Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

endpoints repeated #4395

Open
ovaldi opened this issue Oct 6, 2024 · 6 comments · May be fixed by #4454
Open

endpoints repeated #4395

ovaldi opened this issue Oct 6, 2024 · 6 comments · May be fixed by #4454
Assignees
@qicz
Labels
kind/bug Something isn't working
Milestone
v1.2.0

Comments

@ovaldi
Copy link

ovaldi commented Oct 6, 2024
edited
Loading

Why endpoints repeated ?
image

EnvoyGateway: v1.1.1

Here is my backend-traffic-policy:
image
@ovaldi ovaldi added the triage label Oct 6, 2024
@arkodg
Copy link
Contributor

arkodg commented Oct 8, 2024

@ovaldi can you share a little more of the XDS IR as well as the HTTPRoute ?

@ovaldi
Copy link
Author

ovaldi commented Oct 8, 2024
edited
Loading

@ovaldi can you share a little more of the XDS IR as well as the HTTPRoute ?

helm install eg oci://docker.io/envoyproxy/gateway-helm \
  --version v1.1.1 -n <namespace> --create-namespace \
  --set deployment.replicas=3

x-http-route

image

fr-http-route

image

@arkodg
Copy link
Contributor

arkodg commented Oct 8, 2024
edited
Loading

Internally Envoy Gateway creates a unique Xds cluster per HTTPRoute per Rule . This allows the traffic being sent to the same Backend (K8s Service) to behave differently ( different xDS Cluster ) if different BackendTrafficPolicies are applied to the different HTTPRoutes or rules

@arkodg arkodg closed this as completed Oct 8, 2024
@ovaldi
Copy link
Author

ovaldi commented Oct 8, 2024
edited
Loading

Internally Envoy Gateway creates a unique Xds cluster per HTTPRoute per Rule . This allows the traffic being sent to the same Backend (K8s Service) to behave differently ( different xDS Cluster ) if different BackendTrafficPolicies are applied to the different HTTPRoutes or rules

@arkodg but there is only one rule in the HTTPRoute, is this normal?

image

@arkodg arkodg reopened this Oct 8, 2024
@arkodg
Copy link
Contributor

arkodg commented Oct 8, 2024

@ovaldi can you please share the entire config so we can reproduce it ?
I dont see the issue in https://github.com/envoyproxy/gateway/blob/main/internal/gatewayapi/testdata/backendtlspolicy-default-ns-targetrefs.out.yaml which attaches to a single backendRef

@ovaldi
Copy link
Author

ovaldi commented Oct 8, 2024
edited
Loading

@ovaldi can you please share the entire config so we can reproduce it ? I dont see the issue in https://github.com/envoyproxy/gateway/blob/main/internal/gatewayapi/testdata/backendtlspolicy-default-ns-targetrefs.out.yaml which attaches to a single backendRef

apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: eg
spec:
  gatewayClassName: eg
  listeners:
    - name: http
      protocol: HTTP
      port: 6666
---
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: SecurityPolicy
metadata:
  name: eg-cors
spec:
  targetRefs:
  - group: gateway.networking.k8s.io
    kind: Gateway
    name: eg
  cors:
    allowOrigins:
    - "*"
    allowMethods:
    - "*"
    allowHeaders:
    - "*"
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: backend
---
apiVersion: v1
kind: Service
metadata:
  name: backend
  labels:
    app: backend
    service: backend
spec:
  ports:
    - name: http
      port: 3000
      targetPort: 3000
  selector:
    app: backend
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: backend
spec:
  replicas: 3
  selector:
    matchLabels:
      app: backend
      version: v1
  template:
    metadata:
      labels:
        app: backend
        version: v1
    spec:
      serviceAccountName: backend
      containers:
        - image: gcr.io/k8s-staging-gateway-api/echo-basic:v20231214-v1.0.0-140-gf544a46e
          imagePullPolicy: IfNotPresent
          name: backend
          ports:
            - containerPort: 3000
          env:
            - name: POD_NAME
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
            - name: NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: backend-1
spec:
  parentRefs:
    - name: eg
  hostnames:
    - "*.example.com"
  rules:
    - backendRefs:
        - group: ""
          kind: Service
          name: backend
          port: 3000
          weight: 1
      matches:
        - path:
            type: PathPrefix
            value: /
          queryParams:
            - name: "z_lang"
              value: "pt"
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: backend-2
spec:
  parentRefs:
    - name: eg
  hostnames:
    - "pt-api.example.com"
  rules:
    - backendRefs:
        - group: ""
          kind: Service
          name: backend
          port: 3000
          weight: 1
      matches:
        - path:
            type: PathPrefix
            value: /

@arkodg This config will create two HTTPRoute (backend-1 & backend-2) point to same Service, and the endpoints will be repeated.

@qicz qicz linked a pull request Oct 16, 2024 that will close this issue
Open
@arkodg arkodg added this to the v1.2.0 milestone Oct 18, 2024
@arkodg arkodg added kind/bug Something isn't working and removed triage labels Oct 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@qicz qicz

Labels
kind/bug Something isn't working
Projects
None yet
Milestone
v1.2.0
Development

Successfully merging a pull request may close this issue.

bugfix: filter repeated resources and optimize memory usage. qicz/gateway
3 participants
@qicz @ovaldi @arkodg