refactor DFP cluster to support STRICT_DNS (#26420)

Signed-off-by: doujiang24 <doujiang24@gmail.com> Mirrored from https://github.com/envoyproxy/envoy @ 0a41170f0eec59f284e658b689eeabe83f20a48b
2 years ago · b50075c353
parent 6900f1ec6a
commit b50075c353
3 changed files with 64 additions and 10 deletions
--- a/envoy/extensions/clusters/dynamic_forward_proxy/v3/BUILD
+++ b/envoy/extensions/clusters/dynamic_forward_proxy/v3/BUILD
@ -6,6 +6,8 @@ licenses(["notice"])  # Apache 2

 api_proto_package(
    deps = [
+        "//envoy/config/cluster/v3:pkg",
+        "//envoy/config/core/v3:pkg",
        "//envoy/extensions/common/dynamic_forward_proxy/v3:pkg",
        "@com_github_cncf_udpa//udpa/annotations:pkg",
    ],
--- a/envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.proto
+++ b/envoy/extensions/clusters/dynamic_forward_proxy/v3/cluster.proto
@ -2,8 +2,13 @@ syntax = "proto3";

 package envoy.extensions.clusters.dynamic_forward_proxy.v3;

+import "envoy/config/cluster/v3/cluster.proto";
+import "envoy/config/core/v3/address.proto";
 import "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto";

+import "google/protobuf/duration.proto";
+import "google/protobuf/wrappers.proto";
+
 import "udpa/annotations/status.proto";
 import "udpa/annotations/versioning.proto";
 import "validate/validate.proto";
@ -23,11 +28,27 @@ message ClusterConfig {
  option (udpa.annotations.versioning).previous_message_type =
      "envoy.config.cluster.dynamic_forward_proxy.v2alpha.ClusterConfig";

-  // The DNS cache configuration that the cluster will attach to. Note this configuration must
-  // match that of associated :ref:`dynamic forward proxy HTTP filter configuration
-  // <envoy_v3_api_field_extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig.dns_cache_config>`.
-  common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1
-      [(validate.rules).message = {required: true}];
+  oneof cluster_implementation_specifier {
+    // The DNS cache configuration that the cluster will attach to. Note this configuration must
+    // match that of associated :ref:`dynamic forward proxy HTTP filter configuration
+    // <envoy_v3_api_field_extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig.dns_cache_config>`.
+    common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1;
+
+    // Configuration for sub clusters, when this configuration is enabled,
+    // Envoy will create an independent sub cluster dynamically for each host:port.
+    // Most of the configuration of a sub cluster is inherited from the current cluster,
+    // i.e. health_checks, dns_resolvers and etc.
+    // And the load_assignment will be set to the only one endpoint, host:port.
+    //
+    // Compared to the dns_cache_config, it has the following advantages:
+    //
+    // 1. sub clusters will be created with the STRICT_DNS DiscoveryType,
+    //    so that Envoy will use all of the IPs resolved from the host.
+    //
+    // 2. each sub cluster is full featured cluster, with lb_policy and health check and etc enabled.
+    //
+    SubClustersConfig sub_clusters_config = 4;
+  }

  // If true allow the cluster configuration to disable the auto_sni and auto_san_validation options
  // in the :ref:`cluster's upstream_http_protocol_options
@ -54,3 +75,22 @@ message ClusterConfig {
  //
  bool allow_coalesced_connections = 3;
 }
+
+// Configuration for sub clusters. Hard code STRICT_DNS cluster type now.
+message SubClustersConfig {
+  // The :ref:`load balancer type <arch_overview_load_balancing_types>` to use
+  // when picking a host in a sub cluster. Note that CLUSTER_PROVIDED is not allowed here.
+  config.cluster.v3.Cluster.LbPolicy lb_policy = 1 [(validate.rules).enum = {defined_only: true}];
+
+  // The maximum number of sub clusters that the DFP cluster will hold. If not specified defaults to 1024.
+  google.protobuf.UInt32Value max_sub_clusters = 2 [(validate.rules).uint32 = {gt: 0}];
+
+  // The TTL for sub clusters that are unused. Sub clusters that have not been used in the configured time
+  // interval will be purged. If not specified defaults to 5m.
+  google.protobuf.Duration sub_cluster_ttl = 3 [(validate.rules).duration = {gt {}}];
+
+  // Sub clusters that should be created & warmed upon creation. This might provide a
+  // performance improvement, in the form of cache hits, for sub clusters that are going to be
+  // warmed during steady state and are known at config load time.
+  repeated config.core.v3.SocketAddress preresolve_clusters = 4;
+}
--- a/envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.proto
+++ b/envoy/extensions/filters/http/dynamic_forward_proxy/v3/dynamic_forward_proxy.proto
@ -4,6 +4,8 @@ package envoy.extensions.filters.http.dynamic_forward_proxy.v3;

 import "envoy/extensions/common/dynamic_forward_proxy/v3/dns_cache.proto";

+import "google/protobuf/duration.proto";
+
 import "udpa/annotations/status.proto";
 import "udpa/annotations/versioning.proto";
 import "validate/validate.proto";
@ -23,11 +25,16 @@ message FilterConfig {
  option (udpa.annotations.versioning).previous_message_type =
      "envoy.config.filter.http.dynamic_forward_proxy.v2alpha.FilterConfig";

-  // The DNS cache configuration that the filter will attach to. Note this configuration must
-  // match that of associated :ref:`dynamic forward proxy cluster configuration
-  // <envoy_v3_api_field_extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig.dns_cache_config>`.
-  common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1
-      [(validate.rules).message = {required: true}];
+  oneof implementation_specifier {
+    // The DNS cache configuration that the filter will attach to. Note this configuration must
+    // match that of associated :ref:`dynamic forward proxy cluster configuration
+    // <envoy_v3_api_field_extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig.dns_cache_config>`.
+    common.dynamic_forward_proxy.v3.DnsCacheConfig dns_cache_config = 1;
+
+    // The configuration that the filter will use, when the related dynamic forward proxy cluster enabled
+    // sub clusters.
+    SubClusterConfig sub_cluster_config = 3;
+  }

  // When this flag is set, the filter will add the resolved upstream address in the filter
  // state. The state should be saved with key
@ -69,3 +76,8 @@ message PerRouteConfig {
    string host_rewrite_header = 2;
  }
 }
+
+message SubClusterConfig {
+  // The timeout used for sub cluster initialization. Defaults to 5s if not set.
+  google.protobuf.Duration cluster_init_timeout = 3 [(validate.rules).duration = {gt {}}];
+}