Add a terminal attribute to request hash policy.
Think about a case where customers want to hash on a cookie if it's present but if it's not present, do best-effort sticky based on something like IP so the customer has a stable hash.
This "terminal" allows request hashing to have the ability of "if A not working, fallback to B.", which also saves time to generate the hash.
Changes:
* Add a terminal attribute to HashMethod, which shortcircuit the hash generating process if a policy is marked terminal and there is a hash computed already.
Signed-off-by: Xin Zhuang stevenzzz@google.com
Description: Add terminal attribute to request hash.
Risk Level: Low
Testing: unit tests.
Mirrored from https://github.com/envoyproxy/envoy @ ee710d0a92b476cc3d7a0f99f11b62675d1a4e01
This PR added a new principal_name of type StringMatcher to rbac Authenticated and mark the existing user field as deprecated. This gives us more flexibility to express more matching rules against peer certificate.
Risk Level: Low
Testing: Added unit tests
Signed-off-by: Yangmin Zhu <ymzhu@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 5d731878fd0134ca15d5904450a64dab0ff577a9
Currently host level stats in clusters proto uses map so they are outputted in random order. This PR changes it to list so that the order is predictable.
Risk Level: Low
Testing: Added automated tests
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Rama <rama.rao@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ 69474b39878d74354a1fb0b14d41f362839540e8
Signed-off-by: Daniel Hochman <danielhochman@users.noreply.github.com>
Risk: trivial (Documentation only change)
Mirrored from https://github.com/envoyproxy/envoy @ f13ef246488f2ca1c1cc925ed90d1c76695cc624
This reverts commit ac0bd74. But leaves the API changes as 'not implemented' in order to not scramble the proto field.
#4073 had a bug. The cause has been identified, and a fix PR is forthcoming. However, in the meantime, we want to leave master clean.
Mirrored from https://github.com/envoyproxy/envoy @ 9d094e590f814485b53c7e46a4fb1066a71c36d3
This allows tunneling over H2, unfortunately only enabled via nghttp2_option_set_no_http_messaging until nghttp2/nghttp2#1181 is sorted out. See the big warnings about not using (at least without knowing you're going to have a roll-out that may break backwards-compatibility some time in the not too distant future)
Risk Level: Medium (changes are contained behind H2-with-Upgrade header which doesn't work today)
Testing: unit tests, and turned up the full H1/H2 upstream/downstream in the integration test
Docs Changes: for now, though I may take them out. I think they're useful for review.
Release Notes: not added since we don't want folks using it (outside of testbeds) yet.
#1630
Signed-off-by: Alyssa Wilk <alyssar@chromium.org>
Mirrored from https://github.com/envoyproxy/envoy @ cd171d9a95f551628453c83f0b00924e8b310bf0
We have dedicated alternative mechanisms for this in RouteAction, it can
confuse other actions (e.g. prefix_rewrite).
Fixes oss-fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9995.
Risk level: Low
Testing: Unit tests and corpus entry added.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ b9dc5d9a04411fe72ff516cbaef527dd8c016ae9
This change adds header matching to the thrift router We do this by pulling in the route proto definition into the thrift route proto and making use of the Http::HeaderUtility class to do the matching for us. As such, we support the same type of header matching that exists for the http router.
Risk Level: LOW
Testing: unit and integrations tests, new and old, pass.
Doc changes: api docs updated
Release notes: n/a
Signed-off-by: Brian Ramos <brirams@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ f5e219edca39da8d6b2d136d4d87a35c6ef5e416
In the latest iteration of
https://github.com/envoyproxy/envoy/pull/4220, it was necessary to use
PGV constraints on fuzzer inputs. To do this would require PGV
generation in envoy_build_system.bzl.
There is also quite a bit of mess in
how we were doing envoy_proto_library() today. So, this PR allows us to
throw away the custom envoy_proto_library() and benefit from leveraging
a single source of Envoy proto build truth.
Risk level: Low
Testing: bazel test //test/...
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 28d5f4118d60f828b1453cd8ad25033f2c8e38ab
* support failure_mode_deny in ratelimit
Signed-off-by: Rama <rama.rao@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ ac0bd74f6f9716e3a44d1412f795317c30ca770a
Fixes the order of config_dump elements - bootstrap, clusters, listeners and routes will come in that order. Note that inside each of them, ordering is not guaranteed. This is a step in moving towards complete ordering.
