diff --git a/BUILD b/BUILD index b918a3c9..a6f367a9 100644 --- a/BUILD +++ b/BUILD @@ -248,6 +248,7 @@ proto_library( "//envoy/extensions/upstreams/http/generic/v3:pkg", "//envoy/extensions/upstreams/http/http/v3:pkg", "//envoy/extensions/upstreams/http/tcp/v3:pkg", + "//envoy/extensions/upstreams/http/v3:pkg", "//envoy/extensions/upstreams/tcp/generic/v3:pkg", "//envoy/extensions/wasm/v3:pkg", "//envoy/extensions/watchdog/profile_action/v3alpha:pkg", diff --git a/envoy/config/cluster/v3/cluster.proto b/envoy/config/cluster/v3/cluster.proto index 130887c7..d3eb85cb 100644 --- a/envoy/config/cluster/v3/cluster.proto +++ b/envoy/config/cluster/v3/cluster.proto @@ -767,14 +767,37 @@ message Cluster { // HTTP protocol options that are applied only to upstream HTTP connections. // These options apply to all HTTP versions. - core.v3.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46; + // This has been deprecated in favor of + // :ref:`upstream_http_protocol_options ` + // in the :ref:`http_protocol_options ` message. + // upstream_http_protocol_options can be set via the cluster's + // :ref:`extension_protocol_options`. + // See ref:`upstream_http_protocol_options + // ` + // for example usage. + core.v3.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46 [deprecated = true]; // Additional options when handling HTTP requests upstream. These options will be applicable to // both HTTP1 and HTTP2 requests. - core.v3.HttpProtocolOptions common_http_protocol_options = 29; + // This has been deprecated in favor of + // :ref:`common_http_protocol_options ` + // in the :ref:`http_protocol_options ` message. + // common_http_protocol_options can be set via the cluster's + // :ref:`extension_protocol_options`. + // See ref:`upstream_http_protocol_options + // ` + // for example usage. + core.v3.HttpProtocolOptions common_http_protocol_options = 29 [deprecated = true]; // Additional options when handling HTTP1 requests. - core.v3.Http1ProtocolOptions http_protocol_options = 13; + // This has been deprecated in favor of http_protocol_options fields in the in the + // :ref:`http_protocol_options ` message. + // http_protocol_options can be set via the cluster's + // :ref:`extension_protocol_options`. + // See ref:`upstream_http_protocol_options + // ` + // for example usage. + core.v3.Http1ProtocolOptions http_protocol_options = 13 [deprecated = true]; // Even if default HTTP2 protocol options are desired, this field must be // set so that Envoy will assume that the upstream supports HTTP/2 when @@ -782,13 +805,21 @@ message Cluster { // supports prior knowledge for upstream connections. Even if TLS is used // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 // connections to happen over plain text. + // This has been deprecated in favor of http2_protocol_options fields in the in the + // :ref:`http_protocol_options ` + // message. http2_protocol_options can be set via the cluster's + // :ref:`extension_protocol_options`. + // See ref:`upstream_http_protocol_options + // ` + // for example usage. core.v3.Http2ProtocolOptions http2_protocol_options = 14 - [(udpa.annotations.security).configure_for_untrusted_upstream = true]; + [deprecated = true, (udpa.annotations.security).configure_for_untrusted_upstream = true]; // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. + // [#next-major-version: make this a list of typed extensions.] map typed_extension_protocol_options = 36; // If the DNS refresh rate is specified and the cluster type is either @@ -913,7 +944,12 @@ message Cluster { core.v3.Metadata metadata = 25; // Determines how Envoy selects the protocol used to speak to upstream hosts. - ClusterProtocolSelection protocol_selection = 26; + // This has been deprecated in favor of setting explicit protocol selection + // in the :ref:`http_protocol_options + // ` message. + // http_protocol_options can be set via the cluster's + // :ref:`extension_protocol_options`. + ClusterProtocolSelection protocol_selection = 26 [deprecated = true]; // Optional options for upstream connections. UpstreamConnectionOptions upstream_connection_options = 30; diff --git a/envoy/config/cluster/v4alpha/cluster.proto