Bootstrap and configuration of monolithic QuicListener.

api/envoy/api/v2/lds.proto

@@ -131,6 +131,12 @@ message Listener {
   // timeout. If not specified, a default timeout of 15s is used.
   google.protobuf.Duration listener_filters_timeout = 15 [(gogoproto.stdduration) = true];
 
+  // [#not-implemented-hide:]
+  // QUIC listener for handing UDP packets. Only used when :ref:`address
+  // <envoy_api_field_Listener.address>` specifies a UDP :ref:`SocketAddress
+  // <envoy_api_msg_core_SocketAddress>`.
+  listener.QuicListener quic_listener = 16;
+
   // Whether the listener should be set as a transparent socket.
   // When this flag is set to true, connections can be redirected to the listener using an
   // *iptables* *TPROXY* target, in which case the original source and destination addresses and

api/envoy/api/v2/listener/listener.proto

@@ -215,3 +215,22 @@ message ListenerFilter {
     google.protobuf.Any typed_config = 3;
   }
 }
+
+// [#proto-status: experimental]
+message QuicListener {
+  // The name of the QUIC listener to instantiate. The name must match a
+  // supported listener. Future listeners may include:
+  //
+  // * envoy.quic.quiche
+  // * envoy.quic.ngtcp2
+  string name = 1 [(validate.rules).string.min_bytes = 1];
+
+  // Filter specific configuration which depends on the filter being instantiated.
+  // See the supported filters for further documentation.
+  oneof config_type {
+    google.protobuf.Struct config = 2;
+
+    // [#not-implemented-hide:]
+    google.protobuf.Any typed_config = 3;
+  }
+}

api/envoy/config/filter/network/http_connection_manager/v2/BUILD

@@ -5,6 +5,7 @@ licenses(["notice"])  # Apache 2
 api_proto_library_internal(
     name = "http_connection_manager",
     srcs = ["http_connection_manager.proto"],
+    visibility = ["//envoy/config/quic_listener/quiche/v2alpha:__pkg__"],
     deps = [
         "//envoy/api/v2:rds",
         "//envoy/api/v2/core:base",

api/envoy/config/quic_listener/quiche/v2alpha/BUILD

@@ -0,0 +1,9 @@
+load("//bazel:api_build_system.bzl", "api_proto_library")
+
+licenses(["notice"])  # Apache 2
+
+api_proto_library(
+    name = "quiche",
+    srcs = ["quiche.proto"],
+    deps = ["//envoy/config/filter/network/http_connection_manager/v2:http_connection_manager"],
+)

api/envoy/config/quic_listener/quiche/v2alpha/quiche.proto

@@ -0,0 +1,27 @@
+syntax = "proto3";
+
+package envoy.config.quic_listener.quiche.v2alpha;
+option java_package = "io.envoyproxy.envoy.config.quic_listener.quiche.v2alpha";
+option java_multiple_files = true;
+option go_package = "v2";
+
+import "envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto";
+
+import "validate/validate.proto";
+import "gogoproto/gogo.proto";
+
+// [#protodoc-title: QUICHE]
+
+// Configuration for QUICHE-based QUIC listener. This will provide QUIC support to Envoy.
+// https://quiche.googlesource.com/quiche/
+message Quiche {
+
+  // HTTP-level configuration for the QUIC listener. In particular, HTTP filters to be applied to
+  // QUIC traffic should be specified in the nested :ref:`HttpConnectionManager
+  // <envoy_api_msg_config.filter.network.http_connection_manager.v2.HttpConnectionManager>` config
+  // protobuf.
+  envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager http_config = 1
+      [(validate.rules).message.required = true, (gogoproto.nullable) = false];
+
+  // QUIC-specific config will be added as fields here.
+}

include/envoy/network/BUILD

@@ -85,6 +85,7 @@ envoy_cc_library(
     deps = [
         ":connection_interface",
         ":listen_socket_interface",
+        "//include/envoy/quic:listener_interface",
         "//include/envoy/stats:stats_interface",
     ],
 )

include/envoy/network/listener.h

@@ -7,6 +7,7 @@
 #include "envoy/common/exception.h"
 #include "envoy/network/connection.h"
 #include "envoy/network/listen_socket.h"
+#include "envoy/quic/listener.h"
 #include "envoy/stats/scope.h"
 
 namespace Envoy {
@@ -31,6 +32,12 @@ class ListenerConfig {
    */
   virtual FilterChainFactory& filterChainFactory() PURE;
 
