Allows ensuring continual progress of individual request attempts.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ b500a0a655809f518ed30a05ceb7262a02dbc537
- Add cluster header to weighted cluster proto. This enables the ability of routing to the cluster specified in the request_header for weighted cluster (i.e. multiple upstreams) case. name and cluster_header will be oneof cluster_specifiter field in the next release. Currently, they can only be regular fields due to compatibility issue.
- Add the validation logic (PGV annotation + runtime check)
- Add 3 unit tests for invalid weighted cluster configs.
Note: I have implemented the core implementation and tested it with end-to-end
integration test/example locally. Those changes will be in a separate PR once this API change is approved.
Risk Level: Low
Testing: CI, added an integration test for implementation of this API locally
Signed-off-by: Tianyu Xia <tyxia@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ ef70185f3ac241d09eabfe15c65b0d631134f74f
This is a new extension point that will allow for dynamic cluster selection.
The plugin configured by it will be responsible for returning a cluster to
Envoy through its API (to be defined). Since the cluster returned is dynamic,
a new field is added to Route to list all the clusters it may return. This
allows for proxy implementations that are not using wildcard CDS queries to
pre-fetch clusters.
This feature may ultimately replace the FilterAction mechanism, as it provides
the same functionality for known use cases, but is simpler to implement and
use.
Signed-off-by: Doug Fawley <dfawley@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 6dc4092fc161b8fcb5f25a972e4783116692d53c
Currently, envoy ignores the value of present match. This commit adjust
envoy's behavior. When the value is True, envoy will check the header
present. When the value is False, envoy will check the header absent.
Signed-off-by: He Jie Xu <hejie.xu@intel.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9a7a7ede474780c2bd8fe59e7a93e537204cfe31
This fixes the refs in protos and removes the sed operations for build
The benefits are:
- less indirection in proto refs
- (small) speedup of build
- simplify docs build
- simplify reuse of proto comments (eg generating jsonschemas)
Signed-off-by: Ryan Northey <ryan@synca.io>
Mirrored from https://github.com/envoyproxy/envoy @ 45ec050f91407147ed53a999434b09ef77590177
Adding a deprecated API version annotation to deprecated fields and enum values in proto files.
This is part of the work on adding minor/patch versioning work.
Risk Level: Low (adding annotation to existing protos).
Testing: Added and modified tests for the tooling (in tools/testdata).
Signed-off-by: Adi Suissa-Peleg <adip@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5a8bfa20dc3c85ecb61826d122696ecaa75dffa0
Add information about known extension categories (types) to extension documentation
Signed-off-by: Ryan Northey <ryan@synca.io>
Mirrored from https://github.com/envoyproxy/envoy @ 7adc0393221467fcae18052c1f7caf0cb6048d2e
This allows control planes to tell clients that a given HTTP filter is okay to ignore if it is not supported. This is useful in environments where the clients are not centrally controlled and therefore cannot be upgraded at will, where it is desirable to start using a new filter for clients that do support the new filter without breaking older clients. Unlike a client-capability-based approach, where the client tells the server which filters it supports, this avoids cache pollution and resource-name-based complexity on the server. And because the control plane can set this on a per-filter basis, this approach does not impose risk that clients will silently fail to apply filters that provide mandatory functionality (e.g., authz policies).
Risk Level: Low
Testing: N/A (actual functionality will be implemented in a subsequent PR)
Docs Changes: Included in PR
Release Notes: N/A
Platform Specific Features: N/A
Signed-off-by: Mark D. Roth <roth@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9ed95162ce11a09a56c1743d0a6e342d9bbfd2b6
Fixing "warning: Import ... but not used" warnings from protoc
Risk Level: Low
Testing: manually built protos
Signed-off-by: Chris Heisterkamp <cheister@squareup.com>
Mirrored from https://github.com/envoyproxy/envoy @ 209b8f96498162834856a4330f27deafdf7e0518
Commit Message: Add support proxying TCP over HTTP/2 or HTTP/1.1 POST to tcp_proxy. It's controlled by tcp_proxy filter configuration. Also add support adding additional headers to the proxy requests to coordinate with the upstream. In addition, add allo_post config to router, which allow triggering the regular TCP decaping from a POST request payload.
