Supports gRPC as a protocol (without TLS) #987
Conversation
google-prow-robot
added
the
do-not-merge/work-in-progress
|
So there's good news and bad news. 👍 The good news is that everyone that needs to sign a CLA (the pull request submitter and all commit authors) have done so. Everything is all good there. 😕 The bad news is that it appears that one or more commits were authored or co-authored by someone other than the pull request submitter. We need to confirm that all authors are ok with their commits being contributed to this project. Please have them confirm that here in the pull request. Note to project maintainer: This is a terminal state, meaning the |
google-prow-robot
added
the
size/XXL
sample/grpc-ping/README.md
Outdated
|
|
||
| 1. [Install Elafros](https://github.com/elafros/install/blob/master/README.md) | ||
| 1. Install [docker](https://www.docker.com/) | ||
| 1. Install [ko](https://github.com/google/go-containerregistry/tree/master/cmd/ko) |
There was a problem hiding this comment.
tl;dr remove either Docker or ko
My biases in sample/ lately:
- Document it with
Dockerfilein README.md (which is probably most familiar to users) - Make it work with Bazel /
kofor contributors
Does that make sense?
| @@ -256,6 +258,10 @@ spec: | |||
| # scaling to/from 0. | |||
| servingState: Active | Reserve | Retired | |||
|
|
|||
| # The protocol used for this Revision. This will define the Istio ingress spec | |||
| # and service spec required for this Revision. | |||
| protocol: grpc | http | |||
There was a problem hiding this comment.
tl;dr It feels to me like this belongs on Route not Revision.
cc @vaikas-google @evankanderson @cooperneil
I have a hard time imagining a use-case where a Route splits traffic over multiple Revisions with different protocols, which is reflected in some of the getProtocolFromTrafficTargets logic and TODOs that need to cope with the potential heterogeneity here. Let's just not allow it.
I believe the main reason this is needed on Revision in its current form is because you make use of it in ela-queue to proxy arbitrary TCP traffic. Two questions:
- Can we switch completely to
tcpproxythereby eliminating the need for the config @Revisionlevel? - How does this codepath expose auto-scaling metrics (the core purpose of
ela-queuetoday)?
I suspect we also need to change the activator in a similar manner. cc @josephburnett
There was a problem hiding this comment.
@dprotaso and I struggled with where the protocol belongs ourselves and decided to specify the protocol on the Revision and open it up for discussion.
Both the route controller and revision controller need to be aware of the protocol due to the following:
- The route controller needs to create the appropriate Istio ingress and route service with the protocol specified
- The revision controller also needs to create the revision service with the servicePort name specified as the protocol
Istio docs that explains it here
We are currently in the process of removing the need for the protocol in the ela-queue container by utilizing a h2cserver that can proxy both h2c and http traffic based on the request protocol. The reason why we couldn't use a tcp proxy was because we wouldn't be able to collect request statistics for autoscaling.
We're also in the process of changing the activator to utilize a h2c server as well.
There was a problem hiding this comment.
FYI the Envoy in the istio sidecar collects request statistics similar to the ones ela-queue collects. Using them hasn't been a high priority yet, but if the queue-proxy is a blocker that could change. It's unclear whether they can fully replace the queue proxy stats collection.
There was a problem hiding this comment.
FWIW, the Istio docs on the port naming restrictions for ingress seem to have been removed between 0.7 and 0.8. I'm not sure why earlier versions of Istio had this restriction (digging, it appears to have been copied from the pod injection docs).
|
/test pull-elafros-elafros-integration-tests |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: dprotaso Assign the PR to them by writing The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
The following is the coverage report on pkg/. Say
*TestCoverage feature is being tested, do not rely on any info here yet |
bsnchan
force-pushed
the
grpc
branch
2 times, most recently
from
8fb9a4a
to
4c039c0
Compare
|
The following is the coverage report on pkg/. Say
*TestCoverage feature is being tested, do not rely on any info here yet |
|
The following is the coverage report on pkg/. Say
*TestCoverage feature is being tested, do not rely on any info here yet |
|
The following is the coverage report on pkg/. Say
*TestCoverage feature is being tested, do not rely on any info here yet |
|
/test pull-knative-serving-integration-tests |
1 similar comment
|
/test pull-knative-serving-integration-tests |
|
The following is the coverage report on pkg/. Say
*TestCoverage feature is being tested, do not rely on any info here yet |
|
/test pull-knative-serving-unit-tests |
|
/test pull-knative-serving-integration-tests |
2 similar comments
|
/test pull-knative-serving-integration-tests |
|
/test pull-knative-serving-integration-tests |
|
The following is the coverage report on pkg/. Say
*TestCoverage feature is being tested, do not rely on any info here yet |
* The h2c server can proxy both h2c and http requests based on the request's protocol Co-authored-by: Dave Protasowski <dprotaso@gmail.com>
* We needed to create an activator service per protocol Since services cannot share a port with different protocols Co-authored-by: Dave Protasowski <dprotaso@gmail.com>
Co-authored-by: Dave Protasowski <dprotaso@gmail.com>
* When the Ingress is updated for gRPC, the service takes some time to mark the upstream as healthy
* it was only being used in the sample grpc app so we now pull in the depency via the sample app's dockerfile * also removed unused variables from cmd/queue/main.go
ignore the folders * google.golang.org/grpc is not vendored in since it is only used in the sample apps so don't attempt to build or test the sample grpc apps
* This is allows go build ./sample/... to run successfully since the grpc dependencies are not vendored in
* removes golang/protobuf from Gopkg.toml * alias h2c package as h2cutil * adds a comment for NewTransport * removes refactoring changes (will submit them as a separate pr) * updates sample app's readme to use buildtag when running client code
|
The following is the coverage report on pkg/. Say
*TestCoverage feature is being tested, do not rely on any info here yet |
|
Hey @evankanderson - is anything blocking this from getting merged? Having to rebase constantly is a bit of a pain. It would be nice to mark this as |
|
Good point -- I have two concerns with this CL (one of which you're clearly having to wrestle with):
Maybe we can break this into 2-4 items?
|
|
@evankanderson That make sense. I agree with waiting for #1228 to be completed as it would probably simplify a lot of the API/controller changes. To clarify - I can submit separate PRs for:
Would you accept the first two changes as PR's today? Or would you prefer for the Istio upgrade PR to land first? |
|
I'd be happy to review the first two PRs today. Ideally, the third PR would not involve any API surface changes. I'm comfortable committing the 4th item as a simple app even before it's working, as long as we document in the README that it is aspirational on #1047. |
|
closing |
Fixes #707, #813
Proposed Changes
TODO
Outstanding Questions