dynamic_modules: remote source: add nack_on_cache_miss#44044
Merged
wbpcode merged 4 commits intoenvoyproxy:mainfrom Mar 30, 2026
Merged
dynamic_modules: remote source: add nack_on_cache_miss#44044wbpcode merged 4 commits intoenvoyproxy:mainfrom
wbpcode merged 4 commits intoenvoyproxy:mainfrom
Conversation
Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com>
Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com>
Contributor
Author
|
/retest |
Contributor
Author
|
/gemini review |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Code Review
This pull request introduces the nack_on_cache_miss option for remote dynamic modules, enabling a non-blocking loading mechanism suitable for ECDS and per-route configurations. The changes are well-implemented, including clear documentation in the protobuf definition, a corresponding changelog entry, and a comprehensive set of tests that cover success, failure, and edge-case scenarios. The overall approach is sound. I have one minor suggestion to optimize a section of the code for better performance and readability.
Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com>
kanurag94
requested review from
agrawroh,
mathetake,
mattklein123 and
wbpcode
as code owners
|
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to |
wbpcode
reviewed
Mar 26, 2026
Comment on lines
+240
to
+249
| void DynamicModuleConfigFactory::BackgroundFetchState::onSuccess(const std::string& data) { | ||
| auto result = Extensions::DynamicModules::newDynamicModuleFromBytes(data, sha256_, do_not_close_, | ||
| load_globally_); | ||
| if (!result.ok()) { | ||
| ENVOY_LOG(error, "Failed to load background-fetched module: {}", result.status().message()); | ||
| } else { | ||
| ENVOY_LOG(info, "Background fetch complete, module cached for SHA256 {}", sha256_); | ||
| } | ||
| completed_ = true; | ||
| } |
Member
There was a problem hiding this comment.
I guess the background fetcher only need to fetch the data, validate its hash, and write it to local file. We needn't try to load it because it make no sense I think?
Contributor
Author
There was a problem hiding this comment.
Make sense. It would have no real meaning. Thanks for catching this
wbpcode
reviewed
Mar 26, 2026
Member
wbpcode
left a comment
wbpcode
left a comment
There was a problem hiding this comment.
I will say, great. Thanks for this great contribution and only two comments.
/wait
Comment on lines
+79
to
+84
| // This lives on the factory (rather than a singletonManager singleton) because | ||
| // REGISTER_FACTORY already makes the factory a process-lifetime singleton, so a | ||
| // separate registration would just be boilerplate for the same semantics. | ||
| // Entries are erased in createFilterFactory(), never inside a fetch callback, | ||
| // which means the RemoteDataFetcher is never destroyed while it's still running. | ||
| absl::flat_hash_map<std::string, std::unique_ptr<BackgroundFetchState>> background_fetches_; |
Member
There was a problem hiding this comment.
I guess we can make this a singleton because in the future, we may want to support similar feature for other dynamic modules (like network filter dym, logger dym and so on)
Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com>
TAOXUY
pushed a commit
to TAOXUY/envoy
that referenced
this pull request
Apr 1, 2026
) <!-- !!!ATTENTION!!! If you are fixing *any* crash or *any* potential security issue, *do not* open a pull request in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately. Thank you in advance for helping to keep Envoy secure. !!!ATTENTION!!! For an explanation of how to fill out the fields, please see the relevant section in [PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md) !!!ATTENTION!!! Please check the [use of generative AI policy](https://github.com/envoyproxy/envoy/blob/main/CONTRIBUTING.md?plain=1#L41). You may use generative AI only if you fully understand the code. You need to disclose this usage in the PR description to ensure transparency. --> **Commit Message:** dynamic_modules: add nack_on_cache_miss for remote module sources **Additional Description:** This PR adds support for nacking a configuration if the dynamic module is not fetched and start a background fetch. The module may become available in the next config push and ready to use from cache. Entries are keyed by sha256 so that multiple listeners can use the same fetch. The cache lives inside the factory and is safe to be used across listeners. Completed entries are cleaned up on the next `createFilterFactory()` and not during a fetch callback. So that the `RemoteDataFetcher` is not destroyed mid-fetch. **Risk Leve**l: Low **Testing:** Unit tests added. Manually validated **Docs Changes**: Proto changes included **Release Notes:** Added [Optional Runtime guard:] [Optional Fixes #Issue] [Optional Fixes commit #PR or SHA] [Optional Deprecated:] [Optional [API Considerations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md):] --------- Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com> Signed-off-by: Xuyang Tao <taoxuy@google.com>
citrus7
pushed a commit
to citrus7/envoy
that referenced
this pull request
Apr 1, 2026
