xdsclient: update watcher API as per gRFC A88

[purnesh42H]

This is the first part of implementing gRFC A88 (grpc/proposal#466).

This introduces the new watcher API. This table summarizes the API changes and behavior for each case:

Case	Old API	New API	Behavior
Resource timer fires	OnResourceDoesNotExist()	OnResourceChanged(NOT_FOUND)	Fail data plane RPCs
LDS or CDS resource deletion	OnResourceDoesNotExist()	OnResourceChanged(NOT_FOUND)	Drop resource and fail data plane RPCs
xDS channel reports TRANSIENT_FAILURE	OnError()	OnResourceChanged(status) if resource NOT already cached; OnAmbientError(status) otherwise	Continue using cached resource, if any; otherwise, fail data plane RPCs
ADS stream terminates without receiving a response	OnError()	OnResourceChanged(status) if resource NOT already cached; OnAmbientError(status) otherwise	Continue using cached resource, if any; otherwise, fail data plane RPCs
Invalid resource update (client NACK)	OnError()	OnResourceChanged(status) if resource NOT already cached; OnAmbientError(status) otherwise	Continue using cached resource, if any; otherwise, fail data plane RPCs
Valid resource update	OnUpdate(resource)	OnResourceChanged(resource)	use the new resource

RELEASE NOTES: None

google3 import run analysis did not show any issues

[codecov]

Codecov Report

Attention: Patch coverage is 80.20305% with 39 lines in your changes missing coverage. Please review.

Project coverage is 82.21%. Comparing base (ce35fd4) to head (c43cd62).
Report is 9 commits behind head on master.

Files with missing lines	Patch %	Lines
xds/internal/server/listener_wrapper.go	68.88%	12 Missing and 2 partials ⚠️
xds/internal/resolver/xds_resolver.go	47.82%	10 Missing and 2 partials ⚠️
xds/internal/server/rds_handler.go	61.11%	7 Missing ⚠️
.../balancer/clusterresolver/resource_resolver_eds.go	50.00%	3 Missing and 1 partial ⚠️
xds/internal/testutils/resource_watcher.go	83.33%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #7977      +/-   ##
==========================================
+ Coverage   82.16%   82.21%   +0.05%     
==========================================
  Files         410      412       +2     
  Lines       40248    40487     +239     
==========================================
+ Hits        33068    33287     +219     
- Misses       5830     5839       +9     
- Partials     1350     1361      +11     

Files with missing lines	Coverage Δ
internal/xds/bootstrap/bootstrap.go	65.72% <ø> (ø)
xds/internal/balancer/cdsbalancer/cdsbalancer.go	84.49% <100.00%> (-0.15%)	⬇️
...s/internal/balancer/cdsbalancer/cluster_watcher.go	100.00% <100.00%> (ø)
...rnal/balancer/clusterresolver/resource_resolver.go	94.44% <100.00%> (ø)
xds/internal/resolver/serviceconfig.go	85.71% <100.00%> (ø)
xds/internal/resolver/watch_service.go	100.00% <100.00%> (+8.57%)	⬆️
xds/internal/xdsclient/authority.go	80.38% <100.00%> (+0.60%)	⬆️
xds/internal/xdsclient/clientimpl_watchers.go	84.81% <100.00%> (+0.39%)	⬆️
...nal/xdsclient/xdsresource/cluster_resource_type.go	77.14% <100.00%> (ø)
...l/xdsclient/xdsresource/endpoints_resource_type.go	75.00% <100.00%> (ø)
... and 8 more

... and 41 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[easwars]

the expected behavior, according to A88 is if resource is NACKed and is not cached, the watcher should drop the resource

If we are talking about the case where a NACK is seen without the resource being cached, then the question of not using the resource anymore does not come into the picture, because the resource does not exist yet.

