Support Envoy's MaxEjectionPercent and BaseEjectionTime config entries for passive health checks #15979
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
theme/api
|
@analogue I assume a consul-k8s crd update is also in order? |
Yep, that is coming up next 😄. |
boruszak
approved these changes
Jan 17, 2023
There was a problem hiding this comment.
I reviewed 15979.txt, service-defaults.mdx, and envoy.mdx for edits to the documentation.
Overall LGTM. Confirm that the descriptions match phrasing before merging. Let me know if you have any questions or need any additional assistance.
Approving on behalf of consul-docs.
Comment on lines
+554
to
+558
| name: 'MaxEjectionPercent', | ||
| type: 'int: 10', | ||
| description: `Measured in percent (%), the maximum percentage of hosts that can be ejected | ||
| from a upstream cluster due to passive health check failures. If not specified, inherits | ||
| Envoy's default of 10% or at least one host.`, |
There was a problem hiding this comment.
Suggested change
| name: 'MaxEjectionPercent', | |
| type: 'int: 10', | |
| description: `Measured in percent (%), the maximum percentage of hosts that can be ejected | |
| from a upstream cluster due to passive health check failures. If not specified, inherits | |
| Envoy's default of 10% or at least one host.`, | |
| name: 'MaxEjectionPercent', | |
| type: 'int: 10', | |
| description: `Measured in percent (%), the maximum percentage of hosts that can be ejected | |
| from an upstream cluster due to passive health check failures. If not specified, inherits | |
| Envoy's default value of 10. Ejects at least one host when set to a non-zero value.`, |
Two suggestions:
- Don't use the % in the second sentence. The type is an integer and you already say "measured in percent" - so the default is
10nor10%. - I understand the "At least one host" statement, but the phrasing is a little muddled. The idea is that if the Max Ejection percent is set to 10 but there's only three hosts in the cluster, the percent is less than a single host makes up in the deployment. So at least one host must be ejected when the value is not 0. Feel free to adjust or reject if you disagree with my phrasing or understanding.
Comment on lines
+561
to
+565
| name: 'BaseEjectionTime', | ||
| type: 'duration: 30s', | ||
| description: `The base time that a host is ejected for. The real time is equal to the base | ||
| time multiplied by the number of times the host has been ejected and is capped by | ||
| max_ejection_time (Default 300s). If not speficied, inherits Envoy's default value of 30s.`, |
There was a problem hiding this comment.
Suggested change
| name: 'BaseEjectionTime', | |
| type: 'duration: 30s', | |
| description: `The base time that a host is ejected for. The real time is equal to the base | |
| time multiplied by the number of times the host has been ejected and is capped by | |
| max_ejection_time (Default 300s). If not speficied, inherits Envoy's default value of 30s.`, | |
| name: 'BaseEjectionTime', | |
| type: 'duration: 30s', | |
| description: `The base time that a host is ejected for. The real time is equal to the base | |
| time multiplied by the number of times the host has been ejected and is capped by | |
| `max_ejection_time` (default 300s) in the [Envoy proxy configuration](/consul/docs/connect/proxies/envoy#ejection). If not specified, inherits Envoy's default value of 30s.`, |
Added a link directly to the values.
I curious what you mean by "real time" - is that word set in stone on your end? If not, I'd be more descriptive - e.g., "The amount of time that elapses before an ejected host can rejoin the cluster is equal to the base time multiplied by..."
Comment on lines
+719
to
+731
| name: 'MaxEjectionPercent', | ||
| type: 'int: 10', | ||
| description: `Measured in percent (%), the maximum percentage of hosts that can be ejected | ||
| from a upstream cluster due to passive health check failures. If not specified, inherits | ||
| Envoy's default of 10% or at least one host.`, | ||
| }, | ||
| { | ||
| name: 'BaseEjectionTime', | ||
| type: 'duration: 30s', | ||
| description: `The base time that a host is ejected for. The real time is equal to the base | ||
| time multiplied by the number of times the host has been ejected and is capped by | ||
| max_ejection_time (Default 300s). If not speficied, inherits Envoy's default value of 30s.`, | ||
| }, |
There was a problem hiding this comment.
