HTTP filter manager: Support a "continue only the current filter" mode #15798
Comments
gbrail
added
enhancement
|
May be we can just enhance ext_proc to support mode that send entire request and let developers to pre-configure it: decodeHeaders() called It should be an acceptable overhead to always cache the body when the headers need to be updated based on the results of the body GRPC reply or user need entire request. here is similar issues: #15793 |
|
Do we not already support this via the @alyssawilk might have thoughts here as well |
|
The problem I have now is that I don't necessarily know what to do with the body chunks that come in to the filter until the reply comes back from the "request headers" message, and I don't want to just buffer the body in case it's too large for the current buffer size. I was hoping for an easy way out, by returning StopAllIterationAndWatermark from the headers callback, and then adding some way to only partially "continue" encoding or decoding by changing the filter state so that it now behaves as if I just returned StopIteration from that callback. I'll keep working out how ext_proc might work without this. But I also tried experimenting with changes to FilterManager and it's not as easy as I had hoped! |
|
The whole "store-and-forward" flow doesn't really work for request/responses with unbounded sizes, so I'd highly discourage it unless you have to transcode body in a non-streaming way (e.g. resize image), but even then you usually don't need to block headers. Also, unless I'm missing something obvious, returning |
|
ext_proc is deliberately designed to give the server control over what callbacks and data it gets. Receiving a buffered body is one of the options that the server can choose. It's not the only option the we designed (although right now it's the only one implemented) and it's not the default -- by default ext_proc doesn't do anything with the bodies at all and doesn't buffer them. In a lot of use cases when it's required to transform an HTTP body, it's often the case that buffering is the only choice -- there are very few data transformation technologies that operate on streaming data. I think it's important that ext_proc offer this option, but only as an option. |
|
Hi, thanks for working on this :) @gbrail We are also trying to decide between using the ext_proc filter and using lua, which does support the above. Is there any indication on how long this enhancement would take? Thanks! |
|
I have a PR in flight that lets ext_proc process headers along with buffered bodies by using the existing callback structure, so I'm going to close this issue. Here's the PR: it seems to be working OK so I suspect that it'll be ready in the next few days. |
|
@dragonbone81 for something like checksum, the better approach woud be to send it in HTTP trailers, after the body, assuming that the client supports them. |
|
@PiotrSikora Trailers would be a good solution I think, but I don't think any of the envoy filters like wasm or ext_proc support them right now (except lua). So is getHeaders->sendHeaders->getBody/modifyBody/sendBody->sendTrailers faster than |
Proxy-Wasm supports trailers, but you're right, it looks that
That really depends on what kind of transformations are you doing. A lot of things can be done in a streaming fashing (e.g. (de)compression, chunk-by-chunk transcoding, HTML rewriting, etc.), in which case you don't need to buffer the complete body, and you could calculate the checksum in a streaming fashion as well. But if for you need to buffer the complete body (e.g. you're doing on-the-fly image optimzation), then it won't matter much. |
|
Awesome thank you for the help and insights! |
Title: Support a way to continue encoding/decoding, but only for the current filter
Description:
In the ext_proc filter, the protocol first sends a "request_headers" message to the external processing server, waits for a response, and then decides what to do with the request body. It then may or may not send a separate message to handle the body, and so on for the response path and perhaps the trailers.
Here is one typical series of calls:
... Same thing on the response path ...
The problem is that at step 5 (continueDecoding) the headers are dispatched down the filter chain and can no longer be modified. What I'd like, instead, is that if the filter is configured to buffer the body that the headers will be retained until the response to the body gRPC (sent in step 8) is returned, and then everything continues. That way an external processor can modify the headers after inspecting and possibly modifying the body too.
I can almost make this happen by returning StopEncoding in step 3. But in that case, decodeData may be called before the async gRPC returns, and at that point we don't know for sure whether the server wants us to handle the body at all, or just stream it through. So if we do that, then we have to compromise on other important parts of the protocol.
In other words we get this:
... after this we can probably make it work, but not without changing some important aspects of the protocol, or making the filter a lot more complicated...
What I'd rather do is replace step 5 -- the first continueDecoding -- with something like "continueLocalDecoding". This should result in my decodeData() callbacks being enabled, but should NOT result in sending the headers further down (or up) the filter chain until decodeData() returns a continue status or continueDecoding() is called properly. This is kind of like changing the "StopAllIterationAndWatermark" status into "StopIteration" status.
I THINK that this might be a simple change in filter_manager.cc to have some more options to "commonContinue". However, I'm not totally sure -- perhaps other things need to change too.
Relevant Links:
ext_proc users are asking about this:
#15569
The text was updated successfully, but these errors were encountered: