envoyproxy · mattklein123 · Feb 27, 2019 · Feb 20, 2019 · Feb 21, 2019 · Feb 24, 2019
diff --git a/configs/freebind/freebind.yaml b/configs/freebind/freebind.yaml
@@ -1,18 +1,23 @@
 admin:
   access_log_path: /tmp/admin_access.log
   address:
-    socket_address: { address: 127.0.0.1, port_value: 9901 }
+    socket_address:
+      address: 127.0.0.1
+      port_value: 9901
 
 static_resources:
   listeners:
   - name: listener_0
     address:
-      socket_address: { address: 192.168.42.1, port_value: 10000 }
+      socket_address:
+        address: 192.168.42.1
+        port_value: 10000
     freebind: true
     filter_chains:
     - filters:
       - name: envoy.http_connection_manager
-        config:
+        typed_config:
+          "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
           stat_prefix: ingress_http
           route_config:
             name: local_route
@@ -29,10 +34,15 @@ static_resources:
     connect_timeout: 30s
     type: STATIC
     lb_policy: ROUND_ROBIN
-    hosts:
-    - socket_address:
-        address: 127.0.0.1
-        port_value: 10001
+    load_assignment:
+      cluster_name: service_local
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: 127.0.0.1
+                port_value: 10001
 # TODO(htuch): Figure out how to do end-to-end testing with
 # outgoing connections and free bind.
 #    upstream_bind_config:

diff --git a/configs/google_com_proxy.v2.yaml b/configs/google_com_proxy.v2.yaml
@@ -16,7 +16,8 @@ static_resources:
     filter_chains:
     - filters:
       - name: envoy.http_connection_manager
-        config:
+        typed_config:
+          "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
           stat_prefix: ingress_http
           route_config:
             name: local_route
@@ -38,8 +39,14 @@ static_resources:
     # Comment out the following line to test on v6 networks
     dns_lookup_family: V4_ONLY
     lb_policy: ROUND_ROBIN
-    hosts:
-      - socket_address:
-          address: google.com
-          port_value: 443
-    tls_context: { sni: www.google.com }
+    load_assignment:
+      cluster_name: service_google
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: www.google.com
+                port_value: 443
+    tls_context:
+      sni: www.google.com
diff --git a/configs/original-dst-cluster/proxy_config.yaml b/configs/original-dst-cluster/proxy_config.yaml
@@ -7,24 +7,27 @@ static_resources:
     filter_chains:
     - filters:
       - name: envoy.http_connection_manager
-        config:
-          deprecated_v1: true
-          value:
-            stat_prefix: ingress_http
-            route_config:
-              virtual_hosts:
-              - routes:
-                - prefix: "/"
-                  timeout_ms: 0
+        typed_config:
+          "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
+          stat_prefix: ingress_http
+          route_config:
+            name: local_service
+            virtual_hosts:
+            - name: backend
+              domains:
+              - "*"
+              routes:
+              - match:
+                  prefix: "/"
+                route:
                   cluster: cluster1
-                domains:
-                - "*"
-                name: local_service
-            filters:
-            - name: router
-              config: {}
-            codec_type: auto
-    use_original_dst: true
+          http_filters:
+          - name: envoy.router
+            typed_config: {}
+          codec_type: auto
+    listener_filters:
+    - name: envoy.listener.original_dst
+      typed_config: {}
   clusters:
   - name: cluster1
     type: ORIGINAL_DST
@@ -34,7 +37,7 @@ static_resources:
 cluster_manager: {}
 watchdog: {}
 admin:
-  access_log_path: "/tmp/admin_access.log"
+  access_log_path: /tmp/admin_access.log
   address:
     socket_address:
       address: 127.0.0.1

diff --git a/docs/root/configuration/health_checkers/redis.rst b/docs/root/configuration/health_checkers/redis.rst
@@ -18,7 +18,8 @@ Redis health checker is shown below:
 
   custom_health_check:
     name: envoy.health_checkers.redis
-      config:
+      typed_config:
+        "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy
         key: foo
 
