api: MetaProtocol Proxy

api/BUILD

@@ -171,6 +171,9 @@ proto_library(
         "//envoy/extensions/filters/network/ext_authz/v3:pkg",
         "//envoy/extensions/filters/network/http_connection_manager/v3:pkg",
         "//envoy/extensions/filters/network/local_ratelimit/v3:pkg",
+        "//envoy/extensions/filters/network/meta_protocol_proxy/matcher/action/v3:pkg",
+        "//envoy/extensions/filters/network/meta_protocol_proxy/matcher/v3:pkg",
+        "//envoy/extensions/filters/network/meta_protocol_proxy/v3:pkg",
         "//envoy/extensions/filters/network/mongo_proxy/v3:pkg",
         "//envoy/extensions/filters/network/ratelimit/v3:pkg",
         "//envoy/extensions/filters/network/rbac/v3:pkg",

api/envoy/extensions/filters/network/meta_protocol_proxy/matcher/action/v3/BUILD

@@ -0,0 +1,13 @@
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
+load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_package(
+    deps = [
+        "//envoy/config/route/v3:pkg",
+        "@com_github_cncf_udpa//udpa/annotations:pkg",
+        "@com_github_cncf_udpa//xds/annotations/v3:pkg",
+    ],
+)

api/envoy/extensions/filters/network/meta_protocol_proxy/matcher/action/v3/action.proto

@@ -0,0 +1,34 @@
+syntax = "proto3";
+
+package envoy.extensions.filters.network.meta_protocol_proxy.matcher.action.v3;
+
+import "envoy/config/route/v3/route_components.proto";
+
+import "xds/annotations/v3/status.proto";
+
+import "udpa/annotations/status.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.filters.network.meta_protocol_proxy.matcher.action.v3";
+option java_outer_classname = "ActionProto";
+option java_multiple_files = true;
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+option (xds.annotations.v3.file_status).work_in_progress = true;
+
+// [#protodoc-title: Meta Protocol Proxy Route Action Configuration]
+
+// Configuration for the route match action.
+// [#not-implemented-hide:]
+message RouteAction {
+  oneof cluster_specifier {
+    option (validate.required) = true;
+
+    // Indicates the upstream cluster to which the request should be routed.
+    string cluster = 1;
+
+    // Multiple upstream clusters can be specified for a given route. The request is routed to one
+    // of the upstream clusters based on weights assigned to each cluster.
+    // Currently ClusterWeight only supports the name and weight fields.
+    config.route.v3.WeightedCluster weighted_clusters = 2;
+  }
+}

api/envoy/extensions/filters/network/meta_protocol_proxy/matcher/v3/BUILD

@@ -0,0 +1,12 @@
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
+load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_package(
+    deps = [
+        "@com_github_cncf_udpa//udpa/annotations:pkg",
+        "@com_github_cncf_udpa//xds/annotations/v3:pkg",
+    ],
+)

api/envoy/extensions/filters/network/meta_protocol_proxy/matcher/v3/matcher.proto

@@ -0,0 +1,36 @@
+syntax = "proto3";
+
+package envoy.extensions.filters.network.meta_protocol_proxy.matcher.v3;
+
+import "xds/annotations/v3/status.proto";
+
+import "udpa/annotations/status.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.filters.network.meta_protocol_proxy.matcher.v3";
+option java_outer_classname = "MatcherProto";
+option java_multiple_files = true;
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+option (xds.annotations.v3.file_status).work_in_progress = true;
+
+// [#protodoc-title: Meta Protocol Proxy Route Matcher Configuration]
+
+// Used to match request service of the downstream request. Only applicable if a service provided
+// by the application protocol.
+// [#not-implemented-hide:]
+message ServiceMatchInput {
+}
+
+// Used to match request method of the downstream request. Only applicable if a method provided
+// by the application protocol.
+// [#not-implemented-hide:]
+message MethodMatchInput {
+}
+
+// Used to match an arbitrary property of the downstream request.
+// These properties are populated by the codecs of application protocols.
+// [#not-implemented-hide:]
+message PropertyMatchInput {
+  // The property name to match on.
+  string property_name = 1 [(validate.rules).string = {min_len: 1}];
+}

api/envoy/extensions/filters/network/meta_protocol_proxy/v3/BUILD

@@ -0,0 +1,14 @@
+# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py.
+
+load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_package(
+    deps = [
+        "//envoy/config/core/v3:pkg",
+        "@com_github_cncf_udpa//udpa/annotations:pkg",
+        "@com_github_cncf_udpa//xds/annotations/v3:pkg",
+        "@com_github_cncf_udpa//xds/type/matcher/v3:pkg",
+    ],
+)

api/envoy/extensions/filters/network/meta_protocol_proxy/v3/meta_protocol_proxy.proto

