feat(translator): implement connection limit#2952
Merged
zhaohuabing merged 21 commits intoenvoyproxy:mainfrom Mar 26, 2024
Merged
feat(translator): implement connection limit#2952zhaohuabing merged 21 commits intoenvoyproxy:mainfrom
zhaohuabing merged 21 commits intoenvoyproxy:mainfrom
Conversation
Signed-off-by: Guy Daich <guy.daich@sap.com>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #2952 +/- ##
==========================================
- Coverage 64.62% 64.55% -0.07%
==========================================
Files 121 121
Lines 21135 21235 +100
==========================================
+ Hits 13658 13709 +51
- Misses 6627 6672 +45
- Partials 850 854 +4 ☔ View full report in Codecov by Sentry. |
Signed-off-by: Guy Daich <guy.daich@sap.com>
Signed-off-by: Guy Daich <guy.daich@sap.com>
Signed-off-by: Guy Daich <guy.daich@sap.com>
Contributor
Author
|
/retest |
Signed-off-by: Guy Daich <guy.daich@sap.com>
Contributor
Author
|
/retest |
1 similar comment
Contributor
Author
|
/retest |
Signed-off-by: Guy Daich <guy.daich@sap.com>
Signed-off-by: Guy Daich <guy.daich@sap.com>
arkodg
reviewed
Mar 18, 2024
| irConnection := &ir.Connection{} | ||
|
|
||
| if connection.Limit != nil { | ||
| hasLimit := false |
Contributor
There was a problem hiding this comment.
so hasLimit is being used to make sure at least one of the sub fields is set ?
isn't this check already happening in CEL ?
Signed-off-by: Guy Daich <guy.daich@sap.com>
Signed-off-by: Guy Daich <guy.daich@sap.com>
Signed-off-by: Guy Daich <guy.daich@sap.com>
Signed-off-by: Guy Daich <guy.daich@sap.com>
Contributor
Author
|
/retest |
arkodg
reviewed
Mar 19, 2024
| // +optional | ||
| // +kubebuilder:validation:Minimum=0 | ||
| Value *int64 `json:"value,omitempty"` | ||
| Value int64 `json:"value,omitempty"` |
Contributor
There was a problem hiding this comment.
is there a default envoy uses here ?
there maybe a valid use case here where the user wants to use the default here (not set it) and set CloseDelay instead (where the default isn't good enough)
Contributor
Author
There was a problem hiding this comment.
No default is mentioned in the docs. It looks like the filter constructor requires a value to be provided: https://github.com/envoyproxy/envoy/blob/e4bd0e6f70749a50dd122d5d7006e8913bb9e84c/source/extensions/filters/network/connection_limit/connection_limit.cc#L17C24-L17C53 by the filter config. So, I think that it's legitimate to require a value if the user decides to opt-in for this feature.
Contributor
There was a problem hiding this comment.
Do you think EG should set a default here ?
Member
There was a problem hiding this comment.
I'd vote to leave it to users to decide what this value should be.
It might be difficult to choose a default value for max connections because it depends on things we don't know before deploying EG in production: the scale of clients, the spec of the machine the EG is running on, etc.
Contributor
Author
There was a problem hiding this comment.
+1 to huabing's position. When we support instance (overload manager) and/or listener connection limits with defaults (e.g. 50k), we can validate that this limit is not higher than those limits, which will create an effective "range" for users to choose from.
Contributor
Author
|
/retest |
Contributor
Author
|
/retest |
1 similar comment
Contributor
Author
|
/retest |
Signed-off-by: Guy Daich <guy.daich@sap.com>
Contributor
Author
|
renamed the container to "connectionLimit" based on discussion here: #2805 (comment) |
zirain
reviewed
Mar 25, 2024
| @@ -9,20 +9,19 @@ import gwapiv1 "sigs.k8s.io/gateway-api/apis/v1" | |||
|
|
|||
| // Connection allows users to configure connection-level settings | |||
| type Connection struct { | |||
Member
There was a problem hiding this comment.
will this be a little odd?
