Envoy xDS metadata for `Cluster` and `LocalityLbEndpoints` resources

[muwaqar]

Description:
Currently EnvoyGateway propagates xDS metadata for Route and VirtualHost resources, but not for Cluster and LbEndpoints.

Note that the main documentation page for this feature currently says the following:

Service, ServiceImport and Backend metadata and port name are propagated to envoy cluster metadata.

This is incorrect, as evident from the code since buildXdsCluster() never sets any metadata.

The proposal in this ticket is to:

1. Route metadata be propagated to Cluster xDS.

Each *RouteRule creates a distinct xDS cluster which encapsulates upstream endpoints of its backendRefs.

Accordingly, maybe we can put the *Route metadata into the Cluster xDS?

For example:

For a HTTPRoute as:

kind: HTTPRoute
apiVersion: gateway.networking.k8s.io/v1
metadata:
  annotations:
    gateway.envoyproxy.io/foo: bar
  name: myroute
  namespace: myns
spec:
  rules:
    matches:
    - path:
        type: PathPrefix
        value: /mypath

we get:

name: httproute/myns/myroute/rule/0
type: CDS
[...]
metadata:
  filter_metadata:
    envoy-gateway:
      resources:
        - namespace: myns
          groupVersion: gateway.networking.k8s.io/v1
          kind: HTTPRoute
          annotations:
            foo: bar
          name: myroute

2. BackendReference (Service, ServiceImport, Backend) metadata be propagated to LocalityLbEndpoints xDS.

If a *RouteRule contains multiple BackendReference, each of these are modeled as separate LocalityLbEndpoints.

Accordingly, maybe we can put the BackendReference metadata into the LocalityLbEndpoints xDS?

For example:

For a HTTPRoute as:

kind: HTTPRoute
apiVersion: gateway.networking.k8s.io/v1
metadata:
  annotations:
    gateway.envoyproxy.io/foo: bar
  name: myroute
  namespace: myns
spec:
  rules:
    - backendRefs:
      - group: ""
         kind: Service
         name: svc-1
         port: 3000
       - group: ""
         kind: Service
         name: svc-2
         port: 3000  

we get:

clusterName: httproute/myns/myroute/rule/0
endpoints:
- lbEndpoints:
  - endpoint:
      address:
      [...]
  locality:
    region: httproute/myns/myroute/rule/0/backend/0
  metadata:
    filter_metadata:
      envoy-gateway:
        resources:
          - namespace: myns
            groupVersion: ""
            kind: Service
            name: svc-1
- lbEndpoints:
  - endpoint:
      address:
      [...]
  locality:
    region: httproute/myns/myroute/rule/0/backend/1
  metadata:
      filter_metadata:
        envoy-gateway:
          resources:
            - namespace: myns
              groupVersion: ""
              kind: Service
              name: svc-2

[optional Relevant Links:]

The feature is documented at https://gateway.envoyproxy.io/contributions/design/metadata/.

[arkodg]

+1, this looks good from a first glance
cc @guydc

[muwaqar]

Sorry forgot to mention the only prior tickets I see filed in this area is #4977, but I kind of don't understand it.

It says:

Service, ServiceImport and Backend metadata + port name --> Envoy Cluster metadata

But these resources do not map to the Envoy Cluster resource as far as I can tell (as explained in this ticket's description).

[illrill]

Sorry forgot to mention the only prior tickets I see filed in this area is #4977, but I kind of don't understand it.

It says:

Service, ServiceImport and Backend metadata + port name --> Envoy Cluster metadata

But these resources do not map to the Envoy Cluster resource as far as I can tell (as explained in this ticket's description).

In #4977 I just copy-pasted that text snippet from the design document itself. Based off of that, I've been under the assumption that Service/ServiceImport/Backend are mapped to Cluster, but recently learned via #5307 that's in fact not the case.

Should we close #4977 as a duplicate?

[arkodg]

@illrill updated #4977 to track Listener metadata and we can use this to track Cluster and EDS metadata

[guydc]

Overall, +1. Yes, we should use Service/ServiceImport/Backend as the source of Cluster Load Assignments, not Clusters themselves.

[github-actions]

This issue has been automatically marked as stale because it has not had activity in the last 30 days.

[guydc]

/assign