Risk Level: Low
Testing: Added Automated tests
Docs Changes: Updated
Release Notes: N/A
Signed-off-by: Rama <rama.rao@salesforce.com>
Mirrored from https://github.com/envoyproxy/envoy @ 51d274be76119efff76fdafaa2f49fdd479f2def
We use the new extension_protocol_options field on Cluster to allow clusters
to be configured with a transport and/or protocol. Downstream requests are
automatically translated to the upstream dialect and upstream responses are
translated back to the downstream's dialect.
Moves the TransportType and ProtocolType protobuf enums out of the
ThriftProxy message to allow their re-use in ThriftProtocolOptions.
*Risk Level*: low
*Testing*: integration test
*Docs Changes*: added thrift filter docs
*Release Notes*: n/a
Signed-off-by: Stephan Zuercher <stephan@turbinelabs.io>
Mirrored from https://github.com/envoyproxy/envoy @ c91625ed829a4ec4123bab8b4e6b223f67d88e4a
This PR adds timestamp field to the HealthCheckEvent message to allow
having it rendered inside the JSON serialized log of a health check
event.
Signed-off-by: Dhi Aurrahman <dio@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ 8d0680feb074999c18998930b7f5f261f8f4a7a0
- Ability to add custom response headers from ratelimit
service/filter
- For both (LimitStatus::OK and LimitStatus::OverLimit) custom
headers are added if RLS service sends headers
- For LimitStatus:OK, we temporarily store the headers and add
them to the response (via Filter::encodeHeaders())
*Risk Level*: Low
*Testing*: unit and integration tests added. Verified with modified
github.com/lyft/ratelimit service. Passes "bazel test //test/..." in
Linux
Signed-off-by: Suresh Kumar <suresh@freshdesk.com>
Mirrored from https://github.com/envoyproxy/envoy @ 71152b710e3543732464fca57c8f07b7395de68d
Currently, the thrift router only supports method matching as a way to route thrift requests. This builds on that by adding the ability to specify a service name that is used when matching. This change updates the RouteMatch proto definition to use a oneof field to indicate what type of matching should be done, as well as an invert flag that will allow for inverse matching rules.
Additionally:
* ensure new RouteEntryImplBase implementations check that inversion and wildcard matching are not enabled at the same time, as this would result in no matches for a route
* implement service matching as checking the prefix of the method name, as that's how it's implemented in thrift
*Risk Level:* Low
*Testing:*
* new and existing unit tests pass.
* updated integration test use new matching rules and ensure that expected upstreams receive requests.
*Documentation:* n/a
*Release Notes:* n/a
Signed-off-by: Brian Ramos <brirams@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ 27fb1d353bb13d778a7fb70186e77ad7ce1080e1
The existing FaultDelay config used uint32 for the percent field which
limited the user to configure percentages only in terms of whole numbers
between 0 and 100. FractionalPercent allows finer control over the
percent values by allowing fractions to be specified in the
configuration, for example 0.0001%.
Signed-off-by: Venil Noronha <veniln@vmware.com>
Mirrored from https://github.com/envoyproxy/envoy @ 714ae130a6cb0d9c4bcef6cd5e3a0e698bdad370
Renaming message types in api/envoy/service/discovery/v2/hds.proto to improve readability
Risk Level:
Low
This is for #1310.
Signed-off-by: Lilika Markatou <lilika@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9b33c49d1ca32e73d761849a617b988ed6b596a7
The existing RestApiFetcher implementation used a hard-coded request
timeout of 1s which wouldn't suit all environments. This commit enables
the configuration of request timeout in the RestApiFetcher.
Signed-off-by: Venil Noronha <veniln@vmware.com>
Mirrored from https://github.com/envoyproxy/envoy @ a3364380ae8dbfac692977f3d5a846b7498eb4ba
This change introduces a new configuration parameter for clusters,
`time_between_updates`.
If this is set, all cluster updates — membership changes, metadata
changes on endpoints, or healtcheck state changes — that happen
within a `time_between_updates` duration will be merged and delivered
at once when the duration ends.
This is useful for big clusters (> 1k endpoints) using the subset LB.
Partially addresses https://github.com/envoyproxy/envoy/issues/3929.
