From d283c60465b2a75385152459824b4fadf31f90b6 Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Thu, 29 May 2025 15:59:01 -0600
Subject: [PATCH 1/9] wip
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
api/v1alpha1/connection_types.go | 7 +++++++
api/v1alpha1/zz_generated.deepcopy.go | 5 +++++
...y.envoyproxy.io_clienttrafficpolicies.yaml | 8 ++++++++
...y.envoyproxy.io_clienttrafficpolicies.yaml | 8 ++++++++
internal/ir/xds.go | 2 ++
internal/ir/zz_generated.deepcopy.go | 5 +++++
internal/xds/translator/listener.go | 20 ++++++++++++++-----
...xtensionpolicy-tcp-udp-http.listeners.yaml | 1 +
...http-route-extension-filter.listeners.yaml | 1 +
...te-extension-listener-error.listeners.yaml | 1 +
...route-extension-route-error.listeners.yaml | 1 +
...e-extension-translate-error.listeners.yaml | 1 +
...extension-virtualhost-error.listeners.yaml | 1 +
.../http-route.listeners.yaml | 1 +
.../listener-policy.listeners.yaml | 1 +
...e-listeners-same-port-error.listeners.yaml | 1 +
.../out/xds-ir/accesslog-cel.listeners.yaml | 1 +
.../accesslog-endpoint-stats.listeners.yaml | 1 +
.../accesslog-formatters.listeners.yaml | 1 +
.../xds-ir/accesslog-multi-cel.listeners.yaml | 1 +
.../out/xds-ir/accesslog-types.listeners.yaml | 1 +
.../accesslog-with-format.listeners.yaml | 1 +
.../out/xds-ir/accesslog.listeners.yaml | 1 +
.../out/xds-ir/api-key-auth.listeners.yaml | 1 +
.../authorization-client-cidr.listeners.yaml | 1 +
.../authorization-http-header.listeners.yaml | 1 +
.../authorization-jwt-claim.listeners.yaml | 1 +
.../authorization-jwt-scope.listeners.yaml | 1 +
...ization-multiple-principals.listeners.yaml | 1 +
.../backend-buffer-limit.listeners.yaml | 2 ++
.../xds-ir/backend-priority.listeners.yaml | 1 +
.../basic-auth-username-header.listeners.yaml | 1 +
.../out/xds-ir/basic-auth.listeners.yaml | 1 +
.../out/xds-ir/btp-telemetry.listeners.yaml | 1 +
.../out/xds-ir/circuit-breaker.listeners.yaml | 1 +
.../xds-ir/client-buffer-limit.listeners.yaml | 2 ++
.../xds-ir/client-ip-detection.listeners.yaml | 4 ++++
.../out/xds-ir/client-timeout.listeners.yaml | 2 ++
.../out/xds-ir/compression.listeners.yaml | 1 +
.../cors-from-httpcorsfilter.listeners.yaml | 1 +
.../testdata/out/xds-ir/cors.listeners.yaml | 1 +
...al-injection-backend-filter.listeners.yaml | 1 +
.../credential-injection.listeners.yaml | 1 +
.../xds-ir/custom-filter-order.listeners.yaml | 1 +
.../out/xds-ir/custom-response.listeners.yaml | 1 +
.../xds-ir/dns-lookup-family.listeners.yaml | 1 +
.../xds-ir/ext-auth-backend.listeners.yaml | 1 +
.../out/xds-ir/ext-auth-body.listeners.yaml | 1 +
.../ext-auth-recomputation.listeners.yaml | 1 +
.../out/xds-ir/ext-auth.listeners.yaml | 1 +
...-proc-with-traffic-settings.listeners.yaml | 1 +
.../out/xds-ir/ext-proc.listeners.yaml | 1 +
.../out/xds-ir/fault-injection.listeners.yaml | 1 +
...ers-with-disable-request-id.listeners.yaml | 2 ++
...rs-with-generate-request-id.listeners.yaml | 2 ++
...erve-or-generate-request-id.listeners.yaml | 2 ++
...rs-with-preserve-request-id.listeners.yaml | 2 ++
...ers-with-underscores-action.listeners.yaml | 4 ++++
.../out/xds-ir/health-check.listeners.yaml | 1 +
.../http-early-header-mutation.listeners.yaml | 2 ++
.../xds-ir/http-endpoint-stats.listeners.yaml | 1 +
.../xds-ir/http-health-check.listeners.yaml | 1 +
...tp-preserve-client-protocol.listeners.yaml | 1 +
.../http-req-resp-sizes-stats.listeners.yaml | 1 +
.../http-route-direct-response.listeners.yaml | 1 +
.../http-route-dns-cluster.listeners.yaml | 1 +
...http-route-dynamic-resolver.listeners.yaml | 1 +
.../xds-ir/http-route-mirror.listeners.yaml | 1 +
...tp-route-mirrors-percentage.listeners.yaml | 1 +
...http-route-multiple-matches.listeners.yaml | 1 +
...multiple-mirrors-percentage.listeners.yaml | 1 +
...http-route-multiple-mirrors.listeners.yaml | 1 +
.../http-route-partial-invalid.listeners.yaml | 1 +
.../xds-ir/http-route-redirect.listeners.yaml | 1 +
.../xds-ir/http-route-regex.listeners.yaml | 1 +
.../http-route-request-headers.listeners.yaml | 1 +
...-route-response-add-headers.listeners.yaml | 1 +
...response-add-remove-headers.listeners.yaml | 1 +
...ute-response-remove-headers.listeners.yaml | 1 +
...ewrite-root-path-url-prefix.listeners.yaml | 1 +
...ufixx-with-slash-url-prefix.listeners.yaml | 1 +
...-route-rewrite-url-fullpath.listeners.yaml | 1 +
...http-route-rewrite-url-host.listeners.yaml | 1 +
...tp-route-rewrite-url-prefix.listeners.yaml | 1 +
...ttp-route-rewrite-url-regex.listeners.yaml | 1 +
...p-route-session-persistence.listeners.yaml | 1 +
.../xds-ir/http-route-timeout.listeners.yaml | 1 +
...ute-weighted-backend-uds-ip.listeners.yaml | 1 +
...ighted-backend-with-filters.listeners.yaml | 1 +
...http-route-weighted-backend.listeners.yaml | 1 +
...te-weighted-invalid-backend.listeners.yaml | 1 +
.../http-route-with-clientcert.listeners.yaml | 1 +
.../http-route-with-metadata.listeners.yaml | 1 +
...-with-tls-system-truststore.listeners.yaml | 1 +
...th-tlsbundle-multiple-certs.listeners.yaml | 2 ++
.../http-route-with-tlsbundle.listeners.yaml | 1 +
...l-routing-weighted-clusters.listeners.yaml | 1 +
.../http-route-zonal-routing.listeners.yaml | 1 +
.../out/xds-ir/http-route.listeners.yaml | 1 +
.../xds-ir/http-upgrade-spdy.listeners.yaml | 1 +
...http-upgrade-websocket-spdy.listeners.yaml | 1 +
.../xds-ir/http1-preserve-case.listeners.yaml | 2 ++
.../out/xds-ir/http1-trailers.listeners.yaml | 1 +
.../testdata/out/xds-ir/http10.listeners.yaml | 1 +
.../out/xds-ir/http2-mixed.listeners.yaml | 1 +
.../out/xds-ir/http2-route.listeners.yaml | 1 +
.../testdata/out/xds-ir/http2.listeners.yaml | 1 +
.../testdata/out/xds-ir/http3.listeners.yaml | 1 +
.../jsonpatch-missing-resource.listeners.yaml | 1 +
.../jsonpatch-with-jsonpath.listeners.yaml | 1 +
.../out/xds-ir/jsonpatch.listeners.yaml | 1 +
.../jwt-custom-extractor.listeners.yaml | 1 +
...-multi-route-multi-provider.listeners.yaml | 1 +
...multi-route-single-provider.listeners.yaml | 1 +
.../out/xds-ir/jwt-optional.listeners.yaml | 1 +
.../out/xds-ir/jwt-ratelimit.listeners.yaml | 1 +
...t-single-route-single-match.listeners.yaml | 1 +
.../jwt-with-backend-tls-retry.listeners.yaml | 1 +
.../listener-connection-limit.listeners.yaml | 4 ++++
...ener-overlapping-tls-config.listeners.yaml | 1 +
.../listener-proxy-protocol.listeners.yaml | 2 ++
.../listener-tcp-keepalive.listeners.yaml | 4 ++++
.../listener-tcp-without-route.listeners.yaml | 1 +
.../out/xds-ir/load-balancer.listeners.yaml | 1 +
.../local-ratelimit-distinct.listeners.yaml | 1 +
.../out/xds-ir/local-ratelimit.listeners.yaml | 1 +
.../testdata/out/xds-ir/lua.listeners.yaml | 1 +
.../metrics-virtual-host.listeners.yaml | 1 +
.../xds-ir/mixed-tls-jwt-authn.listeners.yaml | 1 +
...port-with-different-filters.listeners.yaml | 1 +
...ultiple-listeners-same-port.listeners.yaml | 1 +
...-simple-tcp-route-same-port.listeners.yaml | 1 +
...ertificate-with-custom-data.listeners.yaml | 5 +++++
...-forward-client-certificate.listeners.yaml | 5 +++++
...client-certificate-disabled.listeners.yaml | 2 ++
.../out/xds-ir/mutual-tls.listeners.yaml | 2 ++
...dc-and-jwt-with-passthrough.listeners.yaml | 1 +
...dc-backend-cluster-provider.listeners.yaml | 1 +
.../testdata/out/xds-ir/oidc.listeners.yaml | 1 +
.../out/xds-ir/panic-threshold.listeners.yaml | 1 +
.../out/xds-ir/path-settings.listeners.yaml | 1 +
