-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
wasm: Add support for Dynamic Metadata #15148
Comments
I think this will be very useful, it allows to decouple the logic and the WASM module could be simpler and focus on the metadata generation. And then use the dedicated RBAC filter for enforcement that is very flexible in access control API. |
Thank you for the feedback @yangminzhu. What I am missing is the condition to trigger something like: switch (part_token->second) {
case PropertyToken::DYNAMICMETADATA: {
// /do dynamic metadata
break;
}
default:
// old behaviour
break;
} here the full code Or maybe add another method, specific this, something like:
I will be glad to close the issue, any help/suggestion is appreciated. Thank you |
this comment by @kyessenov can be relevant |
Between Filter State and Dynamic metadata, Any comments on state locking, consistency, concurrency ? |
Signed-off-by: Gabriele Santomaggio <g.santomaggio@gmail.com>
@Gsantomaggio Does getDynamicdata works in WASM ? i'm trying to set up dynamic metadata from ext_authz filter and then consume those metadata from my WASM http filter. I was trying to use the method which is defined for that but it's not working for me. What I'm doing is, google::protobuf::Struct ext_metadata;
if (!getMessageValue<google::protobuf::Struct>(
{"metadata", "filter_metadata", "envoy.filters.http.ext_authz"}, &ext_metadata)) {
LOG_ERROR(std::string("filter_metadata Error ") + std::to_string(id()));
}
I tried it with envoyproxy-websocket_1 | [2021-03-29 10:56:54.300][29][trace][wasm] [source/extensions/common/wasm/wasm_vm.cc:40] [vm->host] env.proxy_get_property(5458080, 54, 5345664, 5345616)
envoyproxy-websocket_1 | [2021-03-29 10:56:54.300][29][trace][wasm] [source/extensions/common/wasm/wasm_vm.cc:40] [host->vm] malloc(177)
envoyproxy-websocket_1 | [2021-03-29 10:56:54.300][29][trace][wasm] [source/extensions/common/wasm/wasm_vm.cc:40] [host<-vm] malloc return: 5346384
envoyproxy-websocket_1 | [2021-03-29 10:56:54.300][29][trace][wasm] [source/extensions/common/wasm/wasm_vm.cc:40] [vm<-host] env.proxy_get_property return: 0
envoyproxy-websocket_1 | [2021-03-29 10:56:54.300][29][trace][wasm] [source/extensions/common/wasm/wasm_vm.cc:40] [vm->host] env.proxy_log(2, 5449512, 92) Any idea what the issue might be ? Dynamic metadata is there because I traced it and did the following check to see. auto buf1 = getProperty<std::string>({"metadata", "filter_metadata", "envoy.filters.http.ext_authz"});
if (buf1.has_value()) {
LOG_INFO("Metadata exist");
} I was trying this for several hours and still no luck. Really appreciate if anyone could help |
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions. |
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions. |
@PiotrSikora We have Lua filters that need to write metadata. We probably need this in Wasm ABI. |
@kyessenov I agree. See: #15196 (though, that PR was closed). |
Hi @PiotrSikora @kyessenov |
Can we resurrect this issue (if appropriate)? I recently tried to set dynamic metadata from wasm and was not able to do so |
+1. Would love to see this! |
I will revive this issue as it is still relevant. Right now in our case we add metadata through response headers and then delete them on the WASM filter but this is far from ideal. |
Description:
Currently in WASM is not possible to set Dynamic Metadata.
This metadata emitted by a filter can be consumed by other filters and useful features can be built by stacking such filters For example, a logging filter can consume dynamic metadata from an RBAC filter
One of the use cases is the integration with RBAC for example how MYSQL does
We (vmware platform team) have a WASM network filter and we'd need to integrate it with RBAC.
Do others find this valuable? Is there something that we should know before we start contributing this?
( cc @venilnoronha, I spoke with him about that)
ref: Rust SDK Issue: proxy-wasm/proxy-wasm-rust-sdk#81
More details:
I did a test by changing the envoy proxy wasm context.cc ONLY for test ( thanks to @yuval-k for pointed there)
Rust code:
And actually the filter works:
The RBAC seems to work:
envoy conf:
Note:
My RBAC filter does not work always, I am looking why.
The text was updated successfully, but these errors were encountered: