From b0d6eabe297a65cd478e5729d3a661c4d7881134 Mon Sep 17 00:00:00 2001 From: Michael Payne Date: Wed, 20 Mar 2019 12:29:48 -0700 Subject: [PATCH 1/8] Docs and sandboxes: Remove reference to Docker Machine, fix sandbox configs, updates Sandbox docs. Signed-off-by: Michael Payne --- docs/root/start/sandboxes/cors.rst | 64 ++++-------- docs/root/start/sandboxes/front_proxy.rst | 99 ++++++++++++------- docs/root/start/sandboxes/grpc_bridge.rst | 1 + .../start/sandboxes/jaeger_native_tracing.rst | 22 +++-- docs/root/start/sandboxes/jaeger_tracing.rst | 22 +++-- docs/root/start/sandboxes/zipkin_tracing.rst | 18 ++-- examples/cors/backend/docker-compose.yml | 4 +- examples/cors/frontend/index.html | 8 +- .../front-envoy-jaeger.yaml | 2 + .../jaeger-tracing/front-envoy-jaeger.yaml | 4 +- 10 files changed, 127 insertions(+), 117 deletions(-) diff --git a/docs/root/start/sandboxes/cors.rst b/docs/root/start/sandboxes/cors.rst index d36157b75fa8e..515a611a6396b 100644 --- a/docs/root/start/sandboxes/cors.rst +++ b/docs/root/start/sandboxes/cors.rst @@ -33,30 +33,11 @@ The following documentation runs through the setup of both services. **Step 1: Install Docker** -Ensure that you have a recent versions of ``docker``, ``docker-compose`` and -``docker-machine`` installed. +Ensure that you have a recent versions of ``docker`` and ``docker-compose``. A simple way to achieve this is via the `Docker Toolbox `_. -**Step 2: Setup Docker Machines** - -First, let's create a couple of new machines which will hold the containers. - -Terminal 1 - -.. code-block:: console - - $ docker-machine create --driver virtualbox frontend - $ eval $(docker-machine env frontend) - -Terminal 2 - -.. code-block:: console - - $ docker-machine create --driver virtualbox backend - $ eval $(docker-machine env backend) - -**Step 3: Clone the Envoy repo and start all of our containers** +**Step 2: Clone the Envoy repo and start all of our containers** If you have not cloned the Envoy repo, clone it with ``git clone git@github.com:envoyproxy/envoy`` or ``git clone https://github.com/envoyproxy/envoy.git`` @@ -67,12 +48,14 @@ Terminal 1 $ pwd envoy/examples/cors/frontend + $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ----------------------------------------------------------------------------------------------------------------------------------------- - frontend_front-envoy_1_cb51c62edc96 /usr/bin/dumb-init -- /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp - frontend_frontend-service_1_491cf87432cd /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + + Name Command State Ports + ------------------------------------------------------------------------------------------------------------------------------ + frontend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + frontend_frontend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp Terminal 2 @@ -82,22 +65,15 @@ Terminal 2 envoy/examples/cors/backend $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ----------------------------------------------------------------------------------------------------------------------------------------- - backend_front-envoy_1_7f9d5039c86f /usr/bin/dumb-init -- /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp - backend_backend-service_1_c7752ae7192a /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp - -**Step 4: Test Envoy's CORS capabilities** -You can now open a browser to view your frontend service. To find the IP of -your frontend service run the following command in terminal 1. - -.. code-block:: console + Name Command State Ports +---------------------------------------------------------------------------------------------------------------------------- +backend_backend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp +backend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8002->80/tcp, 0.0.0.0:8003->8001/tcp - $ docker-machine ip frontend +**Step 3: Test Envoy's CORS capabilities** -In terminal 2, run the same command to get the remote origin IP that the -frontend service will be making requests to. +You can now open a browser to view your frontend service at http://localhost:8000`. Results of the cross-origin request will be shown on the page under *Request Results*. Your browser's CORS enforcement logs can be found in the console. @@ -106,19 +82,19 @@ For example: .. code-block:: console - Access to XMLHttpRequest at 'http://192.168.99.100:8000/cors/disabled' from origin 'http://192.168.99.101:8000' + Access to XMLHttpRequest at 'http://192.168.99.100:8002/cors/disabled' from origin 'http://192.168.99.101:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. -**Step 6: Check stats of backend via admin** +**Step 4: Check stats of backend via admin** When Envoy runs, it can listen to ``admin`` requests if a port is configured. In the example -configs, the admin is bound to port ``8001``. +configs, the backend admin is bound to port ``8003``. -If you go to ``:8001/stats`` you will be able to view +If you go to localhost:8003/stats you will be able to view all of the Envoy stats for the backend. You should see the CORS stats for invalid and valid origins increment as you make requests from the frontend cluster. .. code-block:: none - http.ingress_http.cors.origin_invalid: 0 - http.ingress_http.cors.origin_valid: 0 + http.ingress_http.cors.origin_invalid: 2 + http.ingress_http.cors.origin_valid: 7 diff --git a/docs/root/start/sandboxes/front_proxy.rst b/docs/root/start/sandboxes/front_proxy.rst index 553f2e5debeea..1f096980f5d02 100644 --- a/docs/root/start/sandboxes/front_proxy.rst +++ b/docs/root/start/sandboxes/front_proxy.rst @@ -32,45 +32,39 @@ as is described in the image above. **Step 1: Install Docker** -Ensure that you have a recent versions of ``docker, docker-compose`` and -``docker-machine`` installed. +Ensure that you have a recent versions of ``docker`` and ``docker-compose`` installed. A simple way to achieve this is via the `Docker Toolbox `_. -**Step 2: Docker Machine setup** - -First let's create a new machine which will hold the containers:: - - $ docker-machine create --driver virtualbox default - $ eval $(docker-machine env default) - -**Step 3: Clone the Envoy repo, and start all of our containers** +**Step 2: Clone the Envoy repo, and start all of our containers** If you have not cloned the envoy repo, clone it with ``git clone git@github.com:envoyproxy/envoy`` or ``git clone https://github.com/envoyproxy/envoy.git``:: $ pwd envoy/examples/front-proxy + $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ------------------------------------------------------------------------------------------------------------- - example_service1_1 /bin/sh -c /usr/local/bin/ ... Up 80/tcp - example_service2_1 /bin/sh -c /usr/local/bin/ ... Up 80/tcp - example_front-envoy_1 /bin/sh -c /usr/local/bin/ ... Up 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp -**Step 4: Test Envoy's routing capabilities** + Name Command State Ports + ---------------------------------------------------------------------------------------------------------------------------- + front-proxy_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + front-proxy_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + front-proxy_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + +**Step 3: Test Envoy's routing capabilities** You can now send a request to both services via the front-envoy. For service1:: - $ curl -v $(docker-machine ip default):8000/service/1 + $ curl -v localhost:8000/service/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /service/1 HTTP/1.1 > Host: 192.168.99.100:8000 - > User-Agent: curl/7.43.0 + > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK @@ -78,20 +72,19 @@ For service1:: < content-length: 89 < x-envoy-upstream-service-time: 1 < server: envoy - < date: Fri, 26 Aug 2016 19:39:19 GMT - < x-envoy-protocol-version: HTTP/1.1 + < date: Fri, 26 Aug 2018 19:39:19 GMT < Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 * Connection #0 to host 192.168.99.100 left intact For service2:: - $ curl -v $(docker-machine ip default):8000/service/2 + $ curl -v localhost:8000/service/2 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /service/2 HTTP/1.1 > Host: 192.168.99.100:8000 - > User-Agent: curl/7.43.0 + > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK @@ -99,8 +92,7 @@ For service2:: < content-length: 89 < x-envoy-upstream-service-time: 2 < server: envoy - < date: Fri, 26 Aug 2016 19:39:23 GMT - < x-envoy-protocol-version: HTTP/1.1 + < date: Fri, 26 Aug 2018 19:39:23 GMT < Hello from behind Envoy (service 2)! hostname: 92f4a3737bbc resolvedhostname: 172.19.0.2 * Connection #0 to host 192.168.99.100 left intact @@ -108,7 +100,7 @@ For service2:: Notice that each request, while sent to the front envoy, was correctly routed to the respective application. -**Step 5: Test Envoy's load balancing capabilities** +**Step 4: Test Envoy's load balancing capabilities** Now let's scale up our service1 nodes to demonstrate the clustering abilities of envoy.:: @@ -120,7 +112,7 @@ of envoy.:: Now if we send a request to service1 multiple times, the front envoy will load balance the requests by doing a round robin of the three service1 machines:: - $ curl -v $(docker-machine ip default):8000/service/1 + $ curl -v localhost:8000/service/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /service/1 HTTP/1.1 @@ -133,17 +125,17 @@ requests by doing a round robin of the three service1 machines:: < content-length: 89 < x-envoy-upstream-service-time: 1 < server: envoy - < date: Fri, 26 Aug 2016 19:40:21 GMT + < date: Fri, 26 Aug 2018 19:40:21 GMT < x-envoy-protocol-version: HTTP/1.1 < Hello from behind Envoy (service 1)! hostname: 85ac151715c6 resolvedhostname: 172.19.0.3 * Connection #0 to host 192.168.99.100 left intact - $ curl -v $(docker-machine ip default):8000/service/1 + $ curl -v localhost:8000/service/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /service/1 HTTP/1.1 > Host: 192.168.99.100:8000 - > User-Agent: curl/7.43.0 + > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK @@ -151,12 +143,11 @@ requests by doing a round robin of the three service1 machines:: < content-length: 89 < x-envoy-upstream-service-time: 1 < server: envoy - < date: Fri, 26 Aug 2016 19:40:22 GMT - < x-envoy-protocol-version: HTTP/1.1 + < date: Fri, 26 Aug 2018 19:40:22 GMT < Hello from behind Envoy (service 1)! hostname: 20da22cfc955 resolvedhostname: 172.19.0.5 * Connection #0 to host 192.168.99.100 left intact - $ curl -v $(docker-machine ip default):8000/service/1 + $ curl -v localhost:8000/service/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /service/1 HTTP/1.1 @@ -169,13 +160,13 @@ requests by doing a round robin of the three service1 machines:: < content-length: 89 < x-envoy-upstream-service-time: 1 < server: envoy - < date: Fri, 26 Aug 2016 19:40:24 GMT + < date: Fri, 26 Aug 2018 19:40:24 GMT < x-envoy-protocol-version: HTTP/1.1 < Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 * Connection #0 to host 192.168.99.100 left intact -**Step 6: enter containers and curl services** +**Step 5: enter containers and curl services** In addition of using ``curl`` from your host machine, you can also enter the containers themselves and ``curl`` from inside them. To enter a container you @@ -192,7 +183,7 @@ enter the ``front-envoy`` container, and ``curl`` for services locally:: root@81288499f9d7:/# curl localhost:80/service/2 Hello from behind Envoy (service 2)! hostname: 92f4a3737bbc resolvedhostname: 172.19.0.2 -**Step 7: enter containers and curl admin** +**Step 6: enter containers and curl admin** When envoy runs it also attaches an ``admin`` to your desired port. In the example configs the admin is bound to port ``8001``. We can ``curl`` it to gain useful information. @@ -202,7 +193,43 @@ statistics. For example inside ``frontenvoy`` we can get:: $ docker-compose exec front-envoy /bin/bash root@e654c2c83277:/# curl localhost:8001/server_info - envoy 10e00b/RELEASE live 142 142 0 + + .. code-block:: json + + { + "version": "3ba949a9cb5b0b1cccd61e76159969a49377fd7d/1.10.0-dev/Clean/RELEASE/BoringSSL", + "state": "LIVE", + "command_line_options": { + "base_id": "0", + "concurrency": 4, + "config_path": "/etc/front-envoy.yaml", + "config_yaml": "", + "allow_unknown_fields": false, + "admin_address_path": "", + "local_address_ip_version": "v4", + "log_level": "info", + "component_log_level": "", + "log_format": "[%Y-%m-%d %T.%e][%t][%l][%n] %v", + "log_path": "", + "hot_restart_version": false, + "service_cluster": "front-proxy", + "service_node": "", + "service_zone": "", + "mode": "Serve", + "max_stats": "16384", + "max_obj_name_len": "60", + "disable_hot_restart": false, + "enable_mutex_tracing": false, + "restart_epoch": 0, + "cpuset_threads": false, + "file_flush_interval": "10s", + "drain_time": "600s", + "parent_shutdown_time": "900s" + }, + "uptime_current_epoch": "401s", + "uptime_all_epochs": "401s" + } + root@e654c2c83277:/# curl localhost:8001/stats cluster.service1.external.upstream_rq_200: 7 ... diff --git a/docs/root/start/sandboxes/grpc_bridge.rst b/docs/root/start/sandboxes/grpc_bridge.rst index 09798b3e1291b..c08b54f1ed218 100644 --- a/docs/root/start/sandboxes/grpc_bridge.rst +++ b/docs/root/start/sandboxes/grpc_bridge.rst @@ -36,6 +36,7 @@ run:: $ pwd envoy/examples/grpc-bridge + $ docker-compose pull $ docker-compose up --build Sending requests to the Key/Value store diff --git a/docs/root/start/sandboxes/jaeger_native_tracing.rst b/docs/root/start/sandboxes/jaeger_native_tracing.rst index 6bf5bee64bae6..2ef0aa74540a7 100644 --- a/docs/root/start/sandboxes/jaeger_native_tracing.rst +++ b/docs/root/start/sandboxes/jaeger_native_tracing.rst @@ -53,33 +53,35 @@ To build this sandbox example, and start the example apps run the following comm $ pwd envoy/examples/jaeger-native-tracing + $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ------------------------------------------------------------------------------------------------------------- - jaegertracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 80/tcp - jaegertracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 80/tcp - jaegertracing_front-envoy_1 /bin/sh -c /usr/local/bin/ ... Up 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + + Name Command State Ports + --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- + jaeger-native-tracing_front-envoy_1 /start-front.sh Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + jaeger-native-tracing_jaeger_1 /go/bin/all-in-one-linux - ... Up 14250/tcp, 14268/tcp, 0.0.0.0:16686->16686/tcp, 5775/udp, 5778/tcp, 6831/udp, 6832/udp, 0.0.0.0:9411->9411/tcp + jaeger-native-tracing_service1_1 /start-service.sh Up 10000/tcp, 80/tcp + jaeger-native-tracing_service2_1 /start-service.sh Up 10000/tcp, 80/tcp **Step 2: Generate some load** You can now send a request to service1 via the front-envoy as follows:: - $ curl -v $(docker-machine ip default):8000/trace/1 + $ curl -v localhost:8000/trace/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /trace/1 HTTP/1.1 > Host: 192.168.99.100:8000 - > User-Agent: curl/7.43.0 + > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 89 - < x-envoy-upstream-service-time: 1 + < x-envoy-upstream-service-time: 9 < server: envoy - < date: Fri, 26 Aug 2016 19:39:19 GMT - < x-envoy-protocol-version: HTTP/1.1 + < date: Fri, 26 Aug 2018 19:39:19 GMT < Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 * Connection #0 to host 192.168.99.100 left intact diff --git a/docs/root/start/sandboxes/jaeger_tracing.rst b/docs/root/start/sandboxes/jaeger_tracing.rst index 4fcc4a8e3c39f..d5ac73eca497b 100644 --- a/docs/root/start/sandboxes/jaeger_tracing.rst +++ b/docs/root/start/sandboxes/jaeger_tracing.rst @@ -42,33 +42,35 @@ To build this sandbox example, and start the example apps run the following comm $ pwd envoy/examples/jaeger-tracing + $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ------------------------------------------------------------------------------------------------------------- - jaegertracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 80/tcp - jaegertracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 80/tcp - jaegertracing_front-envoy_1 /bin/sh -c /usr/local/bin/ ... Up 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + + Name Command State Ports + -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- + jaeger-tracing_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + jaeger-tracing_jaeger_1 /go/bin/all-in-one-linux - ... Up 14250/tcp, 14268/tcp, 0.0.0.0:16686->16686/tcp, 5775/udp, 5778/tcp, 6831/udp, 6832/udp, 0.0.0.0:9411->9411/tcp + jaeger-tracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + jaeger-tracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp **Step 2: Generate some load** You can now send a request to service1 via the front-envoy as follows:: - $ curl -v $(docker-machine ip default):8000/trace/1 + $ curl -v localhost:8000/trace/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /trace/1 HTTP/1.1 > Host: 192.168.99.100:8000 - > User-Agent: curl/7.43.0 + > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK < content-type: text/html; charset=utf-8 < content-length: 89 - < x-envoy-upstream-service-time: 1 + < x-envoy-upstream-service-time: 9 < server: envoy - < date: Fri, 26 Aug 2016 19:39:19 GMT - < x-envoy-protocol-version: HTTP/1.1 + < date: Fri, 26 Aug 2018 19:39:19 GMT < Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 * Connection #0 to host 192.168.99.100 left intact diff --git a/docs/root/start/sandboxes/zipkin_tracing.rst b/docs/root/start/sandboxes/zipkin_tracing.rst index 88739b5c4a2eb..f463075f46143 100644 --- a/docs/root/start/sandboxes/zipkin_tracing.rst +++ b/docs/root/start/sandboxes/zipkin_tracing.rst @@ -44,17 +44,19 @@ To build this sandbox example, and start the example apps run the following comm envoy/examples/zipkin-tracing $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ------------------------------------------------------------------------------------------------------------- - zipkintracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 80/tcp - zipkintracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 80/tcp - zipkintracing_front-envoy_1 /bin/sh -c /usr/local/bin/ ... Up 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + + Name Command State Ports + ------------------------------------------------------------------------------------------------------------------------------- + zipkin-tracing_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + zipkin-tracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + zipkin-tracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + zipkin-tracing_zipkin_1 /busybox/sh run.sh Up 9410/tcp, 0.0.0.0:9411->9411/tcp **Step 2: Generate some load** You can now send a request to service1 via the front-envoy as follows:: - $ curl -v $(docker-machine ip default):8000/trace/1 + $ curl -v localhost:8000/trace/1 * Trying 192.168.99.100... * Connected to 192.168.99.100 (192.168.99.100) port 8000 (#0) > GET /trace/1 HTTP/1.1 @@ -67,8 +69,7 @@ You can now send a request to service1 via the front-envoy as follows:: < content-length: 89 < x-envoy-upstream-service-time: 1 < server: envoy - < date: Fri, 26 Aug 2016 19:39:19 GMT - < x-envoy-protocol-version: HTTP/1.1 + < date: Fri, 26 Aug 2018 19:39:19 GMT < Hello from behind Envoy (service 1)! hostname: f26027f1ce28 resolvedhostname: 172.19.0.6 * Connection #0 to host 192.168.99.100 left intact @@ -76,7 +77,6 @@ You can now send a request to service1 via the front-envoy as follows:: **Step 3: View the traces in Zipkin UI** Point your browser to http://localhost:9411 . You should see the Zipkin dashboard. -If this ip address is incorrect, you can find the correct one by running: ``$ docker-machine ip default``. Set the service to "front-proxy" and set the start time to a few minutes before the start of the test (step 2) and hit enter. You should see traces from the front-proxy. Click on a trace to explore the path taken by the request from front-proxy to service1 diff --git a/examples/cors/backend/docker-compose.yml b/examples/cors/backend/docker-compose.yml index 4ba0f2f4af464..62f6bd2bcbb3b 100644 --- a/examples/cors/backend/docker-compose.yml +++ b/examples/cors/backend/docker-compose.yml @@ -13,8 +13,8 @@ services: - "80" - "8001" ports: - - "8000:80" - - "8001:8001" + - "8002:80" + - "8003:8001" backend-service: build: diff --git a/examples/cors/frontend/index.html b/examples/cors/frontend/index.html index 900ba06537657..30e31d51c51b2 100644 --- a/examples/cors/frontend/index.html +++ b/examples/cors/frontend/index.html @@ -11,7 +11,7 @@ var remoteIP = document.getElementById("remoteip").value; var enforcement = document.querySelector('input[name="cors"]:checked').value; if(client) { - var url = `http://${remoteIP}:8000/cors/${enforcement}`; + var url = `http://${remoteIP}:8002/cors/${enforcement}`; client.open('GET', url, true); client.onreadystatechange = handler; client.send(); @@ -43,12 +43,10 @@

It does NOT dispatch a preflight request.

- Enter the IP address of your docker machine.
- Hint: This can be found by running - docker-machine ip default. + Enter the IP address of backend Docker container. As we are running Docker Compose this should just be localhost.

