Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow multiplexed upstream servers to half close the stream before the downstream #34461

Merged
merged 37 commits into from
Aug 28, 2024

Merge branch 'main' into allow-upstream-half-close

d965ff6
Select commit
Loading
Failed to load commit list.
Merged

Allow multiplexed upstream servers to half close the stream before the downstream #34461

Merge branch 'main' into allow-upstream-half-close
d965ff6
Select commit
Loading
Failed to load commit list.
CI (Envoy) / Envoy/macOS succeeded Aug 26, 2024 in 1h 0m 4s

Envoy/macOS (success)

Check has finished

Details

Check run finished (success ✔️)

The check run can be viewed here:

Envoy/macOS (pr/34461/main@d965ff6)

Check started by

Request (pr/34461/main@d965ff6)

yanavlasov @yanavlasov d965ff6 #34461 merge main@bd5bec9

Allow multiplexed upstream servers to half close the stream before the downstream

Commit Message:
Allow HTTP/2 (and HTTP/3) upstream servers to half close the stream before the downstream. This enables bidirectional gRPC streams where server completes streaming before the client. Behavior of HTTP/1 or TCP proxy upstream servers is unchanged and the stream is reset if the upstream server completes response before the downstream. The stream is also reset if the upstream server responds with an error status before the downstream. This behavior is disabled by default and can be enabled by setting the envoy.reloadable_features.allow_multiplexed_upstream_half_close runtime key to true.

Change details:
Presently there are two places where the stream was reset when upstream half-closed.

  1. In the router filter's Filter::onUpstreamComplete method, which covers HTTP upstreams.
  2. In the filter manager's FilterManager::commonEncodePrefix which covers local reply's by filters and TCP upstreams.

When the envoy.reloadable_features.allow_multiplexed_upstream_half_close is enabled the router filter no longer forces reset in the Filter::onUpstreamComplete and allows fully independent half closes. To preserve existing half close behavior of HTTP/1 protocol the force reset is added in the H/1 codec's ClientConnectionImpl::onMessageCompleteBase() method.

When the envoy.reloadable_features.allow_multiplexed_upstream_half_close is enabled the filter manager closes stream after both decoder and encoder filter chain complete, except in two cases:

  1. local reply - behaves the same.
  2. error (non 1xx or 2xx) response from the server. This case is handled in the FilterManager::checkAndCloseStreamIfFullyClosed() method.

The state_.decoder_filter_chain_complete_ is added to track completion of the decoder filter chain.

To preserver behavior for TCP upstream the force reset is moved into the TcpUpstream::onUpstreamData method.

Risk Level: High (flag protected, disabled by default)
Testing: Unit Tests
Docs Changes: No
Release Notes: Yes
Platform Specific Features: N/A
Runtime guard: envoy.reloadable_features.allow_multiplexed_upstream_half_close
Fixes #30149

Environment

Request variables

Key Value
ref 1987369
sha d965ff6
pr 34461
base-sha bd5bec9
actor yanavlasov @yanavlasov
message Allow multiplexed upstream servers to half close the stream before the downstream...
started 1724682697.869396
target-branch main
trusted false
Build image

Container image/s (as used in this CI run)

Key Value
default envoyproxy/envoy-build-ubuntu:f94a38f62220a2b017878b790b6ea98a0f6c5f9c
mobile envoyproxy/envoy-build-ubuntu:mobile-f94a38f62220a2b017878b790b6ea98a0f6c5f9c
Version

Envoy version (as used in this CI run)

Key Value
major 1
minor 32
patch 0
dev true
View more details on CI (Envoy)