.../proxy-protocol-upstream.listeners.yaml | 1 +
.../ratelimit-custom-domain.listeners.yaml | 1 +
.../ratelimit-disable-headers.listeners.yaml | 1 +
.../ratelimit-endpoint-stats.listeners.yaml | 1 +
.../ratelimit-global-shared.listeners.yaml | 1 +
.../ratelimit-headers-and-cidr.listeners.yaml | 1 +
...telimit-multi-global-shared.listeners.yaml | 1 +
.../xds-ir/ratelimit-sourceip.listeners.yaml | 1 +
.../out/xds-ir/ratelimit.listeners.yaml | 1 +
.../out/xds-ir/request-buffer.listeners.yaml | 2 ++
.../retry-partial-invalid.listeners.yaml | 1 +
.../testdata/out/xds-ir/retry.listeners.yaml | 1 +
...ypolicy-with-oidc-jwt-authz.listeners.yaml | 1 +
.../out/xds-ir/simple-tls.listeners.yaml | 1 +
.../suppress-envoy-headers.listeners.yaml | 1 +
.../xds-ir/tcp-endpoint-stats.listeners.yaml | 1 +
.../tcp-listener-ipfamily.listeners.yaml | 1 +
.../tcp-req-resp-sizes-stats.listeners.yaml | 1 +
.../xds-ir/tcp-route-complex.listeners.yaml | 1 +
.../xds-ir/tcp-route-simple.listeners.yaml | 1 +
.../tcp-route-tls-terminate.listeners.yaml | 1 +
.../tcp-route-weighted-backend.listeners.yaml | 1 +
.../out/xds-ir/timeout.listeners.yaml | 1 +
.../tls-route-passthrough.listeners.yaml | 2 ++
...-with-ciphers-versions-alpn.listeners.yaml | 2 ++
.../out/xds-ir/tracing-datadog.listeners.yaml | 1 +
.../tracing-endpoint-stats.listeners.yaml | 1 +
.../out/xds-ir/tracing-zipkin.listeners.yaml | 1 +
.../out/xds-ir/tracing.listeners.yaml | 1 +
.../upstream-tcpkeepalive.listeners.yaml | 1 +
.../testdata/out/xds-ir/wasm.listeners.yaml | 1 +
site/content/en/latest/api/extension_types.md | 1 +
test/helm/gateway-crds-helm/all.out.yaml | 8 ++++++++
.../envoy-gateway-crds.out.yaml | 8 ++++++++
175 files changed, 268 insertions(+), 5 deletions(-)
diff --git a/api/v1alpha1/connection_types.go b/api/v1alpha1/connection_types.go
index efb24dc3bb..81889a6203 100644
--- a/api/v1alpha1/connection_types.go
+++ b/api/v1alpha1/connection_types.go
@@ -36,6 +36,13 @@ type ClientConnection struct {
// +optional
// +notImplementedHide
SocketBufferLimit *resource.Quantity `json:"socketBufferLimit,omitempty"`
+
+ // MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
+ // per socket event. If there are more than MaxAcceptPerSocketEvent connections
+ // pending accept, connections over this threshold will be accepted in later event loop iterations.
+ // If no value is provided Envoy will accept all connections pending accept from the kernel.
+ // +optional
+ MaxAcceptPerSocketEvent *uint32 `json:"maxAcceptPerSocketEvent,omitempty"`
}
// BackendConnection allows users to configure connection-level settings of backend
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
index 524264cd66..e88978ae75 100644
--- a/api/v1alpha1/zz_generated.deepcopy.go
+++ b/api/v1alpha1/zz_generated.deepcopy.go
@@ -899,6 +899,11 @@ func (in *ClientConnection) DeepCopyInto(out *ClientConnection) {
x := (*in).DeepCopy()
*out = &x
}
+ if in.MaxAcceptPerSocketEvent != nil {
+ in, out := &in.MaxAcceptPerSocketEvent, &out.MaxAcceptPerSocketEvent
+ *out = new(uint32)
+ **out = **in
+ }
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientConnection.
diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
index 40c28267c8..34fc353110 100644
--- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
+++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
@@ -153,6 +153,14 @@ spec:
required:
- value
type: object
+ maxAcceptPerSocketEvent:
+ description: |-
+ MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
+ per socket event. If there are more than MaxAcceptPerSocketEvent connections
+ pending accept, connections over this threshold will be accepted in later event loop iterations.
