Add an option "freebind" in LDS for listeners and the BindConfig which
is used for outgoing upstream connections. If true, set IP_FREEBIND
socket option. Defaults to false.
PR description will be updated with Envoy implementation PR# once it is
created.
Signed-off-by: Dan Noé <dpn@google.com>
Unhide the request_headers_to_add, response_headers_to_add, and response_headers_to_remove fields in ClusterWeight. Update HTTP conn manager docs related to same.
Doc update for envoyproxy/envoy#2765.
Signed-off-by: Stephan Zuercher stephan@turbinelabs.io
Add a "transparent" option to Listener to set the SOL_IP/IP_TRANSPARENT option on listen sockets, which allows using Envoy with the iptables TPROXY target.
Unlike the iptables REDIRECT target, TPROXY allows preserving both the source and destination IP addresses and ports of accepted connections.
API changes for: envoyproxy/envoy#2719
Signed-off-by: Romain Lenglet <romain@covalent.io>
* tcp proxy: add metadata_match to tcp proxy config
This should allow the tcp proxy to target a specific subset of endpoints
in a cluster by matching on the metadata, similar to what is currently
possible in the http_connection_manager filter.
See https://github.com/envoyproxy/envoy/issues/2696
Signed-off-by: Snow Pettersen <snowp@squareup.com>
V1 configuration does not support ip tagging. This pr cleans references to IP Tagging in V1 configs.
Signed-off-by: Constance Caramanolis <ccaramanolis@lyft.com>
1) Add ability to runtime filter to configure default, divisor, and
whether independent randomness is used.
2) Also add LE to the comparison filter.
Signed-off-by: Matt Klein <mklein@lyft.com>
In the proxy we've added an Unauthorized response flag. This PR adds the same to filter access logs.
Once this PR is merged it will be possible to set the flag in source/common/access_log/grpc_access_log_impl.cc
See also, comment in envoyproxy/envoy#2415
Signed-off-by: Saurabh Mohan <saurabh+github@tigera.io>
This enables generating generic service stubs for all the data-plane-api
proto services when generating Java classes with protoc.
This is generally not needed when implementing a gRPC server but in our case we're implementing
it behind our legacy protobuf RPC framework which rely on these stubs. As far as I know the only negative
with enabling these is generating some potentially unnecessary Java classes.
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Updates the L7 IP tagging filter proto, v1 configuration documentation and overview documentation.
Signed-off-by: Constance Caramanolis <ccaramanolis@lyft.com>
v2 api changes: Use oneof to specify header match options, based on value(exact_match), regex or range.
The existing value and regex fields will be deprecated. Use the header_match_specfier oneof instead.
Add a new range.proto (envoy.type.v2) for the range type definition.
The SInt64Range message is defined in envoy.type.v2 range.proto.
It consists of start and end (inclusive, exclusive) sint64 values.
v1 api: Add a range_match object to the route headers json. Presence of this object indicates range based route match.
Example: For the below route config:
{
"prefix": "/",
"cluster": "PartitionB",
"name": "PartitionKey",
"range_match": { "start": 0, "end": 10}
}
In the incoming request, if the PartitionKey header value = 0, route match succeeds. Route match fails if the header value = 10, -10, "somestring".
This feature can be used for request routing with Service Fabric stateful services, to route to the desired partition with the [ranged partitioning scheme](https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-concepts-partitioning#ranged-partitioning-scheme)
Signed-off-by: Kavya Kotacherry <kavyako@microsoft.com>
This PR adds a new section to the Getting Started guide entitled "Other Use Cases" which show how Envoy can be used in specific situations. The thought is that users may want to use an Envoy distribution instead of Envoy itself for specific scenarios.
I also added a tutorial on how to use the open source Ambassador project to deploy Envoy as an API Gateway in Kubernetes, with an example that mirrors the google smoketest that is also used in the getting started.
Signed-off-by: Richard Li <richard@datawire.io>
There is no way to modify the response of PING on a running Redis server without restarting it. This makes it painful to terminate an instance. All inflight requests plus requests until ejection by active or passive healthcheck will fail.
Signed-off-by: Daniel Hochman <danielhochman@users.noreply.github.com>
this patch adds support for dynamically generating redirect msg based on
a request received by modifying the matched prefix or path.
ref: envoyproxy/envoy#2343
Signed-off-by: Madhavan Balasubramanian <bmadhavan@ebay.com>
Fixes issue #396. Once this is approved, will make Envoy side changes.
Signed-off-by: Rama rama.rao@salesforce.com
Signed-off-by: Rama <rama.rao@salesforce.com>
This is the update to the documentation that's required once the --disable-hot-restart cli flag PR is merged. See envoyproxy/envoy#2576.
Signed-off-by: Tony Allen <tallen@nutanix.com>
The link wasn't quite correct for linking back to the filter
documentation. This PR just point it to the right place.
Signed-off-by: Dan Norris <protochron@users.noreply.github.com>
This adds ability to configure settings for zone aware load balancing settings as config options.
solves envoyproxy/envoy#1344
Changes : Added min_cluster_size and enabled_percentage to commonLbConfig which enables them to used directly in load_balancer_impl.cc.
Signed-off-by: sri kailash <sri.gandebathula@booking.com>
Fix up the comments for failure_mode_allow that was incorrectly worded and caught during review envoyproxy/envoy#2416
Signed-off-by: Saurabh Mohan <saurabh+github@tigera.io>
Google has some internal customizations that require configuration to be
provided. Added a generic site local customization field.
Signed-off-by: Harvey Tuch <htuch@google.com>
This brings in https://github.com/lyft/protoc-gen-validate/pull/57 which
should allow builds that depend on data-plane-api (e.g. envoy) to work when git is
configured with a proxy.
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Matt Klein
Dan Noé
Stephan Zuercher
Oliver Mannion
Bala Madhavan
William Thurston
Gary Brown
Rama Chavali
Romain Lenglet
embs
Snow Pettersen
Constance Caramanolis
Kuat
Francis Upton IV
Saurabh Mohan
jmillikin-stripe
Kavya Kotacherry - MSFT
Daniel Hochman
Richard Li
htuch
alyssawilk
Tony Allen
Dan Norris
Alexey Baranov
Brian Pane
srikailash
Dhi Aurrahman
Gabriel Sagula