Skip to content

outbound: add backend and route metadata to errors #2428

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jun 15, 2023
Merged

outbound: add backend and route metadata to errors #2428

merged 4 commits into from
Jun 15, 2023

Conversation

@hawkw
Copy link
Contributor

@hawkw hawkw commented Jun 15, 2023
edited
Loading

PRs #2418 and #2419 add per-route and per-backend request timeouts
configured by the OutboundPolicies API to the MatchedRoute and
MatchedBackend layers in the outbound ClientPolicy stack,
respectively. This means that — unlike in the ServiceProfile stack —
two separate request timeouts can be configured in ClientPolicy
stacks. However, because both the MatchedRoute and MatchedBackend
layers are in the HTTP logical stack, the errors emitted by both
timeouts will have a LogicalError as their most specific error
metadata, meaning that the log messages and l5d-proxy-error headers
recorded for these timeouts do not indicate whether the timeout that
failed the request was the route request timeout or the backend request
timeout.

In order to ensure this information is recorded and exposed to the user,
this branch adds two new error wrapper types, one of which enriches an
error with a RouteRef's metadata, and one of which enriches an error
with a BackendRef's metadata. The MatchedRoute stack now wraps all
errors with RouteRef metadata, and the MatchedBackend stack wraps
errors with BackendRef metadata. This way, when the route timeout
fails a request, the error will include the route metadata, while when
the backend request timeout fails a request, the error will include both
the route and backend metadata.

Adding these new error wrappers also has the additional side benefit of
adding this metadata to errors returned by filters, allowing users to
distinguish between errors emitted by a filter on a route rule and
errors emitted by a per-backend filter. Also, any other errors emitted
lower in the stack for requests that are handled by a client policy
stack will now also include this metadata, which seems generally useful.

Example errors, taken from a proxy unit test:

backend request:

logical service logical.test.svc.cluster.local:666: route httproute.test.timeout-route: backend service.test.test-svc:666: HTTP response timeout after 1s

route request:

logical service logical.test.svc.cluster.local:666: route httproute.test.timeout-route: HTTP response timeout after 2s

@hawkw hawkw requested a review from a team as a code owner June 15, 2023 16:26
adleong
adleong reviewed Jun 15, 2023
View reviewed changes
Copy link
Member

@adleong adleong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good. Can you give examples of what these errors look like in practice for route timeouts and backend timeouts? i.e. in l5d-proxy-error

@hawkw
Copy link
Contributor Author

hawkw commented Jun 15, 2023
edited
Loading

@adleong

This looks good. Can you give examples of what these errors look like in practice for route timeouts and backend timeouts? i.e. in l5d-proxy-error

backend request:

logical service logical.test.svc.cluster.local:666: route httproute.test.timeout-route: backend service.test.test-svc: HTTP response timeout after 1s

route request:

logical service logical.test.svc.cluster.local:666: route httproute.test.timeout-route: HTTP response timeout after 2s

(these are from a proxy unit test, so i may have formatted the metadata slightly differently from how the policy controller would)

@hawkw hawkw merged commit 9f0a269 into main Jun 15, 2023
@hawkw hawkw deleted the eliza/backend-error branch June 15, 2023 19:26
risingspiral pushed a commit to linkerd/linkerd2 that referenced this pull request Jun 15, 2023
@ericd
proxy: v2.204.0
5f35647 
PRs #2418 and #2419 add per-route and per-backend request timeouts
configured by the `OutboundPolicies` API to the `MatchedRoute` and
`MatchedBackend` layers in the outbound `ClientPolicy` stack,
respectively. This means that — unlike in the `ServiceProfile` stack —
two separate request timeouts can be configured in `ClientPolicy`
stacks. However, because both the `MatchedRoute` and `MatchedBackend`
layers are in the HTTP logical stack, the errors emitted by both
timeouts will have a `LogicalError` as their most specific error
metadata, meaning that the log messages and `l5d-proxy-error` headers
recorded for these timeouts do not indicate whether the timeout that
failed the request was the route request timeout or the backend request
timeout.

In order to ensure this information is recorded and exposed to the user,
this branch adds two new error wrapper types, one of which enriches an
error with a `RouteRef`'s metadata, and one of which enriches an error
with a `BackendRef`'s metadata. The `MatchedRoute` stack now wraps all
errors with `RouteRef` metadata, and the `MatchedBackend` stack wraps
errors with `BackendRef` metadata. This way, when the route timeout
fails a request, the error will include the route metadata, while when
the backend request timeout fails a request, the error will include both
the route and backend metadata.

