Skip to content

xds: httpfilter API changes to support filter state retention (A83) #8745

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
easwars wants to merge 1 commit into
base: master
Choose a base branch
from
Open

xds: httpfilter API changes to support filter state retention (A83) #8745

easwars wants to merge 1 commit into from

Conversation

@easwars
Copy link
Contributor

@easwars easwars commented Dec 4, 2025
edited
Loading

How the API looked before this change?

  • We had a single interface, Filter, that was responsible for functionality like config parsing and optionally for building client and server interceptors (or filter instances).
  • We had a registry of Filters keyed by the supported type_urls.

How the API looks after this change?

  • We will have an interface, FilterProvider, that contains functionality for config parsing and other things like "what are the supported type_urls?", "Are filters produced by this provider supposed to be terminal?", "Are filters produced by this provider supposed to work on the client/server?" etc.
  • The FilterProvider will also contain functionality to create filter instances represented by a new interface, Filter.
  • The Filter interface contains functionality to build client and server interceptors. If this filter is not supported on either the client or the server, that functionality can be a no-op.
  • The Filter will also contain a new Close method allowing it to free up any resources allocated.
  • We will have a registry of FilterProviderss keyed by the supported type_urls.

Why is this change required?

  • As part of gRFC A83 and moving forward on a bunch of other gRFCs, we will start having HTTP filters that need to maintain a bunch of state, and this state needs to be retained across resource updates. For example, the filter might contain a gRPC channel to an external service, and we don't want to recreate this channel for resource updates that doesn't change any properties associated with the service that is being connected to.
    • This change is not part of this PR and will be made when the first filter that needs state retention support is implemented.

How will this be used?

  • The xDS name resolver and the xDS enabled grpc server (entities that create HTTP filters on the client and server side) will create new Filter instances only when the filter names in the xDS resources change. Otherwise, they will only create new interceptors using the updated filter configuration from the existing Filter. This will allow Filter instances to share state across interceptors and across state updates.

The changes here and inspired by similar changes made for Java and described here: https://github.com/grpc/proposal/blob/master/A83-xds-gcp-authn-filter.md#java

RELEASE NOTES: None

@easwars easwars requested a review from dfawley December 4, 2025 23:55
@easwars easwars added Type: Feature New features or improvements in behavior Area: xDS Includes everything xDS related, including LB policies used with xDS. labels Dec 4, 2025
@easwars easwars added this to the 1.78 Release milestone Dec 4, 2025
@codecov
Copy link

codecov bot commented Dec 4, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 43.47826% with 39 lines in your changes missing coverage. Please review.
✅ Project coverage is 82.90%. Comparing base (647162c) to head (7ebfeaa).
⚠️ Report is 1 commits behind head on master.

Files with missing lines Patch % Lines
internal/xds/httpfilter/router/router.go 25.00% 6 Missing and 6 partials ⚠️
internal/xds/httpfilter/fault/fault.go 26.66% 7 Missing and 4 partials ⚠️
internal/xds/httpfilter/rbac/rbac.go 26.66% 6 Missing and 5 partials ⚠️
internal/xds/resolver/serviceconfig.go 33.33% 0 Missing and 2 partials ⚠️
internal/xds/xdsclient/xdsresource/filter_chain.go 33.33% 0 Missing and 2 partials ⚠️
...nternal/xds/xdsclient/xdsresource/unmarshal_lds.go 93.33% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #8745      +/-   ##
==========================================
- Coverage   83.38%   82.90%   -0.49%     
==========================================
  Files         418      418              
  Lines       32367    32392      +25     
==========================================
- Hits        26988    26853     -135     
- Misses       4014     4038      +24     
- Partials     1365     1501     +136
Files with missing lines Coverage Δ
internal/xds/httpfilter/httpfilter.go 87.50% <100.00%> (-12.50%) ⬇️
...nternal/xds/xdsclient/xdsresource/unmarshal_lds.go 87.82% <93.33%> (-0.65%) ⬇️
internal/xds/resolver/serviceconfig.go 87.21% <33.33%> (-0.76%) ⬇️
internal/xds/xdsclient/xdsresource/filter_chain.go 71.27% <33.33%> (-23.21%) ⬇️
internal/xds/httpfilter/fault/fault.go 41.09% <26.66%> (-30.88%) ⬇️
internal/xds/httpfilter/rbac/rbac.go 50.63% <26.66%> (-9.94%) ⬇️
internal/xds/httpfilter/router/router.go 25.00% <25.00%> (-13.24%) ⬇️

... and 15 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dfawley dfawley Awaiting requested review from dfawley

At least 1 approving review is required to merge this pull request.

Assignees

@dfawley dfawley

Labels

Area: xDS Includes everything xDS related, including LB policies used with xDS. Type: Feature New features or improvements in behavior

Projects

None yet

Milestone

1.78 Release

Development

Successfully merging this pull request may close these issues.

2 participants

@easwars @dfawley