 * :ref:`v2 API reference <envoy_api_msg_core.HealthCheck.CustomHealthCheck>`
diff --git a/docs/root/configuration/http_filters/ext_authz_filter.rst b/docs/root/configuration/http_filters/ext_authz_filter.rst
@@ -44,8 +44,15 @@ A sample filter configuration for a gRPC authorization server:
     - name: ext-authz
       type: static
       http2_protocol_options: {}
-      hosts:
-        - socket_address: { address: 127.0.0.1, port_value: 10003 }
+      load_assignment:
+        cluster_name: ext-authz
+        endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: 127.0.0.1
+                  port_value: 10003
 
       # This timeout controls the initial TCP handshake timeout - not the timeout for the
       # entire request.
@@ -72,8 +79,15 @@ A sample filter configuration for a raw HTTP authorization server:
       connect_timeout: 0.25s
       type: logical_dns
       lb_policy: round_robin
-      hosts:
-        - socket_address: { address: 127.0.0.1, port_value: 10003 }
+      load_assignment:
+        cluster_name: ext-authz
+        endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: 127.0.0.1
+                  port_value: 10003
 
 Per-Route Configuration
 -----------------------

diff --git a/docs/root/configuration/http_filters/grpc_json_transcoder_filter.rst b/docs/root/configuration/http_filters/grpc_json_transcoder_filter.rst
@@ -106,7 +106,8 @@ gRPC or RESTful JSON requests to localhost:51051.
       filter_chains:
       - filters:
         - name: envoy.http_connection_manager
-          config:
+          typed_config:
+            "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
             stat_prefix: grpc_json
             codec_type: AUTO
             route_config:
@@ -136,7 +137,13 @@ gRPC or RESTful JSON requests to localhost:51051.
       lb_policy: round_robin
       dns_lookup_family: V4_ONLY
       http2_protocol_options: {}
-      hosts:
-      - socket_address:
-          address: docker.for.mac.localhost
-          port_value: 50051
+      load_assignment:
+        cluster_name: grpc
+        endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: docker.for.mac.localhost
+                  port_value: 50051
+
diff --git a/docs/root/configuration/http_filters/jwt_authn_filter.rst b/docs/root/configuration/http_filters/jwt_authn_filter.rst
@@ -80,10 +80,15 @@ Following cluster **example_jwks_cluster** is needed to fetch JWKS.
   cluster:
     name: example_jwks_cluster
     type: STRICT_DNS
-    hosts:
-      socket_address:
-        address: example.com
-        port_value: 80
+    load_assignment:
+      cluster_name: example_jwks_cluster
+      endpoints:
+      - lb_endpoints:
+        - endpoint:
+            address:
+              socket_address:
+                address: example.com
+                port_value: 80
 
 
 Inline JWKS config example

diff --git a/docs/root/configuration/listener_filters/tls_inspector.rst b/docs/root/configuration/listener_filters/tls_inspector.rst
@@ -27,7 +27,7 @@ A sample filter configuration could be:
 
   listener_filters:
     - name: "envoy.listener.tls_inspector"
-      config: {}
+      typed_config: {}
 
 Statistics
 ----------

diff --git a/docs/root/configuration/network_filters/ext_authz_filter.rst b/docs/root/configuration/network_filters/ext_authz_filter.rst
@@ -42,8 +42,15 @@ A sample filter configuration could be:
     - name: ext-authz
       type: static
       http2_protocol_options: {}
-      hosts:
-        - socket_address: { address: 127.0.0.1, port_value: 10003 }
+      load_assignment:
+        cluster_name: ext-authz
+        endpoints:
+        - lb_endpoints:
+          - endpoint:
+              address:
+                socket_address:
+                  address: 127.0.0.1
+                  port_value: 10003
 
 Statistics
 ----------

diff --git a/docs/root/configuration/network_filters/mysql_proxy_filter.rst b/docs/root/configuration/network_filters/mysql_proxy_filter.rst
@@ -28,10 +28,12 @@ in the configuration snippet below:
   filter_chains:
   - filters:
     - name: envoy.filters.network.mysql_proxy
-      config:
+      typed_config:
+        "@type": type.googleapis.com/envoy.config.filter.network.mysql_proxy.v1alpha1.MySQLProxy
         stat_prefix: mysql
     - name: envoy.tcp_proxy
-      config:
+      typed_config:
+        "@type": type.googleapis.com/envoy.config.filter.network.tcp_proxy.v2.TcpProxy
         stat_prefix: tcp
         cluster: ...
 
