Skip to content

fix: refactored mcp server auto discovery logic and fix some issue #2382

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 57 commits into from
Jun 10, 2025
Merged

fix: refactored mcp server auto discovery logic and fix some issue #2382

merged 57 commits into from
Jun 10, 2025

Conversation

@Erica177
Copy link
Collaborator

@Erica177 Erica177 commented Jun 9, 2025
edited
Loading

Ⅰ. Describe what this PR did

1.refactored the code nacos mcp server auto discovered, extracting the subscription logic into a separate util function

  • Removed the nested subscription logic of the original MCP Watcher, and extracted the subscriptions of MCP Server, Tool, and backend services into separate files, which will be integrated into nacos-go-sdk in the future
  • Added support for MCP server for HTTPS protocol
  • Support compatibility between nacos service discovery and nacos mcp-server discovery

2.add ut
3.update go mod for nacos-go-sdk
4.fix some issue
5.updated MCP Bridge CRD with added fields

Ⅱ. Does this pull request fix one issue?

#2360
#2283
#2250
#2248
#2173

Ⅲ. Why don't you add test cases (unit test/integration test)?

Ⅳ. Describe how to verify it

Ⅴ. Special notes for reviews

Erica177 and others added 30 commits April 29, 2025 11:36
@Erica177
fix nacos empty instance list
4d6614f
@Erica177
Merge branch 'alibaba:main' into main
963f605
@Erica177
Merge branch 'alibaba:main' into main
c1f0e3e
@Erica177
Merge branch 'alibaba:main' into main
63c3d2b
@Erica177
Merge branch 'alibaba:main' into main
9d61468
@Erica177
Merge branch 'alibaba:main' into main
51d514f
@Erica177
Merge branch 'alibaba:main' into main
94103cd
@Erica177
Merge branch 'alibaba:main' into main
acd9288
@Erica177
mcp v2
872b480
@Erica177
update mcpbridge crd
a95674d
@johnlanni
update mcp
ac36d7c
@Erica177
update mcpbridge crd
db4163c
@johnlanni
update crd
0f8b685
@Erica177
support mcp v2
7ce7d0f
@Erica177
support mcp v2
46cc9fc
@Erica177
Merge branch 'alibaba:main' into main
2cebf14
@Erica177
Merge remote-tracking branch 'origin/main' into nacos-registry-v2
3729bc4 
# Conflicts:
#	pkg/ingress/kube/configmap/mcp_server.go
#	registry/nacos/mcpserver/watcher.go
@Erica177
merge main
b6b5572
@Erica177
fix
aa10a78
@Erica177
fix
8060678
@Erica177
fix
211ab9f
@Erica177
fix
6d229ba
@Erica177
fix
cdedaf7
@Erica177
fix
52ac500
@Erica177
fix
8e02f85
@Erica177
fix
b8f2474
@Erica177
fix
c2b2717
@Erica177
fix
046356b
@Erica177
Merge branch 'alibaba:main' into main
66fc8f4
@Erica177
fix
fc8d892
@codecov-commenter
Copy link

codecov-commenter commented Jun 9, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 0% with 11 lines in your changes missing coverage. Please review.

Project coverage is 46.03%. Comparing base (ef31e09) to head (c6792f9).
Report is 546 commits behind head on main.

Files with missing lines Patch % Lines
pkg/ingress/config/ingress_config.go 0.00% 11 Missing ⚠️

❌ Your patch status has failed because the patch coverage (0.00%) is below the target coverage (50.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##             main    #2382       +/-   ##
===========================================
+ Coverage   35.91%   46.03%   +10.12%     
===========================================
  Files          69       81       +12     
  Lines       11576    13018     +1442     
===========================================
+ Hits         4157     5993     +1836     
+ Misses       7104     6679      -425     
- Partials      315      346       +31
Files with missing lines Coverage Δ
pkg/ingress/config/ingress_config.go 12.56% <0.00%> (-1.32%) ⬇️

... and 77 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

lingma-agents[bot]
lingma-agents bot reviewed Jun 9, 2025
View reviewed changes
Copy link

@lingma-agents lingma-agents bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔍 代码评审报告

🎯 评审意见概览

严重度 数量 说明
🔴 Blocker 0 阻断性问题,需立即修复。例如:系统崩溃、关键功能不可用或严重安全漏洞。
🟠 Critical 6 严重问题,高优先级修复。例如:核心功能异常或性能瓶颈影响用户体验。
🟡 Major 4 主要问题,建议修复。例如:非核心功能缺陷或代码维护性较差。
🟢 Minor 5 次要问题,酌情优化。例如:代码格式不规范或注释缺失。

总计: 15 个问题

📋 评审意见详情

💡 单文件建议

以下是文件级别的代码建议,聚焦于代码的可读性、可维护性和潜在问题。
📄 api/networking/v1/mcp_bridge.proto (1 💬)
🔹 pkg/ingress/config/ingress_config.go (1 💬)
🔹 registry/mcp_model.go (5 💬)
🔹 registry/nacos/mcpserver/util.go (4 💬)
🔹 registry/nacos/mcpserver/watcher_test.go (2 💬)
🔹 registry/nacos/v2/watcher.go (2 💬)

🚀 跨文件建议

以下是对代码架构和设计的综合分析,聚焦于跨文件交互、系统一致性和潜在优化空间。
🔍 1. MCP服务器配置与Nacos注册中心v2/v3版本处理逻辑存在架构不一致性

registry/nacos/v2/watcher.goregistry/nacos/mcpserver/watcher.go中发现MCP服务器功能的实现存在架构分层问题。Nacos v2/v3的通用注册逻辑与MCP专用逻辑存在重叠,导致配置参数传递不统一(如McpServerExportDomains在v2 watcher中通过option传递,而在mcpserver模块中直接硬编码)。这种架构分层混乱可能导致后续维护时出现配置覆盖问题和版本兼容性风险。

⚠️ 潜在风险: 可能导致不同版本Nacos客户端配置冲突,引发服务发现失败或配置漂移问题

🔍 2. 依赖升级导致潜在版本冲突风险

go.mod中升级nacos-sdk-go/v2到v2.3.2时,未清理旧的版本替换指令(如删除了github.com/luoxiner/nacos-sdk-go/v2的replace)。同时新引入的github.com/stretchr/objx未评估与现有依赖的兼容性。

📌 关键代码:

github.com/nacos-group/nacos-sdk-go/v2 v2.3.2
# 旧的replace指令已被删除但未验证是否完全清理

⚠️ 潜在风险: 可能引发SDK内部接口不兼容,导致服务发现或配置监听功能失效

🔍 3. MCP服务器配置监听存在资源泄漏风险

registry/nacos/mcpserver/util.goCancelListenToServer方法中,未正确清理服务订阅监听器。当服务实例数量较多时,未调用namingClient.Unsubscribe可能导致连接累积,观察到代码中存在条件判断缺失:只有当ctx.serviceInfo存在时才执行取消订阅操作。

📌 关键代码:

if ctx.serviceInfo != nil {
  err := n.namingClient.Unsubscribe(...)
}

⚠️ 潜在风险: 持续累积未关闭的订阅连接将导致内存泄漏和网络资源耗尽

🔍 4. 跨模块配置参数传递存在重复实现

MCP服务器配置参数(如McpServerExportDomainsMcpServerBaseUrl)在registry/nacos/v2/watcher.goregistry/mcp_model.go中存在重复解析逻辑。建议将配置解析抽象为公共模块以避免代码冗余。

📌 关键代码:

WithMcpExportDomains(registry.McpServerExportDomains),
WithMcpBaseUrl(registry.McpServerBaseUrl),
McpServerRule struct {
  Server     *ServerConfig `json:"server,omitempty"`
}

⚠️ 潜在风险: 重复实现会增加维护成本,可能导致配置参数解析逻辑出现不一致

🔍 5. HTTPS协议支持存在安全配置缺失

registry/nacos/mcpserver/watcher.gogenerateDrForSSEService方法中,为HTTPS协议生成的DestinationRule未配置证书验证策略。当前实现仅设置mode: SIMPLE但未指定证书来源,可能导致TLS连接不安全。

📌 关键代码:

return &v1alpha3.DestinationRule{
  TrafficPolicy: &v1alpha3.TrafficPolicy{
    Tls: &v1alpha3.ClientTLSSettings{
      Mode: v1alpha3.ClientTLSSettings_SIMPLE,
    },
  },
}

⚠️ 潜在风险: 可能允许不安全的TLS连接,存在中间人攻击风险

🔍 6. DNS解析服务的端点地址未进行有效性验证

registry/nacos/v2/watcher.gogenerateServiceEntry方法中,当服务地址为DNS名称时,未验证域名可达性。当前仅通过IP格式判断区分DNS服务,但未实现DNS解析失败时的回退机制或健康检查。

📌 关键代码:

if !isValidIP(service.Ip) {
  isDnsService = true
}

⚠️ 潜在风险: 可能导致不可达DNS地址被写入ServiceEntry引发请求失败

🔍 7. 跨模块错误处理信息不充分

registry/nacos/mcpserver/watcher.gobuildMcpServerForMcpServer等关键方法中,未对核心操作(如配置解析、服务发现)添加详细错误日志。现有错误处理仅返回通用错误信息,难以进行故障定位。

📌 关键代码:

if vs == nil {
  return nil
}

⚠️ 潜在风险: 故障排查困难,增加系统调试复杂度

🔍 8. 元数据存储结构存在潜在性能隐患

api/networking/v1/mcp_bridge.proto中新增的metadata map<string, InnerMap>结构采用嵌套map实现,未评估大规模元数据存储时的性能影响。InnerMap结构的序列化/反序列化可能成为性能瓶颈。

