As a first step towards TDS, add support for proto/JSON representations of the runtime virtual file
system and plumb this into bootstrap.
"numerator" and "denominator" are now reserved keywords and can't be used in runtime keys; this
simplifies parsing significantly. It is not expected that these are widely used, due to the
difficulty of ensuring atomicity if representing fractions, but this is technically a runtime API
breaking change.
Risk level: Medium (due to the reserved word changes).
Testing: Unit and server tests added.
Part of #6708
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ eb699ab2d53aadf2c5a26ed02fcc1e7de1df7d8a
Fix a build warning:
INFO: From ProtoGenValidateCcGenerate external/envoy_api/envoy/service/auth/v2/attribute_context.pb.h:
envoy/service/auth/v2/attribute_context.proto: warning: Import envoy/api/v2/core/base.proto but not used.
Signed-off-by: Ismo Puustinen <ismo.puustinen@intel.com>
Mirrored from https://github.com/envoyproxy/envoy @ 16e85b1ffc4fceb3c1c3857b96862937126468a8
Description: Adding API support to report Locality proximity information as part of Locality Assignment. This does not need to be documented yet, and should be documented as part of LB algorithm implementation which will use this information.
Risk Level: LOW
Testing: None
Signed-off-by: Vishal Powar <vishalpowar@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5e039a6581cf5fa1f7b70329afeb2e3d35b8189c
When using active health checking, hosts are not removed from
dynamic clusters if they are still passing health checks. This
creates a situation in which hosts might not be removed for a
very long time if the sequence is reversed; removal followed by
health check failure. This change handles the second case so that
any time a host is both removed AND failing active health check,
in any order, it will be removed.
This has been an issue "forever" but is more obvious when using
streaming EDS or very long polling DNS.
Fixes https://github.com/envoyproxy/envoy/issues/6625
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 41eefffcd728d071037a57a1accd402ec188bcd5
total_issued_requests field tracks the count of requests issued since
the last report. This field will be used for global load balancing
decisions.
Envoy maintains a stats counter rq_total to track total
requests made. By latching this counter when load reporting period
begins, we are able to count the total requests issued in a load
reporting interval. This information is then used to populate the field
total_issued_requests.
Risk Level: Low
Testing: //test/integration:load_stats_reporter passes.
Signed-off-by: Karthik Reddy <rekarthik@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ cdddf54e8548036703ee928335a44c3b503b988b
Protos to statically and dynamically (via the Scoped Route Discovery Service) configure scoped
routing logic in Envoy.
Signed-off-by: Andres Guedez <aguedez@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 2778c3c0c1e1f18a1c7864b4e7707e9d0ca2571e
Signed-off-by: Brian Rectanus <brectanus@signalsciences.com>
Mirrored from https://github.com/envoyproxy/envoy @ 77d267eef63edc215f93d140f61bfc711b59a31b
Reintroduce dispatcher stats previously reverted in #6649. Dispatcher stats are now gated on a new bootstrap config parameter, enable_dispatcher_stats, and disabled by default.
Risk Level: Low
Testing: Manually verified that config is respected (see #6582, this still requires integration tests).
Docs Changes: Included a note about how statsd doesn't play well with these high-volume histograms.
Signed-off-by: Dan Rosen <mergeconflict@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 481a127f5ade32e5590b4e8b8271576e44643082
This adds support for modifying the grpc-timeout provided by the
downstream by some offset. This is useful to make sure that Envoy is
able to see timeouts before the gRPC client does, as the client will
cancel the request when the deadline has been exceeded which hides the
timeout from the outlier detector.
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 03ae1ef6b9afcfda9545b3d734b54027776254f9
Default behavior remains unchanged: retries will use the runtime parameter
defaulted to 25ms as the base interval and 250ms as the maximum. Allows
routes to customize the base and maximum intervals.
Risk Level: low (no change to default behavior)
Testing: unit tests
Doc Changes: included, plus updated description of back-off algorithm
Release Notes: added
Signed-off-by: Stephan Zuercher <zuercher@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5ea103ee0e88cca52f543fdd230ca9f84c518c88
Add support for specifying _stale_after timeout as part of ClusterLoadAssignment
Risk Level: Low
Optional Feature that is triggered by the Management Server. Defaults to noop.
