Commit Message: Add interfaces for QUIC listener filter chain. The filters still use the same config API as TCP listener filters and also get installed before connection creation. The difference is that if the iteration through the chain on onAccept() gets paused, the connection will still be created, though the rest filters will be skipped. The contract of returning StopIteration means the connection socket gets closed, the corresponding connection should be closed.
Additional Message: this change introduced a new extension category envoy.filters.quic_listener.
Risk Level: low, not in use
Testing: new unit tests and integration tests.
Docs Changes: yes
Release Notes: yes
Platform Specific Features: N/A
Signed-off-by: Dan Zhang <danzh@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9d8cb4b0c6892452741fc41e87d50934bf58acc3
* Allow custom local address resolvers.
#27881 introduces the concept of EDS clusters with hosts that have multiple (potentially > 2) IP addresses.
The current implementation of UpstreamLocalAddressSelector limits the number of source addresses in BindConfig artificially to 2, and further requires that the addresses be of different address families.
The workaround for this (if we need to specify more than 2 source addresses or have multiple addresses from the same family) is to use a custom address resolver that resolves the bind config address to nullptr (and therefore ignore it) and call bind in a customised SocketInterfaceImpl to a local source address determined by the SocketInterfaceImpl specialisation.
This PR makes it possible to define a custom local address selector, that makes it easy to work with a custom address resolver to pick the right source address based on the upstream address selected by HappyEyeballsConnectionImpl
Signed-off-by: pcrao <pcrao@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ da47a54a8ccbaa384c4cb62a5f4fcd4745a72c37
Current fill_rate must be above 0.0 (PGV constraint).
However, a low double value can cause an infinite value when computing 1/fill_rate and its cast to uint64_t fails.
This PR changes the minimal fill_rate to be once-per-year, and if a lower value is given, it is overridden and set to once-per-year.
Alternatives considered: changing the PGV value to 3.1709792e-8 (once-per-year).
Risk Level: Low - minor change in behavior
Testing: Added fuzz test case
Docs Changes: Updated API comments
Release Notes: Added.
Platform Specific Features: N/A
Fixes fuzz bug 60974
Signed-off-by: Adi Suissa-Peleg <adip@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ ffddd03ece01d9a542037bbf275e81a714fd6b8c
* Deprecate OpenTracing
* Change security_posture to `unknown`. The OT extension is no longer covered by security process.
---------
Signed-off-by: Ryan Hamilton <rch@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 494c716cefcf98bc30773f0bd850d9a3788a1615
Commit Message: add knobs to set QUIC connection options and client connection options
Additional Description: This allows Envoy Mobile applications to set Quiche's connection options so that more performance tuning can be done.
Risk Level: Low
Testing: Unit tests
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features: Mobile only
Signed-off-by: Renjie Tang <renjietang@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 450dd5bc89d7b8994c88614333328097128caeb1
* Implement deferred clusters on worker. We initialize certain cluster on
workers inline when there's traffic for that cluster.
Signed-off-by: Kevin Baichoo <kbaichoo@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 4aaf17dce6e6c2dfde384f3e496b63363da2aac8
This is to address a use case when a header should be modified only when it exists and should not be added when it does not exist.
Risk Level: Low
Testing: Unit tests.
Docs Changes: Yes.
Release Notes: Yes
Platform Specific Features: No
Fixes#27907
Signed-off-by: Christoph Pakulski <christoph@tetrate.io>
Mirrored from https://github.com/envoyproxy/envoy @ d9ba9d17016296c50069584905dee1a19427d42e
This is to address issue: #28243
The value_bytes proto is added by #27865.
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8a2d9502638789b1d078f06f48b51918589a1f4a
One can specify a MetadataKey with a path selector to pick up a host
from the dynamic metadata of the request or downstream. Selected
value can either be a string or a list with at least a single
element of string type. Request metadata is considered first.
Signed-off-by: Andrii Chabykin <chabster@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 10468b320421cb14d7911b4e6d139cc18780fb1a
* Fix ext_proc filter can not send non-utf8 character by gRPC
Signed-off-by: Yanjun Xiang <yanjunxiang@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 9c6e75062ebdd8c8382c671662fb096569d9eaa9
This computes the health of a priority level by using load balancing weight
instead of the count of healthy hosts.
Signed-off-by: Greg Greenway <ggreenway@apple.com>
Mirrored from https://github.com/envoyproxy/envoy @ 842d1b2ae9b7f73a5055f2117df6f7d086b9e40d
Commit Message:
With lots of clusters and route-tables in a cloud proxy, we are seeing tons of RAM been spent on stats while most of the stats are never inc-ed due to traffic pattern(or long tail). We are thinking that we can lazy init cluster stats() so that the RAM is only allocated when it's required.
