build: Google gRPC C++ library as an external dependency.#2318
build: Google gRPC C++ library as an external dependency.#2318htuch merged 4 commits intoenvoyproxy:masterfrom
Conversation
This is needed for upcoming integration with xDS and other gRPC clients, where the option to use Google gRPC or the in-built Envoy client will be made available. Signed-off-by: Harvey Tuch <htuch@google.com>
|
Q: Do we want to start thinking about compile time options as a more first class concept of what people want to include? I suspect very few people are going to want to actually use this. Obviously we need this for CI (and I worry about CI speed as we add more dependencies when bazel caching from the image seems broken), but just wondering if we want to start thinking about build options. |
|
What's the difference between gRPC and the envoy client? Can we eliminate one or the other to keep things simpler? |
|
@htuch will be able to provide more history around how we arrived here. It's a long, relatively sad story. :( I do agree that the existence of the new options in data-plane-api and the new code here are going to be very confusing for users. I think we should have pretty clear documentation and guidance on why we have these two options and what we are working towards. |
|
@mattklein123 Yeah, let's think about compile time options. We can continue with the current approach of adding a @ggreenway Yeah, this is a long story that @mattklein123 @ctiller @markdroth and I have discussed over a series of meetings. I'll try and recap below, we'll eventually turn this into the clear documentation/guidance that @mattklein123 suggests. There are various places we interact with gRPC in Envoy, for example on the data plane (proxying gRPC from client to backend), transcoding filters (e.g. gRPC-Web), sourcing configuration via xDS and in filters that make call-outs (e.g. an authorization or rate limit filter). For the latter two cases, we use the Envoy
OTOH, the Google C++ gRPC library (https://github.com/grpc/grpc) is the reference gRPC implementation. It is a very high performance implementation of gRPC which is largely consumed as a black box with a threaded model that is not highly aligned with Envoy's silo model (my later PRs will bridge this somewhat). It has a bunch of features we don't implement in Envoy's We would spend a lot of time trying to replicate the Google gRPC library inside Envoy, so we don't strive to reach parity here with So, we plan on offering both, with This isn't set in stone yet, so feedback is welcome, but hopefully this recaps the history accurately and provides the provisional plan-of-record. |
That's what I had in mind. If you don't want to do in this PR that's fine, but I think we should start doing this for many of the non-core features. e.g., |
Signed-off-by: Harvey Tuch <htuch@google.com>
|
@htuch Would it be possible, instead of offering both gRPC clients, to provide a simpler way to configure the more sophisticated client? Then people with simpler requirements would still have simple setup/configuration, more complicated requirements could be handled, and we'd only have 1 implementation. What is the event/threading model of the gRPC library? |
|
re: disabling features at compile-time: I think it's worth it to allow disabling features that have external library dependencies. For things that do not, the only benefit is slightly faster builds, and slightly smaller binaries. I personally don't think that's worth the complexity of allowing those things to be compiled out. |
|
@ggreenway the Google gRPC libs have a threaded concurrency model; part of the complexity in my PR will be around matching the thread/event models, we have some idea of how this works based on Istio Mixer client and a proof-of-concept I have locally. I don't know if it's really that much simpler to make it build time one client or the other. If you look at the accompanying API PR, envoyproxy/data-plane-api#398, the clients have very different configuration styles, so it's not really a switch that can be applied at build time transparently. |
|
Yeah, unfortunately I really don't see any way to offer a single configuration in this case, and it's a non-starter to switch to only Google gRPC client. Google gRPC is not a superset of Envoy gRPC. They basically have very different feature sets with a common base (codec). |
|
+1 to #2318 (comment) |
|
@fengli79 this is an important difference on the data plane, agreed. OTOH, we're only planning on using Google gRPC for the control plane and unary calls in filters (auth checks, rate limit, etc.), so I don't think we have the same big proto issues. |
| ``` | ||
|
|
||
| ## Hot Restart | ||
| ## Disabling optional features |
There was a problem hiding this comment.
nice cleanup, thanks, was going to ask for this. :)
Rejecting requests which don't have an https scheme if Android disallows cleartext Risk Level: High Testing: TODO (envoyproxy/envoy-mobile#2341) Docs Changes: n/a Release Notes: inline Fixes #1572 Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
Rejecting requests which don't have an https scheme if Android disallows cleartext Risk Level: High Testing: TODO (envoyproxy/envoy-mobile#2341) Docs Changes: n/a Release Notes: inline Fixes #1572 Signed-off-by: Alyssa Wilk <alyssar@chromium.org> Signed-off-by: JP Simard <jp@jpsim.com>
4 participants
This is needed for upcoming integration with xDS and other gRPC clients, where the option to use
Google gRPC or the in-built Envoy client will be made available.
Signed-off-by: Harvey Tuch htuch@google.com