feat: support listener/routes in post translate hook level #6524

Xunzhuo · 2025-07-15T03:11:33Z

What type of PR is this?

feat: support listener/routes in post translate hook level

Which issue(s) this PR fixes:

Fixes #6523

Release Notes: Yes

codecov · 2025-07-15T03:20:03Z

Codecov Report

Attention: Patch coverage is 89.21569% with 11 lines in your changes missing coverage. Please review.

Project coverage is 71.09%. Comparing base (268aef8) to head (f7c4749).
Report is 4 commits behind head on main.

Files with missing lines	Patch %	Lines
api/v1alpha1/envoygateway_helpers.go	58.33%	8 Missing and 2 partials ⚠️
internal/extension/registry/xds_hook.go	87.50%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #6524      +/-   ##
==========================================
+ Coverage   71.05%   71.09%   +0.03%     
==========================================
  Files         220      220              
  Lines       37892    37965      +73     
==========================================
+ Hits        26926    26990      +64     
- Misses       9393     9399       +6     
- Partials     1573     1576       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

mathetake

looks good to me but maybe leave a TODO about subsetting the resources (e.g. selecting clusters by labels etc) sent via PostTranslateModify since the request/response will be potentially a few mb-tens of mb ?

Xunzhuo · 2025-07-16T03:50:36Z

new approach has been tested in envoyproxy/ai-gateway@03573fd and it worked well.

enablePostTranslateListenersAndRoutes API looks like:

apiVersion: v1
kind: ConfigMap
metadata:
  name: envoy-gateway-config
  namespace: "envoy-gateway-system"
  labels:
    helm.sh/chart: gateway-helm-v0.0.0-latest
    app.kubernetes.io/name: gateway-helm
    app.kubernetes.io/instance: eg
    app.kubernetes.io/version: "latest"
    app.kubernetes.io/managed-by: Helm
data:
  envoy-gateway.yaml: |
    apiVersion: gateway.envoyproxy.io/v1alpha1
    kind: EnvoyGateway
    gateway:
      controllerName: gateway.envoyproxy.io/gatewayclass-controller
    logging:
      level:
        default: info
    provider:
      kubernetes:
        rateLimitDeployment:
          patch:
            type: StrategicMerge
            value:
              spec:
                template:
                  spec:
                    containers:
                    - imagePullPolicy: IfNotPresent
                      name: envoy-ratelimit
                      image: docker.io/envoyproxy/ratelimit:60d8e81b
      type: Kubernetes
    extensionApis:
      enableEnvoyPatchPolicy: true
      enableBackend: true
    extensionManager:
      backendResources:
        - group: inference.networking.x-k8s.io
          kind: InferencePool
          version: v1alpha2
      hooks:
        enablePostTranslateListenersAndRoutes: true
        xdsTranslator:
          post:
            - Translation
            - Cluster
            - Route
      service:
        fqdn:
          hostname: ai-gateway-controller.envoy-ai-gateway-system.svc.cluster.local
          port: 1063
    rateLimit:
      backend:
        type: Redis
        redis:
          url: redis.redis-system.svc.cluster.local:6379

arkodg · 2025-07-16T23:59:58Z

api/v1alpha1/envoygateway_types.go

@@ -576,6 +576,15 @@ type ExtensionManager struct {
 type ExtensionHooks struct {
 	// XDSTranslator defines all the supported extension hooks for the xds-translator runner
 	XDSTranslator *XDSTranslatorHooks `json:"xdsTranslator,omitempty"`
+
+	// EnablePostTranslateListenersAndRoutes controls whether listeners and routes


my preference would be to have something like

resource: listener: selector: {}

which selects all listeners, these key values are based on resource metadata

or some form with a selector, so we can only send specific resources

should the top level be resource or translationHook ?

