sion (envoyproxy#17272) Adding a core.v3.TypedExtensionConfig typed_dns_resolver_config for DNS resolver in API definition. This configuration is to support DNS resolution as a first class Envoy extension. This API change is the first step for that task. This configuration is to replace above dns_resolution_config. By default envoy supports c-ares DNS or apple DNS resolvers. This extension can be used to configure other DNS resolver types. This configuration is optional. In case it is missing, the default behavior is in place, which means Envoy will either use c-ares DNS library or apple DNS library based on the compiling flag. When this configuration is in place, Envoy will use the configured DNS resolver carried in the extension typed_config field. In case both typed_dns_resolver_config and dns_resolution_config are configured, typed_dns_resolver_config take precedence. Signed-off-by: Yanjun Xiang <[email protected]>
Problem description:
This is the API changes for refactoring Envoy DNS resolution as first class extension for issue: #14310.
Solution:
This PR added a new DNS resolver type configuration extension in a couple of proto files.
This extension can be used to configure c-ares, apple, or any other DNS resolver types and the related parameters.
When c-ares DNS is configured, :ref:'dns_resolution_config <envoy_v3_api_field_config.bootstrap.v3.Bootstrap.dns_resolution_config>' will be enclosed in this typed_dns_resolver_config. This configuration is to replace the dns_resolution_config configuration eventually.
During the transition period when both dns_resolution_config and typed_dns_resolver_config exists, this configuration is optional. When typed_dns_resolver_config is in place, Envoy will use it and ignore dns_resolution_config. when typed_dns_resolver_config is missing, the default behavior is in place. Envoy will either use c-ares DNS library or apple DNS library based on the compiling flag.
This is the first step towards the fixing of the issue #14310: DNS resolver as an extension point. The follow up work is planned.
Testing:
The code change passed bazel test.
Release Notes:
N/A
Issues: DNS resolver as an extension point #14310
Fix #14310
Commit Message:
Additional Description:
Risk Level:
Testing:
Docs Changes:
Release Notes:
Platform Specific Features:
[Optional Runtime guard:]
[Optional Fixes #Issue]
[Optional Deprecated:]
[Optional API Considerations:]