Testing: Unit test
Docs Changes: None
Release Notes: None
Fixes#6420
Signed-off-by: Vishal Powar <vishalpowar@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ e6a3ce16ff818cc4d5588345fca084efeaa1985d
Change the behavior of the delayed_close_timeout such that it won't trigger unless there
has been at least a delayed_close_timeout period of inactivity after the last write event on
the socket pending to be closed.
This mitigates a race where a slow client and/or low timeout value would cause the socket
to be closed while data was actively being written to the socket. Note that this change does
not eliminate this race since a slow client could still be considered idle by the updated timeout
logic, but this should be very rare when useful values (i.e., >1s to avoid the race condition on
close that this timer addresses) are configured.
Risk Level: Medium
Testing: New unit tests added
Docs Changes: Updated version history and HttpConnectionManager proto doc
Fixes#6392
Signed-off-by: Andres Guedez <aguedez@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ cdaeb1344e4136d8c9ac33507005159c93087a49
Making the following deprecated fields fatal-by-default
UNSUPPORTED_REST_LEGACY from config_source.proto
use_alpha from ext_authz.proto
enabled from route.proto
type from fault.proto
runtime_key from route.proto
Risk Level: High (first time using this process - it will likely cause problems for someone)
Testing: tests pass.
Docs Changes: n/a
Release Notes: no
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ 19894aca58f21f73dfbdb939ce8597c58de8a574
The documentation before was misleading; the weights are not actually multiplied together. This change brings the docs here in line with the actual behavior and the docs in other places
Signed-off-by: John Howard <howardjohn@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ e03f6f7629ea563a56f8cb024558a8bce0fbfc1d
Read a string value from stream_info.FilterState, and use it to look up a JwtRequirement map in the filter config.
This is the PR to implement #6399
Risk Level: Low
Signed-off-by: Wayne Zhang <qiwzhang@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ abd625a6a77f4831a359416489691f0a81af694c
Description: minor fixes to fix spelling and make clang-tidy happy
Risk Level: low
Testing: unit tests
Signed-off-by: Elisha Ziskind <eziskind@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ d44c93a3fcb2e970829051b1a2f39800f652c370
Moved DEPRECATED.md to sphinx docs.
Risk Level: Low - only documentation
Testing: Compiles with sphinx docs without warnings or errors
Docs Changes: deprecated.rst created in intro section of sphinx docs and added to toctree
Release Notes: N/A
Fixes: #6386
Signed-off-by: HashedDan <georgedanielmangum@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ fd7c172af181275693297efbe148fd8bb414ef48
Description: modifies jwt_authn filter's ExtractorImpl extract method to use the from_headers's value_prefix tag more precisely, allowing syntax like "tag=<JWT>,other=xxx" rather than simply taking the remainder of the string as the JWT candidate.
See Issue #6355 for full description. Should be backwards-compatible with existing uses of jwt_authn.
Risk Level: Medium (scope: affects JWT authentication)
Testing: Unit testing was added to test/.../jwt_authn/extractor_test.cc. Since Extractor itself does not validate the JWT, only the parsing is tested.
Docs Changes: see "Further header options" section added to api/envoy/config/filter/http/jwt_authn/v2alpha/README.md
Release Notes:
Adds enhancement per Issue #6355, so that deployments can use a wider variety of HTTP header syntaxes to pass JWTs and have them authenticated by the jwt_authn filter. Backwards-compatible with existing usage.
JWT authentication with the jwt_authn HTTP filter now permits header syntax like the following:
Authorization: Bespoke jwt=eyJhbGciOiJS...ZFnFIw,extra=7,realm=123
Signed-off-by: Larry West <Larry_West@intuit.com>
Mirrored from https://github.com/envoyproxy/envoy @ 03cf28658399a7e411e49f9718782c919578d099
- Redis requests are now redirected to a new upstream connection
upon receipt of an MOVED or ASK error response. If the request
cannot be redirected, then the error is passed downstream unmodified.
The redirection IP (IPv4 or IPv6) address and TCP port specified
in the Redis server error does not need to reference a known host of
the cluster associated with the redis_proxy filter.