wdyt @guydc

Created an issue for track: #6539

Signed-off-by: bitliu <[email protected]>

Xunzhuo · 2025-07-17T03:51:29Z

option1: make hook config explicitly set:

    extensionManager:
      backendResources:
        - group: inference.networking.x-k8s.io
          kind: InferencePool
          version: v1alpha2
      hooks:
        xdsTranslator:
          hookConfig:
            postTranslation:
              includeAll: false
              resources:
                listener: {}
                route: {}
                cluster: {}
                secret: {}
            postListener: {}
            postVirtualHost: {}
            postCluster: {}
            postRoute: {}              
          post:
            - Translation
            - Cluster
            - Route

option2: make hook config inline:

    extensionManager:
      backendResources:
        - group: inference.networking.x-k8s.io
          kind: InferencePool
          version: v1alpha2
      hooks:
        xdsTranslator:
          postTranslation:
            includeAll: false
            resources:
              listener: {}
              route: {}
              cluster: {}
              secret: {}
          postListener: {}
          postVirtualHost: {}
          postCluster: {}
          postRoute: {}              
          post:
            - Translation
            - Cluster
            - Route

option3: dont need hook config, just put resources under xdsTranslator:

    extensionManager:
      backendResources:
        - group: inference.networking.x-k8s.io
          kind: InferencePool
          version: v1alpha2
      hooks:
        xdsTranslator:
          includeAll: false
          resources:
            listener: {}
            route: {}
            cluster: {}
            secret: {}      
          post:
            - Translation
            - Cluster
            - Route

arkodg · 2025-07-17T19:17:21Z

thanks @Xunzhuo, prefer

       xdsTranslator:
          // translation hook setting common for pre and post, since its unlikely both will be set
          translation:
            includeAll: false

Xunzhuo · 2025-07-17T21:16:06Z

should add a stage in it? Like
stage: post
stage: pre

arkodg · 2025-07-17T21:24:14Z

should add a stage in it? Like stage: post stage: pre

yeah we could add that and extend it in the future, afaik most users are using post rn for xds hook

Signed-off-by: bitliu <[email protected]>

Xunzhuo · 2025-07-17T21:51:46Z

cc @arkodg a3f13e4

internal/extension/types/manager.go

internal/xds/translator/extension.go

Signed-off-by: bitliu <[email protected]>

internal/xds/translator/extension.go

Signed-off-by: bitliu <[email protected]>

api/v1alpha1/envoygateway_types.go

Signed-off-by: bitliu <[email protected]>

arkodg

LGTM thanks !

guydc

LGTM.
Thanks for adding this!

Xunzhuo · 2025-07-18T01:09:46Z

/retest

Xunzhuo requested a review from a team as a code owner July 15, 2025 03:11

Xunzhuo requested review from arkodg and mathetake July 15, 2025 03:15

Xunzhuo force-pushed the post-translate branch from d6646ce to 2791fbf Compare July 15, 2025 04:04

Xunzhuo mentioned this pull request Jul 15, 2025

feat: add support for InferencePool envoyproxy/ai-gateway#823

Draft

mathetake reviewed Jul 15, 2025

View reviewed changes

Xunzhuo force-pushed the post-translate branch 2 times, most recently from 3da1ad6 to 94bd9c7 Compare July 16, 2025 06:26

arkodg reviewed Jul 16, 2025

View reviewed changes

arkodg added this to the v1.5.0-rc.1 Release milestone Jul 17, 2025

Xunzhuo force-pushed the post-translate branch from 94bd9c7 to cf6712f Compare July 17, 2025 02:29

Xunzhuo added 4 commits July 17, 2025 10:31

feat: support listener/routes in post translate hook level

7687849

Signed-off-by: bitliu <[email protected]>

add tests

5a851f6

Signed-off-by: bitliu <[email protected]>

add docs

3c88bf8

Signed-off-by: bitliu <[email protected]>

add option to enable/disable

f77ce18

Signed-off-by: bitliu <[email protected]>

Xunzhuo force-pushed the post-translate branch from cf6712f to f77ce18 Compare July 17, 2025 02:31

Xunzhuo mentioned this pull request Jul 17, 2025

Support Metadata selection in PostTranslate Hook #6539

Open

Xunzhuo mentioned this pull request Jul 17, 2025

feat: support passing backend context on listener/vhost level #6518

Closed

new api

a3f13e4

Signed-off-by: bitliu <[email protected]>

Xunzhuo requested a review from arkodg July 17, 2025 21:51