http conn man: Introduce preserve_upstream_date option #11077
Conversation
Signed-off-by: Craig Radcliffe <craig.radcliffe@broadcom.com>
|
Looks good overall - I'll do a full review pass once you've got CI sorted out :-) |
Signed-off-by: Craig Radcliffe <craig.radcliffe@broadcom.com>
| @@ -1631,7 +1631,9 @@ void ConnectionManagerImpl::ActiveStream::encodeHeaders(ActiveStreamEncoderFilte | |||
| void ConnectionManagerImpl::ActiveStream::encodeHeadersInternal(ResponseHeaderMap& headers, | |||
| bool end_stream) { | |||
| // Base headers. | |||
| connection_manager_.config_.dateProvider().setDateHeader(headers); | |||
| if (!connection_manager_.config_.shouldPreserveUpstreamDate() || !headers.Date()) { | |||
There was a problem hiding this comment.
This PR looks great.
My only caveat is that I believe this will result in also preserving the date header when we serve out of cache.
Is your intent to do this (since at the end of the day the source of that date is upstream) or is the intent to only overwrite date headers served live from upstream (preserve date headers when they're relevant, but let cache results have an accurate up-to-date date)? I'd lean towards the latter, since I think that's a more clear interpretation of the config field, at which point I think you have to differentiate between the two.
There was a problem hiding this comment.
I think the intention here would be to use a new date for serving cached content. Otherwise, we may end up with stale response dates that might be confusing to downstream components (e.g. the client).
Is there a convention around how to determine whether a cached response is being served?
There was a problem hiding this comment.
Yeah, I was looking into that, and there's no an obvious direct check.
You can infer from the rc details being "via_upstream" but that's a string compare and icky. You can infer from the stream info upstreamHost being set, which is probably the easiest workaround.
I'd also be fine with something added to stream info to indicate the source of the reply - cache / Envoy generated / proxied from upstream. @mattklein123 any thoughts here?
There was a problem hiding this comment.
There was a problem hiding this comment.
Yeah I would think for the caching case we might want to introduce a stream info flag. This seems useful/required anyway for logging purposes in a production ready caching solution.
There was a problem hiding this comment.
I can give it a try in this PR -- the "stream info flag" in this case would be a new value in StreamInfo::ResponseFlag, right?
There was a problem hiding this comment.
Responses served from cache should have the same date header they had when they got inserted into cache. The date header is defined to represent the time the message was originated, regardless of whether the message happens to spend some time in a cache.
IOW, if I request something then request it again later, and Envoy caches the first response and later serves me that entry, then the two responses I receive should have the same date header. Caches rely on this, and will compute incorrect freshness values if date headers are wrong.
This applies whether we're talking about a response served by Envoy's CacheFilter, or a response served by a separate caching proxy upstream.
The canonical way to know that a response came from an HTTP cache is to check for the presence of an age header. If a response has an age header, it's from a cache and we shouldn't change its date header.
There was a problem hiding this comment.
Oh interesting.
That's not what's happening today. So in that case this PR LGTM, but someone should do the inverse and not set the date header if it passed through the cache filter. I'm happy to pick that up since I noticed the caching code fails to set rc details
There was a problem hiding this comment.
The date header is defined to represent the time the message was originated, regardless of whether the message happens to spend some time in a cache.
Interesting. I guess Envoy's default behavior is wrong then? In any case, I think we can address this out of the scope of this PR per other discussion.
|
Also I think this needs a master merge, sorry |
Signed-off-by: Craig Radcliffe <craig.radcliffe@broadcom.com>
Signed-off-by: Craig Radcliffe <craig.radcliffe@broadcom.com>
|
/retest |
|
🐴 hold your horses - no failures detected, yet. |
| setUpEncoderAndDecoder(false, false); | ||
| sendRequestHeadersAndData(); | ||
| preserve_upstream_date_ = false; | ||
| const auto* modifiedHeaders = sendResponseHeaders( |
There was a problem hiding this comment.
nit: s/modifiedHeaders/modified_headers here and below (I think we can get clang-tidy to check this at some point)
| @@ -897,6 +899,56 @@ TEST_F(HttpConnectionManagerImplTest, RouteShouldUseSantizedPath) { | |||
| conn_manager_->onData(fake_input, false); | |||
| } | |||
|
|
|||
| TEST_F(HttpConnectionManagerImplTest, PreseveUpstreamDateDisabledDateNotSet) { | |||
There was a problem hiding this comment.
Typo "Preseve" here and below
Signed-off-by: Craig Radcliffe <craig.radcliffe@broadcom.com>
…/preserve-response-date Signed-off-by: Craig Radcliffe <craig.radcliffe@broadcom.com>
|
/azp run envoy-presubmit |
|
Azure Pipelines successfully started running 1 pipeline(s). |
|
/azp run envoy-presubmit |
|
Azure Pipelines successfully started running 1 pipeline(s). |
This reverts commit 10c755e. Signed-off-by: Matt Klein <mklein@lyft.com>
…ard (#11132) Commit Message: http conn man: always preserve upstream date response header Additional Description: Reintroduces the change to preserve the upstream date response header (introduced in #11077, reverted in #11116 ) but removes the configuration and adds a runtime guard instead (see #11110 ) Risk Level: Low Testing: Unit testing Docs Changes: N/A Release Notes: yes Runtime guard: http_connection_manager.preserve_upstream_date Signed-off-by: Craig Radcliffe <craig.radcliffe@broadcom.com>
Signed-off-by: Craig Radcliffe craig.radcliffe@broadcom.com
Commit Message:
http conn man: Introduce preserve_upstream_date option
Additional Description:
The
preserve_upstream_dateoption allows the HTTP Connection Manager to be configured to pass through the originaldateheader from the upstream response rather than overwriting it. The default behaviour for thedateresponse header remains the same as before -- the header value will be overwritten by Envoy.Risk Level: Low
Testing:
Docs Changes: N/A
Release Notes: Unsure whether this is required for a flag that defaults to current behaviour
Fixes #11030