Signed-off-by: Raul Gutierrez Segales <rgs@pinterest.com>
Mirrored from https://github.com/envoyproxy/envoy @ 62441f9fe2933d4846cfc3d166e52a9178be755f
The issue is due to on the crash of Envoy::Network::Utility::getAddressWithPort because of the invalid port_value. Added max constraint validate rule to the port_value field.
Risk Level: Low
Testing: Tested unit tests (bazel test //test/server/config_validation:config_fuzz_test), built and ran fuzzers with oss-fuzz.
Signed-off-by: Anirudh M <m.anirudh18@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7d61b00171fb3cc349a9d834dafdf10f0c70adda
Minor fixups for the xDS protocol documentation.
Signed-off-by: Nick Travers <n.e.travers@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ ed131cfa9d3065872d5c880d8514ffa0bb39ec5d
As discussed in Slack, these should have been under api/config/filter/network
to begin with. Added a note to the style doc to make this clear in the
future.
*Risk level*: low (rename only)
*Testing*: existing tests suffice
*Doc Changes*: n/a
*Release Notes*: updated
Signed-off-by: Stephan Zuercher <stephan@turbinelabs.io>
Mirrored from https://github.com/envoyproxy/envoy @ 1dfde38343e7dfafe2c9f211229109bb22491257
Provides a very basic thrift router that can route to clusters
based on method name only. A Thrift DecoderFilter interface is
introduced, but the only available filter is the Router. The
Network filter and router are capable of translating transports
and protocols but presently cannot be configured to do so.
Relates to #2247.
*Risk Level*: low
*Testing*: unit and integration testing
*Docs Changes*: protobuf documentation updated
*Release Notes*: introduced a basic thrift_proxy routing extension
Signed-off-by: Stephan Zuercher <stephan@turbinelabs.io>
Mirrored from https://github.com/envoyproxy/envoy @ 72a964c7b6f52746f4f7c357dcf667e533470567
This PR contains changes to implement feature requested in issue #3823
- Adding DropOverload in eds policy which can be used to specify
drop_percentage per category.
- Adding DroppedRequests in load_report which can report deliberately
dropped requests for each category.
Signed-off-by: vishalpowar <vishal.powar@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 3ee3aa34d826fa1783c201fbf99dfec3a21eed53
This adds the ability to specify response_headers_to_* and request_headers_to_add at the route level, for #3520
Risk Level: low
Testing: updated unit tests
Docs Changes: added
Fixes Issue: #3520
Signed-off-by: Derek Argueta <dereka@pinterest.com>
Mirrored from https://github.com/envoyproxy/envoy @ ec0179a78b6928f2ae96a43811c27b059d9186d7
This patch implements load_assigment field in CDS' Cluster.
This change specifically adds the implementation of the new load_assigment field
for clusters with discovery-type: STATIC, STRICT_DNS and LOGICAL_DNS.
While adding this load_assigment field implementation to Cluster,
this patch also allows specifying optional (active) health check config per specified upstream host.
Risk Level: medium
Testing: unit tests
Docs Changes:
This unhides docs for endpoint health check config
Release Notes: N/A
Fixes#439
Signed-off-by: Dhi Aurrahman <dio@rockybars.com>
Mirrored from https://github.com/envoyproxy/envoy @ b32eabfc141760ec14622a4a2a2f0ab0a741cd6c
Make the YAML examples use lists for `audiences` and avoid starting
lists for non-repeating fields.
Risk Level: Low
Testing: N/A
Docs Changes: N/A
Release Notes: N/A
Signed-off-by: Tal Nordan <tal.nordan@solo.io>
Mirrored from https://github.com/envoyproxy/envoy @ c4b6aecdd1bf5fb7a05a3f2a6f58e6ec42dc1393
This is a followup to #3841, where we introduce HCM-wide stream idle timeouts. This has two effects:
1. We can now timeout immediately after stream creation, potentially before receiving request headers and routing.
2. A default timeout can be configured across all routes. This is overridable on a per-route basis.
The default and overriding semantics are explained in the docs. Also added as a bonus some docs
about how timeouts interact more generally in Envoy.
Fixes#3853.
Risk Level: Low. While there is some change to the per-route vs. HCM wide semantics for stream idle
timeouts, it's not anticipated this feature is in common use yet (it's only a couple of days since
landing), and the caveats in #3841 with the new 5 minute default timeout should already apply.
Testing: Unit/integration tests added.
Signed-off-by: Harvey Tuch <htuch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 672083c7ba4e92fe9548252c45d84d583a95102d