* Fix ext_proc filter can not send non-utf8 character by gRPC
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9c6e75062ebdd8c8382c671662fb096569d9eaa9
* add access log to health check
Signed-off-by: Boteng Yao <boteng@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 881bc030a8f1cdc904311de6c1cdba38ef8cc98a
* [balsa] Add config field to enable custom methods.
This is no behavioral change by default: only methods from a hard-coded
list (that matches the list hard-coded in http-parser, and is slightly
different from the one that will be used by UHV) are accepted.
Then the new knob is true, BalsaParser does the exact same validation as
UHV will by default: method has to be non-empty and only contain allowed
characters.
When UHV method validation logic is turned on in the future, all
validation can be removed from BalsaParser. When non-UHV mode is
deprecated, this new proto field can be removed.
Tracking issue: #21245
Signed-off-by: Bence Béky <bnc@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8c17c7a8c91380b2ad5d2e352db94fd1c7571d46
The gRPC xDS implementation uses hardcoded retry durations for re-establishing the gRPC channel. This change makes the backoff parameters configurable.
Risk Level: Low
Testing: unit test
Fixes#24236
Signed-off-by: Jayson Dmello <jdmello@confluent.io>
Mirrored from https://github.com/envoyproxy/envoy @ 672b41532a9f03bc84fbbfec0d1db5b633833f9c
Commit Message: Adds a protocol option for which HTTP/2 codec to use.
Additional Description:
Risk Level: low
Testing: ran unit tests and integration tests locally
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features:
Signed-off-by: Biren Roy <birenroy@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 73115db835f27a79a79a44b8ee8f7ac4333891c7
If present, force http-parser (if value is false) or BalsaParser (if value is true). If not present, parser is selected based on envoy.reloadable_features.http1_use_balsa_parser.
Tracking issue: #21245
Signed-off-by: Bence Béky bnc@google.com
Commit Message: [balsa] Add Http1ProtocolOptions field to override HTTP/1 parser.
Additional Description:
Risk Level: low
Testing: n/a
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features: n/a
Signed-off-by: Bence Béky <bnc@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 80530fd0a32e242327c684cfe262d88e0f5eacbb
This reverts commit 1f4f60003ea4331e71d661a536e6c4dcdf23f8db.
Signed-off-by: Ryan Northey <ryan@synca.io>
Mirrored from https://github.com/envoyproxy/envoy @ 27cab5153d080bce2715395325da43267e04a009
This allows setting socket options without specifying an address to
bind for upstream connections.
Signed-off-by: Greg Greenway <ggreenway@apple.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7010984aeffe27aea0e6cbf452ef7c20139c6a43
Since the ipv4 and ipv6 have different socket option flags, when using multiple addresses, the user has to specify different socket options for the ipv4 address and the ipv6 address.
For the listener, the additional address can be the Ipv6 address, then it should be able to set an Ipv6 flag corresponding to the ipv4 one. Add socket_option field for each additional address.
For the upstream, the endpoint can be ipv4 or ipv6, currently, the user can specify the ipv4 and ipv6 local bind address in the bind config, but there is only a global socket_options that apply to both the ipv4 and ipv6 addresses. Add socket_options for each extra source address. https://envoyproxy.slack.com/archives/C78HA81DH/p1664228598624269
Risk Level: low
Testing: n/a
Docs Changes: API doc
Release Notes: n/a
Platform Specific Features: n/a
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Mirrored from https://github.com/envoyproxy/envoy @ 601cf012144a6d212879b315efa51e9cdf177878
Risk Level: low
Testing: n/a
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Mirrored from https://github.com/envoyproxy/envoy @ b1208ec4fd311d86086a99fb5f9f76d16af3a9ee
Add a "canonical suffix" list to the Alt-Svc cache so that Alt-Svc entries can be shared across origins which share the same hostname suffix.
Risk Level: Low
Testing: New unit tests
Docs Changes: Update proto docs
Release Notes: Updated
Signed-off-by: Ryan Hamilton <rch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 2b67ce314da75f304d7f65d05155bcee7c7d18e1
The HeaderAppendAction was added in the #18246. But the implementation never done. This PR try to complete this feature.
Further work of #18246. To close#22713.
Risk Level: Low.
Testing: Unit Test.
