api: Support connection timeouts in BackendTrafficPolicy (#2411)

* API: Support Connection Timeouts in BackendTrafficPolicy Signed-off-by: Guy Daich <guy.daich@sap.com> * code review fixes Signed-off-by: Guy Daich <guy.daich@sap.com> * code review fixes 2 Signed-off-by: Guy Daich <guy.daich@sap.com> --------- Signed-off-by: Guy Daich <guy.daich@sap.com>
envoyproxy · Jan 16, 2024 · a8d34b6 · a8d34b6
1 parent 4499c19
commit a8d34b6
Show file tree

Hide file tree

Showing 6 changed files with 223 additions and 0 deletions.
diff --git a/api/v1alpha1/backendtrafficpolicy_types.go b/api/v1alpha1/backendtrafficpolicy_types.go
@@ -81,6 +81,11 @@ type BackendTrafficPolicySpec struct {
 	//
 	// +optional
 	CircuitBreaker *CircuitBreaker `json:"circuitBreaker,omitempty"`
+
+	// Timeout settings for the backend connections.
+	//
+	// +optional
+	Timeout *Timeout `json:"timeout,omitempty"`
 }
 
 // BackendTrafficPolicyStatus defines the state of BackendTrafficPolicy

diff --git a/api/v1alpha1/timeout_types.go b/api/v1alpha1/timeout_types.go
@@ -0,0 +1,43 @@
+// Copyright Envoy Gateway Authors
+// SPDX-License-Identifier: Apache-2.0
+// The full text of the Apache license is available in the LICENSE file at
+// the root of the repo.
+
+package v1alpha1
+
+import gwapiv1 "sigs.k8s.io/gateway-api/apis/v1"
+
+// Timeout defines configuration for timeouts related to connections.
+type Timeout struct {
+	// Timeout settings for TCP.
+	//
+	// +optional
+	TCP *TCPTimeout `json:"tcp,omitempty"`
+
+	// Timeout settings for HTTP.
+	//
+	// +optional
+	HTTP *HTTPTimeout `json:"http,omitempty"`
+}
+
+type TCPTimeout struct {
+	// The timeout for network connection establishment, including TCP and TLS handshakes.
+	// Default: 10 seconds.
+	//
+	// +optional
+	ConnectTimeout *gwapiv1.Duration `json:"connectTimeout,omitempty"`
+}
+
+type HTTPTimeout struct {
+	// The idle timeout for an HTTP connection. Idle time is defined as a period in which there are no active requests in the connection.
+	// Default: 1 hour.
+	//
+	// +optional
+	ConnectionIdleTimeout *gwapiv1.Duration `json:"connectionIdleTimeout,omitempty"`
+
+	// The maximum duration of an HTTP connection.
+	// Default: unlimited.
+	//
+	// +optional
+	MaxConnectionDuration *gwapiv1.Duration `json:"maxConnectionDuration,omitempty"`
+}
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_backendtrafficpolicies.yaml
@@ -734,6 +734,34 @@ spec:
                     format: int32
                     type: integer
                 type: object
+              timeout:
+                description: Timeout settings for the backend connections.
+                properties:
+                  http:
+                    description: Timeout settings for HTTP.
+                    properties:
+                      connectionIdleTimeout:
+                        description: 'The idle timeout for an HTTP connection. Idle
+                          time is defined as a period in which there are no active
+                          requests in the connection. Default: 1 hour.'
+                        pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
+                        type: string
+                      maxConnectionDuration:
+                        description: 'The maximum duration of an HTTP connection.
+                          Default: unlimited.'
+                        pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
+                        type: string
+                    type: object
+                  tcp:
+                    description: Timeout settings for TCP.
+                    properties:
+                      connectTimeout:
+                        description: 'The timeout for network connection establishment,
+                          including TCP and TLS handshakes. Default: 10 seconds.'
+                        pattern: ^([0-9]{1,5}(h|m|s|ms)){1,4}$
+                        type: string
+                    type: object
+                type: object
             required:
             - targetRef
             type: object

diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md
@@ -90,6 +90,7 @@ _Appears in:_
 | `healthCheck` _[HealthCheck](#healthcheck)_ | HealthCheck allows gateway to perform active health checking on backends. |
 | `faultInjection` _[FaultInjection](#faultinjection)_ | FaultInjection defines the fault injection policy to be applied. This configuration can be used to inject delays and abort requests to mimic failure scenarios such as service failures and overloads |
 | `circuitBreaker` _[CircuitBreaker](#circuitbreaker)_ | Circuit Breaker settings for the upstream connections and requests. If not set, circuit breakers will be enabled with the default thresholds |
+| `timeout` _[Timeout](#timeout)_ | Timeout settings for the backend connections. |
 
