Skip to content

xds: decouple A76 and A86 EDS metadata parsing #8875

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
atollena wants to merge 1 commit into
base: master
Choose a base branch
from
Open

xds: decouple A76 and A86 EDS metadata parsing #8875

atollena wants to merge 1 commit into from
+98 −14

Conversation

@atollena
Copy link
Collaborator

@atollena atollena commented Feb 2, 2026
edited
Loading

The EDS metadata parsing was inadvertently coupling the A76 (ring hash
endpoint hash key) and A86 (HTTP CONNECT) features. When either
GRPC_XDS_ENDPOINT_HASH_KEY_BACKWARD_COMPAT was false (A76 enabled) or
GRPC_EXPERIMENTAL_XDS_HTTP_CONNECT was true (A86 enabled), the code would
parse all metadata including TypedFilterMetadata with converters.

This caused issues because:

  • A76 only needs FilterMetadata["envoy.lb"] for hash_key extraction
  • A86 needs TypedFilterMetadata with converters (e.g., for
    envoy.config.core.v3.Address) which can fail validation

When A76 was enabled but A86 was disabled, invalid proxy addresses in
TypedFilterMetadata would still cause NACKs, even though the user didn't care
about HTTP CONNECT.

This change makes TypedFilterMetadata processing conditional on
GRPC_EXPERIMENTAL_XDS_HTTP_CONNECT, so that A76 can be enabled independently
without triggering A86-specific validation failures.

RELEASE NOTES:

  • Fix a bug where enabling A76 ring hash endpoint hash key feature
    would cause EDS resources to be NACKed if they contained invalid proxy address
    metadata, even when HTTP CONNECT (A86) was not enabled.

@atollena
xds: decouple A76 and A86 EDS metadata parsing
63eab77 
The EDS metadata parsing was inadvertently coupling the A76 (ring hash
endpoint hash key) and A86 (HTTP CONNECT) features. When either
GRPC_XDS_ENDPOINT_HASH_KEY_BACKWARD_COMPAT was false (A76 enabled) or
GRPC_EXPERIMENTAL_XDS_HTTP_CONNECT was true (A86 enabled), the code would
parse all metadata including TypedFilterMetadata with converters.

This caused issues because:
- A76 only needs FilterMetadata["envoy.lb"] for hash_key extraction
- A86 needs TypedFilterMetadata with converters (e.g., for
  envoy.config.core.v3.Address) which can fail validation

When A76 was enabled but A86 was disabled, invalid proxy addresses in
TypedFilterMetadata would still cause NACKs, even though the user didn't care
about HTTP CONNECT.

This change makes TypedFilterMetadata processing conditional on
GRPC_EXPERIMENTAL_XDS_HTTP_CONNECT, so that A76 can be enabled independently
without triggering A86-specific validation failures.

Also adds test coverage for the previously untested combination of
GRPC_EXPERIMENTAL_XDS_HTTP_CONNECT=true with
GRPC_XDS_ENDPOINT_HASH_KEY_BACKWARD_COMPAT=true.

Release-note: Fix a bug where enabling A76 ring hash endpoint hash key feature
would cause EDS resources to be NACKed if they contained invalid proxy address
metadata, even when HTTP CONNECT (A86) was not enabled.
@atollena atollena requested a review from easwars February 2, 2026 14:05
@atollena atollena added Area: xDS Includes everything xDS related, including LB policies used with xDS. Type: Bug labels Feb 2, 2026
@atollena atollena added this to the 1.80 Release milestone Feb 2, 2026
@codecov
Copy link

codecov bot commented Feb 2, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 77.77778% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 83.15%. Comparing base (46350a7) to head (63eab77).

Files with missing lines Patch % Lines
...nternal/xds/xdsclient/xdsresource/unmarshal_eds.go 77.77% 1 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #8875      +/-   ##
==========================================
- Coverage   83.28%   83.15%   -0.13%     
==========================================
  Files         414      414              
  Lines       32751    32752       +1     
==========================================
- Hits        27276    27236      -40     
- Misses       4071     4094      +23     
- Partials     1404     1422      +18
Files with missing lines Coverage Δ
...nternal/xds/xdsclient/xdsresource/unmarshal_eds.go 94.77% <77.77%> (+0.03%) ⬆️

... and 17 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@atollena atollena removed the request for review from easwars February 2, 2026 14:46
@arjan-bal arjan-bal self-assigned this Feb 3, 2026
arjan-bal
arjan-bal approved these changes Feb 3, 2026
View reviewed changes
Copy link
Contributor

@arjan-bal arjan-bal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Adding a second reviewer.

@arjan-bal arjan-bal assigned easwars and unassigned arjan-bal Feb 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arjan-bal arjan-bal arjan-bal approved these changes

@easwars easwars Awaiting requested review from easwars

Assignees

@easwars easwars

Labels

Area: xDS Includes everything xDS related, including LB policies used with xDS. Type: Bug

Projects

None yet

Milestone

1.80 Release

Development

Successfully merging this pull request may close these issues.

3 participants

@atollena @arjan-bal @easwars