connection:
connectionLimit:
Member
|
/retest |
This was referenced Mar 26, 2024
yaelSchechter
pushed a commit
to yaelSchechter/envoy-gateway
that referenced
this pull request
Mar 28, 2024
* implement connection limit Signed-off-by: Guy Daich <guy.daich@sap.com> * fix lint Signed-off-by: Guy Daich <guy.daich@sap.com> * fix lint 2 Signed-off-by: Guy Daich <guy.daich@sap.com> * fix ir, coverage Signed-off-by: Guy Daich <guy.daich@sap.com> * fix lint 3 Signed-off-by: Guy Daich <guy.daich@sap.com> * open more connection in e2e Signed-off-by: Guy Daich <guy.daich@sap.com> * fix error type Signed-off-by: Guy Daich <guy.daich@sap.com> * add additional connections Signed-off-by: Guy Daich <guy.daich@sap.com> * make limit value required Signed-off-by: Guy Daich <guy.daich@sap.com> * add error-flow unit test Signed-off-by: Guy Daich <guy.daich@sap.com> * fix lint 4 Signed-off-by: Guy Daich <guy.daich@sap.com> * assert policy accepted in test Signed-off-by: Guy Daich <guy.daich@sap.com> * rename limit => connectionLimit Signed-off-by: Guy Daich <guy.daich@sap.com> --------- Signed-off-by: Guy Daich <guy.daich@sap.com> Co-authored-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com>
arkodg
added a commit
that referenced
this pull request
Mar 28, 2024
* build(deps): bump github.com/prometheus/common from 0.50.0 to 0.51.1 (#3010) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.50.0 to 0.51.1. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.50.0...v0.51.1) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * docs: fix squash link (#3013) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * api: support IdleTimeout in clientTrafficPolicy Signed-off-by: Yael Shechter <yael.shechter@sap.com> * build(deps): bump fortio.org/fortio from 1.63.4 to 1.63.5 (#3011) Bumps [fortio.org/fortio](https://github.com/fortio/fortio) from 1.63.4 to 1.63.5. - [Release notes](https://github.com/fortio/fortio/releases) - [Commits](fortio/fortio@v1.63.4...v1.63.5) --- updated-dependencies: - dependency-name: fortio.org/fortio dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * ci: trigger docs action (#3017) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * ci: fix cherrypick permission (#2985) Signed-off-by: zirain <zirain2009@gmail.com> Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * fix: set path prefix for http ext auth service (#3018) Signed-off-by: huabing zhao <zhaohuabing@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * feat: add Chinese language support for doc site (#2532) * Add Chinese support for doc site Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Add zh i18n for menus Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Add zh content placeholders Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Fix about zh page Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Apply suggestions from code review Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * docs: `%s/Application/API/g` (#2929) Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * remove old version for zh content Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Update the latest version link Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Fix default content dir Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Translate landing page and fix broken link Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Fix broken link Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> * Add a contribution page Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> --------- Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com> Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com> Co-authored-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * feat(translator): implement connection limit (#2952) * implement connection limit Signed-off-by: Guy Daich <guy.daich@sap.com> * fix lint Signed-off-by: Guy Daich <guy.daich@sap.com> * fix lint 2 Signed-off-by: Guy Daich <guy.daich@sap.com> * fix ir, coverage Signed-off-by: Guy Daich <guy.daich@sap.com> * fix lint 3 Signed-off-by: Guy Daich <guy.daich@sap.com> * open more connection in e2e Signed-off-by: Guy Daich <guy.daich@sap.com> * fix error type Signed-off-by: Guy Daich <guy.daich@sap.com> * add additional connections Signed-off-by: Guy Daich <guy.daich@sap.com> * make limit value required Signed-off-by: Guy Daich <guy.daich@sap.com> * add error-flow unit test Signed-off-by: Guy Daich <guy.daich@sap.com> * fix lint 4 Signed-off-by: Guy Daich <guy.daich@sap.com> * assert policy accepted in test Signed-off-by: Guy Daich <guy.daich@sap.com> * rename limit => connectionLimit Signed-off-by: Guy Daich <guy.daich@sap.com> --------- Signed-off-by: Guy Daich <guy.daich@sap.com> Co-authored-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * docs: remove 0.1.0 from linkinator ignore list (#3015) Signed-off-by: yuluo <karashouk.pan@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * disable connection limit test (#3025) Signed-off-by: huabing zhao <zhaohuabing@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * fix: use correct connection limit attribute name in e2e, docs (#3028) fix attribute name Signed-off-by: Guy Daich <guy.daich@sap.