Hi,

I ended up here searching about argo rollout + contour, but I don't see Contour being part of the doc like Nginx, around here for example. So I wonder if this is production ready ?

Best regards,

There's been no new release since January and a lot of improvements since then, can we get a 0.5.0 release tag pushed?

Summary

The plugin should only consider HTTPProxies from the same namespace as the Rollout resource.

Motivation

As of right now, the plugin is capable of changing the weight of HTTPProxies from other namespaces, i.e.:

apiVersion: argoproj.io/v1alpha1
kind: Rollout
metadata:
  name: api
  namespace: default
spec:
  strategy:
    canary:
      canaryService: api-canary
      stableService: api
      trafficRouting:
        plugins:
          argoproj-labs/contour:
            namespace: another-namespace
            httpProxy: api
      steps:
        - setWeight: 25

The Rollout above can alter the HTTPProxy from the another-namespace, even though it's in the default namespace.

This allows anyone to deploy a Rollout in any namespace and alter any HTTPProxy within the cluster.

Proposal

The plugin should be limited to HTTPProxies from the same namespace as the Rollout resource.

Argo Rollouts follow the same principle, all traffic management configurations only allow changing resources from the same namespace as the Rollout. As an example, we can turn to the NGINX doc:

The stable Ingress field is a reference to an Ingress in the same namespace of the Rollout

Describe the bug

When trying to set the weight of an HTTPProxy with more than one route, it is only able to find the services of the first route:

'TrafficRoutingError' failed to set weight via plugin: the service: api-canary is not found in HTTPProxy

To Reproduce

Create an HTTPProxy with more than one route, and try to set the weight of the second route.

apiVersion: projectcontour.io/v1
kind: HTTPProxy
metadata:
  name: app
spec:
  virtualhost:
    fqdn: example.com
    tls:
      secretName: ingress
  routes:
    - conditions:
        - prefix: /
      services:
        - name: web
          port: 80
        - name: web-canary
          port: 80
    - conditions:
        - prefix: /api
      services:
        - name: api
          port: 80
        - name: api-canary
          port: 80

apiVersion: argoproj.io/v1alpha1
kind: Rollout
metadata:
  name: app
spec:
  strategy:
    canary:
      canaryService: api-canary
      stableService: api
      trafficRouting:
        plugins:
          argoproj-labs/contour:
            namespace: api
            httpProxy: api

Version

argoproj/argo-rollouts:v1.5.0
argoproj-labs/rollouts-plugin-trafficrouter-contour:v0.1.1

Summary

Handle multiple HTTPProxies

Motivation

We run contour with many HTTPProxies pointed at a single service. If we were to use this plugin in the current state, it would only adjust the weight of one HTTPProxy, leaving 100 weight on the rest of them.

Proposal

Instead of:

trafficRouting:
  plugins:
    argoproj-labs/contour:
      httpProxy: my-proxy

Configuration could look like:

trafficRouting:
  plugins:
    argoproj-labs/contour:
      httpProxies:
        - my-proxy
        - my-other-proxy

Then we can simply loop over this list of proxies.

Summary

Argo Rollouts weight verification feature allows the controller to verify the traffic routers after the setWeight step. This is useful to avoid problems when the Contour controller is unavailable or has issues updating the HTTPProxy.

Motivation

Currently, the plugin does not make any verification regarding this feature, as seen below:

Proposal

This verification can be implemented by looking at the status field of the HTTPProxy resource since the Contour operator constantly keeps it up-to-date with the proxy's current state.

Need a usage sample include yaml file and some steps in README.

Hey @wilsonwu & @izturn

Just wanted to make you aware of argoproj/argo-rollouts#2720

We are updating the naming convention for plugins for rollouts.

So in your case, the repo would need to move to rollouts-plugin-trafficrouter-contour

I hope this isn't too much of an inconvenience.

Describe the bug
Set weight failed when HttpProxy has multi routes.
This is a part of HTTPProxy of conditions.

spec:
  ingressClassName: gateway-zeng-up
  routes:
    - conditions:
        - header:
            name: ':method'
            regex: GET|POST|DELETE|PUT|PATCH|OPTIONS|HEAD
          prefix: /
        - header:
            exact: eureka
            name: route
      jwtVerificationPolicy: {}
      loadBalancerPolicy:
        strategy: RoundRobin
      rateLimitPolicy: {}
      services:
        - name: sesame-b5cde76a93-sesame
          port: 30902
          weight: 100
    - conditions:
        - header:
            name: ':method'
            regex: GET|POST|DELETE|PUT|PATCH|OPTIONS|HEAD
          prefix: /
      jwtVerificationPolicy: {}
      loadBalancerPolicy:
        strategy: RoundRobin
      rateLimitPolicy: {}
      services:
        - name: rollouts-demo
          port: 8080
          weight: 100
        - name: rollouts-demo-canary
          port: 8080

Logs

time="2024-01-23T06:44:58Z" level=error msg="rollout syncHandler error: failed to set weight via plugin: failed to create patch : the total weight must equals to 100" namespace=skoala-zeng rollout=rollouts-demo
time="2024-01-23T06:44:58Z" level=info msg="rollout syncHandler queue retries: 258 : key \"skoala-zeng/rollouts-demo\"" namespace=skoala-zeng rollout=rollouts-demo
time="2024-01-23T06:44:58Z" level=error msg="failed to set weight via plugin: failed to create patch : the total weight must equals to 100\n" error="<nil>"

Publish the docker image into an org managed registry.

The READEME.md has the section which marked with TODO need to be done

Is your feature request related to a problem? Please describe.
Given an HTTPProxy template that looks like the following:

    spec:
      routes:
      - conditions:
        - prefix: /foo
        services:
        - name: web
          weight: 100
        - name: web-canary
          weight: 0
      - conditions:
        - prefix: /bar
        services:
        - name: web
          weight: 100
        - name: web-canary
          weight: 0

We only update the weights on a single route
Describe the solution you'd like
We should update all of the canary services for a proxy across all routes
Describe alternatives you've considered

Additional context

Summary

when HttpProxy routes has mutil services, how to update service weight to make sure canary & stable service a determined proportion of traffic is assigned.

Motivation

httpProxy:

apiVersion: projectcontour.io/v1
kind: HTTPProxy
metadata:
  name: demo
spec:
  routes:
    - conditions:
        - header:
            name: ':method'
            regex: POST|DELETE|PUT|PATCH|OPTIONS|HEAD
          prefix: /user
      services:
        - name: stable-service
          port: 80
          weight: 10
        - name: canary-service
          port: 80
          weight: 90
        - name: other-service
          port: 80
          weight: 10  

when update stable & canary service weight, how to update other-service weight?

Proposal

maybe delete other-service or set other-service wight to 0 is a reasonable way.

or someone has some good idea?

The YAML codes in README.md's format is wrong, it needs to fix

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

Describe alternatives you've considered

Additional context