Skip to content

xds: Implement channel caching utility for GrpcService channels for ext_authz and ext_proc#12690

Open
sauravzg wants to merge 19 commits intogrpc:masterfrom
sauravzg:feat/cached-channel
Open

xds: Implement channel caching utility for GrpcService channels for ext_authz and ext_proc#12690
sauravzg wants to merge 19 commits intogrpc:masterfrom
sauravzg:feat/cached-channel

Conversation

@sauravzg
Copy link
Copy Markdown
Collaborator

@sauravzg sauravzg commented Mar 12, 2026

Child PR of #12492

Split this from some other PR way down the chain and modified it to be not ext authz specific.

  • This is currently a thread safe trivial implementation of caching based on (target, channel_creds)
  • This is intended to be instantiated per Filter and not be used as some sort of a shared channel pool
  • On a config change that requires creating new channels, this may perform 2 blocking operations before returning
  • Creation of the channel and this happens within a lock
  • shutdown of old channel if present

This should probably be okay, since this happens in the control path changes but has the potential of hammering dataplane throughtput temporarily during updates due to channel creation within the lock.

@sauravzg
feat(xds): Add configuration objects for ExtAuthz and GrpcService
4baea6b 
This commit introduces configuration objects for the external authorization (ExtAuthz) filter and the gRPC service it uses. These classes provide a structured, immutable representation of the configuration defined in the xDS protobuf messages.

The main new classes are:
- `ExtAuthzConfig`: Represents the configuration for the `ExtAuthz` filter, including settings for the gRPC service, header mutation rules, and other filter behaviors.
- `GrpcServiceConfig`: Represents the configuration for a gRPC service, including the target URI, credentials, and other settings.
- `HeaderMutationRulesConfig`: Represents the configuration for header mutation rules.

This commit also includes parsers to create these configuration objects from the corresponding protobuf messages, as well as unit tests for the new classes.
@sauravzg
Fixup: Address comments from grpc#12492
5654c64
@sauravzg
Fixup: 12492 Split HeaderValueValidationUtils to GrpcService to match…
5ed6993 
… the updated requirements
kannanjgithub
kannanjgithub requested changes Mar 13, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@kannanjgithub kannanjgithub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor changes requested.

@sauravzg sauravzg mentioned this pull request Mar 15, 2026
Open
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 15, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
31d62ad
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 15, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
1e202f0
@sauravzg sauravzg force-pushed the feat/cached-channel branch from 31d62ad to 1e202f0 Compare March 15, 2026 21:44
@kannanjgithub kannanjgithub requested a review from AgraVator March 17, 2026 06:02
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 17, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
0e12e12
@sauravzg sauravzg force-pushed the feat/cached-channel branch from 1e202f0 to 0bb06f3 Compare March 17, 2026 07:02
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 17, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
caa0c91
@sauravzg sauravzg force-pushed the feat/cached-channel branch from 0bb06f3 to a748980 Compare March 17, 2026 08:40
@sauravzg
Fixup 12492: Refactor allowedGrpcService to be non optional and fix…
b28bd3c 
… bug

Makes `allowedGrpcServices` to be a non-optional struct instead of
an `Optional<Map<str,AllowedService>>` since it's
essentially an immuatable hash map, making it preferable to use an empty
instance instead of null.

Change a small bug where we continued instead of return when parsing
bootstrap credentials.
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 23, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
869bdd4
@sauravzg sauravzg force-pushed the feat/cached-channel branch from a748980 to 75f7130 Compare March 23, 2026 18:02
@kannanjgithub kannanjgithub requested a review from Copilot March 24, 2026 17:03
Copilot AI reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds internal xDS utilities to parse Envoy GrpcService/ext_authz configuration into immutable Java config objects, introduces bootstrap parsing for allowed_grpc_services, and provides a simple per-filter ManagedChannel caching utility keyed by (target, channel_creds).

Changes:

  • Add GrpcServiceConfig model + GrpcServiceConfigParser (channel creds, access-token call creds, initial metadata, timeout) and related header validation/value utilities.
  • Add ext_authz config model/parser plus shared header-mutation rules model/parser and matcher parsing for fractional percents.
  • Add AllowedGrpcServices bootstrap parsing + CachedChannelManager for per-filter channel reuse.