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * docs: document patches in envoy proxy (#3027) * docs: document patches in envoy proxy Signed-off-by: Yael Shechter <yael.shechter@sap.com> * fix linting issue Signed-off-by: Yael Shechter <yael.shechter@sap.com> * fix pr comment Signed-off-by: Yael Shechter <yael.shechter@sap.com> --------- Signed-off-by: Yael Shechter <yael.shechter@sap.com> * feat(policy): Adding BTP support for UDP/TCPRoute (#3004) * Adding BTP support for UDP/TCP Routes Signed-off-by: Alexander Volchok <alex.volchok@sap.com> * fixining lint Signed-off-by: Alexander Volchok <alex.volchok@sap.com> * fix IdleTime check Signed-off-by: Alexander Volchok <alex.volchok@sap.com> * adding missing generates Signed-off-by: Alexander Volchok <alex.volchok@sap.com> * fixing code review comments Signed-off-by: Alexander Volchok <alex.volchok@sap.com> * incresing code coverage Signed-off-by: Alexander Volchok <alex.volchok@sap.com> --------- Signed-off-by: Alexander Volchok <alex.volchok@sap.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * fix: add missing http filters to the http filter chain (#2970) * fix: add missing http filters to the http filter chain Signed-off-by: huabing zhao <zhaohuabing@gmail.com> * refactor Signed-off-by: huabing zhao <zhaohuabing@gmail.com> * fix lint Signed-off-by: huabing zhao <zhaohuabing@gmail.com> * add comments Signed-off-by: huabing zhao <zhaohuabing@gmail.com> * remove refactor Signed-off-by: huabing zhao <zhaohuabing@gmail.com> * remove refactor Signed-off-by: huabing zhao <zhaohuabing@gmail.com> * fix gen Signed-off-by: huabing zhao <zhaohuabing@gmail.com> * fix lint Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> --------- Signed-off-by: huabing zhao <zhaohuabing@gmail.com> Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * fix pr comment Signed-off-by: Yael Shechter <yael.shechter@sap.com> * ci: grant pull-requests permission to cherrypick action (#3039) Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * Update ADOPTERS.md for Airspace Link (#3045) Signed-off-by: Fabrice Aneche <akhenakh@users.noreply.github.com> Co-authored-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * feat: added option to specify resources on the OIDC security policy (#3030) added option to specify resources on the OIDC filter Signed-off-by: jaynis <kranz.jannis@googlemail.com> Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> * run make commands Signed-off-by: Yael Shechter <yael.shechter@sap.com> * fix: allow websockets in url rewrite (#3022) allow websockets in url rewrite Signed-off-by: Jesse Haka <haka.jesse@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Yael Shechter <yael.shechter@sap.com> Signed-off-by: zirain <zirain2009@gmail.com> Signed-off-by: huabing zhao <zhaohuabing@gmail.com> Signed-off-by: Wilson Wu <iwilsonwu@gmail.com> Signed-off-by: Guy Daich <guy.daich@sap.com> Signed-off-by: yuluo <karashouk.pan@gmail.com> Signed-off-by: Alexander Volchok <alex.volchok@sap.com> Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com> Signed-off-by: Fabrice Aneche <akhenakh@users.noreply.github.com> Signed-off-by: jaynis <kranz.jannis@googlemail.com> Signed-off-by: Jesse Haka <haka.jesse@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Huabing Zhao <zhaohuabing@gmail.com> Co-authored-by: zirain <zirain2009@gmail.com> Co-authored-by: Wilson Wu <iwilsonwu@gmail.com> Co-authored-by: Arko Dasgupta <arkodg@users.noreply.github.com> Co-authored-by: Guy Daich <guy.daich@sap.com> Co-authored-by: YuLuo <karashouk.pan@gmail.com> Co-authored-by: Alex Volchok <alex.volchok@sap.com> Co-authored-by: Fabrice Aneche <akhenakh@users.noreply.github.com> Co-authored-by: jaynis <kranz.jannis@googlemail.com> Co-authored-by: Jesse Haka <haka.jesse@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #2685