+ If no value is provided Envoy will accept all connections pending accept from the kernel.
+ format: int32
+ type: integer
socketBufferLimit:
allOf:
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
index 0ed2172885..3dd69e7b26 100644
--- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
+++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
@@ -152,6 +152,14 @@ spec:
required:
- value
type: object
+ maxAcceptPerSocketEvent:
+ description: |-
+ MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
+ per socket event. If there are more than MaxAcceptPerSocketEvent connections
+ pending accept, connections over this threshold will be accepted in later event loop iterations.
+ If no value is provided Envoy will accept all connections pending accept from the kernel.
+ format: int32
+ type: integer
socketBufferLimit:
allOf:
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
diff --git a/internal/ir/xds.go b/internal/ir/xds.go
index 5d02d7df4e..9084026306 100644
--- a/internal/ir/xds.go
+++ b/internal/ir/xds.go
@@ -2931,6 +2931,8 @@ type ClientConnection struct {
ConnectionLimit *ConnectionLimit `json:"limit,omitempty" yaml:"limit,omitempty"`
// BufferLimitBytes is the maximum number of bytes that can be buffered for a connection.
BufferLimitBytes *uint32 `json:"bufferLimit,omitempty" yaml:"bufferLimit,omitempty"`
+ // MaxAcceptPerSocketEvent is the maximum number of connections to accept from the kernel per socket event.
+ MaxAcceptPerSocketEvent *uint32 `json:"maxAcceptPerSocketEvent,omitempty" yaml:"maxAcceptPerSocketEvent,omitempty"`
}
// ConnectionLimit contains settings for downstream connection limits
diff --git a/internal/ir/zz_generated.deepcopy.go b/internal/ir/zz_generated.deepcopy.go
index 8ee15b167f..510d12b7e3 100644
--- a/internal/ir/zz_generated.deepcopy.go
+++ b/internal/ir/zz_generated.deepcopy.go
@@ -501,6 +501,11 @@ func (in *ClientConnection) DeepCopyInto(out *ClientConnection) {
*out = new(uint32)
**out = **in
}
+ if in.MaxAcceptPerSocketEvent != nil {
+ in, out := &in.MaxAcceptPerSocketEvent, &out.MaxAcceptPerSocketEvent
+ *out = new(uint32)
+ **out = **in
+ }
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientConnection.
diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go
index 78c09a7e03..6a384fe254 100644
--- a/internal/xds/translator/listener.go
+++ b/internal/xds/translator/listener.go
@@ -52,7 +52,8 @@ const (
// https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-http2protocoloptions-initial-connection-window-size
http2InitialConnectionWindowSize = 1048576 // 1 MiB
// https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/connection_limit/v3/connection_limit.proto
- networkConnectionLimit = "envoy.filters.network.connection_limit"
+ networkConnectionLimit = "envoy.filters.network.connection_limit"
+ maxConnAcceptPerSocketEvent = 1
)
func http1ProtocolOptions(opts *ir.HTTP1Settings) *corev3.Http1ProtocolOptions {
@@ -197,11 +198,13 @@ func buildXdsTCPListener(
return nil, err
}
bufferLimitBytes := buildPerConnectionBufferLimitBytes(connection)
+ maxAcceptPerSocketEvent := buildMaxAcceptPerSocketEvent(connection)
listener := &listenerv3.Listener{
- Name: name,
- AccessLog: al,
- SocketOptions: socketOptions,
- PerConnectionBufferLimitBytes: bufferLimitBytes,
+ Name: name,
+ AccessLog: al,
+ SocketOptions: socketOptions,
+ PerConnectionBufferLimitBytes: bufferLimitBytes,
+ MaxConnectionsToAcceptPerSocketEvent: maxAcceptPerSocketEvent,
Address: &corev3.Address{
Address: &corev3.Address_SocketAddress{
SocketAddress: &corev3.SocketAddress{
@@ -230,6 +233,13 @@ func buildPerConnectionBufferLimitBytes(connection *ir.ClientConnection) *wrappe
return wrapperspb.UInt32(tcpListenerPerConnectionBufferLimitBytes)
}
+func buildMaxAcceptPerSocketEvent(connection *ir.ClientConnection) *wrapperspb.UInt32Value {
+ if connection != nil && connection.MaxAcceptPerSocketEvent != nil {
+ return wrapperspb.UInt32(*connection.MaxAcceptPerSocketEvent)
+ }
+ return wrapperspb.UInt32(maxConnAcceptPerSocketEvent)
+}
+
// buildXdsQuicListener creates a xds Listener resource for quic
func buildXdsQuicListener(name, address string, port uint32, ipFamily *egv1a1.IPFamily, accesslog *ir.AccessLog) (*listenerv3.Listener, error) {
log, err := buildXdsAccessLog(accesslog, ir.ProxyAccessLogTypeListener)
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/extensionpolicy-tcp-udp-http.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/extensionpolicy-tcp-udp-http.listeners.yaml
index 6fbaf5053e..146bc9f121 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/extensionpolicy-tcp-udp-http.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/extensionpolicy-tcp-udp-http.listeners.yaml
@@ -37,6 +37,7 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-dest
statPrefix: tcp-10080
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http1
perConnectionBufferLimitBytes: 32768
statPrefix: envoy-gateway/gateway-1/http1
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-filter.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-filter.listeners.yaml
index e6777ebece..7deec13dbb 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-filter.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-filter.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: extension-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: extension-listener
perConnectionBufferLimitBytes: 32768
statPrefix: mock-extension-inserted-prefix
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-listener-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-listener-error.listeners.yaml
index 5c1d57a440..f9ce671f37 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-listener-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-listener-error.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: extension-post-xdslistener-hook-error
+ maxConnectionsToAcceptPerSocketEvent: 1
name: extension-post-xdslistener-hook-error
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-route-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-route-error.listeners.yaml
index c3fb113017..a5bc288824 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-route-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-route-error.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-translate-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-translate-error.listeners.yaml
index 467a1d467f..877c7b5140 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-translate-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-translate-error.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: extension-post-xdstranslate-hook-error
+ maxConnectionsToAcceptPerSocketEvent: 1
name: extension-post-xdstranslate-hook-error
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-virtualhost-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-virtualhost-error.listeners.yaml
index 96c45d3ee2..cb8f77fd5e 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-virtualhost-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-virtualhost-error.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: extension-post-xdsvirtualhost-hook-error
+ maxConnectionsToAcceptPerSocketEvent: 1
name: extension-post-xdsvirtualhost-hook-error
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route.listeners.yaml
index c3fb113017..a5bc288824 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/listener-policy.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/listener-policy.listeners.yaml
index 7837e1509f..8f78e66fc6 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/listener-policy.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/listener-policy.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-10081
