Added an optional alias field to the resource message for use in the implementation of on-demand xDS.
Risk Level: Low
Testing: Validated Yaml
Fixes#6128
Signed-off-by: Brian Avery <bavery@redhat.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4d18f6e893b59a323ed0119016f1c1cbdb4fbcf9
This commit adds cluster stats tracking the resources remaining
until a circuit breaker opens.
Signed-off-by: Spencer Lewis <slewis@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 0cd4054747440e019a5acc62f33f0a3b5db4975f
Passes along the Ssl::ConnectionInfo (renamed from Ssl::Connection)
to StreamInfo, allowing it to be read in access loggers. Updates both
the formatter and gRPC access logger with uri san/subject details,
and adds the SNI to the gRPC access log.
Risk Level: Low
Testing: Unit tests
Docs Changes: Added description for new access log formats
Release Notes: n/a
#4926
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 65c05cad96db7f7874e1e5a2b70829dcfad10e88
Update ADS protocol docs to specify a Keep-Alive so others consider adding it in. If the Keep-Alive parameters are not specified, it's very easy to end up in a TCP Half Open state during a network glitch/force disconnect where the Envoy thinks it's connected to the ADS server when it's not.
Risk Level: Low
Testing:
Docs Changes: N/A
Release Notes: N/A
Somewhat addresses: #5173
Signed-off-by: Suhail Patel <me@suhailpatel.com>
Mirrored from https://github.com/envoyproxy/envoy @ 0286b82280d33d39b5fec7dbc6be34d2fc943c7d
Introduce new optional configuration parameter initial_fetch_timeout to ConfigSource proto.
This parameter can be used to limit time Envoy spend on initialization of CDS, LDS and RDS.
Enabling this timeout prevents Envoy from being stuck in PRE_INITIALIZING or INITIALIZING phase, as described in #5862.
Risk Level: Low (optional feature, disabled by default)
Testing: manual testing, unit tests
Docs Changes: add new parameter initial_fetch_timeout to ConfigSource proto
Release Notes: Added
Fixes#5862
Signed-off-by: Marcin Falkowski <marcin.falkowski@allegro.pl>
Mirrored from https://github.com/envoyproxy/envoy @ 06576443805cc651a8b404da995aa26f9a8720f5
As a follow-up to #6151 , this PR updates xds docs.
Signed-off-by: Rama Chavali <rama.rao@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ 06c47cc7c71ef2692a44a981cf5ab93cd8180112
Using proto.MarshalAny results in unstable output due to non-deterministic map ordering. This in turn causes Envoy's diff to reload a config since the hash of the structure changes.
Enable stable marshaler for gogoproto to avoid this problem. See #6252
Risk Level: low
Testing: n/a
Signed-off-by: Kuat Yessenov <kuat@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 15a19b9cb1cc8bd5a5ec71d125177b3f6c9a3cf5
1) Add stat to track number of active injected faults
2) Add config/runtime control over how many concurrent
faults can be injected. This is useful in cases where
we want to allow 100% fault injection, but want to
protect against too many concurrent requests using too
many resources.
3) Add stat for faults that overflowed.
4) Misc code cleanup / modernization.
Part of https://github.com/envoyproxy/envoy/issues/5942.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 191c8b02b4908f212f800ed0185f6ee689ba8126
Description: Code for Envoy to speak delta CDS with a management server. DELTA_GRPC added to config_source.proto's ApiTypes, to allow bootstrap configs to ask for incremental xDS.
Part of #4991. Was #5466; giving up on broken DCO craziness.
Risk Level: medium
Testing: new integration test
Signed-off-by: Fred Douglas <fredlas@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8116b6ddb53409c3cea6f55fb00367aa43d7e845
Bump up max configurable max_request_headers_kb to 96 KiB.
Add a check to http1/codec_impl.cc for headers size.
Raise the default library limits in http_parser nghttp2 so we'll rely on our own codec check.
Risk Level: Medium.
Testing: Moved all the large request headers tests to ProtocolIntegrationTest.
Part of #5626.
Signed-off-by: Auni Ahsan <auni@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ df3d47f478c29188d22b517d1a0d05793dfe2c62
We use the default subset as our fallback policy. However, if there's
a problem with our metadata it's possible for the default subset
to become empty. In this case, we'd like any host to be selected.
This change adds a panic_mode_any boolean option to LbSubsetConfig
to enable this behavior.
Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Mirrored from https://github.com/envoyproxy/envoy @ 718682f22bdb548624df076813208660fb928188
Users can now choose between buffered tapping (simpler) and
streaming tapping (more flexible but harder to work with).