b/envoy/config/cluster/v4alpha/cluster.proto index 8f198f59..20aae90f 100644 --- a/envoy/config/cluster/v4alpha/cluster.proto +++ b/envoy/config/cluster/v4alpha/cluster.proto @@ -10,7 +10,6 @@ import "envoy/config/core/v4alpha/base.proto"; import "envoy/config/core/v4alpha/config_source.proto"; import "envoy/config/core/v4alpha/extension.proto"; import "envoy/config/core/v4alpha/health_check.proto"; -import "envoy/config/core/v4alpha/protocol.proto"; import "envoy/config/endpoint/v3/endpoint.proto"; import "envoy/type/v3/percent.proto"; @@ -654,9 +653,11 @@ message Cluster { [(validate.rules).double = {lte: 3.0 gte: 1.0}]; } - reserved 12, 15, 7, 11, 35, 47; + reserved 12, 15, 7, 11, 35, 46, 29, 13, 14, 26, 47; - reserved "hosts", "tls_context", "extension_protocol_options", "track_timeout_budgets"; + reserved "hosts", "tls_context", "extension_protocol_options", "upstream_http_protocol_options", + "common_http_protocol_options", "http_protocol_options", "http2_protocol_options", + "protocol_selection", "track_timeout_budgets"; // Configuration to use different transport sockets for different endpoints. // The entry of *envoy.transport_socket_match* in the @@ -775,30 +776,11 @@ message Cluster { // Optional :ref:`circuit breaking ` for the cluster. CircuitBreakers circuit_breakers = 10; - // HTTP protocol options that are applied only to upstream HTTP connections. - // These options apply to all HTTP versions. - core.v4alpha.UpstreamHttpProtocolOptions upstream_http_protocol_options = 46; - - // Additional options when handling HTTP requests upstream. These options will be applicable to - // both HTTP1 and HTTP2 requests. - core.v4alpha.HttpProtocolOptions common_http_protocol_options = 29; - - // Additional options when handling HTTP1 requests. - core.v4alpha.Http1ProtocolOptions http_protocol_options = 13; - - // Even if default HTTP2 protocol options are desired, this field must be - // set so that Envoy will assume that the upstream supports HTTP/2 when - // making new HTTP connection pool connections. Currently, Envoy only - // supports prior knowledge for upstream connections. Even if TLS is used - // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 - // connections to happen over plain text. - core.v4alpha.Http2ProtocolOptions http2_protocol_options = 14 - [(udpa.annotations.security).configure_for_untrusted_upstream = true]; - // The extension_protocol_options field is used to provide extension-specific protocol options // for upstream connections. The key should match the extension filter name, such as // "envoy.filters.network.thrift_proxy". See the extension's documentation for details on // specific options. + // [#next-major-version: make this a list of typed extensions.] map typed_extension_protocol_options = 36; // If the DNS refresh rate is specified and the cluster type is either @@ -922,9 +904,6 @@ message Cluster { // the Router filter, the filter name should be specified as *envoy.filters.http.router*. core.v4alpha.Metadata metadata = 25; - // Determines how Envoy selects the protocol used to speak to upstream hosts. - ClusterProtocolSelection protocol_selection = 26; - // Optional options for upstream connections. UpstreamConnectionOptions upstream_connection_options = 30; diff --git a/envoy/extensions/upstreams/http/v3/BUILD b/envoy/extensions/upstreams/http/v3/BUILD new file mode 100644 index 00000000..1c1a6f6b --- /dev/null +++ b/envoy/extensions/upstreams/http/v3/BUILD @@ -0,0 +1,12 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/envoy/extensions/upstreams/http/v3/http_protocol_options.proto b/envoy/extensions/upstreams/http/v3/http_protocol_options.proto new file mode 100644 index 00000000..d3cd59bb --- /dev/null +++ b/envoy/extensions/upstreams/http/v3/http_protocol_options.proto @@ -0,0 +1,95 @@ +syntax = "proto3"; + +package envoy.extensions.upstreams.http.v3; + +import "envoy/config/core/v3/protocol.proto"; + +import "udpa/annotations/status.