From 7b13e2626095d30e157f48ac5288e6dcd4d70367 Mon Sep 17 00:00:00 2001 From: Xiong Ding Date: Wed, 18 Dec 2024 11:02:05 -0800 Subject: [PATCH] notes about envoy --- _posts/2024-12-16-istio.md | 25 ++---------- _posts/2024-12-18-envoy.md | 82 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 85 insertions(+), 22 deletions(-) create mode 100644 _posts/2024-12-18-envoy.md diff --git a/_posts/2024-12-16-istio.md b/_posts/2024-12-16-istio.md index a7f38ba..e52b780 100644 --- a/_posts/2024-12-16-istio.md +++ b/_posts/2024-12-16-istio.md @@ -3,7 +3,7 @@ layout: post title: Istio date: 2024-12-16 13:10 -0800 categories: [network] -tags: [network, istio, envoy] +tags: [network, istio] --- Istio used to have a micro-service architecture. However, starting from v1.5, @@ -68,6 +68,8 @@ It runs in the istio-proxy container. Ex below: ``` /usr/local/bin/pilot-agent proxy sidecar --domain filebeat.svc.cluster.local --proxyLogLevel=warning --proxyComponentLogLevel=misc:error --log_output_level=default:info --concurrency 2 + +/usr/local/bin/envoy -c etc/istio/proxy/envoy-rev0.json --restart-epoch 0 --drain-time-s 45 --drain-strategy immediate --parent-shutdown-time-s 60 --service-cluster airflow.data --service-node sidecar~172.31.76.240~airflow-worker-0.data~data.svc.cluster.local --local-address-ip-version v4 --bootstrap-version 3 --disable-hot-restart --log-format %Y-%m-%dT%T.%fZ.%l.envoy %n.%v -l warning --component-log-level misc:error --concurrency 2 ``` It is mainly responsible for managing envoy proxy sidecar. @@ -262,24 +264,3 @@ for more details. ## Useful commands - `istioctl version`: quickly get all running versions. - -## Envoy - -Envoy is a proxy solution. There are so many proxies in the market: nginx, -haproxy, trafik and etc, but why does Envoy stand out? It is because the xDS -APIs, or a fancier name, xDS protocol. Envoy project incubated a protocol that -allows dynamically changing proxy configurations using a channel between proxy -and the management server. - -Alex Burnos has a -[great article](https://medium.com/@aburnos/data-plane-control-plane-and-their-apis-explained-d0a3fa7291f3) -talking about data plane, control plane and universal data plan API. Just to -copy his explanation here: - -- data plane: proxies -- control plane: management server -- data plan API: the API for proxies and management server to talk to each - other, i.e., xDS APIs. - -See Envoy's golang implementation of data-plane-api: -https://github.com/envoyproxy/go-control-plane. diff --git a/_posts/2024-12-18-envoy.md b/_posts/2024-12-18-envoy.md new file mode 100644 index 0000000..c1ff677 --- /dev/null +++ b/_posts/2024-12-18-envoy.md @@ -0,0 +1,82 @@ +--- +layout: post +title: Envoy +date: 2024-12-18 10:55 -0800 +categories: [network] +tags: [network, envoy] +--- + +Envoy is a proxy solution. There are so many proxies in the market: nginx, +haproxy, trafik and etc, but why does Envoy stand out? It is because the xDS +APIs, or a fancier name, xDS protocol. Envoy project incubated a protocol that +allows dynamically changing proxy configurations using a channel between proxy +and the management server. + +Alex Burnos has a +[great article](https://medium.com/@aburnos/data-plane-control-plane-and-their-apis-explained-d0a3fa7291f3) +talking about data plane, control plane and universal data plan API. Just to +copy his explanation here: + +- data plane: proxies +- control plane: management server +- data plan API: the API for proxies and management server to talk to each + other, i.e., xDS APIs. + +See Envoy's golang implementation of data-plane-api: +. + +## Build + +Follow the +[official doc](https://github.com/envoyproxy/envoy/blob/ac61d8e000adc56d7505517cb4d6af5b82e08d22/bazel/README.md). + +``` +brew install bazelisk +cd ~/code/envoy + +# release build. Be cautious: too slow. Use a debug build instead. +bazel build -c opt envoy + +# debug build +bazel build --jobs=7 -c dbg envoy +``` + +A gentle reminder: It took hours to build Envoy. There are over 14k source +files to compile. The +[official doc](https://www.envoyproxy.io/docs/envoy/latest/faq/build/speed) +recommends using a machine with 36+ cores to build it. + +``` +INFO: Elapsed time: 4138.131s, Critical Path: 348.04s +INFO: 14847 processes: 3209 internal, 11636 darwin-sandbox, 1 local, 1 worker. +``` + +Command to generate compilation database as following. + +``` +TEST_TMPDIR=/tmp tools/gen_compilation_database.py +``` + +It failed in my Macbook M1. To mitigate this issue, I need to comment out the +`test` and `contrib` source code before running the python script. + +``` +diff --git a/tools/gen_compilation_database.py b/tools/gen_compilation_database.py +index 8153c1ad30..5d1cd470db 100755 +--- a/tools/gen_compilation_database.py ++++ b/tools/gen_compilation_database.py +@@ -131,8 +131,6 @@ if __name__ == "__main__": + parser.add_argument( + 'bazel_targets', nargs='*', default=[ + "//source/...", +- "//test/...", +- "//contrib/...", + ]) +``` + +## How to debug Envoy? + +Envoy has a set of admin endpoints for debug purpose. It even has an admin web +UI. see +[doc](https://www.envoyproxy.io/docs/envoy/latest/start/quick-start/admin). So +we can know its internal state.