- +
CORS Enforcement
diff --git a/examples/jaeger-native-tracing/front-envoy-jaeger.yaml b/examples/jaeger-native-tracing/front-envoy-jaeger.yaml index c7794ba1026c8..92163e2ef876d 100644 --- a/examples/jaeger-native-tracing/front-envoy-jaeger.yaml +++ b/examples/jaeger-native-tracing/front-envoy-jaeger.yaml @@ -9,6 +9,7 @@ static_resources: - name: envoy.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + generate_request_id: true tracing: operation_name: egress codec_type: auto @@ -29,6 +30,7 @@ static_resources: http_filters: - name: envoy.router typed_config: {} + use_remote_address: true clusters: - name: service1 connect_timeout: 0.250s diff --git a/examples/jaeger-tracing/front-envoy-jaeger.yaml b/examples/jaeger-tracing/front-envoy-jaeger.yaml index 287a8a4ef1160..52cfdce8ff611 100644 --- a/examples/jaeger-tracing/front-envoy-jaeger.yaml +++ b/examples/jaeger-tracing/front-envoy-jaeger.yaml @@ -9,6 +9,7 @@ static_resources: - name: envoy.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + generate_request_id: true tracing: operation_name: egress codec_type: auto @@ -29,6 +30,7 @@ static_resources: http_filters: - name: envoy.router typed_config: {} + use_remote_address: true clusters: - name: service1 connect_timeout: 0.250s @@ -56,7 +58,7 @@ static_resources: address: socket_address: address: jaeger - port_value: 80 + port_value: 9411 tracing: http: name: envoy.zipkin From 89bab5a6d91f18a3626b85b550355ef77ced910e Mon Sep 17 00:00:00 2001 From: Michael Payne Date: Wed, 20 Mar 2019 15:28:10 -0700 Subject: [PATCH 2/8] Standardize on pulling fresh images before launching containers. Signed-off-by: Michael Payne --- docs/root/start/sandboxes/cors.rst | 12 ++++++------ docs/root/start/sandboxes/front_proxy.rst | 4 +++- docs/root/start/sandboxes/zipkin_tracing.rst | 1 + examples/fault-injection/README.md | 1 + examples/lua/README.md | 4 ++-- examples/mysql/README.md | 3 ++- examples/redis/README.md | 4 ++-- 7 files changed, 17 insertions(+), 12 deletions(-) diff --git a/docs/root/start/sandboxes/cors.rst b/docs/root/start/sandboxes/cors.rst index 515a611a6396b..4408d7dabd86f 100644 --- a/docs/root/start/sandboxes/cors.rst +++ b/docs/root/start/sandboxes/cors.rst @@ -66,14 +66,14 @@ Terminal 2 $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports ----------------------------------------------------------------------------------------------------------------------------- -backend_backend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp -backend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8002->80/tcp, 0.0.0.0:8003->8001/tcp + Name Command State Ports + ---------------------------------------------------------------------------------------------------------------------------- + backend_backend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + backend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8002->80/tcp, 0.0.0.0:8003->8001/tcp **Step 3: Test Envoy's CORS capabilities** -You can now open a browser to view your frontend service at http://localhost:8000`. +You can now open a browser to view your frontend service at ``localhost:8000``. Results of the cross-origin request will be shown on the page under *Request Results*. Your browser's CORS enforcement logs can be found in the console. @@ -90,7 +90,7 @@ For example: When Envoy runs, it can listen to ``admin`` requests if a port is configured. In the example configs, the backend admin is bound to port ``8003``. -If you go to localhost:8003/stats you will be able to view +If you go to ``localhost:8003/stats`` you will be able to view all of the Envoy stats for the backend. You should see the CORS stats for invalid and valid origins increment as you make requests from the frontend cluster. diff --git a/docs/root/start/sandboxes/front_proxy.rst b/docs/root/start/sandboxes/front_proxy.rst index 1f096980f5d02..1b12f95fbf6f9 100644 --- a/docs/root/start/sandboxes/front_proxy.rst +++ b/docs/root/start/sandboxes/front_proxy.rst @@ -194,7 +194,7 @@ statistics. For example inside ``frontenvoy`` we can get:: $ docker-compose exec front-envoy /bin/bash root@e654c2c83277:/# curl localhost:8001/server_info - .. code-block:: json +.. code-block:: json { "version": "3ba949a9cb5b0b1cccd61e76159969a49377fd7d/1.10.0-dev/Clean/RELEASE/BoringSSL", @@ -229,6 +229,8 @@ statistics. For example inside ``frontenvoy`` we can get:: "uptime_current_epoch": "401s", "uptime_all_epochs": "401s" } + +.. code-block:: text root@e654c2c83277:/# curl localhost:8001/stats cluster.service1.external.upstream_rq_200: 7 diff --git a/docs/root/start/sandboxes/zipkin_tracing.rst b/docs/root/start/sandboxes/zipkin_tracing.rst index f463075f46143..fc916a17cab13 100644 --- a/docs/root/start/sandboxes/zipkin_tracing.rst +++ b/docs/root/start/sandboxes/zipkin_tracing.rst @@ -42,6 +42,7 @@ To build this sandbox example, and start the example apps run the following comm $ pwd envoy/examples/zipkin-tracing + $ docker-compose pull $ docker-compose up --build -d $ docker-compose ps diff --git a/examples/fault-injection/README.md b/examples/fault-injection/README.md index a39a5aab153e9..80223e03cb0cd 100644 --- a/examples/fault-injection/README.md +++ b/examples/fault-injection/README.md @@ -8,6 +8,7 @@ support](https://www.envoyproxy.io/docs/envoy/latest/configuration/runtime) to c ## Usage ``` # in terminal 1, launch Envoy and backend service containers. +docker-compose pull docker-compose up # in terminal 2 diff --git a/examples/lua/README.md b/examples/lua/README.md index 59a3a0c1db352..54cca13022fd8 100644 --- a/examples/lua/README.md +++ b/examples/lua/README.md @@ -8,8 +8,8 @@ filter that contains two functions namely # Usage -1. `docker-compose build` -2. `docker-compose up` +1. `docker-compose pull` +2. `docker-compose up --build` 3. `curl -v localhost:8000` ## Sample Output: diff --git a/examples/mysql/README.md b/examples/mysql/README.md index 6f1147a3040c1..4bdd66fb989c6 100644 --- a/examples/mysql/README.md +++ b/examples/mysql/README.md @@ -12,7 +12,8 @@ metrics. Build and run the containers: ```console -$ docker-compose build && docker-compose up +$ docker-compose pull +$ docker-compose up --build ``` Use `mysql` to issue some commands and verify they are routed via Envoy. Note diff --git a/examples/redis/README.md b/examples/redis/README.md index a6926ce3e9757..c1f18ed5e301b 100644 --- a/examples/redis/README.md +++ b/examples/redis/README.md @@ -3,8 +3,8 @@ In this example, we show how a [Redis filter](https://www.envoyproxy.io/docs/env # Usage -1. `docker-compose build` -2. `docker-compose up` +1. `docker-compose pull` +2. `docker-compose up --build` 3. Issue redis commands using your favourite redis client such as `redis-cli` ## Sample Output: From 02ad9d260b66f36a9ec28611cdb1abd228ae36ba Mon Sep 17 00:00:00 2001 From: Michael Payne Date: Wed, 20 Mar 2019 17:14:42 -0700 Subject: [PATCH 3/8] Explicitly add DNS for Docker containers for edge case where host machine running DoH / DoT - enable successful download of libjaegertracing_plugin.linux_amd64.so for jaeger-native-tracing sandbox. Signed-off-by: Michael Payne --- examples/jaeger-native-tracing/docker-compose.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/examples/jaeger-native-tracing/docker-compose.yml b/examples/jaeger-native-tracing/docker-compose.yml index 659c4da8bd6cd..c829cf41732c6 100644 --- a/examples/jaeger-native-tracing/docker-compose.yml +++ b/examples/jaeger-native-tracing/docker-compose.yml @@ -18,6 +18,9 @@ services: ports: - "8000:80" - "8001:8001" + dns: + - 8.8.8.8 + - 8.8.4.4 service1: build: @@ -36,6 +39,9 @@ services: - SERVICE_NAME=1 expose: - "80" + dns: + - 8.8.8.8 + - 8.8.4.4 service2: build: @@ -54,6 +60,9 @@ services: - SERVICE_NAME=2 expose: - "80" + dns: + - 8.8.8.8 + - 8.8.4.4 jaeger: image: jaegertracing/all-in-one From c132c98dbc15e1d78b99a043d222c9592e14aed9 Mon Sep 17 00:00:00 2001 From: Michael Payne Date: Wed, 20 Mar 2019 18:01:46 -0700 Subject: [PATCH 4/8] Standardize on upcase E for Envoy in the docs. Signed-off-by: Michael Payne --- ci/README.md | 4 +-- .../cluster_circuit_breakers.rst | 4 +-- .../configuration/http_conn_man/stats.rst | 4 +-- docs/root/install/building.rst | 5 +--- .../install/sandboxes/local_docker_build.rst | 2 +- docs/root/operations/admin.rst | 6 ++--- docs/root/operations/cli.rst | 2 +- docs/root/start/sandboxes/front_proxy.rst | 26 +++++++++---------- .../start/sandboxes/jaeger_native_tracing.rst | 8 +++--- docs/root/start/sandboxes/jaeger_tracing.rst | 8 +++--- docs/root/start/sandboxes/zipkin_tracing.rst | 8 +++--- docs/root/start/start.rst | 2 +- 12 files changed, 38 insertions(+), 41 deletions(-) diff --git a/ci/README.md b/ci/README.md index 15fcee177563c..05402fe1b88df 100644 --- a/ci/README.md +++ b/ci/README.md @@ -2,7 +2,7 @@ Two flavors of Envoy Docker images, based on Ubuntu and Alpine Linux, are built. -## Ubuntu envoy image +## Ubuntu Envoy image The Ubuntu based Envoy Docker image at [`envoyproxy/envoy-build:`](https://hub.docker.com/r/envoyproxy/envoy-build/) is used for CircleCI checks, where `` is specified in [`envoy_build_sha.sh`](https://github.com/envoyproxy/envoy/blob/master/ci/envoy_build_sha.sh). Developers may work with `envoyproxy/envoy-build:latest` to provide a self-contained environment for building Envoy binaries and @@ -11,7 +11,7 @@ at [`envoyproxy/envoy:`](https://hub.docker.com/r/envoyproxy/envoy/) is an corresponds to the master commit at which the binary was compiled. Lastly, `envoyproxy/envoy:latest` contains an Envoy binary built from the latest tip of master that passed tests. -## Alpine envoy image +## Alpine Envoy image Minimal images based on Alpine Linux allow for quicker deployment of Envoy. Two Alpine based images are built, one with an Envoy binary with debug (`envoyproxy/envoy-alpine-debug`) symbols and one stripped of them (`envoyproxy/envoy-alpine`). diff --git a/docs/root/configuration/cluster_manager/cluster_circuit_breakers.rst b/docs/root/configuration/cluster_manager/cluster_circuit_breakers.rst index e8a14f30447e7..2e3b768b0f3c1 100644 --- a/docs/root/configuration/cluster_manager/cluster_circuit_breakers.rst +++ b/docs/root/configuration/cluster_manager/cluster_circuit_breakers.rst @@ -11,6 +11,6 @@ Runtime All circuit breaking settings are runtime configurable for all defined priorities based on cluster name. They follow the following naming scheme ``circuit_breakers...