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.upstreams.http.v3"; +option java_outer_classname = "HttpProtocolOptionsProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = ACTIVE; + +// [#protodoc-title: HTTP Protocol Options] +// [#extension: envoy.upstreams.http.http_protocol_options] + +// HttpProtocolOptions specifies Http upstream protocol options. This object +// is used in +// :ref:`typed_extension_protocol_options`, +// keyed by the name `envoy.extensions.upstreams.http.v3.HttpProtocolOptions`. +// +// This controls what protocol(s) should be used for upstream and how said protocol(s) are configured. +// +// This replaces the prior pattern of explicit protocol configuration directly +// in the cluster. So a configuration like this, explicitly configuring the use of HTTP/2 upstream: +// +// .. code:: +// +// clusters: +// - name: some_service +// connect_timeout: 5s +// upstream_http_protocol_options: +// auto_sni: true +// common_http_protocol_options: +// idle_timeout: 1s +// http2_protocol_options: +// max_concurrent_streams: 100 +// .... [further cluster config] +// +// Would now look like this: +// +// .. code:: +// +// clusters: +// - name: some_service +// connect_timeout: 5s +// typed_extension_protocol_options: +// envoy.extensions.upstreams.http.v3.HttpProtocolOptions: +// "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions +// upstream_http_protocol_options: +// auto_sni: true +// common_http_protocol_options: +// idle_timeout: 1s +// explicit_http_config: +// http2_protocol_options: +// max_concurrent_streams: 100 +// .... [further cluster config] +message HttpProtocolOptions { + // If this is used, the cluster will only operate on one of the possible upstream protocols (HTTP/1.1, HTTP/2). + // If :ref:`http2_protocol_options ` are + // present, HTTP2 will be used, otherwise HTTP1.1 will be used. + message ExplicitHttpConfig { + oneof protocol_config { + config.core.v3.Http1ProtocolOptions http_protocol_options = 1; + + config.core.v3.Http2ProtocolOptions http2_protocol_options = 2; + } + } + + // If this is used, the cluster can use either of the configured protocols, and + // will use whichever protocol was used by the downstream connection. + message UseDownstreamHttpConfig { + config.core.v3.Http1ProtocolOptions http_protocol_options = 1; + + config.core.v3.Http2ProtocolOptions http2_protocol_options = 2; + } + + // This contains options common across HTTP/1 and HTTP/2 + config.core.v3.HttpProtocolOptions common_http_protocol_options = 1; + + // This contains common protocol options which are only applied upstream. + config.core.v3.UpstreamHttpProtocolOptions upstream_http_protocol_options = 2; + + // This controls the actual protocol to be used upstream. + // If none of the *upstream_protocol_options* are chosen, the default is *explicit_http_config*. + oneof upstream_protocol_options { + // To explicitly configure either HTTP/1 or HTTP/2 (but not both!) use *explicit_http_config*. + // If the *explicit_http_config* is empty, HTTP/1.1 is used. + ExplicitHttpConfig explicit_http_config = 3; + + // This allows switching on protocol based on what protocol the downstream + // connection used. + UseDownstreamHttpConfig use_downstream_protocol_config = 4; + } +} diff --git a/envoy/extensions/upstreams/http/v4alpha/BUILD b/envoy/extensions/upstreams/http/v4alpha/BUILD new file mode 100644 index 00000000..3b00c0d6 --- /dev/null +++ b/envoy/extensions/upstreams/http/v4alpha/BUILD @@ -0,0 +1,13 @@ +# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. + +load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") + +licenses(["notice"]) # Apache 2 + +api_proto_package( + deps = [ + "//envoy/config/core/v4alpha:pkg", + "//envoy/extensions/upstreams/http/v3:pkg", + "@com_github_cncf_udpa//udpa/annotations:pkg", + ], +) diff --git a/envoy/extensions/upstreams/http/v4alpha/http_protocol_options.proto b/envoy/extensions/upstreams/http/v4alpha/http_protocol_options.proto new file mode 100644 index 00000000..3b18b128 --- /dev/null +++ b/envoy/extensions/upstreams/http/v4alpha/http_protocol_options.proto @@ -0,0 +1,105 @@ +syntax = "proto3"; + +package envoy.extensions.upstreams.http.v4alpha; + +import "envoy/config/core/v4alpha/protocol.proto"; + +import "udpa/annotations/status.proto"; +import "udpa/annotations/versioning.proto"; + +option java_package = "io.envoyproxy.envoy.extensions.upstreams.http.v4alpha"; +option java_outer_classname = "HttpProtocolOptionsProto"; +option java_multiple_files = true; +option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSION_CANDIDATE; + +// [#protodoc-title: HTTP Protocol Options] +// [#extension: envoy.upstreams.http.http_protocol_options] + +// HttpProtocolOptions specifies Http upstream protocol options. This object +// is used in +// :ref:`typed_extension_protocol_options`, +// keyed by the name `envoy.extensions.upstreams.http.v3.HttpProtocolOptions`. +// +// This controls what protocol(s) should be used for upstream and how said protocol(s) are configured. +// +// This replaces the prior pattern of explicit protocol configuration directly +// in the cluster. So a configuration like this, explicitly configuring the use of HTTP/2 upstream: +// +// .. code:: +// +// clusters: +// - name: some_service +// connect_timeout: 5s +// upstream_http_protocol_options: +// auto_sni: true +// common_http_protocol_options: +// idle_timeout: 1s +// http2_protocol_options: +// max_concurrent_streams: 100 +// .... [further cluster config] +// +// Would now look like this: +// +// .. code:: +// +// clusters: +// - name: some_service +// connect_timeout: 5s +// typed_extension_protocol_options: +// envoy.extensions.upstreams.http.v3.HttpProtocolOptions: +// "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions +// upstream_http_protocol_options: +// auto_sni: true +// common_http_protocol_options: +// idle_timeout: 1s +// explicit_http_config: +// http2_protocol_options: +// max_concurrent_streams: 100 +// .... [further cluster config] +message HttpProtocolOptions { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.upstreams.http.v3.HttpProtocolOptions"; + + // If this is used, the cluster will only operate on one of the possible upstream protocols (HTTP/1.1, HTTP/2). + // If :ref:`http2_protocol_options ` are + // present, HTTP2 will be used, otherwise HTTP1.1 will be used. + message ExplicitHttpConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.upstreams.http.v3.HttpProtocolOptions.ExplicitHttpConfig"; + + oneof protocol_config { + config.core.v4alpha.Http1ProtocolOptions http_protocol_options = 1; + + config.core.v4alpha.Http2ProtocolOptions http2_protocol_options = 2; + } + } + + // If this is used, the cluster can use either of the configured protocols, and + // will use whichever protocol was used by the downstream connection. + message UseDownstreamHttpConfig { + option (udpa.annotations.versioning).previous_message_type = + "envoy.extensions.upstreams.http.v3.HttpProtocolOptions.UseDownstreamHttpConfig"; + + config.core.v4alpha.Http1ProtocolOptions http_protocol_options = 1; + + config.core.v4alpha.Http2ProtocolOptions http2_protocol_options = 2; + } + + // This contains options common across HTTP/1 and HTTP/2 + config.core.v4alpha.HttpProtocolOptions common_http_protocol_options = 1; + + // This contains common protocol options which are only applied upstream. + config.core.v4alpha.UpstreamHttpProtocolOptions upstream_http_protocol_options = 2; + + // This controls the actual protocol to be used upstream. + // If none of the *upstream_protocol_options* are chosen, the default is *explicit_http_config*. + oneof upstream_protocol_options { + // To explicitly configure either HTTP/1 or HTTP/2 (but not both!) use *explicit_http_config*. + // If the *explicit_http_config* is empty, HTTP/1.1 is used. + ExplicitHttpConfig explicit_http_config = 3; + + // This allows switching on protocol based on what protocol the downstream + // connection used. + UseDownstreamHttpConfig use_downstream_protocol_config = 4; + } +} diff --git a/versioning/BUILD b/versioning/BUILD index efd4715f..84be8042 100644 --- a/versioning/BUILD +++ b/versioning/BUILD @@ -131,6 +131,7 @@ proto_library( "//envoy/extensions/upstreams/http/generic/v3:pkg", "//envoy/extensions/upstreams/http/http/v3:pkg", "//envoy/extensions/upstreams/http/tcp/v3:pkg", + "//envoy/extensions/upstreams/http/v3:pkg", "//envoy/extensions/upstreams/tcp/generic/v3:pkg", "//envoy/extensions/wasm/v3:pkg", "//envoy/extensions/watchdog/profile_action/v3alpha:pkg",