useRemoteAddress: true
name: policyextension-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: policyextension-listener
perConnectionBufferLimitBytes: 32768
statPrefix: from-the-policy
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/multiple-listeners-same-port-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/multiple-listeners-same-port-error.listeners.yaml
index dcbd7c627a..b55f7c0187 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/multiple-listeners-same-port-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/multiple-listeners-same-port-error.listeners.yaml
@@ -97,5 +97,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener-error
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.listeners.yaml
index 82af12d133..4b9be88849 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.listeners.yaml
@@ -179,5 +179,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.listeners.yaml
index ac530c829e..84191a28eb 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.listeners.yaml
@@ -140,5 +140,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.listeners.yaml
index 7e51cbeb1d..27a30cef38 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.listeners.yaml
@@ -196,5 +196,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml
index f1efd67797..706fd501e6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml
@@ -215,5 +215,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-types.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-types.listeners.yaml
index 9b89cf5c79..2296779c28 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-types.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-types.listeners.yaml
@@ -344,5 +344,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.listeners.yaml
index 20adb39d58..152e77f6cb 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.listeners.yaml
@@ -174,5 +174,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog.listeners.yaml
index 71f4affea9..ffce14f778 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog.listeners.yaml
@@ -174,5 +174,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/api-key-auth.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/api-key-auth.listeners.yaml
index 3ab3e53f2e..7e4465d144 100644
--- a/internal/xds/translator/testdata/out/xds-ir/api-key-auth.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/api-key-auth.listeners.yaml
@@ -40,5 +40,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-client-cidr.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-client-cidr.listeners.yaml
index 907d28f78b..0501674cf7 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-client-cidr.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-client-cidr.listeners.yaml
@@ -33,5 +33,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-http-header.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-http-header.listeners.yaml
index 907d28f78b..0501674cf7 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-http-header.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-http-header.listeners.yaml
@@ -33,5 +33,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.listeners.yaml
index 2bfa9b5130..261038728f 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.listeners.yaml
@@ -74,5 +74,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.listeners.yaml
index 2bfa9b5130..261038728f 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.listeners.yaml
@@ -74,5 +74,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-multiple-principals.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-multiple-principals.listeners.yaml
index 907d28f78b..0501674cf7 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-multiple-principals.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-multiple-principals.listeners.yaml
@@ -33,5 +33,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/backend-buffer-limit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/backend-buffer-limit.listeners.yaml
index 688cef1f74..09c320b7f3 100644
--- a/internal/xds/translator/testdata/out/xds-ir/backend-buffer-limit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/backend-buffer-limit.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -44,6 +45,7 @@
cluster: tcp-route-dest
statPrefix: tcp-10081
name: tcp-route-dest
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 1500
- address:
diff --git a/internal/xds/translator/testdata/out/xds-ir/backend-priority.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/backend-priority.listeners.yaml
index 55e2fde715..7f609a90d1 100644
--- a/internal/xds/translator/testdata/out/xds-ir/backend-priority.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/backend-priority.listeners.yaml
@@ -44,5 +44,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/basic-auth-username-header.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/basic-auth-username-header.listeners.yaml
index 1ab0be3569..102acc609b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/basic-auth-username-header.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/basic-auth-username-header.listeners.yaml
@@ -44,5 +44,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/basic-auth.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/basic-auth.listeners.yaml
index 686a1d85b7..df9365142e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/basic-auth.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/basic-auth.listeners.yaml
@@ -42,5 +42,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/btp-telemetry.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/btp-telemetry.listeners.yaml
index 09426a3177..4d0fe90c54 100644
--- a/internal/xds/translator/testdata/out/xds-ir/btp-telemetry.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/btp-telemetry.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/circuit-breaker.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/circuit-breaker.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/circuit-breaker.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/circuit-breaker.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/client-buffer-limit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/client-buffer-limit.listeners.yaml
index 9ae223623d..6f2229df69 100644
--- a/internal/xds/translator/testdata/out/xds-ir/client-buffer-limit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/client-buffer-limit.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 1500
- address:
@@ -44,5 +45,6 @@
cluster: tcp-route-dest
statPrefix: tcp-10081
name: tcp-route-dest
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 1500
diff --git a/internal/xds/translator/testdata/out/xds-ir/client-ip-detection.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/client-ip-detection.listeners.yaml
index 58d7f823ae..0a81c11e30 100644
--- a/internal/xds/translator/testdata/out/xds-ir/client-ip-detection.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/client-ip-detection.listeners.yaml
@@ -34,6 +34,7 @@
statPrefix: http-8081
useRemoteAddress: false
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -72,6 +73,7 @@
statPrefix: http-8082
useRemoteAddress: false
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -112,6 +114,7 @@
statPrefix: http-8083
useRemoteAddress: false
name: third-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -157,5 +160,6 @@
statPrefix: http-8084
useRemoteAddress: false
name: fourth-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/client-timeout.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/client-timeout.listeners.yaml
index 59b7902b54..4ec0aeddf6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/client-timeout.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/client-timeout.listeners.yaml