Signed-off-by: wbpcode <wangbaiping@corp.netease.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5183dbf7f11b23f1f7013a3e42cbce71eb63252a
Signed-off-by: Kuat Yessenov <kuat@google.com>
Commit Message: Expose internal listener functionality. Marks the fields as implemented. Adds the following functional changes prior to publishing:
* do not use the `address` field per https://github.com/envoyproxy/envoy/pull/21132, and instead use the listener `name` field as originally expected.
* add an `endpoint_id` field to upstream address to fix https://github.com/envoyproxy/envoy/pull/22420; it's not possible to have multiple internal addresses to the same listener in a single pool without some extra identifier beyond the listener name, because pools identify addresses using `asString()`.
* fixes https://github.com/envoyproxy/envoy/issues/20665 by using stat prefix `listener.envoy_internal_<listener_name>`.
Adds a few sample configs (and fixes https://github.com/envoyproxy/envoy/issues/20335):
* minimal two chained `tcp_proxy` listeners;
* encap HTTP in HTTP CONNECT;
* decap HTTP in HTTP CONNECT;
Risk Level: low, hidden prior
Testing: yes
Docs Changes: yes
Release Notes: yes
Mirrored from https://github.com/envoyproxy/envoy @ 02489bbf8990faddb6be1f2e0f22851b64c3fc85
Risk Level: low (and config guarded)
Testing: new unit, integration tests
Docs Changes: in with APIs
Release Notes: inline
part of envoyproxy/envoy-mobile#1622
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ 71f7f2c54b4c7c8b3c076ad22d849914c25f62e8
API for Unified Header Validators
Signed-off-by: Yan Avlasov <yavlasov@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ e569ce06101932cfe3ccb710c3c60b92dd09464b
To avoid HOL blocking impacts on slow connections.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ d0befbbb952c979782857bdb986bec562d9a3c2f
Stateful session will try to parse upstream address from downstream request directly and override the result of load balancing algorithm by the LoadBalancerContext::overrideHostToSelect API.
To avoid the load balancer selecting hosts that in unexpected statuses, specifying some expected statuses are necessary.
In the previous design, we will provide expected statuses of override host by the LoadBalancerContext::overrideHostToSelect API.
And in the PR #18207, after some discussion with @htuch, we found may be cluster-level config may be more reasonable design and implementation.
Ref some more details: #18207 (comment)
So this PR try to close previous discussion in the #18207:
Refactoring LoadBalancerContext::overrideHostToSelect API to remove expected statuses for the return value.
Add new common lb config override_host_status and related implementation.
Risk Level: Mid.
Testing: N/A.
Docs Changes: N/A.
Release Notes: N/A.
Platform Specific Features: N/A.
@wbpcode
Signed-off-by: wbpcode <wbphub@live.com>
Mirrored from https://github.com/envoyproxy/envoy @ 1575185d14abc3bc508ce5a6ba45422393322551
* Adding custom config-validation interface, extension, and a CDS validator.
Signed-off-by: Adi Suissa-Peleg <adip@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ e58c890ded5c13e60eba3285c96ffefd6f7215cf
Upstream GRPC hosts may categorize requests by request headers. This change exposes
request_headers_to_add and request_headers_to_remove options to GrpcHealthCheck in
a way similar to HttpHealthCheck.
Risk Level: Low
Testing: Performed manual test, a new unit test is added to cover the new code path.
Docs Changes: None
Release Notes: Added to "Minor Behavior Changes" section.
Signed-off-by: Wanli Li <wanlil@netflix.com>
Mirrored from https://github.com/envoyproxy/envoy @ 23ff23d0954eb9e6e4ed7ed60ec0e0d05174f6da
For xDS over the file system, sometimes more control is required over
what directory/file is watched for symbolic link swaps. Specifically,
in order to deliver xDS over a Kubernetes ConfigMap, this extra
configuration is required.
Fixes https://github.com/envoyproxy/envoy/issues/10979
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8670309bce9a488ccfc04a87d0c4367ca59c4179
Allowing auto_http to assume some domains support HTTP/3 without trying TCP first.
Risk Level: low
Testing: unit test
Docs Changes: API docs
Release Notes: not yet
Fixes#19427
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ 7c60c855ba9e1264604ff5e8b7809d99589de03e
update-envoy[bot]
data-plane-api(Azure Pipelines)