Reviewed changes

Copilot reviewed 31 out of 31 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
xds/src/main/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesParser.java Parses Envoy HeaderMutationRules into an internal config.
xds/src/main/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesConfig.java Immutable config representation for header mutation rules.
xds/src/main/java/io/grpc/xds/internal/grpcservice/HeaderValueValidationUtils.java Validates header key/value constraints for initial metadata.
xds/src/main/java/io/grpc/xds/internal/grpcservice/HeaderValue.java Immutable internal header key/value representation (string vs raw bytes).
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceXdsContextProvider.java Provides per-target context for trusted/untrusted control plane decisions.
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceXdsContext.java AutoValue context object used during GrpcService parsing.
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceParseException.java Parse exception for GrpcService config parsing.
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfigParser.java Parses Envoy GrpcService/GoogleGrpc, validates metadata/timeout, builds creds.
xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfig.java Immutable GrpcService config model.
xds/src/main/java/io/grpc/xds/internal/grpcservice/ConfiguredChannelCredentials.java Bundles ChannelCredentials with comparable credential config.
xds/src/main/java/io/grpc/xds/internal/grpcservice/ChannelCredsConfig.java Interface for credential config identity/equality.
xds/src/main/java/io/grpc/xds/internal/grpcservice/CachedChannelManager.java Per-filter cache for ManagedChannel keyed by target + creds config.
xds/src/main/java/io/grpc/xds/internal/grpcservice/AllowedGrpcServices.java Container for parsed allowed_grpc_services entries.
xds/src/main/java/io/grpc/xds/internal/grpcservice/AllowedGrpcService.java Single allowed service entry (override creds/call creds).
xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzParseException.java Parse exception for ext_authz parsing.
xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfigParser.java Parses Envoy ExtAuthz into an internal config model.
xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfig.java Immutable ext_authz config model.
xds/src/main/java/io/grpc/xds/internal/MatcherParser.java Adds parsing for Envoy FractionalPercent to internal matcher type.
xds/src/main/java/io/grpc/xds/client/BootstrapperImpl.java Wires bootstrap parsing hook for allowed_grpc_services.
xds/src/main/java/io/grpc/xds/client/Bootstrapper.java Adds allowedGrpcServices() field to bootstrap info (opaque type).
xds/src/main/java/io/grpc/xds/GrpcBootstrapperImpl.java Implements allowed_grpc_services parsing and wraps channel creds with config identity.
xds/src/test/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesParserTest.java Tests parsing of header mutation rules and invalid regex behavior.
xds/src/test/java/io/grpc/xds/internal/headermutations/HeaderMutationRulesConfigTest.java Tests builder defaults and field setting for header mutation config.
xds/src/test/java/io/grpc/xds/internal/grpcservice/HeaderValueValidationUtilsTest.java Tests header ignore/validation behavior (key + value/raw length rules).
xds/src/test/java/io/grpc/xds/internal/grpcservice/HeaderValueTest.java Tests HeaderValue creation for string vs raw values.
xds/src/test/java/io/grpc/xds/internal/grpcservice/GrpcServiceXdsContextTestUtil.java Provides dummy GrpcServiceXdsContextProvider for parser tests.
xds/src/test/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfigParserTest.java Tests GrpcService parsing, creds selection, untrusted override behavior, timeout, call-creds security gating.
xds/src/test/java/io/grpc/xds/internal/grpcservice/CachedChannelManagerTest.java Tests channel caching and shutdown behavior on config changes/close.
xds/src/test/java/io/grpc/xds/internal/extauthz/ExtAuthzConfigParserTest.java Tests ext_authz parsing including header mutation rules and matchers.
xds/src/test/java/io/grpc/xds/internal/MatcherParserTest.java Tests parsing of string matchers and fractional percent denominators.
xds/src/test/java/io/grpc/xds/GrpcBootstrapperImplTest.java Adds tests for parsing bootstrap allowed_grpc_services.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@kannanjgithub
Copy link
Copy Markdown
Contributor

kannanjgithub commented Mar 24, 2026

The review by Co-pilot seems to have all valid points. Please fix them.

sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 25, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
c489859
@sauravzg sauravzg force-pushed the feat/cached-channel branch from 75f7130 to 87a2b49 Compare March 25, 2026 11:32
@sauravzg
Copy link
Copy Markdown
Collaborator Author

sauravzg commented Mar 25, 2026

@kannanjgithub All copilot comments have either been addressed in #12492 or #12690

sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 25, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
82bbfae
@sauravzg sauravzg force-pushed the feat/cached-channel branch from 87a2b49 to 76d678b Compare March 25, 2026 13:05
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 25, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
8e8da61
@sauravzg sauravzg force-pushed the feat/cached-channel branch from 76d678b to b47fa3f Compare March 25, 2026 14:28
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 30, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
5820baf
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 30, 2026
@sauravzg
Fixup grpc#12690: Improve coverage for CachedChannelManager
997c65d
@sauravzg sauravzg force-pushed the feat/cached-channel branch from b47fa3f to 997c65d Compare March 30, 2026 18:45
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 31, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
a307a18
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 31, 2026
@sauravzg
Fixup grpc#12690: Improve coverage for CachedChannelManager
544dfa2
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 31, 2026
@sauravzg
Fixup grpc#12690: Fix build breakage due to movement of parsers and s…
0b9203a 
…hared objects
@sauravzg sauravzg force-pushed the feat/cached-channel branch from 997c65d to 0b9203a Compare March 31, 2026 13:03
@sauravzg
Fixup 12492: Eliminate cyclic dependencies
d59c705 
- Move the parser objects up to `io.grpc.xds`
- Move some common objects to `io.grpc.xds.client`
@sauravzg sauravzg force-pushed the feat/cached-channel branch from 0b9203a to f2028ce Compare March 31, 2026 13:07
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 31, 2026
@sauravzg
Fixup: grpc#12690: Add VisibleForTesting
4e887eb
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 31, 2026
@sauravzg
Fixup grpc#12690: Improve coverage for CachedChannelManager
467de12
sauravzg added a commit to sauravzg/grpc-java that referenced this pull request Mar 31, 2026
@sauravzg
Fixup grpc#12690: Fix build breakage due to movement of parsers and s…
f2028ce 
…hared objects
@sauravzg
Copy link
Copy Markdown
Collaborator Author

sauravzg commented Apr 1, 2026

/gemini review

gemini-code-assist[bot]
gemini-code-assist bot reviewed Apr 1, 2026
View reviewed changes
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces support for the ext_authz (External Authorization) filter and the allowed_grpc_services field in the xDS bootstrap. It includes new parsers for ExtAuthz and GrpcService protos, internal configuration models for header mutations and matchers, and a CachedChannelManager to manage the lifecycle of gRPC channels used by the authorization service. Feedback was provided regarding the synchronization strategy in CachedChannelManager, suggesting that creating ManagedChannel instances outside of the synchronized block could prevent potential performance bottlenecks during configuration updates.

@sauravzg sauravzg force-pushed the feat/cached-channel branch from f2028ce to 70cf92c Compare April 1, 2026 13:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@kannanjgithub kannanjgithub kannanjgithub approved these changes

@AgraVator AgraVator Awaiting requested review from AgraVator

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sauravzg @kannanjgithub