) <!-- !!!ATTENTION!!! If you are fixing *any* crash or *any* potential security issue, *do not* open a pull request in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately. Thank you in advance for helping to keep Envoy secure. !!!ATTENTION!!! For an explanation of how to fill out the fields, please see the relevant section in [PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md) !!!ATTENTION!!! Please check the [use of generative AI policy](https://github.com/envoyproxy/envoy/blob/main/CONTRIBUTING.md?plain=1#L41). You may use generative AI only if you fully understand the code. You need to disclose this usage in the PR description to ensure transparency. --> **Commit Message:** dynamic_modules: add nack_on_cache_miss for remote module sources **Additional Description:** This PR adds support for nacking a configuration if the dynamic module is not fetched and start a background fetch. The module may become available in the next config push and ready to use from cache. Entries are keyed by sha256 so that multiple listeners can use the same fetch. The cache lives inside the factory and is safe to be used across listeners. Completed entries are cleaned up on the next `createFilterFactory()` and not during a fetch callback. So that the `RemoteDataFetcher` is not destroyed mid-fetch. **Risk Leve**l: Low **Testing:** Unit tests added. Manually validated **Docs Changes**: Proto changes included **Release Notes:** Added [Optional Runtime guard:] [Optional Fixes #Issue] [Optional Fixes commit #PR or SHA] [Optional Deprecated:] [Optional [API Considerations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md):] --------- Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com> Signed-off-by: Jonathan Wu <jtwu@google.com>
nshipilov
pushed a commit
to nshipilov/envoy
that referenced
this pull request
Apr 13, 2026
) <!-- !!!ATTENTION!!! If you are fixing *any* crash or *any* potential security issue, *do not* open a pull request in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately. Thank you in advance for helping to keep Envoy secure. !!!ATTENTION!!! For an explanation of how to fill out the fields, please see the relevant section in [PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md) !!!ATTENTION!!! Please check the [use of generative AI policy](https://github.com/envoyproxy/envoy/blob/main/CONTRIBUTING.md?plain=1#L41). You may use generative AI only if you fully understand the code. You need to disclose this usage in the PR description to ensure transparency. --> **Commit Message:** dynamic_modules: add nack_on_cache_miss for remote module sources **Additional Description:** This PR adds support for nacking a configuration if the dynamic module is not fetched and start a background fetch. The module may become available in the next config push and ready to use from cache. Entries are keyed by sha256 so that multiple listeners can use the same fetch. The cache lives inside the factory and is safe to be used across listeners. Completed entries are cleaned up on the next `createFilterFactory()` and not during a fetch callback. So that the `RemoteDataFetcher` is not destroyed mid-fetch. **Risk Leve**l: Low **Testing:** Unit tests added. Manually validated **Docs Changes**: Proto changes included **Release Notes:** Added [Optional Runtime guard:] [Optional Fixes #Issue] [Optional Fixes commit #PR or SHA] [Optional Deprecated:] [Optional [API Considerations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md):] --------- Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com> Signed-off-by: Nick Shipilov <nick.shipilov.n@gmail.com>
krinkinmu
pushed a commit
to grnmeira/envoy
that referenced
this pull request
Apr 20, 2026
) <!-- !!!ATTENTION!!! If you are fixing *any* crash or *any* potential security issue, *do not* open a pull request in this repo. Please report the issue via emailing envoy-security@googlegroups.com where the issue will be triaged appropriately. Thank you in advance for helping to keep Envoy secure. !!!ATTENTION!!! For an explanation of how to fill out the fields, please see the relevant section in [PULL_REQUESTS.md](https://github.com/envoyproxy/envoy/blob/main/PULL_REQUESTS.md) !!!ATTENTION!!! Please check the [use of generative AI policy](https://github.com/envoyproxy/envoy/blob/main/CONTRIBUTING.md?plain=1#L41). You may use generative AI only if you fully understand the code. You need to disclose this usage in the PR description to ensure transparency. --> **Commit Message:** dynamic_modules: add nack_on_cache_miss for remote module sources **Additional Description:** This PR adds support for nacking a configuration if the dynamic module is not fetched and start a background fetch. The module may become available in the next config push and ready to use from cache. Entries are keyed by sha256 so that multiple listeners can use the same fetch. The cache lives inside the factory and is safe to be used across listeners. Completed entries are cleaned up on the next `createFilterFactory()` and not during a fetch callback. So that the `RemoteDataFetcher` is not destroyed mid-fetch. **Risk Leve**l: Low **Testing:** Unit tests added. Manually validated **Docs Changes**: Proto changes included **Release Notes:** Added [Optional Runtime guard:] [Optional Fixes #Issue] [Optional Fixes commit #PR or SHA] [Optional Deprecated:] [Optional [API Considerations](https://github.com/envoyproxy/envoy/blob/main/api/review_checklist.md):] --------- Signed-off-by: Anurag Aggarwal <kanurag94@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Commit Message: dynamic_modules: add nack_on_cache_miss for remote module sources
Additional Description:
This PR adds support for nacking a configuration if the dynamic module is not fetched and start a background fetch. The module may become available in the next config push and ready to use from cache.
Entries are keyed by sha256 so that multiple listeners can use the same fetch. The cache lives inside the factory and is safe to be used across listeners. Completed entries are cleaned up on the next
createFilterFactory()and not during a fetch callback. So that theRemoteDataFetcheris not destroyed mid-fetch.Risk Level: Low
Testing: Unit tests added. Manually validated
Docs Changes: Proto changes included
Release Notes: Added
[Optional Runtime guard:]
[Optional Fixes #Issue]
[Optional Fixes commit #PR or SHA]
[Optional Deprecated:]
[Optional API Considerations:]