Skip to content

api: add BackendConfigPolicy api for configuring envoy clusters #11214

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 33 commits into from
May 27, 2025
Merged

api: add BackendConfigPolicy api for configuring envoy clusters #11214

merged 33 commits into from
May 27, 2025

Conversation

puertomontt
Copy link
Contributor

@puertomontt puertomontt commented May 14, 2025
edited
Loading

Description

Introduce BackendConfigPolicy api to allow configuring envoy clusters. This PR ports the connection config from gloo. This is part of the "policy parity" effort, to have same functionality as Gloo apis.

#11167
#11203

Change Type

/kind new_feature

Changelog

Introduce BackendConfigPolicy api to allow configuring envoy clusters.

Additional Notes

@github-actions github-actions bot added do-not-merge/kind-invalid Indicates a PR lacks a `kind/foo` label and requires one. do-not-merge/release-note-invalid Indicates that a PR should not merge because it's missing one of the release note labels. labels May 20, 2025
@puertomontt puertomontt added kind/feature Categorizes issue or PR as related to a new feature. and removed kind/feature Categorizes issue or PR as related to a new feature. labels May 20, 2025
@puertomontt puertomontt changed the title Backendconfig api: add BackendConfigPolicy api for configuring envoy clusters May 20, 2025
@github-actions github-actions bot added release-note and removed do-not-merge/release-note-invalid Indicates that a PR should not merge because it's missing one of the release note labels. labels May 20, 2025
@puertomontt puertomontt marked this pull request as ready for review May 20, 2025 21:43
@Copilot Copilot AI review requested due to automatic review settings May 20, 2025 21:43
@puertomontt puertomontt added kind/feature Categorizes issue or PR as related to a new feature. and removed do-not-merge/kind-invalid Indicates a PR lacks a `kind/foo` label and requires one. labels May 20, 2025
Copilot
Copilot AI reviewed May 20, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Introduce the BackendConfigPolicy API to allow configuring Envoy clusters by porting Gloo’s connection config.

  • Extend clientset, CRDs, RBAC, and applyconfiguration to support BackendConfigPolicy resources.
  • Add sample testdata, translation logic, and plugin implementation for Envoy cluster generation.
  • Include unit tests for translation and header-format handling.

Reviewed Changes

Copilot reviewed 25 out of 25 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
pkg/client/clientset/versioned/typed/api/v1alpha1/api_client.go Add BackendConfigPolicies getter to clientset
internal/kgateway/wellknown/kgw.go Register GVK/GVR for BackendConfigPolicy
internal/kgateway/setup/testdata/standard/backendconfigpolicy.yaml Add sample BackendConfigPolicy input YAML
internal/kgateway/setup/testdata/standard/backendconfigpolicy-out.yaml Expected Envoy config output for policy
internal/kgateway/extensions2/registry/registry.go Register BackendConfigPolicy plugin
internal/kgateway/extensions2/plugins/backendconfigpolicy/plugin.go Implement policy translation and processing
internal/kgateway/extensions2/plugins/backendconfigpolicy/plugin_test.go Add unit tests for BackendConfigPolicy plugin
install/helm/kgateway/templates/role.yaml Update RBAC rules for BackendConfigPolicy
install/helm/kgateway-crds/templates/gateway.kgateway.dev_backendconfigpolicies.yaml Add CRD for BackendConfigPolicy
api/v1alpha1/zz_generated.register.go Register BackendConfigPolicy types
api/v1alpha1/zz_generated.deepcopy.go Autogen deepcopy funcs for BackendConfigPolicy
api/v1alpha1/backend_config_policy_types.go Define BackendConfigPolicy spec and status types
api/applyconfiguration/utils.go Support applyconfiguration for BackendConfigPolicy and related types
Comments suppressed due to low confidence (1)

internal/kgateway/extensions2/plugins/backendconfigpolicy/plugin_test.go:44

  • Consider adding a test case for the DropHeadersWithUnderscores action in CommonHttpProtocolOptions to verify it maps to HttpProtocolOptions_DROP_HEADER correctly.
HeadersWithUnderscoresAction: ptr.To(v1alpha1.AllowHeadersWithUnderscores),

@puertomontt
fmt
859c48f 
Signed-off-by: omar <[email protected]>
@lgadban lgadban linked an issue May 22, 2025 that may be closed by this pull request
Implement connection policy #11167
Closed
lgadban
lgadban reviewed May 22, 2025
View reviewed changes
Copy link
Contributor

@lgadban lgadban left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just a few nits but overall this looks really solid!

did you do any manual testing?
I don't think these types of config options warrant an e2e test but would be good to know that functional behavior was confirmed with a running envoy

@puertomontt
Copy link
Contributor Author

@lgadban I did some manual testing to ensure envoy picks up the config

image

@yuval-k yuval-k self-assigned this May 22, 2025
yuval-k
yuval-k reviewed May 22, 2025
View reviewed changes
yuval-k
yuval-k reviewed May 22, 2025
View reviewed changes
yuval-k
yuval-k reviewed May 22, 2025
View reviewed changes
lgadban
lgadban reviewed May 23, 2025
View reviewed changes
@lgadban
Copy link
Contributor

lgadban commented May 27, 2025

all the e2e tests are failing for some reason, might need to merge latest main?

lgadban
lgadban approved these changes May 27, 2025
View reviewed changes
Copy link
Contributor

@lgadban lgadban left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Looking at this with fresh eyes, I think we should add a happy path e2e test.
Maybe we can tackle this in the follow-up work for targetSelector support or when adding additional config to this API?

@lgadban lgadban added this pull request to the merge queue May 27, 2025
Merged via the queue into kgateway-dev:main with commit 3c56adc May 27, 2025
26 of 27 checks passed
@puertomontt puertomontt deleted the backendconfig branch June 2, 2025 19:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuval-k yuval-k yuval-k left review comments

Copilot code review Copilot Copilot left review comments

@lgadban lgadban lgadban approved these changes

Assignees

@yuval-k yuval-k

Labels
kind/feature Categorizes issue or PR as related to a new feature. release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement connection policy
3 participants
@puertomontt @lgadban @yuval-k