 
 
@@ -953,6 +954,21 @@ _Appears in:_
 
 
 
+#### HTTPTimeout
+
+
+
+
+
+_Appears in:_
+- [Timeout](#timeout)
+
+| Field | Description |
+| --- | --- |
+| `connectionIdleTimeout` _Duration_ | The idle timeout for an HTTP connection. Idle time is defined as a period in which there are no active requests in the connection. Default: 1 hour. |
+| `maxConnectionDuration` _Duration_ | The maximum duration of an HTTP connection. Default: unlimited. |
+
+
 #### HeaderMatch
 
 
@@ -2009,6 +2025,20 @@ _Appears in:_
 | `interval` _Duration_ | The duration between keep-alive probes. Defaults to `75s`. |
 
 
+#### TCPTimeout
+
+
+
+
+
+_Appears in:_
+- [Timeout](#timeout)
+
+| Field | Description |
+| --- | --- |
+| `connectTimeout` _Duration_ | The timeout for network connection establishment, including TCP and TLS handshakes. Default: 10 seconds. |
+
+
 #### TLSSettings
 
 
@@ -2039,6 +2069,21 @@ _Appears in:_
 
 
 
+#### Timeout
+
+
+
+Timeout defines configuration for timeouts related to connections.
+
+_Appears in:_
+- [BackendTrafficPolicySpec](#backendtrafficpolicyspec)
+
+| Field | Description |
+| --- | --- |
+| `tcp` _[TCPTimeout](#tcptimeout)_ | Timeout settings for TCP. |
+| `http` _[HTTPTimeout](#httptimeout)_ | Timeout settings for HTTP. |
+
+
 #### TracingProvider
 
 

diff --git a/test/cel-validation/backendtrafficpolicy_test.go b/test/cel-validation/backendtrafficpolicy_test.go
@@ -18,6 +18,8 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/utils/pointer"
 	"k8s.io/utils/ptr"
+
+	gwapiv1 "sigs.k8s.io/gateway-api/apis/v1"
 	gwapiv1a2 "sigs.k8s.io/gateway-api/apis/v1alpha2"
 
 	egv1a1 "github.com/envoyproxy/gateway/api/v1alpha1"
@@ -755,6 +757,31 @@ func TestBackendTrafficPolicyTarget(t *testing.T) {
 				`[spec.healthCheck.tcp.receive: Invalid value: "object": If payload type is Text, text field needs to be set., spec.healthCheck.tcp.receive: Invalid value: "object": If payload type is Binary, binary field needs to be set.]`,
 			},
 		},
+		{
+			desc: " valid timeout",
+			mutate: func(btp *egv1a1.BackendTrafficPolicy) {
+				d := gwapiv1.Duration("3s")
+				btp.Spec = egv1a1.BackendTrafficPolicySpec{
+					TargetRef: gwapiv1a2.PolicyTargetReferenceWithSectionName{
+						PolicyTargetReference: gwapiv1a2.PolicyTargetReference{
+							Group: gwapiv1a2.Group("gateway.networking.k8s.io"),
+							Kind:  gwapiv1a2.Kind("Gateway"),
+							Name:  gwapiv1a2.ObjectName("eg"),
+						},
+					},
+					Timeout: &egv1a1.Timeout{
+						TCP: &egv1a1.TCPTimeout{
+							ConnectTimeout: &d,
+						},
+						HTTP: &egv1a1.HTTPTimeout{
+							ConnectionIdleTimeout: &d,
+							MaxConnectionDuration: &d,
+						},
+					},
+				}
+			},
+			wantErrors: []string{},
+		},
 	}
 
 	for _, tc := range cases {