@@ -0,0 +1,65 @@
+syntax = "proto3";
+
+package envoy.extensions.filters.network.meta_protocol_proxy.v3;
+
+import "envoy/config/core/v3/config_source.proto";
+import "envoy/config/core/v3/extension.proto";
+import "envoy/extensions/filters/network/meta_protocol_proxy/v3/route.proto";
+
+import "xds/annotations/v3/status.proto";
+
+import "udpa/annotations/status.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.filters.network.meta_protocol_proxy.v3";
+option java_outer_classname = "MetaProtocolProxyProto";
+option java_multiple_files = true;
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+option (xds.annotations.v3.file_status).work_in_progress = true;
+
+// [#protodoc-title: Meta Protocol Proxy]
+// Meta Protocol proxy.
+
+// [#not-implemented-hide:]
+// [#next-free-field: 6]
+message MetaProtocolProxy {
+  // The human readable prefix to use when emitting statistics.
+  string stat_prefix = 1 [(validate.rules).string = {min_len: 1}];
+
+  // The application protocol built on top of the meta protocol proxy.
+  ApplicationProtocol application_protocol = 2 [(validate.rules).message = {required: true}];
+
+  oneof route_specifier {
+    option (validate.required) = true;
+
+    // The meta protocol proxies route table will be dynamically loaded via the meta RDS API.
+    MetaRds rds = 3;
+
+    // The route table for the meta protocol proxy is static and is specified in this property.
+    RouteConfiguration route_config = 4;
+  }
+
+  // A list of individual Layer-7 filters that make up the filter chain for requests made to the
+  // meta protocol proxy. Order matters as the filters are processed sequentially as request events
+  // happen.
+  repeated config.core.v3.TypedExtensionConfig meta_protocol_filters = 5;
+}
+
+// [#not-implemented-hide:]
+message ApplicationProtocol {
+  // The name of the application protocol.
+  string name = 1 [(validate.rules).string = {min_len: 1}];
+
+  // The codec which encodes and decodes the application protocol.
+  config.core.v3.TypedExtensionConfig codec = 2 [(validate.rules).message = {required: true}];
+}
+
+// [#not-implemented-hide:]
+message MetaRds {
+  // Configuration source specifier for RDS.
+  config.core.v3.ConfigSource config_source = 1 [(validate.rules).message = {required: true}];
+
+  // The name of the route configuration. This name will be passed to the RDS API. This allows an
+  // Envoy configuration with multiple meta protocol proxies to use different route configurations.
+  string route_config_name = 2 [(validate.rules).string = {min_len: 1}];
+}

api/envoy/extensions/filters/network/meta_protocol_proxy/v3/route.proto

@@ -0,0 +1,69 @@
+syntax = "proto3";
+
+package envoy.extensions.filters.network.meta_protocol_proxy.v3;
+
+import "xds/annotations/v3/status.proto";
+import "xds/type/matcher/v3/matcher.proto";
+
+import "udpa/annotations/status.proto";
+import "validate/validate.proto";
+
+option java_package = "io.envoyproxy.envoy.extensions.filters.network.meta_protocol_proxy.v3";
+option java_outer_classname = "RouteProto";
+option java_multiple_files = true;
+option (udpa.annotations.file_status).package_version_status = ACTIVE;
+option (xds.annotations.v3.file_status).work_in_progress = true;
+
+// [#protodoc-title: Meta Protocol Proxy Route Configuration]
+// The meta protocol proxy makes use of the `xds matching API` for routing configurations.
+//
+// In the below example, we combine a top level tree matcher with a linear matcher to match
+// the incoming requests, and send the matching requests to v1 of the upstream service.
+//
+// name: demo-v1
+// route:
+//   matcher_tree:
+//     input:
+//       name: request-service
+//       typed_config:
+//         "@type": type.googleapis.com/envoy.extensions.filters.network.meta_protocol_proxy.matcher.v3.ServiceMatchInput
+//     exact_match_map:
+//       map:
+//         org.apache.dubbo.samples.basic.api.DemoService:
+//           matcher:
+//             matcher_list:
+//               matchers:
+//               - predicate:
+//                   and_matcher:
+//                     predicate:
+//                     - single_predicate:
+//                         input:
+//                           name: request-properties
+//                           typed_config:
+//                             "@type": type.googleapis.com/envoy.extensions.filters.network.meta_protocol_proxy.matcher.v3.PropertyMatchInput
+//                             property_name: version
+//                         value_match:
+//                           exact: v1
+//                     - single_predicate:
+//                         input:
+//                           name: request-properties
+//                           typed_config:
+//                             "@type": type.googleapis.com/envoy.extensions.filters.network.meta_protocol_proxy.matcher.v3.PropertyMatchInput
+//                             property_name: user
+//                         value_match:
+//                           exact: john
+//                 on_match:
+//                   action:
+//                     name: route
+//                     typed_config:
+//                       "@type": type.googleapis.com/envoy.extensions.filters.network.meta_protocol_proxy.matcher.action.v3.routeAction
+//                       cluster: outbound|20880|v1|org.apache.dubbo.samples.basic.api.demoservice
+// [#not-implemented-hide:]
+message RouteConfiguration {
+  // The name of the route configuration. For example, it might match route_config_name in
+  // envoy.extensions.filters.network.meta_protocol_proxy.v3.Rds.
+  string name = 1 [(validate.rules).string = {min_len: 1}];
+
+  // The match tree to use when resolving route actions for incoming requests.
+  xds.type.matcher.v3.Matcher route = 2 [(validate.rules).message = {required: true}];
+}

api/versioning/BUILD

@@ -123,6 +123,9 @@ proto_library(
         "//envoy/extensions/filters/network/ext_authz/v3:pkg",
         "//envoy/extensions/filters/network/http_connection_manager/v3:pkg",
         "//envoy/extensions/filters/network/local_ratelimit/v3:pkg",
+        "//envoy/extensions/filters/network/meta_protocol_proxy/matcher/action/v3:pkg",
+        "//envoy/extensions/filters/network/meta_protocol_proxy/matcher/v3:pkg",
+        "//envoy/extensions/filters/network/meta_protocol_proxy/v3:pkg",
         "//envoy/extensions/filters/network/mongo_proxy/v3:pkg",
         "//envoy/extensions/filters/network/ratelimit/v3:pkg",
         "//envoy/extensions/filters/network/rbac/v3:pkg",