+  /**
+   * @return QuicListenerFactory* the factory for creating QUIC listeners, or nullptr if none is
+   *         configured.
+   */
+  virtual Quic::QuicListenerFactory* quicListenerFactory() PURE;
+
   /**
    * @return Socket& the actual listen socket. The address of this socket may be
    *         different from configured if for example the configured address binds to port zero.

include/envoy/quic/BUILD

@@ -0,0 +1,27 @@
+licenses(["notice"])  # Apache 2
+
+load(
+    "//bazel:envoy_build_system.bzl",
+    "envoy_cc_library",
+    "envoy_package",
+)
+
+envoy_package()
+
+envoy_cc_library(
+    name = "config_interface",
+    hdrs = ["config.h"],
+    deps = [
+        ":listener_interface",
+        "//include/envoy/server:filter_config_interface",
+        "//source/common/protobuf",
+    ],
+)
+
+envoy_cc_library(
+    name = "listener_interface",
+    hdrs = ["listener.h"],
+    deps = [
+        "//include/envoy/network:listen_socket_interface",
+    ],
+)

include/envoy/quic/config.h

@@ -0,0 +1,44 @@
+#pragma once
+
+#include <string>
+
+#include "envoy/quic/listener.h"
+#include "envoy/server/filter_config.h"
+
+#include "common/protobuf/protobuf.h"
+
+namespace Envoy {
+namespace Quic {
+
+/**
+ * Implemented by the QUIC listener and registered via RegisterFactory.
+ */
+class QuicListenerConfigFactory {
+public:
+  virtual ~QuicListenerConfigFactory() {}
+
+  /**
+   * Create a particular QUIC listener factory implementation. If the implementation is unable to
+   * produce a factory with the provided parameters, it should throw an EnvoyException.
+   * @param config the protobuf configuration for the listener.
+   * @param context the listener's context.
+   */
+  virtual QuicListenerFactoryPtr
+  createListenerFactoryFromProto(const Protobuf::Message& config,
+                                 Server::Configuration::ListenerFactoryContext& context) PURE;
+
+  /**
+   * @return ProtobufTypes::MessagePtr create empty config proto message. The QUIC listener
+   *         config, which arrives in an opaque message, will be parsed into this empty proto.
+   */
+  virtual ProtobufTypes::MessagePtr createEmptyConfigProto() PURE;
+
+  /**
+   * @return std::string the identifying name for a particular implementation of a QUIC listener
+   * produced by the factory.
+   */
+  virtual std::string name() PURE;
+};
+
+} // namespace Quic
+} // namespace Envoy

include/envoy/quic/listener.h

@@ -0,0 +1,78 @@
+#pragma once
+
+#include <memory>
+
+#include "envoy/network/listen_socket.h"
+
+namespace Envoy {
+namespace Event {
+class Dispatcher;
+}
+
+namespace Quic {
+
+/**
+ * Callbacks used by QuicListener instances to communicate with their execution
+ * environment.
+ */
+class QuicListenerCallbacks {
+public:
+  virtual ~QuicListenerCallbacks() {}
+
+  /**
+   * @return the socket via which the listener can send and receive datagrams.
+   */
+  virtual Network::Socket& socket() PURE;
+
+  /**
+   * @return the dispatcher via which the listener can register for events.
+   */
+  virtual Event::Dispatcher& dispatcher() PURE;
+};
+
+/**
+ * Abstract interface for QUIC listeners.
+ */
+// Ideally, this class would extend Network::Listener, or Network::Listener
+// could even be used directly instead of it. However, as currently stands, this
+// would introduce a circular dependency, since Network::ListenerConfig (which
+// refers to QuicListenerFactory) and Network::Listener (to which
+// QuicListenerFactory would refer) are defined in the same build target
+// (//include/envoy/network:listener_interface).
+class QuicListener {
+public:
+  virtual ~QuicListener() {}
+
+  /**
+   * Temporarily disable accepting new connections.
+   */
+  virtual void disable() PURE;
+
+  /**
+   * Enable accepting new connections.
+   */
+  virtual void enable() PURE;
+};
+
+typedef std::unique_ptr<QuicListener> QuicListenerPtr;
+
+/**
+ * Factory for creating QUIC listeners.
+ */
+class QuicListenerFactory {
+public:
+  virtual ~QuicListenerFactory() {}
+
+  /**
+   * Create a QUIC listener. The listener is responsible for registering for
+   * socket events as needed; both socket and dispatcher are accessible via the
+   * callbacks provided.
+   * @return the newly created listener.
+   */
+  virtual QuicListenerPtr createQuicListener(QuicListenerCallbacks& callbacks) PURE;
+};
+
+typedef std::unique_ptr<QuicListenerFactory> QuicListenerFactoryPtr;
+
+} // namespace Quic
+} // namespace Envoy