Suggested change
| name: 'MaxEjectionPercent', | |
| type: 'int: 10', | |
| description: `Measured in percent (%), the maximum percentage of hosts that can be ejected | |
| from a upstream cluster due to passive health check failures. If not specified, inherits | |
| Envoy's default of 10% or at least one host.`, | |
| }, | |
| { | |
| name: 'BaseEjectionTime', | |
| type: 'duration: 30s', | |
| description: `The base time that a host is ejected for. The real time is equal to the base | |
| time multiplied by the number of times the host has been ejected and is capped by | |
| max_ejection_time (Default 300s). If not speficied, inherits Envoy's default value of 30s.`, | |
| }, | |
| name: 'MaxEjectionPercent', | |
| type: 'int: 10', | |
| description: `Measured in percent (%), the maximum percentage of hosts that can be ejected | |
| from an upstream cluster due to passive health check failures. If not specified, inherits | |
| Envoy's default value of 10. Ejects at least one host when set to a non-zero value.`, | |
| }, | |
| { | |
| name: 'BaseEjectionTime', | |
| type: 'duration: 30s', | |
| description: The base time that a host is ejected for. The real time is equal to the base | |
| time multiplied by the number of times the host has been ejected and is capped by | |
| `max_ejection_time` (default 300s) in the [Envoy proxy configuration](/consul/docs/connect/proxies/envoy#ejection). If not specified, inherits Envoy's default value of 30s.`, | |
| }, |
Suggestion to match previous edits
Comment on lines
+411
to
+417
| - `max_ejection_percent` - The maximum percentage of hosts that can be ejected | ||
| from a upstream cluster due to passive health check failures. If not specified, | ||
| inherits Envoy's default of 10% or at least one host. | ||
| - `base_ejection_time` - The base time that a host is ejected for. The real | ||
| time is equal to the base time multiplied by the number of times the host has | ||
| been ejected and is capped by max_ejection_time (Default 300s). If not | ||
| speficied, inherits Envoy's default value of 30s. |
There was a problem hiding this comment.
Suggested change
| - `max_ejection_percent` - The maximum percentage of hosts that can be ejected | |
| from a upstream cluster due to passive health check failures. If not specified, | |
| inherits Envoy's default of 10% or at least one host. | |
| - `base_ejection_time` - The base time that a host is ejected for. The real | |
| time is equal to the base time multiplied by the number of times the host has | |
| been ejected and is capped by max_ejection_time (Default 300s). If not | |
| speficied, inherits Envoy's default value of 30s. | |
| <a name="ejection"/> | |
| - `max_ejection_percent` - The maximum percentage of hosts that can be ejected | |
| from an upstream cluster when passive health checks fail. If not specified, | |
| inherits Envoy's default value of 10. Ejects at least one host when set to a non-zero value. | |
| - `base_ejection_time` - The base time that a host is ejected for. The amount of time that elapses before an ejected host can rejoin the cluster is equal to the base time multiplied by the number of times the host has | |
| been ejected, and is capped by `max_ejection_time` (default 300s). If not | |
| specified, inherits Envoy's default value of 30s. |
hashi-derek
approved these changes
Jan 18, 2023
|
This pull request has been automatically flagged for inactivity because it has not been acted upon in the last 60 days. It will be closed if no new activity occurs in the next 30 days. Please feel free to re-open to resurrect the change if you feel this has happened by mistake. Thank you for your contributions. |
github-actions
bot
added
the
meta/stale
added 2 commits
April 26, 2023 08:24
david-yu
added
the
backport/1.15
|
Added backport/1.15 since 1.15 is now out. |
|
Looks like this did not backport at all for 1.14 and 1.15. |
|
Thank you for this feature but can we also document it on https://developer.hashicorp.com/consul/docs/v1.14.x/connect/proxies/envoy#passive_health_check? Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
WAN federated clusters are not able to failover all traffic from one datacenter to another via passive healthchecks when the control plane is down without being able to set
MaxEjectionPercentto 100%.BaseEjectionTimejust provides additional configurability on the backoff interval until the max ejection interval is hit.Testing & Reproduction steps
PR Checklist