[easwars]

Yes, I agree that we should not have checks for "resource-not-found" errors in the individual watchers. In fact, I'm thinking we might not even need those error types like xdsresource.ErrorTypeResourceNotFound anymore. If ResourceError is invoked, then the watcher must stop using the previous configuration and if AmbientError is invoked, it should continue using the previous configuration and the xDS client should guarantee that AmbientError is only invoked when a previous copy of the resource was delivered via ResourceChanged.

While making another pass through this, I really think we should get rid of these error types, or at least look into getting rid of them. The reason behind my proposal is that when a watcher gets a ResourceError, it should simply stop using that resource if it already had it. There should be no logic of checking the error type and doing different things. Having these error types encourages that behavior.

We don't have to make that change as part of this PR, but I think you should add it to your list of things that you have that need to be done as part of the generic xDS client changes.

[purnesh42H]

Yes, I agree that we should not have checks for "resource-not-found" errors in the individual watchers. In fact, I'm thinking we might not even need those error types like xdsresource.ErrorTypeResourceNotFound anymore. If ResourceError is invoked, then the watcher must stop using the previous configuration and if AmbientError is invoked, it should continue using the previous configuration and the xDS client should guarantee that AmbientError is only invoked when a previous copy of the resource was delivered via ResourceChanged.

While making another pass through this, I really think we should get rid of these error types, or at least look into getting rid of them. The reason behind my proposal is that when a watcher gets a ResourceError, it should simply stop using that resource if it already had it. There should be no logic of checking the error type and doing different things. Having these error types encourages that behavior.

We don't have to make that change as part of this PR, but I think you should add it to your list of things that you have that need to be done as part of the generic xDS client changes.

yes, I have added. Thanks.

[purnesh42H]

the expected behavior, according to A88 is if resource is NACKed and is not cached, the watcher should drop the resource

If we are talking about the case where a NACK is seen without the resource being cached, then the question of not using the resource anymore does not come into the picture, because the resource does not exist yet.

yeah if watcher has not seen the valid resource before then its not applicable. The gRFC talks about case when watcher has seen the valid resource but it deleted in xDS client cache https://github.com/grpc/proposal/blob/master/A88-xds-data-error-handling.md#changes-to-xdsclient-watcher-apis.

[easwars]

Mostly LGTM. Very minor comments this time around. But some action items are there. So, please let's make sure we have them tracked. Thanks.

[easwars]

Why is it that you unconditionally call onClusterResourceError here while you conditionally call onClusterResourceError or onClusterAmbientError in the two cases below?

I would think of these errors as a data errors too. This is a class of errors which cannot be handled at the xDS client layer (because it doesn't have the required information to do so) but has to be handled at the respective watcher. There are some cases like this for the listener resource as well.

Could you please track this one as well, along with the other items that you are tracking. We should see if we can have a uniform story for this class of errors across languages.

[purnesh42H]

I made the same check here as well. It doesn't harm? Though please note that we have finished updating the new lastUpdate with new update. So, would it make sense to its call ambient error here because we have the update stored?

[easwars]

Though please note that we have finished updating the new lastUpdate with new update

Yeah, we could look into not updating that field in the cases where we rejecting the update in the cds LB policy.

[easwars]

Also, the same code of checking if the child policy exists or not and calling one of the onClusterXxxError methods is repeated three times. We could pull it into a helper method.

[purnesh42H]

Done

[easwars]

Github doesn't allow me to comment on unchanged lines. But in method applyRouteConfigUpdate, there is a call to onError. I feel that this is also a data error and also belongs to the class of error I was talking about in the comment in xds/internal/balancer/cdsbalancer/cdsbalancer.go.

[purnesh42H]

yeah that's kind of weird. I have added the TODO. Its again being called from resource update method which has finished applying the new update. I think we should call resource error here. is it because we have finished applying the new update so we have a cached resource? For now, I have kept it as ambient error to not break existing behavior.

[easwars]

Please link a github issue with full details in any TODO that is being added, unless you plan to act on the TODO right away in which case you can add your github handle to the todo. Thanks.

[purnesh42H]

Added alias. It will be fast follow from okr tracker