include/envoy/server/BUILD

@@ -174,6 +174,7 @@ envoy_cc_library(
         ":guarddog_interface",
         "//include/envoy/network:filter_interface",
         "//include/envoy/network:listen_socket_interface",
+        "//include/envoy/quic:listener_interface",
         "//include/envoy/ssl:context_interface",
         "//source/common/protobuf",
         "@envoy_api//envoy/api/v2/listener:listener_cc",

include/envoy/server/listener_manager.h

@@ -4,6 +4,7 @@
 #include "envoy/network/filter.h"
 #include "envoy/network/listen_socket.h"
 #include "envoy/network/listener.h"
+#include "envoy/quic/listener.h"
 #include "envoy/server/drain_manager.h"
 #include "envoy/server/filter_config.h"
 #include "envoy/server/guarddog.h"
@@ -74,6 +75,16 @@ class ListenerComponentFactory {
       const Protobuf::RepeatedPtrField<envoy::api::v2::listener::ListenerFilter>& filters,
       Configuration::ListenerFactoryContext& context) PURE;
 
+  /**
+   * Creates a QUIC listener factory.
+   * @param listener_config supplies the QUIC listenerconfiguration.
+   * @param context supplies the factory creation context.
+   * @return Quic::QuicListenerFactoryPtr the QUIC listener factory.
+   */
+  virtual Quic::QuicListenerFactoryPtr
+  createQuicListenerFactory(const envoy::api::v2::listener::QuicListener& listener_config,
+                            Configuration::ListenerFactoryContext& context) PURE;
+
   /**
    * @return DrainManagerPtr a new drain manager.
    * @param drain_type supplies the type of draining to do for the owning listener.

source/extensions/extensions_build_config.bzl

@@ -76,6 +76,11 @@ EXTENSIONS = {
     "envoy.filters.network.thrift_proxy":               "//source/extensions/filters/network/thrift_proxy:config",
     "envoy.filters.network.sni_cluster":                "//source/extensions/filters/network/sni_cluster:config",
 
+    #
+    # QUIC listeners
+    #
+    "envoy.quic_listeners.quiche":                      "//source/extensions/quic_listeners/quiche:config",
+
     #
     # Resource monitors
     #

source/extensions/quic_listeners/BUILD

@@ -0,0 +1,17 @@
+licenses(["notice"])  # Apache 2
+
+load(
+    "//bazel:envoy_build_system.bzl",
+    "envoy_cc_library",
+    "envoy_package",
+)
+
+envoy_package()
+
+envoy_cc_library(
+    name = "well_known_names",
+    hdrs = ["well_known_names.h"],
+    deps = [
+        "//source/common/singleton:const_singleton",
+    ],
+)

source/extensions/quic_listeners/quiche/BUILD

@@ -0,0 +1,23 @@
+licenses(["notice"])  # Apache 2
+
+# QUICHE-based QUIC listener implementation
+
+load(
+    "//bazel:envoy_build_system.bzl",
+    "envoy_cc_library",
+    "envoy_package",
+)
+
+envoy_package()
+
+envoy_cc_library(
+    name = "config",
+    srcs = ["config.cc"],
+    deps = [
+        "//include/envoy/quic:config_interface",
+        "//include/envoy/registry",
+        "//source/common/protobuf:utility_lib",
+        "//source/extensions/quic_listeners:well_known_names",
+        "@envoy_api//envoy/config/quic_listener/quiche/v2alpha:quiche_cc",
+    ],
+)