8000 Implementation of GEP-3567 - TLS Updates for Connection Coalescing by robscott · Pull Request #3630 · kubernetes-sigs/gateway-api · GitHub
[go: up one dir, main page]
Skip to content

Implementation of GEP-3567 - TLS Updates for Connection Coalescing #3630

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Feb 27, 2025
Merged

Implementation of GEP-3567 - TLS Updates for Connection Coalescing #3630

merged 2 commits into from
Feb 27, 2025

Conversation

robscott
Copy link
Member

What type of PR is this?
/kind feature

What this PR does / why we need it:
This contains the initial implementation of GEP #3567 as an attempt to improve Gateway API's interaction with connection coalescing.

Does this PR introduce a user-facing change?:

* A new `OverlappingTLSConfig` condition has been added to Gateway Listeners to indicate situations where Connection Coalescing could be problematic
* The Gateway specification for handling Hostname and SNI matching for HTTPS requests has been clarified and now recommends that implementations return 421 responses in certain cases

/cc @mlavacca @howardjohn @youngnick @arkodg @htuch

@k8s-ci-robot k8s-ci-robot added kind/feature Categorizes issue or PR as related to a new feature. release-note Denotes a PR that will be considered when it comes time to generate release notes. labels Feb 25, 2025
@k8s-ci-robot
Copy link
Contributor

@robscott: GitHub didn't allow me to request PR reviews from the following users: htuch.

Note that only kubernetes-sigs members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

What type of PR is this?
/kind feature

What this PR does / why we need it:
This contains the initial implementation of GEP #3567 as an attempt to improve Gateway API's interaction with connection coalescing.

Does this PR introduce a user-facing change?:

* A new `OverlappingTLSConfig` condition has been added to Gateway Listeners to indicate situations where Connection Coalescing could be problematic
* The Gateway specification for handling Hostname and SNI matching for HTTPS requests has been clarified and now recommends that implementations return 421 responses in certain cases

/cc @mlavacca @howardjohn @youngnick @arkodg @htuch

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/gep PRs related to Gateway Enhancement Proposal(GEP) size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Feb 25, 2025
@robscott robscott force-pushed the gep-3567-impl branch 2 times, most recently from 1eee337 to 03fddca Compare February 25, 2025 07:38
@shaneutt
Copy link
Member

/cc

@arkodg
Copy link
Contributor
arkodg commented Feb 25, 2025

hey @robscott ive been recommending users to set the ALPN to http/1.1 to workaround this , is this something that should also be added to the API

howardjohn
howardjohn reviewed Feb 25, 2025
View reviewed changes
kflynn
kflynn reviewed Feb 26, 2025
View reviewed changes
@kflynn
Copy link
Contributor
kflynn commented Feb 26, 2025

Couple of small tweaks that I'd like to see included, but this basically looks good to me. Holding to see if @robscott agrees with the tweaks.

/lgtm
/hold

@k8s-ci-robot k8s-ci-robot added lgtm "Looks good to me", indicates that a PR is ready to be merged. and removed lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Feb 26, 2025
@robscott robscott force-pushed the gep-3567-impl branch 2 times, most recently from 9cab23a to c4a02a3 Compare February 26, 2025 04:39
rostislavbobo
rostislavbobo approved these changes Feb 26, 2025
View reviewed changes
Copy link
Member
@rostislavbobo rostislavbobo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @robscott ! Added a couple of minor comments, but overall, LGTM

shaneutt
shaneutt approved these changes Feb 26, 2025
View reviewed changes
Copy link
Member
@shaneutt shaneutt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thanks Rob.

I have two comments I would like to see resolved, and then once everyone else's current comments are resolved I think it looks good.

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: robscott, rostislavbobo, shaneutt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 26, 2025
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 26, 2025
@robscott
Copy link
Member Author

Thanks for all the great feedback everyone! I've resolved all comments, PTAL. Removing the hold so the next LGTM gets this in since I think we have consensus on this approach now.

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 26, 2025
kflynn
kflynn reviewed Feb 26, 2025
View reviewed changes
@youngnick
Copy link
Contributor

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 26, 2025
@kflynn
Copy link
Contributor
kflynn commented Feb 26, 2025

I left one question that I don't think should block this. Thanks for sticking with this, @robscott! 🙂

/lgtm

@robscott
Copy link
Member Author

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 26, 2025
@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 27, 2025
@robscott
Copy link
Member Author

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 27, 2025
@kflynn
Copy link
Contributor
kflynn commented Feb 27, 2025

/lgtm

Thanks! 🙂

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 27, 2025
@k8s-ci-robot k8s-ci-robot merged commit a81afe0 into kubernetes-sigs:main Feb 27, 2025
13 checks passed
@robscott robscott added this to the v1.3.0 milestone Feb 27, 2025
EyalPazz pushed a commit to EyalPazz/gateway-api that referenced this pull request Feb 27, 2025
@robscott @EyalPazz
Implementation of GEP-3567 - TLS Updates for Connection Coalescing (k…
2047991 
…ubernetes-sigs#3630)

* Implementation of GEP-3567 - TLS Updates for Connection Coalescing

* Responses to PR feedback
EyalPazz pushed a commit to EyalPazz/gateway-api that referenced this pull request Feb 27, 2025
@robscott @EyalPazz
Implementation of GEP-3567 - TLS Updates for Connection Coalescing (k…
cf8fc2f 
…ubernetes-sigs#3630)

* Implementation of GEP-3567 - TLS Updates for Connection Coalescing

* Responses to PR feedback
@rostislavbobo rostislavbobo mentioned this pull request Aug 18, 2025
Closed
11 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shaneutt shaneutt shaneutt approved these changes

@mlavacca mlavacca Awaiting requested review from mlavacca

@youngnick youngnick Awaiting requested review from youngnick

@arkodg arkodg Awaiting requested review from arkodg

+3 more reviewers

@howardjohn howardjohn howardjohn left review comments

@kflynn kflynn kflynn left review comments

@rostislavbobo rostislavbobo rostislavbobo approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@kflynn kflynn

@youngnick youngnick

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. 5FC7 kind/feature Categorizes issue or PR as related to a new feature. kind/gep PRs related to Gateway Enhancement Proposal(GEP) lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
v1.3.0
Development

Successfully merging this pull request may close these issues.
8 participants
@robscott @k8s-ci-robot @shaneutt @arkodg @kflynn @youngnick @howardjohn @rostislavbobo
0