Additional Description: N/A
Risk Level: Low
Testing: Unit tests. Integration tests.
Docs Changes: Added
Release Notes: Added
Platform Specific Features: N/A
Fixes#14234
cc @alyssawilk@mattklein123
Signed-off-by: Wenlei (Frank) He <wlhe@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ effa486d042cd2ac141ee48d8ed54b02b0951c73
This patch adds max_direct_response_body_size_bytes to set the maximum bytes of the direct response body size (in bytes). The config is added as a field in RouteConfiguration.
Reviving #13487 with a slightly different approach (add the config to RouteConfiguration instead of directly per direct response config entry).
Risk Level: Low, since the default behavior is preserved.
Testing: Updated to test the newly introduced config.
Docs Changes: Updated.
Release Notes: Added.
Fixes#13422
Signed-off-by: Dhi Aurrahman <dio@rockybars.com>
Mirrored from https://github.com/envoyproxy/envoy @ eeb7adc3a30456f0d4ac65e5e6c8e88e25481d2a
The connection timeout applies to the idle timeout in the common HTTP
protocol options message in the HttpConnectionManager, not to the
RouteAction idle timeout.
Signed-off-by: Alex Konradi <akonradi@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 6246920219ac0ba215bfd0b5462ef78036363b75
Modifies ratelimit filter to be able to use information
from the route's filter metadata as one of its actions
Signed-off-by: András Czigány <andras.czigany@strivacity.com>
Mirrored from https://github.com/envoyproxy/envoy @ 06813b2c42721489470ec94b2bc75a9771d6e403
This is a follow up to 2c60632.
This forces all callers to think about multiple header values. There may be places that we want
to support multiple values, but none of them are security critical and this change should be
functionally equivalent to what exists today.
Signed-off-by: Matt Klein <mklein@lyft.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4d77fc802c3bc1c517e66c54e9c9507ed7ae8d9b
Commit Message: Implementing the new stream duration fields, and deprecating the old ones.
This does change the gRPC status code (to the correct code) for prior HCM duration timeouts. It's behind an existing guard but the status code change is not separately guarded.
Risk Level: low - config guarded with the exception of the gRPC status code change.
Testing: new unit tests, updated integration tests
Docs Changes: n/a
Release Notes: deprecation notes include new fields.
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ ce8a901c8f9f754a78ca4b3e03f4df120cc1e75b
Risk Level: LOW
Testing: Unit and format
Fixes#10535
Signed-off-by: Abhay Narayan Katare <abhay.katare@india.nec.com>
Mirrored from https://github.com/envoyproxy/envoy @ 6321e5d95f7e435625d762ea82316b7a9f7071a4
Deprecated include_vh_rate_limits in favor of an enum setting vh_rate_limits.
Signed-off-by: Clara Andrew-Wani <candrewwani@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 433e88463fa52986b8071b2738bfdda5b8062b4d
Add a max_stream_duration field and sub-message to RouteAction. This allows overriding the max_stream_duration set via the HTTP Connection Manager. It also moves the max_grpc_timeout and grpc_timeout_offset fields into it, as gRPC timeouts specify the maximum stream time, not response time.
Risk Level: Low
Testing: N/A
Docs Changes: Included in PR.
Release Notes: N/A
Fixes#12578
Signed-off-by: Doug Fawley <dfawley@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4dee4abe1d6285102014f215748ce938f5bfcd0b
Tweak the HTTP upgrades documentation to mention RFC8841 in the
documentation body (complementing the existing link to the RFC).
Minor fix to the warning text for CONNECT support.
Make explicit mention of "Extended CONNECT" in the API docs for
`RouteMatch`.
Closes#13044.