To achieve that we need to have finer grained stats group, e.g. configUpdateStats() are frequently updated by config management server, while upstream_xxx are only required when there is traffic for the cluster, for this sub-group we can save RAM by lazy init it.
Introduce a new stats utility in this PR such that the nested StatsStruct is only instantiated when any of "->" or "*xx." operator is used.
Cribbed from PR #23921
Please see that PR for how it is used.
Additional Description:
Risk Level: LOW,utility lib not used yet.
Testing: unit test and speed test.
Docs Changes:
Release Notes:
Platform Specific Features:
Signed-off-by: Xin Zhuang <stevenzzz@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 7801df6af9000ae31bdd89b080e0d797501cbd18
* Bound the number of connections that can be accepted per socket event on
listeners.
Signed-off-by: Kevin Baichoo <kbaichoo@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ ef9387f7336d136c5d1525f9c75176a4ae87cb75
add bootstrap option to set log format
Signed-off-by: ohadvano <ohadvano@gmail.com>
Mirrored from https://github.com/envoyproxy/envoy @ 08dd6fedf0c433c341e74e689194beb23540932c
Commit Message: application_logs: add bootstrap option to write logs in JSON format
Additional Description: Adds an option in bootstrap config to write application logs in JSON format, while supporting all the log-format flags as defined in the CLI --log-format option. Related to #25959 - this is the first step in the implementation for supporting custom JSON properties, while printing the application logs output in JSON format.
Risk Level: Low (all new code paths are only enabled by config option)
Testing: Unit tests
Docs Changes: API, Application logs docs
Release Notes: None
Platform Specific Features: None
Signed-off-by: ohadvano <ohadvano@gmail.com>
Signed-off-by: ohadvano <49730675+ohadvano@users.noreply.github.com>
Mirrored from https://github.com/envoyproxy/envoy @ a9ec898d6dfdb4875a5b3684a6ee84afd4bb9663
* add access log to health check
Signed-off-by: Boteng Yao <boteng@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 881bc030a8f1cdc904311de6c1cdba38ef8cc98a
Make deprecation of source_ip documented
Signed-off-by: Raven Black <ravenblack@dropbox.com>
Mirrored from https://github.com/envoyproxy/envoy @ fe274c0277a8633b277f02b720930137280f7529
* [balsa] Add config field to enable custom methods.
This is no behavioral change by default: only methods from a hard-coded
list (that matches the list hard-coded in http-parser, and is slightly
different from the one that will be used by UHV) are accepted.
Then the new knob is true, BalsaParser does the exact same validation as
UHV will by default: method has to be non-empty and only contain allowed
characters.
When UHV method validation logic is turned on in the future, all
validation can be removed from BalsaParser. When non-UHV mode is
deprecated, this new proto field can be removed.
Tracking issue: #21245
Signed-off-by: Bence Béky <bnc@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 8c17c7a8c91380b2ad5d2e352db94fd1c7571d46
The gRPC xDS implementation uses hardcoded retry durations for re-establishing the gRPC channel. This change makes the backoff parameters configurable.
Risk Level: Low
Testing: unit test
Fixes#24236
Signed-off-by: Jayson Dmello <jdmello@confluent.io>
Mirrored from https://github.com/envoyproxy/envoy @ 672b41532a9f03bc84fbbfec0d1db5b633833f9c
Commit Message: Adds a protocol option for which HTTP/2 codec to use.
Additional Description:
Risk Level: low
Testing: ran unit tests and integration tests locally
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features:
Signed-off-by: Biren Roy <birenroy@google.com>
Mirrored from https://github.com/envoyproxy/envoy @ 73115db835f27a79a79a44b8ee8f7ac4333891c7
Commit Message: Allow only histogram summaries in metric service
Additional Description: Histogram metrics by default send two metrics Summary (containing quantiles) and Histogram (containing all the buckets), this makes payloads extremely large when handling lots of stats. In some cases, only having the summary is enough, since we can get sum, count, and percentiles. Furthermore, it probably only makes sense to send one of both, if I were to need buckets, then Summary is probably useless.
Risk Level: low, off by default
Testing:
Docs Changes:
Release Notes:
Platform Specific Features:
Signed-off-by: Sebastian Schepens <sebastian.schepens@mercadolibre.com>
Mirrored from https://github.com/envoyproxy/envoy @ c40aca4c1b51f2089fd33e70b393041c6b291064
update-envoy[bot]
data-plane-api(Azure Pipelines)