@@ -88,10 +90,12 @@ _catalog_ table in the _productdb_ database.
   filter_chains:
   - filters:
     - name: envoy.filters.network.mysql_proxy
-      config:
+      typed_config:
+        "@type": type.googleapis.com/envoy.config.filter.network.mysql_proxy.v1alpha1.MySQLProxy
         stat_prefix: mysql
     - name: envoy.filters.network.rbac
-      config:
+      typed_config:
+        "@type": type.googleapis.com/envoy.config.filter.network.rbac.v2.RBAC
         stat_prefix: rbac
         rules:
           action: DENY
@@ -110,6 +114,7 @@ _catalog_ table in the _productdb_ database.
               principals:
               - any: true
     - name: envoy.tcp_proxy
-      config:
+      typed_config:
+        "@type": type.googleapis.com/envoy.config.filter.network.tcp_proxy.v2.TcpProxy
         stat_prefix: tcp
         cluster: mysql
diff --git a/docs/root/configuration/overview/v2_overview.rst b/docs/root/configuration/overview/v2_overview.rst
@@ -75,7 +75,8 @@ A minimal fully static bootstrap config is provided below:
       filter_chains:
       - filters:
         - name: envoy.http_connection_manager
-          config:
+          typed_config:
+            "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
             stat_prefix: ingress_http
             codec_type: AUTO
             route_config:
@@ -126,7 +127,8 @@ on 127.0.0.3:5678 is provided below:
       filter_chains:
       - filters:
         - name: envoy.http_connection_manager
-          config:
+          typed_config:
+            "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
             stat_prefix: ingress_http
             codec_type: AUTO
             route_config:
@@ -253,7 +255,8 @@ The management server could respond to LDS requests with:
     filter_chains:
     - filters:
       - name: envoy.http_connection_manager
-        config:
+        typed_config:
+          "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager
           stat_prefix: ingress_http
           codec_type: AUTO
           rds:

diff --git a/docs/root/configuration/secret.rst b/docs/root/configuration/secret.rst
@@ -59,8 +59,8 @@ This example show how to configure secrets in the static_resource:
             E0:F3:C8:CE:5E:2E:A3:05:F0:70:1F:F5:12:E3:6E:2E:97:92:82:84:A2:28:BC:F7:73:32:D3:39:30:A1:B6:FD
     clusters:
       - connect_timeout: 0.25s
-        hosts:
-        - name: local_service_tls
+        load_assignment:
+          cluster_name: local_service_tls
           ...
           tls_context:
             common_tls_context:
@@ -89,10 +89,15 @@ This example shows how to configure secrets fetched from remote SDS servers:
     clusters:
       - name: sds_server_mtls
         http2_protocol_options: {}
-        hosts:
-          socket_address:
-            address: 127.0.0.1
-            port_value: 8234
+        load_assignment:
+          cluster_name: sds_server_mtls
+          endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  socket_address:
+                    address: 127.0.0.1
+                    port_value: 8234
         tls_context:
           common_tls_context:
           - tls_certificate:
@@ -102,13 +107,18 @@ This example shows how to configure secrets fetched from remote SDS servers:
               filename: certs/sds_key.pem
       - name: sds_server_uds
         http2_protocol_options: {}
-        hosts:
-          - pipe:
-              path: /tmp/uds_path
+        load_assignment:
+          cluster_name: sds_server_uds
+          endpoints:
+          - lb_endpoints:
+            - endpoint:
+                address:
+                  pipe:
+                    path: /tmp/uds_path
       - name: example_cluster
         connect_timeout: 0.25s
-        hosts:
-        - name: local_service_tls
+        load_assignment:
+          cluster_name: local_service_tls
           ...
           tls_context:
             common_tls_context: