feat(servicediscovery): add support for API only services within a DNS namespace #21494
Conversation
|
|
jmortlock
force-pushed
the
master
branch
2 times, most recently
from
43ee7b8 to
49567fe
Compare
There was a problem hiding this comment.
Thank you for this contribution @jmortlock. I'm not very familiar with the CloudMap service, so please forgive my questions.
- What's the use case of a
DnsNamespacethat's only discoverable via API? Beyond the physical ability of deploying it in Cloudformation, does this make sense? - Currently the service type is exclusively modelled through namespaces. Have you consider a design that holds up that contract?
Additionally, please update the integration test to the new style (using new integ.IntegTest() etc).
So the namespace itself only dictates the discoverability types of the services registered within that namespace are. So a
I believe this is how it is still modeled; unless the customer provides an explicit discoverability type for the service being created it will fall back to the original namespace default, which is unchanged.
Can do * api only is the support we are adding to CDK here (CFN, console, api etc already support this) |
jmortlock
force-pushed
the
master
branch
3 times, most recently
from
b6d4ff9 to
8e81cd3
Compare
|
Thanks for the explanation @jmortlock . I'm with you now. Good work on the API design, I like. |
|
@Mergifyio update |
✅ Branch has been successfully updated |
|
The build failures don't make sense to me. Giving this a retry because ¯\_(ツ)_/¯ . |
|
@Mergifyio update |
✅ Branch has been successfully updated |
|
I can see the error in the logs will fix them up; not sure why it worked locally 🤷 |
|
I'm kinda out of ideas on how to resolve the error; I've regenerated the integration snapshots, updated Jest and tried to make the integ-test integration the same as what I can see in other parts of the codebase. Any ideas @mrgrain @TheRealAmazonKendra |
|
@jmortlock Apologies for side tracking this with my request to upgrade the integration test style. I've tracked the build failure down to the fact that these tests are In the interest of moving this PR forward, let's revert back to the old style. Again, I'm sorry for missing this and wasting your time. 😕 |
|
No worries I will revert back; I have done a bit more digging with your clue about the .lit files and it appears that those files are included in the documentation. For example https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_servicediscovery-readme.html I think however and perhaps this is a CDKv2 breakage that the rewritten imports are not really what the customer would be using; and the original ones in the integration test are actually better. |
|
I think a fix in my case would be to use relative pathing for the integration test require as well; but I will open up a second PR with the change over to the newer style tests. |
jmortlock
force-pushed
the
master
branch
2 times, most recently
from
845102a to
4552eb7
Compare
Thanks for looking further into this. Yeah they don't look good for v2, but also in v1 we get some relative paths. Also adding In general, these are somewhat legacy and I wonder if the easiest thing would be to remove the |
| @@ -35,7 +35,10 @@ registers an instance to it: | |||
| The following example creates an AWS Cloud Map namespace that | |||
| supports both API calls and DNS queries within a vpc, creates a | |||
| service in that namespace, and registers a loadbalancer as an | |||
| instance: | |||
| instance, | |||
There was a problem hiding this comment.
| instance, | |
| instance. |
| @@ -342,6 +377,10 @@ function renderDnsRecords(dnsRecordType: DnsRecordType, dnsTtl: Duration = Durat | |||
| } | |||
| } | |||
|
|
|||
| export function defaultDiscoveryType(namespace : INamespace): DiscoveryType { | |||
There was a problem hiding this comment.
One last change. We shouldn't export this internal helper function. If it can't be a private class member, than the best way to do this is adding a lib/private/utils.ts file that is not exported from index.ts
There was a problem hiding this comment.
I think ideally it would be a function on the namespace; however I think that constitutes a breaking change as it would be add a required parameter to the interface.
I have moved it into a utils class
mrgrain
changed the title
mrgrain
changed the title
|
@mrgrain I believe all your comments are addressed, are there any other changes you would like me to make? |
There was a problem hiding this comment.