Signed-off-by: Nick Travers <n.e.travers@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 12d7b17906df69749990a9f481bc4fce087c22e6
Add a field to the current protobuf of ScopedRouteConfiguration to enable on demand scoped route table loading. The on demand scope route tables will be loaded lazily. The lazy loading feature of route table associated with scope is achieved by extending the current vhds on_demand filter to support lazy loading of RouteConfigurationscoped route discovery service.If a scoped route configuration is set to be loaded lazily, upon a http request using SRDS, when the corresponding route table of a scope is not found, post a callback to control plane, request the route table from the management server, after the route table has been initialized, continue the filter chain.
https://docs.google.com/document/d/15GX30U5CH2bsWUyQRkiiQ_nbMCoklvgP_ObrDaSlkuc/edit?usp=sharing
Risk Level: Low
Testing: add unit tests and integration test to verifiy behavior changes
Fixes#10641
Signed-off-by: chaoqinli <chaoqinli@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 709d1c31749a6ba2eab2865927f10300570ac533
For matching values in the header that might be somewhere in the middle of the header, the present option is to use Regex in the form .Search-Pattern.. This can cause catastrophic backtracking as described in #7728
As a solution, I have introduced another header match type called contains which is based on absl::StrContains().
Risk Level: Low
Testing: Unit tests are included and manual testing was performed.
Fixes#12590
Signed-off-by: Shivanshu Goswami <shigoswami@ebay.com>
Mirrored from https://github.com/envoyproxy/envoy @ e322daaf0ca70fd3fcb1c1405830c73395510d93
This PR implements a new retry back off strategy that uses values from response headers like Retry-After or X-RateLimit-Reset (the headers are configurable) to decide the back off interval before retrying a request.
Signed-off-by: Martin Matusiak <numerodix@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ bd2b989c578b2472faaff44902573e5b187f671f
This implements a host_rewrite_path option for rewriting the Host header based on path. See rational in the linked issue.
Note: the regex is executed on the path with query/fragment stripped. This is analogues to what regex_rewrite option is doing.
Risk Level: Low
Testing: added unit tests
Docs Changes: document the new option in proto file
Release Notes: added to current.rst
Fixes#12430
Signed-off-by: Petr Pchelko <ppchelko@wikimedia.org>
Mirrored from https://github.com/envoyproxy/envoy @ 374dca7905fc048be74169a7655d0462606555ad
Modified dynamic_metadata action to now accept an optional default
value for instances where no value is queried from the dynamic metadata.
Signed-off-by: Clara Andrew-Wani <candrewwani@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 3afa3b50eacfa39fa5b3518b05b03689dc56ef42
Extend hashing via header to support regex substitution.
This is useful when you need to hash on a transformation
of a header value (e.g.: extract a part of `:path`).
Fixes#11811
Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Mirrored from https://github.com/envoyproxy/envoy @ 73fc620a34135a16070083f3c94b93d074f6e59f
Provides a way to specify dynamic rate limit override in the rate limit descriptor from static value or from dynamic metadata. New type, RateLimitUnit was created to share across config protocol and rate limit service protocol. A PR for the reference implementation of the rate limit service will follow after the API changes are discussed and accepted.
Signed-off-by: Petr Pchelko <ppchelko@wikimedia.org>
Mirrored from https://github.com/envoyproxy/envoy @ 7ea1f24bd53522408d9bc55316dff9ed1701bc73
Modifies ratelimit filter to be able to use information
from the dynamic metadata as one of its actions.
Signed-off-by: Clara Andrew-Wani <candrewwani@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 471e2394b79d2b5b13a270626738d4807a51e34a
This PR proposes to rename the RetryPolicy field num_retries to max_retries.
This parameter exists in two places: 1) the RetryPolicy message in the route configuration and 2) the header x-envoy-max-retries. The naming inconsistency is a UX papercut. max_retries feels like right name for what this field is for ie. the maximum number of retries that are permitted.
There is also a stripped down RetryPolicy message which is used by RemoteDataSource which has a num_retries field. I'm including a matching rename of that for consistency.
Risk Level: Low
Testing: N/A
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Martin Matusiak <numerodix@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 286ca92afa3eaa586ad60fe20d4f5541e77b5d5e
Resolves#10124 indirectly by adding an extra config flag to RequestHeaders through which it is possible for descriptors to be sent on a partial match.
Signed-off-by: Rohan Seth <rohan.seth@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ 77e436f9eb39863a4a425bbca9026c86740b36cd
data-plane-api(Azure Pipelines)