``. -``cluster_name`` is the name field in each cluster's configuration, which is set in the envoy +``cluster_name`` is the name field in each cluster's configuration, which is set in the Envoy :ref:`config file `. Available runtime settings will override -settings set in the envoy config file. +settings set in the Envoy config file. diff --git a/docs/root/configuration/http_conn_man/stats.rst b/docs/root/configuration/http_conn_man/stats.rst index 174fa99bdb105..0269fefc1d4bf 100644 --- a/docs/root/configuration/http_conn_man/stats.rst +++ b/docs/root/configuration/http_conn_man/stats.rst @@ -34,7 +34,7 @@ statistics: downstream_cx_tx_bytes_buffered, Gauge, Total sent bytes currently buffered downstream_cx_drain_close, Counter, Total connections closed due to draining downstream_cx_idle_timeout, Counter, Total connections closed due to idle timeout - downstream_cx_overload_disable_keepalive, Counter, Total connections for which HTTP 1.x keepalive has been disabled due to envoy overload + downstream_cx_overload_disable_keepalive, Counter, Total connections for which HTTP 1.x keepalive has been disabled due to Envoy overload downstream_flow_control_paused_reading_total, Counter, Total number of times reads were disabled due to flow control downstream_flow_control_resumed_reading_total, Counter, Total number of times reads were enabled on the connection due to flow control downstream_rq_total, Counter, Total requests @@ -56,7 +56,7 @@ statistics: downstream_rq_time, Histogram, Total time for request and response (milliseconds) downstream_rq_idle_timeout, Counter, Total requests closed due to idle timeout downstream_rq_timeout, Counter, Total requests closed due to a timeout on the request path - downstream_rq_overload_close, Counter, Total requests closed due to envoy overload + downstream_rq_overload_close, Counter, Total requests closed due to Envoy overload rs_too_large, Counter, Total response errors due to buffering an overly large body Per user agent statistics diff --git a/docs/root/install/building.rst b/docs/root/install/building.rst index 3db6ffc7ea4d8..3605306afa69f 100644 --- a/docs/root/install/building.rst +++ b/docs/root/install/building.rst @@ -6,7 +6,7 @@ Building The Envoy build system uses Bazel. In order to ease initial building and for a quick start, we provide an Ubuntu 16 based docker container that has everything needed inside of it to build -and *statically link* envoy, see :repo:`ci/README.md`. +and *statically link* Envoy, see :repo:`ci/README.md`. In order to build manually, follow the instructions at :repo:`bazel/README.md`. @@ -56,6 +56,3 @@ Envoy binary, and putting the binary in an Ubuntu container. :maxdepth: 1 sandboxes/local_docker_build - - - diff --git a/docs/root/install/sandboxes/local_docker_build.rst b/docs/root/install/sandboxes/local_docker_build.rst index 578c275a29dc0..d5dda8c03191a 100644 --- a/docs/root/install/sandboxes/local_docker_build.rst +++ b/docs/root/install/sandboxes/local_docker_build.rst @@ -19,7 +19,7 @@ That command will take some time to run because it is compiling an Envoy binary For more information on building and different build targets, please refer to :repo:`ci/README.md`. -**Step 2: Build image with only envoy binary** +**Step 2: Build image with only Envoy binary** In this step we'll build an image that only has the Envoy binary, and none of the software used to build it.:: diff --git a/docs/root/operations/admin.rst b/docs/root/operations/admin.rst index a826fa1b75b03..5d99e09bd7c76 100644 --- a/docs/root/operations/admin.rst +++ b/docs/root/operations/admin.rst @@ -61,7 +61,7 @@ modify different aspects of the server: Cluster manager information - ``version_info`` string -- the version info string of the last loaded :ref:`CDS` update. - If envoy does not have :ref:`CDS` setup, the + If Envoy does not have :ref:`CDS` setup, the output will read ``version_info::static``. Cluster wide information @@ -236,7 +236,7 @@ explanation of the output. Histograms will output the computed quantiles i.e P0,P25,P50,P75,P90,P99,P99.9 and P100. The output for each quantile will be in the form of (interval,cumulative) where interval value represents the summary since last flush interval and cumulative value represents the - summary since the start of envoy instance. "No recorded values" in the histogram output indicates + summary since the start of Envoy instance. "No recorded values" in the histogram output indicates that it has not been updated with a value. See :ref:`here ` for more information. @@ -380,7 +380,7 @@ explanation of the output. This endpoint is intended to be used as the stream source for `Hystrix dashboard `_. - a GET to this endpoint will trigger a stream of statistics from envoy in + a GET to this endpoint will trigger a stream of statistics from Envoy in `text/event-stream `_ format, as expected by the Hystrix dashboard. diff --git a/docs/root/operations/cli.rst b/docs/root/operations/cli.rst index c863a47e693c6..1d61fc8721193 100644 --- a/docs/root/operations/cli.rst +++ b/docs/root/operations/cli.rst @@ -222,7 +222,7 @@ following are the command line options that Envoy supports. .. attention:: - This setting affects the output of :option:`--hot-restart-version`. If you started envoy with this + This setting affects the output of :option:`--hot-restart-version`. If you started Envoy with this option set to a non default value, you should use the same option (and same value) for subsequent hot restarts. diff --git a/docs/root/start/sandboxes/front_proxy.rst b/docs/root/start/sandboxes/front_proxy.rst index 1b12f95fbf6f9..386fdca22bc86 100644 --- a/docs/root/start/sandboxes/front_proxy.rst +++ b/docs/root/start/sandboxes/front_proxy.rst @@ -6,7 +6,7 @@ Front Proxy To get a flavor of what Envoy has to offer as a front proxy, we are releasing a `docker compose `_ sandbox that deploys a front envoy and a couple of services (simple flask apps) colocated with a running -service envoy. The three containers will be deployed inside a virtual network +service Envoy. The three containers will be deployed inside a virtual network called ``envoymesh``. Below you can see a graphic showing the docker compose deployment: @@ -14,20 +14,20 @@ Below you can see a graphic showing the docker compose deployment: .. image:: /_static/docker_compose_v0.1.svg :width: 100% -All incoming requests are routed via the front envoy, which is acting as a reverse proxy sitting on +All incoming requests are routed via the front Envoy, which is acting as a reverse proxy sitting on the edge of the ``envoymesh`` network. Port ``80`` is mapped to port ``8000`` by docker compose (see :repo:`/examples/front-proxy/docker-compose.yml`). Moreover, notice -that all traffic routed by the front envoy to the service containers is actually routed to the -service envoys (routes setup in :repo:`/examples/front-proxy/front-envoy.yaml`). In turn the service +that all traffic routed by the front Envoy to the service containers is actually routed to the +service Envoys (routes setup in :repo:`/examples/front-proxy/front-envoy.yaml`). In turn the service envoys route the request to the flask app via the loopback address (routes setup in :repo:`/examples/front-proxy/service-envoy.yaml`). This setup -illustrates the advantage of running service envoys collocated with your services: all requests are -handled by the service envoy, and efficiently routed to your services. +illustrates the advantage of running service Envoys collocated with your services: all requests are +handled by the service Envoy, and efficiently routed to your services. Running the Sandbox ~~~~~~~~~~~~~~~~~~~ -The following documentation runs through the setup of an envoy cluster organized +The following documentation runs through the setup of an Envoy cluster organized as is described in the image above. **Step 1: Install Docker** @@ -38,7 +38,7 @@ A simple way to achieve this is via the `Docker Toolbox Date: Wed, 20 Mar 2019 18:21:44 -0700 Subject: [PATCH 5/8] Text formatting fixes. Signed-off-by: Michael Payne --- bazel/README.md | 2 +- docs/root/start/sandboxes/cors.rst | 16 ++++++++-------- docs/root/start/sandboxes/front_proxy.rst | 10 +++++----- .../start/sandboxes/jaeger_native_tracing.rst | 12 ++++++------ docs/root/start/sandboxes/jaeger_tracing.rst | 12 ++++++------ docs/root/start/sandboxes/zipkin_tracing.rst | 12 ++++++------ 6 files changed, 32 insertions(+), 32 deletions(-) diff --git a/bazel/README.md b/bazel/README.md index 014c40e05dfb9..9a678077f69ee 100644 --- a/bazel/README.md +++ b/bazel/README.md @@ -268,7 +268,7 @@ Use `RUN_REMOTE=yes` when you don't want to run against your local docker instan will need to override a few environment variables to set up the remote docker. The list of variables can be found in the [Documentation](https://docs.docker.com/engine/reference/commandline/cli/). -Use `LOCAL_MOUNT=yes` when you are not building with the envoy build container. This will ensure +Use `LOCAL_MOUNT=yes` when you are not building with the Envoy build container. This will ensure that the libraries against which the tests dynamically link will be available and of the correct version. diff --git a/docs/root/start/sandboxes/cors.rst b/docs/root/start/sandboxes/cors.rst index 4408d7dabd86f..3be513279bd83 100644 --- a/docs/root/start/sandboxes/cors.rst +++ b/docs/root/start/sandboxes/cors.rst @@ -52,10 +52,10 @@ Terminal 1 $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ------------------------------------------------------------------------------------------------------------------------------ - frontend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp - frontend_frontend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + Name Command State Ports + ---------------------------------------------------------------------------------------------------------------------------- + frontend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + frontend_frontend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp Terminal 2 @@ -66,10 +66,10 @@ Terminal 2 $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ---------------------------------------------------------------------------------------------------------------------------- - backend_backend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp - backend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8002->80/tcp, 0.0.0.0:8003->8001/tcp + Name Command State Ports + -------------------------------------------------------------------------------------------------------------------------- + backend_backend-service_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + backend_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8002->80/tcp, 0.0.0.0:8003->8001/tcp **Step 3: Test Envoy's CORS capabilities** diff --git a/docs/root/start/sandboxes/front_proxy.rst b/docs/root/start/sandboxes/front_proxy.rst index 386fdca22bc86..bfcfae2d02fc8 100644 --- a/docs/root/start/sandboxes/front_proxy.rst +++ b/docs/root/start/sandboxes/front_proxy.rst @@ -47,11 +47,11 @@ or ``git clone https://github.com/envoyproxy/envoy.git``:: $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ---------------------------------------------------------------------------------------------------------------------------- - front-proxy_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp - front-proxy_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp - front-proxy_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + Name Command State Ports + -------------------------------------------------------------------------------------------------------------------------- + front-proxy_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + front-proxy_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + front-proxy_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp **Step 3: Test Envoy's routing capabilities** diff --git a/docs/root/start/sandboxes/jaeger_native_tracing.rst b/docs/root/start/sandboxes/jaeger_native_tracing.rst index 6386a16e388ac..52bdda5e269f4 100644 --- a/docs/root/start/sandboxes/jaeger_native_tracing.rst +++ b/docs/root/start/sandboxes/jaeger_native_tracing.rst @@ -57,12 +57,12 @@ To build this sandbox example, and start the example apps run the following comm $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- - jaeger-native-tracing_front-envoy_1 /start-front.sh Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp - jaeger-native-tracing_jaeger_1 /go/bin/all-in-one-linux - ... Up 14250/tcp, 14268/tcp, 0.0.0.0:16686->16686/tcp, 5775/udp, 5778/tcp, 6831/udp, 6832/udp, 0.0.0.0:9411->9411/tcp - jaeger-native-tracing_service1_1 /start-service.sh Up 10000/tcp, 80/tcp - jaeger-native-tracing_service2_1 /start-service.sh Up 10000/tcp, 80/tcp + Name Command State Ports + ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- + jaeger-native-tracing_front-envoy_1 /start-front.sh Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + jaeger-native-tracing_jaeger_1 /go/bin/all-in-one-linux - ... Up 14250/tcp, 14268/tcp, 0.0.0.0:16686->16686/tcp, 5775/udp, 5778/tcp, 6831/udp, 6832/udp, 0.0.0.0:9411->9411/tcp + jaeger-native-tracing_service1_1 /start-service.sh Up 10000/tcp, 80/tcp + jaeger-native-tracing_service2_1 /start-service.sh Up 10000/tcp, 80/tcp **Step 2: Generate some load** diff --git a/docs/root/start/sandboxes/jaeger_tracing.rst b/docs/root/start/sandboxes/jaeger_tracing.rst index 0348c7e0cffb9..4277b60ff5d47 100644 --- a/docs/root/start/sandboxes/jaeger_tracing.rst +++ b/docs/root/start/sandboxes/jaeger_tracing.rst @@ -46,12 +46,12 @@ To build this sandbox example, and start the example apps run the following comm $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- - jaeger-tracing_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp - jaeger-tracing_jaeger_1 /go/bin/all-in-one-linux - ... Up 14250/tcp, 14268/tcp, 0.0.0.0:16686->16686/tcp, 5775/udp, 5778/tcp, 6831/udp, 6832/udp, 0.0.0.0:9411->9411/tcp - jaeger-tracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp - jaeger-tracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + Name Command State Ports + ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ + jaeger-tracing_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + jaeger-tracing_jaeger_1 /go/bin/all-in-one-linux - ... Up 14250/tcp, 14268/tcp, 0.0.0.0:16686->16686/tcp, 5775/udp, 5778/tcp, 6831/udp, 6832/udp, 0.0.0.0:9411->9411/tcp + jaeger-tracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + jaeger-tracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp **Step 2: Generate some load** diff --git a/docs/root/start/sandboxes/zipkin_tracing.rst b/docs/root/start/sandboxes/zipkin_tracing.rst index 33afdb86da956..c26e492960dd4 100644 --- a/docs/root/start/sandboxes/zipkin_tracing.rst +++ b/docs/root/start/sandboxes/zipkin_tracing.rst @@ -46,12 +46,12 @@ To build this sandbox example, and start the example apps run the following comm $ docker-compose up --build -d $ docker-compose ps - Name Command State Ports - ------------------------------------------------------------------------------------------------------------------------------- - zipkin-tracing_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp - zipkin-tracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp - zipkin-tracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp - zipkin-tracing_zipkin_1 /busybox/sh run.sh Up 9410/tcp, 0.0.0.0:9411->9411/tcp + Name Command State Ports + ----------------------------------------------------------------------------------------------------------------------------- + zipkin-tracing_front-envoy_1 /docker-entrypoint.sh /bin ... Up 10000/tcp, 0.0.0.0:8000->80/tcp, 0.0.0.0:8001->8001/tcp + zipkin-tracing_service1_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + zipkin-tracing_service2_1 /bin/sh -c /usr/local/bin/ ... Up 10000/tcp, 80/tcp + zipkin-tracing_zipkin_1 /busybox/sh run.sh Up 9410/tcp, 0.0.0.0:9411->9411/tcp **Step 2: Generate some load** From 2e0627b6b4867f572512ec662bf84263786f6a58 Mon Sep 17 00:00:00 2001 From: Michael Payne Date: Fri, 22 Mar 2019 20:25:13 -0700 Subject: [PATCH 6/8] Docs: Update examples for Struct deprecation for Any Signed-off-by: Michael Payne --- configs/envoy_double_proxy_v2.template.yaml | 75 ++++-- configs/envoy_front_proxy_v2.template.yaml | 62 +++-- .../envoy_service_to_service_v2.template.yaml | 227 ++++++++++++------ 3 files changed, 237 insertions(+), 127 deletions(-) diff --git a/configs/envoy_double_proxy_v2.template.yaml b/configs/envoy_double_proxy_v2.template.yaml index 0d638a6fe85dc..b09be840d2782 100644 --- a/configs/envoy_double_proxy_v2.template.yaml +++ b/configs/envoy_double_proxy_v2.template.yaml @@ -25,7 +25,8 @@ {%endif -%} filters: - name: envoy.http_connection_manager - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: router route_config: @@ -42,14 +43,18 @@ timeout: 20s http_filters: - name: envoy.health_check - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: false - endpoint: /healthcheck - name: envoy.buffer - config: + headers: + - exact_match: /healthcheck + name: :path + - name: envoy.buffer + typed_config: + '@type': type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer max_request_bytes: 5242880 - name: envoy.router - config: {} + - name: envoy.router + typed_config: {} tracing: operation_name: INGRESS idle_timeout: 840s @@ -71,7 +76,8 @@ default_value: 1000 runtime_key: access_log.access_error.duration - traceable_filter: {} - config: + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: /var/log/envoy/access_error.log format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%REQ(X-LYFT-USER-ID)%\" \"%RESP(GRPC-STATUS)%\"\n" {% if proxy_proto %} @@ -91,20 +97,30 @@ static_resources: type: STATIC connect_timeout: 0.25s lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: 127.0.0.1 - port_value: 8125 + load_assignment: + cluster_name: statsd + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8125 + protocol: TCP - name: backhaul type: STRICT_DNS connect_timeout: 1s lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: front-proxy.yourcompany.net - port_value: 9400 + load_assignment: + cluster_name: backhaul + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: front-proxy.yourcompany.net + port_value: 9400 + protocol: TCP # There are so few connections going back # that we can get some imbalance. Until we come up # with a better solution just limit the requests @@ -127,11 +143,16 @@ static_resources: type: LOGICAL_DNS connect_timeout: 1s lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: collector-grpc.lightstep.com - port_value: 443 + load_assignment: + cluster_name: lightstep_saas + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: collector-grpc.lightstep.com + port_value: 443 + protocol: TCP http2_protocol_options: {} tls_context: common_tls_context: @@ -143,12 +164,14 @@ static_resources: flags_path: "/etc/envoy/flags" stats_sinks: - name: envoy.statsd - config: + typed_config: + '@type': type.googleapis.com/envoy.config.metrics.v2.StatsdSink tcp_cluster_name: statsd tracing: http: name: envoy.lightstep - config: + typed_config: + '@type': type.googleapis.com/envoy.config.trace.v2.LightstepConfig access_token_file: "/etc/envoy/lightstep_access_token" collector_cluster: lightstep_saas runtime: @@ -156,7 +179,7 @@ runtime: subdirectory: envoy override_subdirectory: envoy_override admin: - access_log_path: "var/log/envoy/admin_access.log" + access_log_path: "/var/log/envoy/admin_access.log" address: socket_address: protocol: TCP diff --git a/configs/envoy_front_proxy_v2.template.yaml b/configs/envoy_front_proxy_v2.template.yaml index ef44b641ab609..7dd1c52e6fad8 100644 --- a/configs/envoy_front_proxy_v2.template.yaml +++ b/configs/envoy_front_proxy_v2.template.yaml @@ -31,7 +31,8 @@ {%endif %} filters: - name: envoy.http_connection_manager - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: router {% if proxy_proto -%} @@ -42,13 +43,15 @@ {{ router_file_content(router_file='envoy_router_v2.template.yaml')|indent(10) }} http_filters: - name: envoy.health_check - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: false headers: - name: ":path" exact_match: "/healthcheck" - name: envoy.buffer - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer max_request_bytes: 5242880 - name: envoy.rate_limit config: @@ -59,7 +62,7 @@ envoy_grpc: cluster_name: ratelimit - name: envoy.router - config: {} + typed_config: {} add_user_agent: true tracing: operation_name: INGRESS @@ -82,7 +85,8 @@ default_value: 1000 runtime_key: access_log.access_error.duration - traceable_filter: {} - config: + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/access_error.log" format: "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%REQ(X-LYFT-USER-ID)%\" \"%RESP(GRPC-STATUS)%\"\n" {% endmacro -%} @@ -100,29 +104,44 @@ static_resources: type: STRICT_DNS connect_timeout: 0.25s lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: disccovery.yourcompany.net - port_value: 80 + load_assignment: + cluster_name: sds + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: discovery.yourcompany.net + port_value: 80 + protocol: TCP - name: statsd type: STATIC connect_timeout: 0.25s lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: 127.0.0.1 - port_value: 8125 + load_assignment: + cluster_name: statsd + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8125 + protocol: TCP - name: lightstep_saas type: LOGICAL_DNS connect_timeout: 1s lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: collector-grpc.lightstep.com - port_value: 443 + load_assignment: + cluster_name: lightstep_saas + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: collector-grpc.lightstep.com + port_value: 443 + protocol: TCP http2_protocol_options: {} {% for service, options in clusters.items() -%} - {{ helper.internal_cluster_definition(service, options)|indent(2) }} @@ -134,7 +153,8 @@ flags_path: /etc/envoy/flags tracing: http: name: envoy.lightstep - config: + typed_config: + '@type': type.googleapis.com/envoy.config.trace.v2.LightstepConfig collector_cluster: lightstep_saas access_token_file: "/etc/envoy/lightstep_access_token" runtime: diff --git a/configs/envoy_service_to_service_v2.template.yaml b/configs/envoy_service_to_service_v2.template.yaml index e6b40b734ff77..6a04afdfd25bc 100644 --- a/configs/envoy_service_to_service_v2.template.yaml +++ b/configs/envoy_service_to_service_v2.template.yaml @@ -9,7 +9,8 @@ filter_chains: - filters: - name: envoy.http_connection_manager - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: ingress_http route_config: @@ -32,22 +33,25 @@ cluster: local_service http_filters: - name: envoy.health_check - config: - pass_through_mode: true - headers: - - name: ":path" - exact_match: "/healthcheck" - cache_time: 2.5s + typed_config: + '@type': type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck + pass_through_mode: true + headers: + - name: ":path" + exact_match: "/healthcheck" + cache_time: 2.5s - name: envoy.buffer - config: - max_request_bytes: 5242880 + typed_config: + '@type': type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer + max_request_bytes: 5242880 - name: envoy.router - config: {} + typed_config: {} access_log: - name: envoy.file_access_log filter: not_health_check_filter: {} - config: + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/ingress_http.log" {{ access_log_helper.ingress_full()|indent(10)}} - name: envoy.file_access_log @@ -75,7 +79,8 @@ default_value: 2000 runtime_key: access_log.access_error.duration - not_health_check_filter: {} - config: + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/ingress_http_error.log" {{ access_log_helper.ingress_sampled_log()|indent(10)}} - name: envoy.file_access_log @@ -85,7 +90,8 @@ - not_health_check_filter: {} - runtime_filter: runtime_key: access_log.ingress_http - config: + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/ingress_http_sampled.log" {{ access_log_helper.ingress_sampled_log()|indent(10)}} idle_timeout: 840s @@ -103,7 +109,8 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: egress_http route_config: @@ -141,7 +148,8 @@ static_resources: default_value: 2000 runtime_key: access_log.access_error.duration - traceable_filter: {} - config: + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/egress_http_error.log" {{ access_log_helper.egress_error_log()|indent(10)}} use_remote_address: true @@ -154,9 +162,9 @@ static_resources: envoy_grpc: cluster_name: ratelimit - name: envoy.grpc_http1_bridge - config: {} + typed_config: {} - name: envoy.router - config: {} + typed_config: {} - address: socket_address: @@ -166,7 +174,8 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: egress_http rds: @@ -199,7 +208,8 @@ static_resources: default_value: 2000 runtime_key: access_log.access_error.duration - traceable_filter: {} - config: + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/egress_http_error.log" {{ access_log_helper.egress_error_log()|indent(10) }} use_remote_address: true @@ -212,9 +222,9 @@ static_resources: envoy_grpc: cluster_name: ratelimit - name: envoy.grpc_http1_bridge - config: {} + typed_config: {} - name: envoy.router - config: {} + typed_config: {} {% if external_virtual_hosts|length > 0 or mongos_servers|length > 0 %}{% endif -%} {% for mapping in external_virtual_hosts -%} - name: "{{ mapping['address']}}" @@ -226,7 +236,8 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: + typed_config: + '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO idle_timeout: 840s stat_prefix: egress_{{ mapping['name'] }} @@ -251,10 +262,10 @@ static_resources: http_filters: {% if mapping['name'] in ['dynamodb_iad', 'dynamodb_legacy'] -%} - name: envoy.http_dynamo_filter - config: {} + typed_config: {} {% endif -%} - name: envoy.router - config: {} + typed_config: {} access_log: - name: envoy.file_access_log filter: @@ -280,7 +291,8 @@ static_resources: default_value: 2000 runtime_key: access_log.access_error.duration {% endif %} - config: + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/egress_{{ mapping['name'] }}_http_error.log" {% if mapping.get('is_amzn_service', False) -%} {{ access_log_helper.egress_error_amazon_service()|indent(10) }} @@ -299,7 +311,8 @@ static_resources: filter_chains: - filters: - name: envoy.tcp_proxy - config: + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.tcp_proxy.v2.TcpProxy stat_prefix: mongo_{{ key }} cluster: mongo_{{ key }} - name: envoy.mongo_proxy @@ -342,11 +355,16 @@ static_resources: {% endif %} type: LOGICAL_DNS lb_policy: ROUND_ROBIN - hosts: - - socket_address: - address: {{ host['remote_address'] }} - port_value: {{ host['port_value'] }} - protocol: {{ host['protocol'] }} + load_assignment: + cluster_name: egress_{{ host['name'] }} + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: {{ host['remote_address'] }} + port_value: {{ host['port_value'] }} + protocol: {{ host['protocol'] }} {% endfor -%} {% endfor -%} {% for key, value in mongos_servers.items() -%} @@ -354,13 +372,18 @@ static_resources: connect_timeout: 0.25s type: STRICT_DNS lb_policy: RANDOM - hosts: - {% for server in value['hosts'] -%} - - socket_address: - protocol: {{ server['protocol'] }} - port_value: {{ server['port_value'] }} - address: {{ server['address'] }} - {% endfor -%} + load_assignment: + cluster_name: mongo_{{ key }} + endpoints: + - lb_endpoints: + {% for server in value['hosts'] -%} + - endpoint: + address: + socket_address: + address: {{ server['address'] }} + port_value: {{ server['port_value'] }} + protocol: {{ server['protocol'] }} + {% endfor -%} {% endfor %} - name: main_website connect_timeout: 0.25s @@ -368,20 +391,32 @@ static_resources: # Comment out the following line to test on v6 networks dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN - hosts: - - socket_address: - address: main_website.com - port_value: 443 - tls_context: { sni: www.main_website.com } + load_assignment: + cluster_name: main_website + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: main_website.com + port_value: 443 + protocol: TCP + tls_context: + sni: www.main_website.com - name: local_service connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: 127.0.0.1 - port_value: 8080 + load_assignment: + cluster_name: main_website + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8080 + protocol: TCP circuit_breakers: thresholds: max_pending_requests: 30 @@ -391,11 +426,16 @@ static_resources: type: STATIC lb_policy: ROUND_ROBIN http2_protocol_options: {} - hosts: - - socket_address: - protocol: TCP - address: 127.0.0.1 - port_value: 8081 + load_assignment: + cluster_name: local_service_grpc + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8081 + protocol: TCP circuit_breakers: thresholds: max_requests: 200 @@ -404,31 +444,46 @@ static_resources: connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: rds.yourcompany.net - port_value: 80 + load_assignment: + cluster_name: local_service_grpc + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: rds.yourcompany.net + port_value: 80 + protocol: TCP dns_lookup_family: V4_ONLY - name: statsd connect_timeout: 0.25s type: STATIC lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: 127.0.0.1 - port_value: 8125 + load_assignment: + cluster_name: statsd + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: 127.0.0.1 + port_value: 8125 + protocol: TCP dns_lookup_family: V4_ONLY - name: lightstep_saas connect_timeout: 1s type: LOGICAL_DNS lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: collector-grpc.lightstep.com - port_value: 443 + load_assignment: + cluster_name: lightstep_saas + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: collector-grpc.lightstep.com + port_value: 443 + protocol: TCP http2_protocol_options: max_concurrent_streams: 100 tls_context: @@ -442,20 +497,30 @@ static_resources: connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: cds.yourcompany.net - port_value: 80 + load_assignment: + cluster_name: cds_cluster + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: cds.yourcompany.net + port_value: 80 + protocol: TCP - name: sds connect_timeout: 0.25s type: STRICT_DNS lb_policy: ROUND_ROBIN - hosts: - - socket_address: - protocol: TCP - address: discovery.yourcompany.net - port_value: 80 + load_assignment: + cluster_name: sds + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: discovery.yourcompany.net + port_value: 80 + protocol: TCP dynamic_resources: cds_config: api_config_source: @@ -467,13 +532,15 @@ cluster_manager: {} flags_path: "/etc/envoy/flags" stats_sinks: - name: envoy.statsd - config: + typed_config: + '@type': type.googleapis.com/envoy.config.metrics.v2.StatsdSink tcp_cluster_name: statsd watchdog: {} tracing: http: name: envoy.lightstep - config: + typed_config: + '@type': type.googleapis.com/envoy.config.trace.v2.LightstepConfig access_token_file: "/etc/envoy/lightstep_access_token" collector_cluster: lightstep_saas runtime: From 9a8cc18dd45db6ae0dd034df5ac1cccd700e0843 Mon Sep 17 00:00:00 2001 From: Michael Payne Date: Tue, 26 Mar 2019 10:58:35 -0700 Subject: [PATCH 7/8] Standardize on double quote for @type declarations. Signed-off-by: Michael Payne --- configs/envoy_double_proxy_v2.template.yaml | 10 +++++----- configs/envoy_front_proxy_v2.template.yaml | 8 ++++---- .../envoy_service_to_service_v2.template.yaml | 18 +++++++++--------- 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/configs/envoy_double_proxy_v2.template.yaml b/configs/envoy_double_proxy_v2.template.yaml index b09be840d2782..2c08332f795d8 100644 --- a/configs/envoy_double_proxy_v2.template.yaml +++ b/configs/envoy_double_proxy_v2.template.yaml @@ -26,7 +26,7 @@ filters: - name: envoy.http_connection_manager typed_config: - '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: router route_config: @@ -44,14 +44,14 @@ http_filters: - name: envoy.health_check typed_config: - '@type': type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck + "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: false headers: - exact_match: /healthcheck name: :path - name: envoy.buffer typed_config: - '@type': type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer + "@type": type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer max_request_bytes: 5242880 - name: envoy.router typed_config: {} @@ -165,13 +165,13 @@ flags_path: "/etc/envoy/flags" stats_sinks: - name: envoy.statsd typed_config: - '@type': type.googleapis.com/envoy.config.metrics.v2.StatsdSink + "@type": type.googleapis.com/envoy.config.metrics.v2.StatsdSink tcp_cluster_name: statsd tracing: http: name: envoy.lightstep typed_config: - '@type': type.googleapis.com/envoy.config.trace.v2.LightstepConfig + "@type": type.googleapis.com/envoy.config.trace.v2.LightstepConfig access_token_file: "/etc/envoy/lightstep_access_token" collector_cluster: lightstep_saas runtime: diff --git a/configs/envoy_front_proxy_v2.template.yaml b/configs/envoy_front_proxy_v2.template.yaml index 7dd1c52e6fad8..35f734f80ad2e 100644 --- a/configs/envoy_front_proxy_v2.template.yaml +++ b/configs/envoy_front_proxy_v2.template.yaml @@ -32,7 +32,7 @@ filters: - name: envoy.http_connection_manager typed_config: - '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: router {% if proxy_proto -%} @@ -44,14 +44,14 @@ http_filters: - name: envoy.health_check typed_config: - '@type': type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck + "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: false headers: - name: ":path" exact_match: "/healthcheck" - name: envoy.buffer typed_config: - '@type': type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer + "@type": type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer max_request_bytes: 5242880 - name: envoy.rate_limit config: @@ -154,7 +154,7 @@ tracing: http: name: envoy.lightstep typed_config: - '@type': type.googleapis.com/envoy.config.trace.v2.LightstepConfig + "@type": type.googleapis.com/envoy.config.trace.v2.LightstepConfig collector_cluster: lightstep_saas access_token_file: "/etc/envoy/lightstep_access_token" runtime: diff --git a/configs/envoy_service_to_service_v2.template.yaml b/configs/envoy_service_to_service_v2.template.yaml index 6a04afdfd25bc..083a8c39a2926 100644 --- a/configs/envoy_service_to_service_v2.template.yaml +++ b/configs/envoy_service_to_service_v2.template.yaml @@ -10,7 +10,7 @@ - filters: - name: envoy.http_connection_manager typed_config: - '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: ingress_http route_config: @@ -34,7 +34,7 @@ http_filters: - name: envoy.health_check typed_config: - '@type': type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck + "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck pass_through_mode: true headers: - name: ":path" @@ -42,7 +42,7 @@ cache_time: 2.5s - name: envoy.buffer typed_config: - '@type': type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer + "@type": type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer max_request_bytes: 5242880 - name: envoy.router typed_config: {} @@ -110,7 +110,7 @@ static_resources: - filters: - name: envoy.http_connection_manager typed_config: - '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: egress_http route_config: @@ -151,7 +151,7 @@ static_resources: typed_config: "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog path: "/var/log/envoy/egress_http_error.log" - {{ access_log_helper.egress_error_log()|indent(10)}} + {{ access_log_helper.egress_error_log()|indent(10) }} use_remote_address: true http_filters: - name: envoy.rate_limit @@ -175,7 +175,7 @@ static_resources: - filters: - name: envoy.http_connection_manager typed_config: - '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO stat_prefix: egress_http rds: @@ -237,7 +237,7 @@ static_resources: - filters: - name: envoy.http_connection_manager typed_config: - '@type': type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: AUTO idle_timeout: 840s stat_prefix: egress_{{ mapping['name'] }} @@ -533,14 +533,14 @@ flags_path: "/etc/envoy/flags" stats_sinks: - name: envoy.statsd typed_config: - '@type': type.googleapis.com/envoy.config.metrics.v2.StatsdSink + "@type": type.googleapis.com/envoy.config.metrics.v2.StatsdSink tcp_cluster_name: statsd watchdog: {} tracing: http: name: envoy.lightstep typed_config: - '@type': type.googleapis.com/envoy.config.trace.v2.LightstepConfig + "@type": type.googleapis.com/envoy.config.trace.v2.LightstepConfig