@@ -32,6 +32,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -47,5 +48,6 @@
idleTimeout: 1200s
statPrefix: tcp-10081
name: second-route
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/compression.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/compression.listeners.yaml
index c042cdcfa6..e0bba0b836 100644
--- a/internal/xds/translator/testdata/out/xds-ir/compression.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/compression.listeners.yaml
@@ -46,5 +46,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/cors-from-httpcorsfilter.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/cors-from-httpcorsfilter.listeners.yaml
index e43d6e27f7..6a7b66b8be 100644
--- a/internal/xds/translator/testdata/out/xds-ir/cors-from-httpcorsfilter.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/cors-from-httpcorsfilter.listeners.yaml
@@ -33,5 +33,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/cors.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/cors.listeners.yaml
index e43d6e27f7..6a7b66b8be 100644
--- a/internal/xds/translator/testdata/out/xds-ir/cors.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/cors.listeners.yaml
@@ -33,5 +33,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/credential-injection-backend-filter.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/credential-injection-backend-filter.listeners.yaml
index 09426a3177..4d0fe90c54 100644
--- a/internal/xds/translator/testdata/out/xds-ir/credential-injection-backend-filter.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/credential-injection-backend-filter.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/credential-injection.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/credential-injection.listeners.yaml
index b05991e953..7a127ec768 100644
--- a/internal/xds/translator/testdata/out/xds-ir/credential-injection.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/credential-injection.listeners.yaml
@@ -58,5 +58,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.listeners.yaml
index 7003a2ea33..14804eca76 100644
--- a/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.listeners.yaml
@@ -125,5 +125,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/custom-response.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/custom-response.listeners.yaml
index 455f453eda..bab8f6e0b5 100644
--- a/internal/xds/translator/testdata/out/xds-ir/custom-response.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/custom-response.listeners.yaml
@@ -147,5 +147,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.listeners.yaml
index cb9e097946..4fec6ff354 100644
--- a/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.listeners.yaml
@@ -176,5 +176,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.listeners.yaml
index 0ccea8c2bc..7700a8986c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.listeners.yaml
@@ -65,5 +65,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.listeners.yaml
index 84bea029d0..50c1b91ee9 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.listeners.yaml
@@ -67,5 +67,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.listeners.yaml
index e205456276..2cd9c22f99 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.listeners.yaml
@@ -66,5 +66,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth.listeners.yaml
index 84b95081c8..d4b0d94c49 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-auth.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth.listeners.yaml
@@ -65,5 +65,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-proc-with-traffic-settings.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-proc-with-traffic-settings.listeners.yaml
index 55e2fde715..7f609a90d1 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-proc-with-traffic-settings.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-proc-with-traffic-settings.listeners.yaml
@@ -44,5 +44,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-proc.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-proc.listeners.yaml
index 16f3139344..3a3d159e9a 100755
--- a/internal/xds/translator/testdata/out/xds-ir/ext-proc.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-proc.listeners.yaml
@@ -119,5 +119,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/fault-injection.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/fault-injection.listeners.yaml
index 72f0a0a123..578b85950b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/fault-injection.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/fault-injection.listeners.yaml
@@ -33,5 +33,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-disable-request-id.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-disable-request-id.listeners.yaml
index e51008bb62..b28018159a 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-disable-request-id.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-disable-request-id.listeners.yaml
@@ -29,6 +29,7 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -61,5 +62,6 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-generate-request-id.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-generate-request-id.listeners.yaml
index a00caeb6cf..2da2dbb0b0 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-generate-request-id.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-generate-request-id.listeners.yaml
@@ -29,6 +29,7 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -61,5 +62,6 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-or-generate-request-id.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-or-generate-request-id.listeners.yaml
index 5cb5a43f73..7b5d0e785e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-or-generate-request-id.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-or-generate-request-id.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -62,5 +63,6 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-request-id.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-request-id.listeners.yaml
index 0bf1746e73..1cbee6b41e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-request-id.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-request-id.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -62,5 +63,6 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-underscores-action.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-underscores-action.listeners.yaml
index d0509c239c..3c5a4ce9de 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-underscores-action.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-underscores-action.listeners.yaml
@@ -28,6 +28,7 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -59,6 +60,7 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -91,6 +93,7 @@
statPrefix: http-8083
useRemoteAddress: true
name: third-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -123,5 +126,6 @@
statPrefix: http-8084
useRemoteAddress: true
name: fourth-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/health-check.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/health-check.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/health-check.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/health-check.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-early-header-mutation.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-early-header-mutation.listeners.yaml
index 73dcc99a8b..5f3b4cd635 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-early-header-mutation.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-early-header-mutation.listeners.yaml
@@ -36,6 +36,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -102,5 +103,6 @@
statPrefix: http-10081