Adding these new error wrappers also has the additional side benefit of
adding this metadata to errors returned by filters, allowing users to
distinguish between errors emitted by a filter on a route rule and
errors emitted by a per-backend filter. Also, any other errors emitted
lower in the stack for requests that are handled by a client policy
stack will now also include this metadata, which seems generally useful.

Example errors, taken from a proxy unit test:

backend request:
```
logical service logical.test.svc.cluster.local:666: route httproute.test.timeout-route: backend service.test.test-svc:666: HTTP response timeout after 1s
```
route request:
```
logical service logical.test.svc.cluster.local:666: route httproute.test.timeout-route: HTTP response timeout after 2s
```

---

* recover: remove unused `mut` (linkerd/linkerd2-proxy#2425)
* outbound: implement `OutboundPolicies` route request timeouts (linkerd/linkerd2-proxy#2418)
* build(deps): bump tj-actions/changed-files from 35.7.7 to 36.2.1 (linkerd/linkerd2-proxy#2427)
* outbound: implement `OutboundPolicies` backend request timeouts (linkerd/linkerd2-proxy#2419)
* outbound: add backend and route metadata to errors (linkerd/linkerd2-proxy#2428)

Signed-off-by: Eric Anderson <[email protected]>
@risingspiral risingspiral mentioned this pull request Jun 15, 2023
Merged
risingspiral pushed a commit to linkerd/linkerd2 that referenced this pull request Jun 15, 2023
@ericd
proxy: v2.204.0 (#11024)
06bb047 
Updating proxy version on main

PRs #2418 and #2419 add per-route and per-backend request timeouts
configured by the `OutboundPolicies` API to the `MatchedRoute` and
`MatchedBackend` layers in the outbound `ClientPolicy` stack,
respectively. This means that — unlike in the `ServiceProfile` stack —
two separate request timeouts can be configured in `ClientPolicy`
stacks. However, because both the `MatchedRoute` and `MatchedBackend`
layers are in the HTTP logical stack, the errors emitted by both
timeouts will have a `LogicalError` as their most specific error
metadata, meaning that the log messages and `l5d-proxy-error` headers
recorded for these timeouts do not indicate whether the timeout that
failed the request was the route request timeout or the backend request
timeout.

In order to ensure this information is recorded and exposed to the user,
this branch adds two new error wrapper types, one of which enriches an
error with a `RouteRef`'s metadata, and one of which enriches an error
with a `BackendRef`'s metadata. The `MatchedRoute` stack now wraps all
errors with `RouteRef` metadata, and the `MatchedBackend` stack wraps
errors with `BackendRef` metadata. This way, when the route timeout
fails a request, the error will include the route metadata, while when
the backend request timeout fails a request, the error will include both
the route and backend metadata.

Adding these new error wrappers also has the additional side benefit of
adding this metadata to errors returned by filters, allowing users to
distinguish between errors emitted by a filter on a route rule and
errors emitted by a per-backend filter. Also, any other errors emitted
lower in the stack for requests that are handled by a client policy
stack will now also include this metadata, which seems generally useful.

Example errors, taken from a proxy unit test:

backend request:
```
logical service logical.test.svc.cluster.local:666: route httproute.test.timeout-route: backend service.test.test-svc:666: HTTP response timeout after 1s
```
route request:
```
logical service logical.test.svc.cluster.local:666: route httproute.test.timeout-route: HTTP response timeout after 2s
```

---

* recover: remove unused `mut` (linkerd/linkerd2-proxy#2425)
* outbound: implement `OutboundPolicies` route request timeouts (linkerd/linkerd2-proxy#2418)
* build(deps): bump tj-actions/changed-files from 35.7.7 to 36.2.1 (linkerd/linkerd2-proxy#2427)
* outbound: implement `OutboundPolicies` backend request timeouts (linkerd/linkerd2-proxy#2419)
* outbound: add backend and route metadata to errors (linkerd/linkerd2-proxy#2428)

Signed-off-by: Eric Anderson <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adleong adleong adleong left review comments

@olix0r olix0r olix0r approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@hawkw @olix0r @adleong