access_token_file: "/etc/envoy/lightstep_access_token" collector_cluster: lightstep_saas runtime: From 2e1db2d8686655550eea03f54cdfee58f9c85534 Mon Sep 17 00:00:00 2001 From: Michael Payne Date: Wed, 27 Mar 2019 20:10:56 -0700 Subject: [PATCH 8/8] Docs and tests: Struct deprecation for Any and hosts deprecation for load_assignment. Signed-off-by: Michael Payne --- api/XDS_PROTOCOL.md | 13 +- .../zookeeper_proxy_filter.rst | 6 +- docs/root/faq/configure_flow_control.rst | 18 +- .../google_com_proxy_port_0.v2.yaml | 13 +- test/config/integration/server.yaml | 698 ++++++++++-------- test/config/integration/server_ads.yaml | 13 +- .../integration/server_unix_listener.yaml | 47 +- test/config/integration/server_xds.lds.yaml | 3 +- test/server/zipkin_tracing.yaml | 3 +- 9 files changed, 486 insertions(+), 328 deletions(-) diff --git a/api/XDS_PROTOCOL.md b/api/XDS_PROTOCOL.md index 75f7d8f54e0ce..6a533d0c3c0df 100644 --- a/api/XDS_PROTOCOL.md +++ b/api/XDS_PROTOCOL.md @@ -291,10 +291,15 @@ static_resources: - name: ads_cluster connect_timeout: { seconds: 5 } type: STATIC - hosts: - - socket_address: - address: - port_value: + load_assignment: + cluster_name: ads_cluster + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: + port_value: lb_policy: ROUND_ROBIN http2_protocol_options: {} upstream_connection_options: diff --git a/docs/root/configuration/network_filters/zookeeper_proxy_filter.rst b/docs/root/configuration/network_filters/zookeeper_proxy_filter.rst index cf8e1c9716a72..589e0ff83556b 100644 --- a/docs/root/configuration/network_filters/zookeeper_proxy_filter.rst +++ b/docs/root/configuration/network_filters/zookeeper_proxy_filter.rst @@ -28,10 +28,12 @@ in the configuration snippet below: filter_chains: - filters: - name: envoy.filters.network.zookeeper_proxy - config: + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.zookeeper_proxy.v1alpha1.ZooKeeperProxy stat_prefix: zookeeper - name: envoy.tcp_proxy - config: + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.tcp_proxy.v2.TcpProxy stat_prefix: tcp cluster: ... diff --git a/docs/root/faq/configure_flow_control.rst b/docs/root/faq/configure_flow_control.rst index f1a94ca2e4099..eb3e1e17df066 100644 --- a/docs/root/faq/configure_flow_control.rst +++ b/docs/root/faq/configure_flow_control.rst @@ -42,12 +42,13 @@ the only one which needs to be amended is the listener name: http address: socketAddress: - address: '::1' + address: ::1 portValue: 0 filterChains: filters: name: envoy.http_connection_manager - config: + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager http2_protocol_options: initial_stream_window_size: 65535 route_config: {} @@ -59,7 +60,12 @@ the only one which needs to be amended is the listener name: cluster_0 connectTimeout: 5s perConnectionBufferLimitBytes: 1024 - hosts: - socketAddress: - address: '::1' - portValue: 46685 + load_assignment: + cluster_name: cluster_0 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: ::1 + port_value: 46685 \ No newline at end of file diff --git a/test/config/integration/google_com_proxy_port_0.v2.yaml b/test/config/integration/google_com_proxy_port_0.v2.yaml index feafcd384925a..d4cf96dfd148a 100644 --- a/test/config/integration/google_com_proxy_port_0.v2.yaml +++ b/test/config/integration/google_com_proxy_port_0.v2.yaml @@ -15,7 +15,8 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager stat_prefix: ingress_http codec_type: AUTO route_config: @@ -33,4 +34,12 @@ static_resources: # Comment out the following line to test on v6 networks dns_lookup_family: {{ dns_lookup_family }} lb_policy: ROUND_ROBIN - hosts: [{ socket_address: { address: google.com, port_value: 443 }}] + load_assignment: + cluster_name: service_google + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: google.com + port_value: 443 \ No newline at end of file diff --git a/test/config/integration/server.yaml b/test/config/integration/server.yaml index 11c5bf992d08a..ead69f084ecf1 100644 --- a/test/config/integration/server.yaml +++ b/test/config/integration/server.yaml @@ -7,67 +7,93 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: - value: - drain_timeout_ms: 5000 - route_config: - virtual_hosts: - - require_ssl: all - routes: - - cluster: cluster_1 - prefix: "/" - domains: - - www.redirect.com - name: redirect - - routes: - - prefix: "/" + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + access_log: + - name: envoy.file_access_log + filter: + or_filter: + filters: + - status_code_filter: + comparison: + op: GE + value: + default_value: 400 + runtime_key: access_log.access_error.status + - duration_filter: + comparison: + op: GE + value: + default_value: 1000000 + runtime_key: access_log.access_error.duration + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog + format: '[%START_TIME%] "%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% + %PROTOCOL%" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% + %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% "%REQ(X-FORWARDED-FOR)%" + "%REQ(USER-AGENT)%" "%REQ(X-REQUEST-ID)%" "%REQ(:AUTHORITY)%" "%UPSTREAM_HOST%" + "%REQUEST_DURATION%" "%RESPONSE_DURATION%"' + path: /dev/null + codec_type: http1 + drain_timeout: 5s + http_filters: + - name: envoy.health_check + typed_config: + "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck + headers: + - exact_match: /healthcheck + name: :path + pass_through_mode: false + - name: envoy.rate_limit + config: + domain: foo + rate_limit_service: + grpc_service: + envoy_grpc: + cluster_name: ratelimit + - name: envoy.router + typed_config: {} + route_config: + virtual_hosts: + - domains: + - www.redirect.com + name: redirect + require_tls: all + routes: + - match: + prefix: / + runtime_fraction: + default_value: + numerator: 0 + denominator: HUNDRED + runtime_key: some_key + route: + cluster: cluster_1 + - domains: + - "*" + name: integration + routes: + - match: + prefix: / + route: + cluster: cluster_1 + - match: + prefix: /test/long/url + route: cluster: cluster_1 - runtime: - key: some_key - default: 0 - - prefix: "/test/long/url" rate_limits: - actions: - - type: destination_cluster - cluster: cluster_1 - - prefix: "/test/" + - destination_cluster: {} + - match: + prefix: /test/ + route: cluster: cluster_2 - - prefix: "/websocket/test" - prefix_rewrite: "/websocket" + - match: + prefix: /websocket/test + route: + prefix_rewrite: /websocket cluster: cluster_1 - domains: - - "*" - name: integration - codec_type: http1 - stat_prefix: router - filters: - - name: health_check - config: - endpoint: "/healthcheck" - pass_through_mode: false - - name: rate_limit - config: - domain: foo - - name: router - config: {} - access_log: - - format: '[%START_TIME%] "%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% - %PROTOCOL%" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% - %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% "%REQ(X-FORWARDED-FOR)%" - "%REQ(USER-AGENT)%" "%REQ(X-REQUEST-ID)%" "%REQ(:AUTHORITY)%" "%UPSTREAM_HOST%" - "%REQUEST_DURATION%" "%RESPONSE_DURATION%"' - path: "/dev/null" - filter: - filters: - - type: status_code - op: ">=" - value: 500 - - type: duration - op: ">=" - value: 1000000 - type: logical_or - - path: "/dev/null" - deprecated_v1: true + stat_prefix: router - address: socket_address: address: {{ ip_loopback_address }} @@ -75,76 +101,99 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: - value: - filters: - - name: health_check - config: - endpoint: "/healthcheck" - pass_through_mode: false - - name: rate_limit - config: - domain: foo - - name: router - config: {} - access_log: - - filter: - type: logical_or + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + access_log: + - name: envoy.file_access_log + filter: + or_filter: filters: - - value: 500 - type: status_code - op: ">=" - - type: duration - op: ">=" - value: 1555500 + - status_code_filter: + comparison: + op: GE + value: + default_value: 500 + runtime_key: access_log.access_error.status + - duration_filter: + comparison: + op: GE + value: + default_value: 1555500 + runtime_key: access_log.access_error.duration + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog format: '[%START_TIME%] "%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% "%REQ(X-FORWARDED-FOR)%" "%REQ(USER-AGENT)%" "%REQ(X-REQUEST-ID)%" "%REQ(:AUTHORITY)%" "%UPSTREAM_HOST%" "%REQUEST_DURATION%" "%RESPONSE_DURATION%"' - path: "/dev/null" - - path: "/dev/null" - drain_timeout_ms: 5000 - route_config: - virtual_hosts: - - routes: - - prefix: "/" + path: /dev/null + codec_type: http1 + drain_timeout: 5s + http_filters: + - name: envoy.health_check + typed_config: + "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck + headers: + - exact_match: /healthcheck + name: :path + pass_through_mode: false + - name: envoy.rate_limit + config: + domain: foo + rate_limit_service: + grpc_service: + envoy_grpc: + cluster_name: ratelimit + - name: envoy.router + typed_config: {} + route_config: + virtual_hosts: + - domains: + - www.redirect.com + name: redirect + require_tls: all + routes: + - match: + prefix: / + route: cluster: cluster_1 - domains: - - www.redirect.com - name: redirect - require_ssl: all - - routes: - - prefix: "/" + - domains: + - www.namewithport.com:1234 + name: redirect + require_tls: all + routes: + - match: + prefix: / + runtime_fraction: + default_value: + numerator: 0 + denominator: HUNDRED + runtime_key: some_key + route: cluster: cluster_1 - domains: - - www.namewithport.com:1234 - name: redirect - require_ssl: all - - routes: - - cluster: cluster_1 - runtime: - key: some_key - default: 0 - prefix: "/" - - rate_limits: + rate_limits: - actions: - - type: destination_cluster + - destination_cluster: {} + - match: + prefix: /test/long/url + route: cluster: cluster_1 - prefix: "/test/long/url" - - prefix: "/test/" + - match: + prefix: /test/ + route: cluster: cluster_2 - - cluster: cluster_1 - prefix: "/websocket/test" - prefix_rewrite: "/websocket" - domains: - - "*" - name: integration - codec_type: http1 - stat_prefix: router - http1_settings: - allow_absolute_url: true - deprecated_v1: true + - match: + prefix: /websocket/test + route: + cluster: cluster_1 + prefix_rewrite: /websocket + - domains: + - "*" + name: integration + http_protocol_options: + allow_absolute_url: true + stat_prefix: router - address: socket_address: address: {{ ip_loopback_address }} @@ -152,22 +201,23 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: - value: - route_config: - virtual_hosts: - - routes: - - cluster: cluster_3 - prefix: "/test/long/url" - domains: - - "*" - name: integration - filters: - - name: router - config: {} - codec_type: http1 - stat_prefix: router - deprecated_v1: true + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + codec_type: http1 + http_filters: + - name: envoy.router + typed_config: {} + route_config: + virtual_hosts: + - domains: + - "*" + name: integration + routes: + - match: + prefix: /test/long/url + route: + cluster: cluster_3 + stat_prefix: router per_connection_buffer_limit_bytes: 1024 - address: socket_address: @@ -176,24 +226,25 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: - value: - filters: - - name: http_dynamo_filter - config: {} - - name: router - config: {} - codec_type: http1 - stat_prefix: router - route_config: - virtual_hosts: - - routes: - - cluster: cluster_3 - prefix: "/dynamo/url" - domains: - - "*" - name: integration - deprecated_v1: true + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + codec_type: http1 + http_filters: + - name: envoy.http_dynamo_filter + typed_config: {} + - name: envoy.router + typed_config: {} + route_config: + virtual_hosts: + - domains: + - "*" + name: integration + routes: + - match: + prefix: /dynamo/url + route: + cluster: cluster_3 + stat_prefix: router per_connection_buffer_limit_bytes: 1024 - address: socket_address: @@ -202,24 +253,25 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: - value: - route_config: - virtual_hosts: - - domains: - - "*" - name: integration - routes: - - prefix: "/test/long/url" + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + codec_type: http1 + http_filters: + - name: envoy.grpc_http1_bridge + typed_config: {} + - name: envoy.router + typed_config: {} + route_config: + virtual_hosts: + - domains: + - "*" + name: integration + routes: + - match: + prefix: /test/long/url + route: cluster: cluster_3 - filters: - - name: grpc_http1_bridge - config: {} - - name: router - config: {} - codec_type: http1 - stat_prefix: router - deprecated_v1: true + stat_prefix: router per_connection_buffer_limit_bytes: 1024 - address: socket_address: @@ -228,70 +280,97 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: - value: - drain_timeout_ms: 5000 - route_config: - virtual_hosts: - - routes: - - cluster: cluster_1 - prefix: "/" - domains: - - www.redirect.com - name: redirect - require_ssl: all - - routes: - - cluster: cluster_1 - runtime: - key: some_key - default: 0 - prefix: "/" - - prefix: "/test/long/url" - rate_limits: - - actions: - - type: destination_cluster - cluster: cluster_1 - - prefix: "/test/" - cluster: cluster_2 - - prefix: "/websocket/test" - prefix_rewrite: "/websocket" - cluster: cluster_1 - domains: - - "*" - name: integration - codec_type: http1 - stat_prefix: router - filters: - - name: health_check - config: - endpoint: "/healthcheck" - pass_through_mode: false - - name: rate_limit - config: - domain: foo - - name: buffer - config: - max_request_bytes: 5242880 - - config: {} - name: router - access_log: - - filter: + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + access_log: + - name: envoy.file_access_log + filter: + or_filter: filters: - - op: ">=" - value: 500 - type: status_code - - type: duration - op: ">=" - value: 1555500 - type: logical_or + - status_code_filter: + comparison: + op: GE + value: + default_value: 500 + runtime_key: access_log.access_error.status + - duration_filter: + comparison: + op: GE + value: + default_value: 1555500 + runtime_key: access_log.access_error.duration + typed_config: + "@type": type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog format: '[%START_TIME%] "%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%" %RESPONSE_CODE% %RESPONSE_FLAGS% %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% "%REQ(X-FORWARDED-FOR)%" "%REQ(USER-AGENT)%" "%REQ(X-REQUEST-ID)%" "%REQ(:AUTHORITY)%" "%UPSTREAM_HOST%" "%REQUEST_DURATION%" "%RESPONSE_DURATION%"' - path: "/dev/null" - - path: "/dev/null" - deprecated_v1: true + path: /dev/null + codec_type: http1 + drain_timeout: 5s + http_filters: + - name: envoy.health_check + typed_config: + "@type": type.googleapis.com/envoy.config.filter.http.health_check.v2.HealthCheck + headers: + - exact_match: /healthcheck + name: :path + pass_through_mode: false + - name: envoy.rate_limit + config: + domain: foo + rate_limit_service: + grpc_service: + envoy_grpc: + cluster_name: ratelimit + - name: envoy.buffer + typed_config: + "@type": type.googleapis.com/envoy.config.filter.http.buffer.v2.Buffer + max_request_bytes: 5242880 + - name: envoy.router + typed_config: {} + route_config: + virtual_hosts: + - domains: + - www.redirect.com + name: redirect + require_tls: all + routes: + - match: + prefix: / + route: + cluster: cluster_1 + - domains: + - "*" + name: integration + routes: + - match: + prefix: / + runtime_fraction: + default_value: + numerator: 0 + denominator: HUNDRED + runtime_key: some_key + route: + cluster: cluster_1 + - match: + prefix: /test/long/url + route: + cluster: cluster_1 + rate_limits: + - actions: + - destination_cluster: {} + - match: + prefix: /test/ + route: + cluster: cluster_2 + - match: + prefix: /websocket/test + route: + cluster: cluster_1 + prefix_rewrite: /websocket + stat_prefix: router - address: socket_address: address: {{ ip_loopback_address }} @@ -299,18 +378,21 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: - value: - filters: - - name: router - config: {} - codec_type: http1 - stat_prefix: rds_dummy - rds: - api_type: REST - route_config_name: foo - cluster: rds - deprecated_v1: true + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + codec_type: http1 + http_filters: + - name: envoy.router + typed_config: {} + rds: + config_source: + api_config_source: + api_type: REST + cluster_names: + - rds + refresh_delay: 5s + route_config_name: foo + stat_prefix: rds_dummy - address: socket_address: address: {{ ip_loopback_address }} @@ -318,75 +400,114 @@ static_resources: filter_chains: - filters: - name: envoy.redis_proxy - config: - value: - conn_pool: - op_timeout_ms: 400 - stat_prefix: redis - cluster_name: redis - deprecated_v1: true + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.redis_proxy.v2.RedisProxy + cluster: redis + settings: + op_timeout: 0.4s + stat_prefix: redis clusters: - name: cds connect_timeout: 5s - hosts: - - socket_address: - address: {{ ip_loopback_address }} - port_value: 4 - dns_lookup_family: "{{ dns_lookup_family }}" + load_assignment: + cluster_name: cds + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: {{ ip_loopback_address }} + port_value: 4 + dns_lookup_family: {{ dns_lookup_family }} - name: rds connect_timeout: 5s - hosts: - - socket_address: - address: {{ ip_loopback_address }} - port_value: 4 - dns_lookup_family: "{{ dns_lookup_family }}" + load_assignment: + cluster_name: rds + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: {{ ip_loopback_address }} + port_value: 4 + dns_lookup_family: {{ dns_lookup_family }} - name: lds connect_timeout: 5s - hosts: - - socket_address: - address: {{ ip_loopback_address }} - port_value: 4 - dns_lookup_family: "{{ dns_lookup_family }}" + load_assignment: + cluster_name: lds + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: {{ ip_loopback_address }} + port_value: 4 + dns_lookup_family: {{ dns_lookup_family }} - name: cluster_1 connect_timeout: 5s - hosts: - - socket_address: - address: {{ ip_loopback_address }} - port_value: {{ upstream_0 }} - dns_lookup_family: "{{ dns_lookup_family }}" + load_assignment: + cluster_name: cluster_1 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: {{ ip_loopback_address }} + port_value: {{ upstream_0 }} + dns_lookup_family: {{ dns_lookup_family }} - name: cluster_2 type: STRICT_DNS connect_timeout: 5s - hosts: - - socket_address: - address: localhost - port_value: {{ upstream_1 }} - dns_lookup_family: "{{ dns_lookup_family }}" + load_assignment: + cluster_name: cluster_2 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: localhost + port_value: {{ upstream_1 }} + dns_lookup_family: {{ dns_lookup_family }} - name: cluster_3 connect_timeout: 5s per_connection_buffer_limit_bytes: 1024 - hosts: - - socket_address: - address: {{ ip_loopback_address }} - port_value: {{ upstream_0 }} - dns_lookup_family: "{{ dns_lookup_family }}" + load_assignment: + cluster_name: cluster_3 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: {{ ip_loopback_address }} + port_value: {{ upstream_0 }} + dns_lookup_family: {{ dns_lookup_family }} - name: statsd type: STRICT_DNS connect_timeout: 5s - hosts: - - socket_address: - address: localhost - port_value: 4 - dns_lookup_family: "{{ dns_lookup_family }}" + load_assignment: + cluster_name: statsd + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: localhost + port_value: 4 + dns_lookup_family: {{ dns_lookup_family }} - name: redis type: STRICT_DNS connect_timeout: 5s lb_policy: RING_HASH - hosts: - - socket_address: - address: localhost - port_value: 4 - dns_lookup_family: "{{ dns_lookup_family }}" + load_assignment: + cluster_name: redis + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: localhost + port_value: 4 + dns_lookup_family: {{ dns_lookup_family }} outlier_detection: {} dynamic_resources: lds_config: @@ -402,10 +523,11 @@ dynamic_resources: - cds refresh_delay: 30s cluster_manager: {} -flags_path: "/invalid_flags" +flags_path: /invalid_flags stats_sinks: - name: envoy.statsd - config: + typed_config: + "@type": type.googleapis.com/envoy.config.metrics.v2.StatsdSink address: socket_address: address: {{ ip_loopback_address }} @@ -416,12 +538,12 @@ stats_sinks: tcp_cluster_name: statsd watchdog: {} runtime: - symlink_root: "{{ test_rundir }}/test/common/runtime/test_data/current" + symlink_root: {{ test_rundir }}/test/common/runtime/test_data/current subdirectory: envoy override_subdirectory: envoy_override admin: - access_log_path: "/dev/null" - profile_path: "{{ test_tmpdir }}/envoy.prof" + access_log_path: /dev/null + profile_path: {{ test_tmpdir }}/envoy.prof address: socket_address: address: {{ ip_loopback_address }} diff --git a/test/config/integration/server_ads.yaml b/test/config/integration/server_ads.yaml index 3400df7e47e58..07b8d293ac25f 100644 --- a/test/config/integration/server_ads.yaml +++ b/test/config/integration/server_ads.yaml @@ -11,10 +11,15 @@ static_resources: - name: ads_cluster connect_timeout: { seconds: 5 } type: STATIC - hosts: - - socket_address: - address: {{ ntop_ip_loopback_address }} - port_value: {{ ads_upstream }} + load_assignment: + cluster_name: ads_cluster + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: {{ ntop_ip_loopback_address }} + port_value: {{ ads_upstream }} lb_policy: ROUND_ROBIN http2_protocol_options: {} admin: diff --git a/test/config/integration/server_unix_listener.yaml b/test/config/integration/server_unix_listener.yaml index f76f3bd126b47..de4f85b78bfee 100644 --- a/test/config/integration/server_unix_listener.yaml +++ b/test/config/integration/server_unix_listener.yaml @@ -6,30 +6,37 @@ static_resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: - value: - filters: - - name: router - config: {} - codec_type: auto - stat_prefix: router - drain_timeout_ms: 5000 - route_config: - virtual_hosts: - - domains: - - "*" - name: vhost_0 - routes: - - prefix: "/" + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager + codec_type: auto + drain_timeout: 5s + http_filters: + - name: envoy.router + typed_config: {} + route_config: + name: local_route + virtual_hosts: + - domains: + - "*" + name: vhost_0 + routes: + - match: + prefix: / + route: cluster: cluster_0 - deprecated_v1: true + stat_prefix: router clusters: - name: cluster_0 connect_timeout: 5s - hosts: - - socket_address: - address: "{{ ip_loopback_address }}" - port_value: 0 + load_assignment: + cluster_name: cluster_0 + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: "{{ ip_loopback_address }}" + port_value: 0 dns_lookup_family: V4_ONLY cluster_manager: {} watchdog: {} diff --git a/test/config/integration/server_xds.lds.yaml b/test/config/integration/server_xds.lds.yaml index c23cff5ffcf44..777ee0e51e4cd 100644 --- a/test/config/integration/server_xds.lds.yaml +++ b/test/config/integration/server_xds.lds.yaml @@ -9,7 +9,8 @@ resources: filter_chains: - filters: - name: envoy.http_connection_manager - config: + typed_config: + "@type": type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager codec_type: HTTP2 drain_timeout: 5s stat_prefix: router diff --git a/test/server/zipkin_tracing.yaml b/test/server/zipkin_tracing.yaml index a8fd31b5aadf1..28abe300f3a6b 100644 --- a/test/server/zipkin_tracing.yaml +++ b/test/server/zipkin_tracing.yaml @@ -5,6 +5,7 @@ static_resources: tracing: http: name: envoy.zipkin - config: + typed_config: + "@type": type.googleapis.com/envoy.config.trace.v2.ZipkinConfig collector_cluster: zipkin collector_endpoint: "/api/v1/spans"