Thanks for the reminder @jmortlock ! Yes this is all good to ship now. Again, thank you for this contribution. 🎉 🚢
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
…S namespace (aws#21494) ---- Closes: aws#21490 DNS namespaces are currently setup in a way which only allow for discoverability via DNS or API, this means it is not currently possible to register non-ip instances within a DNS based namespace. After this change you can create a DNS based service with an optional ```discoveryType``` If this ```discoveryType``` is set to ```DiscoveryType.API``` then you can register non IP based instances to this service using the ```registerNonIpInstance``` function If no DiscoveryType is passed than the default from the namespace is used, so for an HTTP namespace this is ```API``` and for DNS derived namespaces this is ```DNS_AND_API``` This means DNS type namespaces can have services registered with a combination of discovery types. ---- ### All Submissions: * [✓] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [✗] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [✓] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [✓] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
@jmortlock @mrgrain does having DNS_AND_API variable make any sense for this statement? aws-cdk/packages/aws-cdk-lib/aws-servicediscovery/lib/service.ts Lines 225 to 229 in a3332b6 because its used in opposite to API use cases throughout the code. but the name implies that its both options which it is not since if its DNS its not API. |
|
With service discovery there are 3 underlying namespace types:
Private DNS -
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-privatednsnamespace.html
Public DNS -
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-publicdnsnamespace.html
Http -
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-httpnamespace.html
Both the DNS service types effectively allow lookup via either DNS or via
API (DiscoverInstances)
Http only allows lookup via API requests.
If you have a look at the Cloud Map console within AWS you can see this in
the "Disoverable By" column of the Services table.
…On Mon, Sep 2, 2024 at 5:50 PM Adminy ***@***.***> wrote:
@jmortlock <https://github.com/jmortlock> @mrgrain
<https://github.com/mrgrain> does having DNS_AND_API variable make any
sense for this statement?
https://github.com/jmortlock/aws-cdk/blob/ce277899e9df2ae9d69e94bdaa931e130cd4c95a/packages/%40aws-cdk/aws-servicediscovery/lib/service.ts#L225-L229
because its used in opposite to API use cases throughout the code. but the
name implies that its both options which it is not since if its DNS its not
API.
—
Reply to this email directly, view it on GitHub
<#21494 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACMTTIN3MFGS274KHOAGSYTZUQNVLAVCNFSM6AAAAABNPZ76H6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGMRUGEYTENJRG4>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
the default const namespace = new PrivateDnsNamespace(stack, `ServiceDiscoveryNamespace`, {
name: 'example.internal', vpc
})
const service = new Service(stack, `apiServiceDiscovery`, {
namespace, dnsTtl: Duration.seconds(300), name: 'api', loadBalancer: false
})
service.registerNonIpInstance('apiCname', {
instanceId: 'apigw',
customAttributes: { url: api.url } // api is of type SpecRestApi
})gives:Error: This type of instance can only be registered for HTTP namespaces. |
|
This is what the discoveryType option is for You can find it in the docs (https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_servicediscovery-readme.html#private-dns-namespace-example) Which translates to |
|
yes I understand that. I'm just saying that |
|
My understanding is that Based on this, I can understand how this is still confusing. If I recall correctly, with this PR we tried to address some of the DX concerns the CloudFormation API has. However it seems that wasn't fully resolved. @adminy I believe there are really only two possible courses of action here:
Edit: Although maybe the confusion comes more from the fact that |
|
I think there is still some misunderstanding here; the discovery type is telling CloudMap how you would like to find the service that you are registering into the cloudmap.
Obviously DNS has more restrictions about what you can put into it, but is much easier for the most part to work with. HTTPNamspaces services are only every discoverable via API So one change I could potentially see is that if you call the Prehaps another change could be the Namspace Service object could offer some factory methods to take other CDK constructs and work out the best way of registering this within a namespace. Kind of like how the "grant" system works for IAM. Note the original PR was all about allowing the DNS namespace(s) to support both types of discovery so you could use a DNS Namespace to register both your IP related things (like ec2 instance) and your other AWS services like SQS, S3 ARNs, etc within the same Namespace. Before the change you would have to have two separate namespaces a HTTP one for the SQS, S3, etc and a DNS one for your IP ones. After the change you can do it all within a single DNS namespace. |
Closes: #21490
DNS namespaces are currently setup in a way which only allow for discoverability via DNS or API, this means it is not currently possible to register non-ip instances within a DNS based namespace.
After this change you can create a DNS based service with an optional
discoveryTypeIf thisdiscoveryTypeis set toDiscoveryType.APIthen you can register non IP based instances to this service using theregisterNonIpInstancefunctionIf no DiscoveryType is passed than the default from the namespace is used, so for an HTTP namespace this is
APIand for DNS derived namespaces this is
DNS_AND_APIThis means DNS type namespaces can have services registered with a combination of discovery types.
All Submissions:
Adding new Unconventional Dependencies:
New Features
yarn integto deploy the infrastructure and generate the snapshot (i.e.yarn integwithout--dry-run)?By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license