-
Notifications
You must be signed in to change notification settings - Fork 672
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
contour serve should take its configuration from a configuration file #1130
Comments
Thinking about this some more while it would be beneficial to have the lifecycles of Contour and Envoy separated, it isn't mandatory to deliver this feature. Remove the blocker tag, assigned tentatively to 0.14. |
Signed-off-by: Nick Young <ynick@vmware.com>
Hello. This issue is my major contribution to the 0.14 cycle. This is an update for anyone subscribed to this issue or waiting on #1124 or #1053. The design of this feature is straight forward; add a configuration file as an additional source of configuration information for the In implementing this feature I have hit the following issues User ExperienceCurrently spec:
command: “contour”
args:
- “serve”
- “--envoy-service-address=$CONTOUR_POD_IP” ( However if we define the This arrangement is not without downsides; env vars are somewhat hidden compared to explicit command line arguments. However, there is a clear order of precedence, env vars are overridden by command line flags. Period. If we add a configuration file into the mix, this increases the number of places a piece of configuration may be defined, and increases the number of places where one configuration form overwrites another to 3 factorial. I’m faced with a decision; now we have a configuration file, do I move configuration flags into the file? To not do so would create a bizarre order of precedence problem. Arguably the operator would want the precedence order to be (lowest to higher) env vars => config file => command line flags. If we defined the precedence order to be env vars => command line flags => config file, then the config file as defined overrides both the hidden parameters in the environment and the explicit ones in the deployment. So, clearly there is an argument that fields in the configuration file supplant command line flags. If that is so then what do we do about the command line flags that previously took their values from the environment. Does the configuration file represent a template that contour processes wrt. the current environment on startup? Possibly, but that is unusual and surprising. The situation I find myself in is the transition from env var/cli flags to a config file will probably be incomplete. All contour users will have to adapt to a model where some configuration is defined in cli flags, and others is placed inside a configuration file. This is an unsatisfying result. Configuration file maintenanceJust as envoy requires a configuration file to start, shortly so shall contour. The question for a cluster administrator is “where does that configuration file come from?”. Classical kubernetes dictates that a configuration file’s contents are stored in a ConfigMap and then “mounted” as a file in a temporary volume. This is in fact how the earliest versions of contour bootstrapped Envoy before To be continuedTo make it clear, if you’ve had the courage to read this far, optional JSON logging is a feature that we plan for 0.15. That’s not being bumped. However, I wanted to give everyone subscribed to this issue an understanding of the problems that I’m considering as I work through the implementation of this feature. Thank you for your time. |
You are able to reference ENV variables from inside a deployment manifest. You can even have those ENV vars source from a secret or configmap so they are dynamic based upon the secret/config map that is referenced. We used to do this until it got hardcoded, so if a user would change the ports that Contour served, it would be dynamic to Envoy's deployment manifest: https://github.com/heptio/contour/blob/6125ee57b585ba92f8885838be7b450a5503340c/examples/ds-hostnet-split/03-envoy.yaml#L66-L69 Other projects like |
WOW. TIL. Is this a recent change. I have a memory a year ago that if you wanted to use env vars in a deployment cmd line the best way was to wrap your command in a shell script that did the expansion for you. |
Fixes projectcontour#1130 This PR adds the ability to supply configuration values to contour serve from a configuration file. Some gymnastics are required to make this work with kingpin and keep the precidence of config file -> env vars -> cli flags. At the moment only a few values are plumbed into the config file, mainly to keep the linter's happy. More will be added in 0.15. Signed-off-by: Dave Cheney <dave@cheney.net>
Fixes #1130 This PR adds the ability to supply configuration values to contour serve from a configuration file. Some gymnastics are required to make this work with kingpin and keep the precidence of config file -> env vars -> cli flags. At the moment only a few values are plumbed into the config file, mainly to keep the linter's happy. More will be added in 0.15. Signed-off-by: Dave Cheney <dave@cheney.net>
contour serve
currently takes all its configuration from command line flags. As of the end of May, it looks like thisIn addition to there being a lot of configuration flags that affect the state of a
contour serve
process, we can only configure things which act like simple strings or numbers. Configuration such as a JSON format for HTTP logs (#624) would be unwieldily expressed as a CLI flag.I propose that the majority of these configuration flags move into a configuration file which must be provided for
contour serve
to start. eg,The format of the configuration file is not important, but would probably be JSON, YAML. If it were a gRPC version of same that would be consistent with Envoy's configuration file, and simplify parsing and validation of the configuration file.
It is imperative that whatever configuration format is chosen, it must support inline comments.
Why not a config map?
I want to call out specifically why I'm advocating for a file on disk, not a config map. This is for several reasons.
contour serve
locally which is a key part of the development inner loop. If you have to connect to a running k8s cluster to obtain Contour's configuration that adds friction to the process.Storing configuration on disk has a very well defined lifecycle; change config file, restart process to pick up changes. That applies equally in a local deployment as it does inside k8s. Once #881 is done the cost of restarting a Contour process will drop significantly.
To be clear, we may use a config map to hold the contents of the config file for deployment, but during deployment the config file will be mounted in a volume, not referenced directly.
The text was updated successfully, but these errors were encountered: