gep-718: rework RoueForwardTo

hbagdi · hbagdi · commit d1cad2405ea7 · 2021-07-28T11:11:06.000-07:00
diff --git a/site-src/geps/gep-718.md b/site-src/geps/gep-718.md
@@ -0,0 +1,339 @@
+# GEP-718: Rework forwardTo segment in routes
+
+Issue URL: https://github.com/kubernetes-sigs/gateway-api/issues/718
+
+Status: implementable
+
+## Motivation
+
+### Complications due to the `serviceName` shortcut
+
+Within `RouteForwardTo` (and `HTTPRouteForwardTo` by extension) there exists
+two mechanisms to specify the upstream network endpoint where the traffic should
+be forwarded to:
+- `ServiceName`: the name of the Kubernetes Service
+- `BackendRef`: a LocalObjectReference to a resource, this is an extension point in the API
+
+While working on [#685](https://github.com/kubernetes-sigs/gateway-api/pull/685),
+it came to light that:
+1. `BackendRef` itself could be used to point to a Kubernetes Service
+2. With [GEP-709](https://github.com/kubernetes-sigs/gateway-api/pull/711),
+there will be a need to introduce a new `namespace` field which will enable use-cases to forward
+traffic to a services and backends located in different namespaces
+
+While (1) can be fixed with more validation and documentation, it only solves for
+the specific case. (2) requires adding two fields: `serviceNamespace`
+and `BackendRef.Namespace` - something we would like to avoid since the `serviceName`
+field was introduced only as a shortcut and adding more service-specific fields
+defeats the original purpose.
+
+These problems are in addition to the original problem that
+[#685](https://github.com/kubernetes-sigs/gateway-api/pull/685) attempts to solve:
+clarifying port requirements when a port is required or not.
+We have been updating documentation to tackle such corner-cases but that
+continues to result in more and more elaborations. Some excerpts from our
+existing documentation:
+```
+	// ServiceName refers to the name of the Service to mirror matched requests
+	// to. When specified, this takes the place of BackendRef. If both
+	// BackendRef and ServiceName are specified, ServiceName will be given
+	// precedence.
+
+	// BackendRef is a local object reference to mirror matched requests to. If
+	// both BackendRef and ServiceName are specified, ServiceName will be given
+	// precedence.
+
+	// Weight specifies the proportion of HTTP requests forwarded to the backend
+	// referenced by the ServiceName or BackendRef field. This is computed as
+
+	// Port specifies the destination port number to use for the
+	// backend referenced by the ServiceName or BackendRef field.
+	// If unspecified, the destination port in the request is used
+	// when forwarding to a backendRef or serviceName.
+```
+
+### Simplifying `RouteForwardTo`
+
+RouteForwardTo is not the best of the names. Using a noun instead of a verb
+would help with in-person communication and documentation.
+Since we are already considering dropping the special case of `service` as a
+backend, we have an opportunity to further simplify `RouteForwardTo` for better
+UX.
+
+## Proposal
+
+- Remove the `ServiceName` field from `RouteForwardTo`
+- Introduce `Service` as a default for `BackendRef.Kind`
+- Rename `RouteForwardTo.BackendRef` to `RouteForwardTo.TargetRef`
+- Rename `RouteForwardTo` to `Backend`
+- Rename `Route.Spec.Rules[].ForwardTo[]` to `Route.Spec.Rules[].Backends[]` in
+  all routes
+- Apply the same to HTTP types and filters
+
+## API
+
+The updated `Backend` (formerly `RouteForwardTo`) struct will be:
+(HTTP version has been omitted for brevity)
+
+```go
+// Backend defines how and where a request should be forwarded from the Gateway.
+type Backend struct {
+	// TargetRef is a reference to the resource to forward matched requests to.
+	//
+	// If the referent cannot be found, the rule is not included in the route.
+	// The controller should raise the "ResolvedRefs" condition on the Gateway
+	// with the "DegradedRoutes" reason. The gateway status for this route should
+	// be updated with a condition that describes the error more specifically.
+	//
+	// The protocol to use is defined using AppProtocol field (introduced in
+	// Kubernetes 1.18) in the Service resource. In the absence of the
+	// AppProtocol field a `gateway.networking.k8s.io/app-protocol` annotation on the
+	// BackendPolicy resource may be used to define the protocol. If the
+	// AppProtocol field is available, this annotation should not be used. The
+	// AppProtocol field, when populated, takes precedence over the annotation
+	// in the BackendPolicy resource. For custom backends, it is encouraged to
+	// add a semantically-equivalent field in the Custom Resource Definition.
+	//
+	// Support: Core (Kubernetes Service)
+	// Support: Custom (any other resource)
+	//
+	// +optional
+	// +kubebuilder:default={kind: "service"}
+	TargetRef *LocalObjectReference `json:"targetRef,omitempty"`
+
+	// Port specifies the destination port number to use for the
+	// backend referenced by the TargetRef field.
+	// This field is required when the target is a Kubernetes Service.
+	//
+	// Support: Core
+	//
+	// +optional
+	Port *PortNumber `json:"port,omitempty"`
+
+	// Weight specifies the proportion of HTTP requests forwarded to the backend
+	// referenced by the TargetRef field. This is computed as
+	// weight/(sum of all weights in this Backends list). For non-zero values,
+	// there may be some epsilon from the exact proportion defined here
+	// depending on the precision an implementation supports. Weight is not a
+	// percentage and the sum of weights does not need to equal 100.
+	//
+	// If only one backend is specified and it has a weight greater than 0, 100%
+	// of the traffic is forwarded to that backend. If weight is set to 0, no
+	// traffic should be forwarded for this entry. If unspecified, weight
+	// defaults to 1.
+	//
+	// Support: Extended
+	//
+	// +optional
+	// +kubebuilder:default=1
+	// +kubebuilder:validation:Minimum=0
+	// +kubebuilder:validation:Maximum=1000000
+	Weight *int32 `json:"weight,omitempty"`
+}
+
+```
+
+A summarized diff for the changes being proposed:
+
+```patch
+diff --git a/apis/v1alpha2/shared_types.go b/apis/v1alpha2/shared_types.go
+index 1215300..c5afddb 100644
+--- a/apis/v1alpha2/shared_types.go
++++ b/apis/v1alpha2/shared_types.go
+@@ -94,12 +94,9 @@ type GatewayReference struct {
+        Namespace string `json:"namespace"`
+ }
+ 
+-// RouteForwardTo defines how a Route should forward a request.
+-type RouteForwardTo struct {
+-       // ServiceName refers to the name of the Service to forward matched requests
+-       // to. When specified, this takes the place of BackendRef. If both
+-       // BackendRef and ServiceName are specified, ServiceName will be given
+-       // precedence.
++// Backend defines how and where a request should be forwarded from the Gateway.
++type Backend struct {
++       // TargetRef is a reference to the resource to forward matched requests to.
+        //
+        // If the referent cannot be found, the rule is not included in the route.
+        // The controller should raise the "ResolvedRefs" condition on the Gateway
+@@ -115,30 +112,16 @@ type RouteForwardTo struct {
+        // in the BackendPolicy resource. For custom backends, it is encouraged to
+        // add a semantically-equivalent field in the Custom Resource Definition.
+        //
+-       // Support: Core
+-       //
+-       // +optional
+-       // +kubebuilder:validation:MaxLength=253
+-       ServiceName *string `json:"serviceName,omitempty"`
+-
+-       // BackendRef is a reference to a backend to forward matched requests to. If
+-       // both BackendRef and ServiceName are specified, ServiceName will be given
+-       // precedence.
+-       //
+-       // If the referent cannot be found, the rule is not included in the route.
+-       // The controller should raise the "ResolvedRefs" condition on the Gateway
+-       // with the "DegradedRoutes" reason. The gateway status for this route should
+-       // be updated with a condition that describes the error more specifically.
+-       //
+-       // Support: Custom
++       // Support: Core (Kubernetes Service)
++       // Support: Custom (any other resource)
+        //
+        // +optional
+-       BackendRef *LocalObjectReference `json:"backendRef,omitempty"`
++       // +kubebuilder:default={kind: "service"}
++       TargetRef *LocalObjectReference `json:"targetRef,omitempty"`
+ 
+        // Port specifies the destination port number to use for the
+-       // backend referenced by the ServiceName or BackendRef field.
+-       // If unspecified, the destination port in the request is used
+-       // when forwarding to a backendRef or serviceName.
++       // backend referenced by the TargetRef field.
++       // This field is required when the target is a Kubernetes Service.
+        //
+        // Support: Core
+        //
+@@ -146,8 +129,8 @@ type RouteForwardTo struct {
+        Port *PortNumber `json:"port,omitempty"`
+ 
+        // Weight specifies the proportion of HTTP requests forwarded to the backend
+-       // referenced by the ServiceName or BackendRef field. This is computed as
+-       // weight/(sum of all weights in this ForwardTo list). For non-zero values,
++       // referenced by the TargetRef field. This is computed as
++       // weight/(sum of all weights in this Backends list). For non-zero values,
+        // there may be some epsilon from the exact proportion defined here
+        // depending on the precision an implementation supports. Weight is not a
+        // percentage and the sum of weights does not need to equal 100.
+```
+
+## Examples
+
+
+For Kubernetes Services, an updated `forwardTo` section will read as follows:
+
+```yaml
+...
+backends:
+- targetRef:
+    name: foo-service-v1
+  port: 80
+  weight: 80
+- targetRef:
+    name: foo-service-canary
+  port: 80
+  weight: 20
+...
+```
+
+Here, the `kind` field is omitted as it will be injected as a default.
+
+For custom backends, the API will look like the following:
+
+```yaml
+...
+backends:
+- targetRef:
+    name: foo-v1
+    kind: server
+    group: networking.acme.io
+  port: 80
+  weight: 80
+- targetRef:
+    name: foo-v1-canary
+    kind: server
+    group: networking.acme.io
+  port: 80
+  weight: 20
+...
+```
+
+For completeness, here is an example of HTTPRoute:
+
+```yaml
+kind: HTTPRoute
+apiVersion: gateway.networking.k8s.io/v1alpha2
+metadata:
+  name: bar-route
+  labels:
+    gateway: prod-web-gw
+spec:
+  hostnames:
+  - "bar.example.com"
+  rules:
+  - matches:
+    - headers:
+        type: Exact
+        values:
+          env: canary
+    backends:
+    - targetRef:
+        name: foo-service-v1
+      port: 80
+      weight: 80
+    - targetRef:
+        name: foo-service-canary
+      port: 80
+      weight: 20
+```
+
+## Alternatives considered
+
+### Rename serviceName to backendName
+
+As suggested in [this comment](https://github.com/kubernetes-sigs/gateway-api/pull/685#discussion_r667285837),
+we could buy the best of both the worlds by introducing `backendName`:
+
+```yaml
+forwardTo:
+- backendName: foo
+  port: 80
+    kind: <defaults to Service>
+```
+
+While this saves one line of YAML (`backendRef:`), it could be potentially
+violating the `Naming of the reference field`
+[API convention][api-convetions].
+Most of our object references are of the form `XRef`.
+
+### Flatten `TargetRef` into  `Backend` itself
+
+A further simplification is possible in this case if the `TargetRef` struct
+is embedded directly inside `Backend`:
+
+```yaml
+...
+backends:
+- name: foo-service-v1
+  port: 80
+  weight: 80
+- name: foo-service-canary
+  port: 80
+  weight: 20
+...
+```
+
+This result in saving of one line of YAML per backend.
+This has been avoided for the following reasons:
+- Separate the fields that are present for object referencing purposes from
+  fields that are specific to Gateway API and influence routing behavior.
+- [API conventions][api-conventions] are unclear about folding such fields
+  directly within a struct that contains other information. Upstream APIs
+  seem to separate out references from other fields via a `fooRef` struct.
+- If we were to do this, this would be a new pattern within this API as there
+  is no other place where such a flattening is performed. Future maintainers
+  could reference this pattern and further worsen the API experience.
+
+## Out of scope
+
+N/A
+
+## References
+
+Existing documentation:
+- [RouteForwardTo](https://github.com/kubernetes-sigs/gateway-api/blob/a9d45b51c396fbed022204af0185b00a4ac7e282/apis/v1alpha2/shared_types.go#L97-L167)
+- [HTTPRouteForwardTo](https://github.com/kubernetes-sigs/gateway-api/blob/a9d45b51c396fbed022204af0185b00a4ac7e282/apis/v1alpha2/httproute_types.go#L731-L813)
+- [#685](https://github.com/kubernetes-sigs/gateway-api/pull/685)
+  - [Comment thread that spawned this GEP](https://github.com/kubernetes-sigs/gateway-api/pull/685#discussion_r640204333)
+- [#578](https://github.com/kubernetes-sigs/gateway-api/issues/578)
+
+[api-conventions]: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#naming-of-the-reference-field