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-endpoint-stats.listeners.yaml
index 8b810de954..a88611caf1 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-endpoint-stats.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: listener-enable-endpoint-stats
+ maxConnectionsToAcceptPerSocketEvent: 1
name: listener-enable-endpoint-stats
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-health-check.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-health-check.listeners.yaml
index 1548f88fd6..2208eb5ee2 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-health-check.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-health-check.listeners.yaml
@@ -38,5 +38,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-preserve-client-protocol.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-preserve-client-protocol.listeners.yaml
index 09426a3177..4d0fe90c54 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-preserve-client-protocol.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-preserve-client-protocol.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-req-resp-sizes-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-req-resp-sizes-stats.listeners.yaml
index ac62b3d7a0..89d3361c24 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-req-resp-sizes-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-req-resp-sizes-stats.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: listener-enable-req-resp-sizes-stats
+ maxConnectionsToAcceptPerSocketEvent: 1
name: listener-enable-req-resp-sizes-stats
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-direct-response.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-direct-response.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-direct-response.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-direct-response.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.listeners.yaml
index 9677ab7557..f869509943 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.listeners.yaml
@@ -66,5 +66,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-mirror.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-mirror.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-mirror.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-mirror.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-mirrors-percentage.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-mirrors-percentage.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-mirrors-percentage.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-mirrors-percentage.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-matches.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-matches.listeners.yaml
index c3fb113017..a5bc288824 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-matches.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-matches.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors-percentage.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors-percentage.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors-percentage.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors-percentage.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-partial-invalid.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-partial-invalid.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-partial-invalid.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-partial-invalid.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-redirect.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-redirect.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-redirect.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-redirect.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-regex.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-regex.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-regex.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-regex.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-request-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-request-headers.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-request-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-request-headers.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-headers.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-headers.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-remove-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-remove-headers.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-remove-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-remove-headers.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-response-remove-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-response-remove-headers.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-response-remove-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-response-remove-headers.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-sufixx-with-slash-url-prefix.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-sufixx-with-slash-url-prefix.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-sufixx-with-slash-url-prefix.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-sufixx-with-slash-url-prefix.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-regex.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-regex.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-regex.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-regex.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-session-persistence.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-session-persistence.listeners.yaml
index 5e9d0478cf..26dedfa4ee 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-session-persistence.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-session-persistence.listeners.yaml
@@ -74,5 +74,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-timeout.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-timeout.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-timeout.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-timeout.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-uds-ip.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-uds-ip.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-uds-ip.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-uds-ip.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-with-filters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-with-filters.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-with-filters.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-with-filters.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-invalid-backend.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-invalid-backend.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-invalid-backend.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-invalid-backend.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-clientcert.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-clientcert.listeners.yaml
index 657d2b42a8..86036a19d5 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-clientcert.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-clientcert.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-btls/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-metadata.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-metadata.listeners.yaml
index c3fb113017..a5bc288824 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-metadata.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-metadata.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tls-system-truststore.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tls-system-truststore.listeners.yaml