- added an enable_redirection boolean to the redis proxy connection
pool settings to control whether or not server redirection errors are
honored or passed downstream unchanged.
- RespValue copy constructor, copy assignment, and equality testing
methods for easier manipulation of RespValues.
- added cluster statistics, upstream_internal_redirect_succeeded_total
and upstream_internal_redirect_failed_total in ClientImpl::onRespValue()
callback
- extended unit tests for Redis connection pool, client, command
splitter, and RespValue copying and equallity testing.
- new basic integration test for redis_proxy: simple request
and response, and invalid request testing (enable_redirection
enabled).
Signed-off-by: Mitch Sukalski <mitch.sukalski@workday.com>
Mirrored from https://github.com/envoyproxy/envoy @ 378d59b43e71e07c36c9ef60b0ee7318ca7f510f
Provide the HTTP path normalization per RFC 3986 (sans case normalization). This addresses CVE-2019-9901.
The config HttpConnectionManager.normalize_path needs to be set for each HCM configuration to enable (default is off). There is also a runtime optione http_connection_manager.normalize_path
to change this default when not set in HCM.
Risk level: Low
Testing: New unit and integration tests added.
Signed-off-by: Yuchen Dai <silentdai@gmail.com>
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7ed6d2187df94c4cb96f7dccb8643bf764af2ccb
This PR adds support to `ext_authz` filter for buffering the request data. This is useful when the authorization server needs to check the request body, e.g. HMAC validation.
Fixes#5676
*Risk Level*: low
*Testing*: unit
*Docs Changes*: yes
*Release Notes*: yes
Signed-off-by: Gabriel <gsagula@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 075edf802b9ef94bdf26fddc9e775f8bb89df92d
This is not implemented yet.
Fixes#6405.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4ed3afebe9801e40095a68fa135ccf10a474818a
Adds prefix wildcard support (foo.*) in virtual host domains
Risk Level: Low (does not change current behavior)
Testing: Unit tests
Docs Changes: updated domains field documentation in proto file
Release Notes: updated
Fixes#1269
Signed-off-by: Bartosz Borkowski <bartebor@wp.pl>
Mirrored from https://github.com/envoyproxy/envoy @ af7c845fc5e37ce5b271e1a7b4566f2d1e8ec290
* docs: more snapping fixes
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ c949a8144cf3b0162133dde0c489dea8a4078a47
The change breaks the existing Redis operation, for example redis-cli -p
[WHATEVER] GET 1 crashes Envoy.
This reverts commit 046e98904f6df60f0c548ffe77ffb5f5f980179d.
Signed-off-by: Nicolas Flacco <nflacco@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ bacd89e866b4d81dd316613ce11c0b9c678cc421
We want to limit the number of connection pools per cluster. Add it to
the circut breaker thresholds so we can do it per priority.
Signed-off-by: Kyle Larose <kyle@agilicus.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7de2b39eeb7d0929fecb00e7b81c70236c3a4869
This filter decodes the ZooKeeper wire protocol and emits
stats & metadata about requests, responses and events.
This wire protocol parsing is based on:
https://github.com/twitter/zktraffichttps://github.com/rgs1/zktraffic-cpp
The actual filter structure is based on the Mysql proxy filter.
Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Mirrored from https://github.com/envoyproxy/envoy @ b771f99f53142bbb1496dbcddccc5defaaaa8dd8
Update some documentation comments in api/envoy/service/auth/v2/*.proto to
more accurately describe the *current* behavior (without making any
judgment on whether that behavior is "correct" or desirable).
Signed-off-by: Luke Shumaker <lukeshu@datawire.io>
Mirrored from https://github.com/envoyproxy/envoy @ 0ac3706ddf0fda091521bb90cffac7bca8530197
Added an optional alias field to the resource message for use in the implementation of on-demand xDS.
Risk Level: Low
Testing: Validated Yaml
Fixes#6128
Signed-off-by: Brian Avery <bavery@redhat.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4d18f6e893b59a323ed0119016f1c1cbdb4fbcf9
This commit adds cluster stats tracking the resources remaining
until a circuit breaker opens.
Signed-off-by: Spencer Lewis <slewis@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 0cd4054747440e019a5acc62f33f0a3b5db4975f
data-plane-api(CircleCI)