api: add API_VERSIONING.md. #8399
Conversation
This captures the API versioning guidelines implied by https://docs.google.com/document/d/1xeVvJ6KjFBkNjVspPbY_PwEDHC7XPi0J5p1SqUXcCl8/edit#heading=h.xgk8xel154p and splits apart the Envoy API and internal implementation breaking change policies. Some of the policy decisions (e.g. not allowing vNalpha to be hand edited, how we do manual breaking changes, etc.) have been added to these guidelines based on recent experience with protoxform and mechanical major version upgrade work, they are not part of the original stable API versioning work. Risk level: Low Testing: Formatting and docs build. Fixes envoyproxy#8371 Signed-off-by: Harvey Tuch <[email protected]>
|
CC @markdroth @dfawley (please tag Eric as well, I forget his GH username) for review as well, thanks. This largely formalizes the earlier work on the stable versioning Doc, and makes it accessible to Envoy devs. There have been some changes to flow based on how this policy is likely to work out for v3. |
| `envoy.config.bootstrap.v4`. The `envoy.config.bootstrap.v3` package will become the previous stable | ||
| major version and support for `envoy.config.bootstrap.v2` will be dropped from the Envoy | ||
| implementation. Note that some transitively referenced package, e.g. | ||
| `envoy.config.filter.network.foo.v2` may remain at version 2 during this release, if no changes were |
There was a problem hiding this comment.
Is there any reason not to bump the version number of all packages when we introduce a new major version, even if the protos themselves did not change? It seems like that might make the dependency story a bit easier to deal with.
There was a problem hiding this comment.
Yeah. I think this will be too cumbersome to management server vendors. We have O(100) protos. If we ask management server vendors to rewrite their logic for O(100) protos on each major version upgrade, this is a lot more expensive than rewriting for O(10) protos.
Within Envoy, we plan on doing some fancy reflection gymnastics to do runtime rewriting from v2 to v3alpha (I'm working on this right now), when API messages are mostly unchanged. Internally, Envoy will always consume from the latest API, e.g. v3alpha. I think it's not reasonable to expect every management server to invent clever techniques like this though, we should assume the bulk of them will cope with churn via manual toil.
| There will be no major `vN` initiative to address technical debt beyond that enabled by the above | ||
| process. | ||
|
|
||
| # One Definition Rule (ODR) |
There was a problem hiding this comment.
If the major version is always part of the package name, doesn't that prevent ODR violations? I don't quite understand the problem here -- can you give a concrete example to illustrate?
There was a problem hiding this comment.
envoy.foo.v4 refers to envoy.bar.v4 and envoy.baz.v3. envoy.bar.v4 refers to envoy.blah.v2 while envoy.baz.v3 refers to envoy.blah.v3. Voila, transitively envoy.foo.v4 references envoy.blah.v2 and envoy.blah.v3.
There was a problem hiding this comment.
Sure, but since envoy.blah.v2 and envoy.blah.v3 are different namespaces, how does that cause an ODR violation?
There was a problem hiding this comment.
It doesn't at a C++ level, but it does at a higher level, since by allowing these multiple definitions, envoy.blah now needs to maintain an arbitrary number of stable versions, rather than just the trailing two versions. That includes all the code backing these versions. By forcing an "ODR-style" rule here, we avoid this quagmire.
Signed-off-by: Harvey Tuch <[email protected]>
Signed-off-by: Harvey Tuch <[email protected]>
| minimize API churn by deferring application of discretionary changes until a major version cycle | ||
| where the respective message is undergoing a mandatory change. | ||
|
|
||
| The Envoy API structure helps with minimizing churn between versions. Developers should architect |
There was a problem hiding this comment.
@alyssawilk I think this covers what we discussed the other day, an advisory statement on organizing to minimize churn.
Signed-off-by: Harvey Tuch <[email protected]>
| In everyday discussion and GitHub labels, we refer to the `v2`, `v3`, `vN`, `...` APIs. This has a | ||
| specific technical meaning. Any given message in the Envoy API, e.g. the `Bootstrap` at | ||
| `envoy.config.bootstrap.v3.Boostrap`, will transitively reference a number of packages in the Envoy | ||
| API. These may be at `vN`, `v(N-1)`, etc. The Envoy API is technically a DAG of versioned package |
There was a problem hiding this comment.
I think whole paragraph might be usefully replaced with an example set of configurations.
There was a problem hiding this comment.
I think we'll have something more tangible to put here once we have the final cut of the v3alpha API and have updated the Envoy config examples, so I suggest punting until then.
Signed-off-by: Harvey Tuch <[email protected]>
|
I chatted with @alyssawilk and she's happy with this PR, so if I don't get any more feedback I'll merge in a couple of hours. |
Signed-off-by: Harvey Tuch <[email protected]>
This captures the API versioning guidelines implied by https://docs.google.com/document/d/1xeVvJ6KjFBkNjVspPbY_PwEDHC7XPi0J5p1SqUXcCl8/edit#heading=h.xgk8xel154p and splits apart the Envoy API and internal implementation breaking change policies. Some of the policy decisions (e.g. not allowing vNalpha to be hand edited, how we do manual breaking changes, etc.) have been added to these guidelines based on recent experience with protoxform and mechanical major version upgrade work, they are not part of the original stable API versioning work. Risk level: Low Testing: Formatting and docs build. Fixes envoyproxy#8371 Signed-off-by: Harvey Tuch <[email protected]>
This captures the API versioning guidelines implied by https://docs.google.com/document/d/1xeVvJ6KjFBkNjVspPbY_PwEDHC7XPi0J5p1SqUXcCl8/edit#heading=h.xgk8xel154p and splits apart the Envoy API and internal implementation breaking change policies. Some of the policy decisions (e.g. not allowing vNalpha to be hand edited, how we do manual breaking changes, etc.) have been added to these guidelines based on recent experience with protoxform and mechanical major version upgrade work, they are not part of the original stable API versioning work. Risk level: Low Testing: Formatting and docs build. Fixes envoyproxy#8371 Signed-off-by: Harvey Tuch <[email protected]>
This captures the API versioning guidelines implied by
https://docs.google.com/document/d/1xeVvJ6KjFBkNjVspPbY_PwEDHC7XPi0J5p1SqUXcCl8/edit#heading=h.xgk8xel154p (from #6271)
and splits apart the Envoy API and internal implementation breaking change policies.
Some of the policy decisions (e.g. not allowing vNalpha to be hand edited, how we do manual breaking
changes, etc.) have been added to these guidelines based on recent experience with protoxform and
mechanical major version upgrade work, they are not part of the original stable API versioning work.
Risk level: Low
Testing: Formatting and docs build.
Fixes #8371
Signed-off-by: Harvey Tuch [email protected]