Streaming tapping for the transport socket will be added in a
follow-up.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ e2e4baaa85a98b14f2bee6ea5aa16dd79cb832d4
The python script will print a machine readable output of Envoy's external dependencies
./tools/print_dependencies.py
I opt'd not to include the bazel rule this time around.
Risk Level: Low
Testing: I tested the changes by invoking the script `ci/build_container/docker_build.sh`
Signed-off-by: Dave Protasowski <dprotaso@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 6046405e68c8772c77f0fa74e4705f7e3c49c059
This PR replaces deprecated HTTP links by HTTPS links for security and consistency.
Signed-off-by: Vu Cong Tuan <tuanvc@vn.fujitsu.com>
Mirrored from https://github.com/envoyproxy/envoy @ b47112f62b5186bb087bdf335f6df6fb072e2a46
Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13327
For ring hash lb, move all configuration parsing from Ring's ctor to the LB's ctor, where it's safe to throw exceptions from. Also, re-add proto field constraints to guard against extreme inputs from clusterfuzz and other actors of questionable intent.
Risk Level: Low
Testing: Added clusterfuzz testcase; existing tests still pass.
Signed-off-by: Dan Rosen <mergeconflict@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 99696cda3336af26fe0b048d91e0d6eb279bb81c
Updates the health check filter to treat degraded hosts as healthy for
the purpose of computing the "health" of each cluster. This captures the
idea that these hosts are still available for routing: if the upstream
cluster is fully degraded it's still available, so there shouldn't be a
need for Envoy to declare itself unhealthy.
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 2e6bd24617f9c9c7085353095e196008370821c6
This new field gives LRS management server the extra info that two clusters may be using the same set of hosts to serve, and it's the management server's call whether to aggregate on the clusterStats.
Risk Level: LOW (new field)
Testing: unit test
Fixes#5986
Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ f5bb174c5f2f598df497cec04b0e144af9612570
Co-Authored-By: Nguyen Phuong An <AnNP@vn.fujitsu.com>
Signed-off-by: Kim Bao Long <longkb@vn.fujitsu.com>
Mirrored from https://github.com/envoyproxy/envoy @ 445fdd01ad460a2af28870d65caaa75b5b8922b5
Imports should be sorted by Golang coding convention
Co-Authored-By: Nguyen Phuong An <AnNP@vn.fujitsu.com>
Signed-off-by: Kim Bao Long <longkb@vn.fujitsu.com>
Mirrored from https://github.com/envoyproxy/envoy @ eb11b28ceb174d491727195e121ee75159074245
Co-Authored-By: Nguyen Phuong An <AnNP@vn.fujitsu.com>
Signed-off-by: Kim Bao Long <longkb@vn.fujitsu.com>
Mirrored from https://github.com/envoyproxy/envoy @ 15f1c56397ff404fc98fb3381725bbe48c205234
Currently, when we access **httpwg.org** with **HTTP**, it is
redirected to **HTTPS** automatically. So this commit aims to
replace **http://httpwg.org** by **https://httpwg.org** for security.
Co-Authored-By: Nguyen Phuong An <AnNP@vn.fujitsu.com>
Signed-off-by: Kim Bao Long <longkb@vn.fujitsu.com>
Mirrored from https://github.com/envoyproxy/envoy @ 81cce2e2634bcf609663a25967cdc9da39f0e7ea
This adds a new message HedgePolicy which is a field in VirtualHost and
RouteAction similar to RetryPolicy. The configuration is plumbed through
to the various classes but not used to affect behavior yet.
Signed-off-by: Michael Puncel <mpuncel@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 68afa63800e15e07329e116becaf59b71e02e618
Also optimize the buffering path to reduce copies.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 59d599981fc94d37485ee59b820c929560e25438
Corect some words for reading more easily
Signed-off-by: Nguyen Quang Huy <huynq0911@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ f6746c39e1a745ce860bd91225ac7ba5c524787c
This adds a new response flag SI that is set when the request is
canceled due to a stream idle timeout.
_Risk Level_: Low
_Testing_: Updated existing access log UTs, added test for setting flag
_Docs Changes_: Updated list of response flags
_Release Notes_: Added release note
Signed-off-by: Snow Pettersen <snowp@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ a22d983cc87170677243d4aeba6457a4972d7980
1) Add request/response body tapping
2) Add buffered body limits (TBI for transport socket)
3) Add the JSON_BODY_AS_BYTES and JSON_BODY_AS_STRING output
formats for convenience when the body is known to be human
readable.
4) Add JSON output for the file per tap sink.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9a06dc0777d2809195cb1fc414b05ae7c0660193