📌 关键代码:

message InnerMap {
  map<string, string> inner_map = 1;
}

⚠️ 潜在风险: 高并发场景下可能导致内存占用过高或响应延迟增加

🔍 9. 服务更新通知机制存在竞态条件

registry/nacos/mcpserver/watcher.goStop方法中,停止监听操作与配置清理未使用相同的锁保护。w.mutexsubMutex的混合使用可能导致并发操作时的状态不一致。

📌 关键代码:

w.mutex.Lock()
defer w.mutex.Unlock()
// 直接操作未加锁的subMutex保护的资源

⚠️ 潜在风险: 多线程环境下可能导致配置状态残留或服务未完全停止

🔍 10. MCP服务器路由规则存在路径匹配漏洞

registry/nacos/mcpserver/watcher.go的虚拟服务构建逻辑中,路由路径匹配未包含基础路径的精确匹配。当McpServerBaseUrl为非空时,/mcp-server/abc这样的路径可能无法正确匹配/mcp-server的精确规则。

📌 关键代码:

mergePath = strings.TrimSuffix(w.McpServerBaseUrl, "/") + mergePath
// 缺少对基础路径本身的精确匹配处理

⚠️ 潜在风险: 可能导致请求路由失败或路由规则覆盖不完全

💡 小贴士

与 lingma-agents 交流的方式

📜 直接回复评论
直接回复本条评论,lingma-agents 将自动处理您的请求。例如:

  • 在当前代码中添加详细的注释说明。

  • 请详细介绍一下你说的 LRU 改造方案,并使用伪代码加以说明。

📜 在代码行处标记
在文件的特定位置创建评论并 @lingma-agents。例如:

  • @Lingma-Agent 分析这个方法的性能瓶颈并提供优化建议。

  • @Lingma-Agent 对这个方法生成优化代码。

📜 在讨论中提问
在任何讨论中 @lingma-agents 来获取帮助。例如:

  • @Lingma-Agent 请总结上述讨论并提出解决方案。

  • @Lingma-Agent 请根据讨论内容生成优化代码。

@johnlanni
Copy link
Collaborator

johnlanni commented Jun 9, 2025
edited
Loading

@Erica177 Please resolve the CR comments of lingma agent.

CH3CHO
CH3CHO reviewed Jun 9, 2025
View reviewed changes
Copy link
Collaborator

@CH3CHO CH3CHO left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

还剩下面两个文件没看完,先加这些评论。

  • registry/nacos/mcpserver/watcher.go
  • registry/nacos/mcpserver/util.go

CH3CHO
CH3CHO requested changes Jun 9, 2025
View reviewed changes
CH3CHO
CH3CHO reviewed Jun 9, 2025
View reviewed changes
CH3CHO
CH3CHO reviewed Jun 9, 2025
View reviewed changes
CH3CHO
CH3CHO reviewed Jun 9, 2025
View reviewed changes
@Erica177 Erica177 changed the title Nacos registry v2 fix: refactored mcp server auto discovery logic and fix some issue Jun 9, 2025
johnlanni
johnlanni requested changes Jun 10, 2025
View reviewed changes
johnlanni
johnlanni approved these changes Jun 10, 2025
View reviewed changes
Copy link
Collaborator

@johnlanni johnlanni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@johnlanni johnlanni requested a review from CH3CHO June 10, 2025 02:52
CH3CHO
CH3CHO requested changes Jun 10, 2025
View reviewed changes
CH3CHO
CH3CHO approved these changes Jun 10, 2025
View reviewed changes
Copy link
Collaborator

@CH3CHO CH3CHO left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@CH3CHO CH3CHO merged commit d2f09fe into alibaba:main Jun 10, 2025
8 checks passed
@lingma-agents lingma-agents bot mentioned this pull request Jun 17, 2025
Merged
ink-hz pushed a commit to ink-hz/higress-ai-capability-auth that referenced this pull request Nov 5, 2025
@Erica177 @johnlanni
fix: refactored mcp server auto discovery logic and fix some issue (a…
9ae2de1 
…libaba#2382)

Co-authored-by: johnlanni <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lingma-agents lingma-agents[bot] lingma-agents[bot] left review comments

@CH3CHO CH3CHO CH3CHO approved these changes

@johnlanni johnlanni johnlanni approved these changes

@NameHaibinZhang NameHaibinZhang Awaiting requested review from NameHaibinZhang

@2456868764 2456868764 Awaiting requested review from 2456868764 2456868764 is a code owner

@rinfx rinfx Awaiting requested review from rinfx

@SpecialYang SpecialYang Awaiting requested review from SpecialYang SpecialYang is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Erica177 @codecov-commenter @johnlanni @CH3CHO