We need to track statistics in a client neutral way, since the Google
gRPC client doesn't have upstream stats. This will allow us to track the
gRPC status returned by the remote (or inferred from events such as
client timeouts).
Signed-off-by: Harvey Tuch <htuch@google.com>
In support of https://github.com/envoyproxy/envoy/issues/2200 and some
Google internal needs, we are planning on adding support to Envoy to
allow a configuration (or possibly build) driven decision on whether to
using the existing Envoy in-built Grpc::AsyncClient or
the Google C++ gRPC client library (https://grpc.io/grpc/cpp/index.html).
To move in this direction, the idea is we have the xDS ApiConfigSources,
rate limit service config and other filter configurations point at a
GrpcService object. This can be configured to use an Envoy cluster,
where Grpc::AsyncClient will orchestrate communication, or to contain
the config needed to establish a channel in Google C++ gRPC client
library.
Signed-off-by: Harvey Tuch <htuch@google.com>
This is intended to capture some recent threads, it can grow as we learn
new lessons.
Signed-off-by: Harvey Tuch <htuch@google.com>
Signed-off-by: Harvey Tuch <htuch@google.com>
* Fix format.
Signed-off-by: Harvey Tuch <htuch@google.com>
As a source of entire Envoy version number. Will use this file in envoy
main repo as well.
By this change, document version string will be changed in development
version:
from: "1.6.0-data-plane-api-${GIT_SHA}"
to: "1.6.0.dev-data-plane-api-${GIT_SHA}"
And in release version, for example, in v1.6.0 release:
from: "1.6.0-tag-v1.6.0"
to: "tag-v1.6.0"
The significant change is dropping the first version number string like
"1.6.0-" in the release version document.
Signed-off-by: Taiki Ono <taiks.4559@gmail.com>
Included files that should be edited in order to generate the RSTs and DOCs when a new .proto is added to the project.
Signed-off-by: Gabriel <gsagula@gmail.com>
envoyproxy/envoy#2256 adds restrictions to the backing sources for xDS resources. This change documents those restrictions.
Signed-off-by: Jose Nino <jnino@lyft.com>
Add support for configuration of TCP, HTTP filters to support external authorization cluster.
The filter configuration references an external cluster which is expected to be running the grpc server that supports the service being defined by #296
Signed-off-by: Saurabh Mohan <saurabh+github@tigera.io>
1) Use Address instead of SocketAddress to account for UDS.
2) Rename/clarify/add both remote/local for downstream/upstream.
Signed-off-by: Matt Klein <mklein@lyft.com>
CertificateValidationContext.trusted_ca is not only for client
certificates, but also for server certs. Change the wording to "peer
certificates".
Also mention that verification is not enabled by default in docs for
UpstreamTlsContext.
Signed-off-by: Peter Schultz <peter.schultz@classmarkets.com>