Several suggestions on the release version available for production #862
Description
Several suggestions for reaching the release version available for production.
I forked the envoy gateway project one month ago and successfully put it into production. But there are many problems。
1、Data efficiency:Optimize data synchronization efficiency, reconstruct the code of provider/kubernetes, match different processing logic for different k8s resources, and use different informers and queues to subscribe to data
2、Support Eds:In the past, most of the ingress/gateway projects support direct connection to endpoints. Using service as lbEndpoint will increase 1-hop NAT request and will be limited to the number of five tuple ports And cannot setting the weight of special endpoints
3、Data validation:When the data structure of httproute is translator to the data structure of xds, the pushed data will be rejected by the envoy if necessary checks are not made. There are many existing validate, unique validate, route weights validate, which require to do a lot of work
4、Transmission queue:The watchablemap currently used by the eg project is a map structure, which determines that val will be overwritten and data will be out of order. The data synchronization process generally requires FIFO
5、Common capabilities:Websocket, retry, and timeout are commonly used functions of the http gateway and need to be implemented quickly, I use the route configuration yaml fragment as annotation,It is recommended to use the simplest way
6、Ingress compatibility: There are a large number of data using the ingress API in production, and translation compatibility is required to achieve smooth replacement
7、Envoy Deployment: Allow User modify the yaml of envoy deployment, including replicas, scheduling rules, labels, etc... Optional generate service load balancer
8、 XDS Incremental update: In the case of very much data, it is very slow to generate a full amount of data each time and submit it to XDS. XDS requires an incremental update of data. For example, the change push of endpoints will be fast
9、XDS SSL: The eg uses a self signed SSL certificate, but does not provide an upgrade method. By default, it only expires in one year. The best way is to let users customize the expiration time
10、IR Data: The translation of intermediate fields will result in the loss of a large number of XDS useful configurations. It is recommended to give up
My simple datapath:
HTTPRoute deps serivce、endpoints、geteway Has Synced
- informer-> gateway watch-> addListenerIndex
- informer-> service watch-> addServiceIndex
- informer-> endpoints watch-> notifyEDS -> XDS Incremental update
- informer-> HTTPRoute watch-> notifyCDS、notifyRDS、notifyEDS -> queue.length == 0 notifyLDS -> XDS
- informer-> Ingress watch-> translator -> create/patch HTTPRoute