index 657d2b42a8..86036a19d5 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tls-system-truststore.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tls-system-truststore.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-btls/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle-multiple-certs.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle-multiple-certs.listeners.yaml
index 5a43997887..59e6ae249f 100755
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle-multiple-certs.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle-multiple-certs.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-btls/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls/http
perConnectionBufferLimitBytes: 32768
- address:
@@ -64,5 +65,6 @@
statPrefix: http-10081
useRemoteAddress: true
name: envoy-gateway/gateway-btls-2/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls-2/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle.listeners.yaml
index 657d2b42a8..86036a19d5 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-btls/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing-weighted-clusters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing-weighted-clusters.listeners.yaml
index ec43e34f36..5c7db41545 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing-weighted-clusters.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing-weighted-clusters.listeners.yaml
@@ -28,5 +28,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing.listeners.yaml
index ec43e34f36..5c7db41545 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing.listeners.yaml
@@ -28,5 +28,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml
index 09426a3177..4d0fe90c54 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml
index 09426a3177..4d0fe90c54 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http1-preserve-case.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http1-preserve-case.listeners.yaml
index 8cebad7030..22947a5cce 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http1-preserve-case.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http1-preserve-case.listeners.yaml
@@ -36,6 +36,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -77,5 +78,6 @@
statPrefix: http-10081
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http1-trailers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http1-trailers.listeners.yaml
index eb0e689ae9..a7721414c8 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http1-trailers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http1-trailers.listeners.yaml
@@ -32,5 +32,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http10.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http10.listeners.yaml
index 61260cb950..f8f81a1f1b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http10.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http10.listeners.yaml
@@ -33,5 +33,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http2-mixed.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http2-mixed.listeners.yaml
index 0ac436eeb7..368dab5a9b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http2-mixed.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http2-mixed.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http2-route.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http2-route.listeners.yaml
index 460fcf1fc0..b2e4d2fb20 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http2-route.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http2-route.listeners.yaml
@@ -38,5 +38,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml
index 0ac436eeb7..368dab5a9b 100755
--- a/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http3.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http3.listeners.yaml
index 49a651da85..80d7bc1b38 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http3.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http3.listeners.yaml
@@ -100,5 +100,6 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/tls
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jsonpatch-missing-resource.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jsonpatch-missing-resource.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jsonpatch-missing-resource.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jsonpatch-missing-resource.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml
index 8aaea6d5fd..cebf87c73f 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml
@@ -61,5 +61,6 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jsonpatch.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jsonpatch.listeners.yaml
index 8aaea6d5fd..cebf87c73f 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jsonpatch.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jsonpatch.listeners.yaml
@@ -61,5 +61,6 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml
index d5b2dfa8ee..2385014f06 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml
@@ -60,5 +60,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.listeners.yaml
index 33b51edd61..97c317be07 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.listeners.yaml
@@ -126,5 +126,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.listeners.yaml
index 39cf6a7bba..cb66d4dcf1 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.listeners.yaml
@@ -96,5 +96,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-optional.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-optional.listeners.yaml
index 4a6a9a0631..051a776b32 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-optional.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-optional.listeners.yaml
@@ -63,5 +63,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.listeners.yaml
index 53af66649b..a4d81f0e11 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.listeners.yaml
@@ -63,5 +63,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.listeners.yaml
index eb828bbc9d..15f6b00844 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.listeners.yaml
@@ -53,5 +53,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml
index 4c1b6b0fc2..672ec20c19 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml
@@ -62,5 +62,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-connection-limit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-connection-limit.listeners.yaml
index 079ca70cfd..7cd7ecbd04 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-connection-limit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-connection-limit.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -69,6 +70,7 @@
statPrefix: http-10081
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -94,6 +96,7 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -113,5 +116,6 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-dest
statPrefix: tcp-10083
+ maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-overlapping-tls-config.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-overlapping-tls-config.listeners.yaml
index 5fa916377e..b97274df2b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-overlapping-tls-config.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-overlapping-tls-config.listeners.yaml
@@ -95,5 +95,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/https-1
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-proxy-protocol.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-proxy-protocol.listeners.yaml
index 89258f9070..f166c8abef 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-proxy-protocol.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-proxy-protocol.listeners.yaml
@@ -59,6 +59,7 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -77,5 +78,6 @@
- name: envoy.filters.listener.proxy_protocol
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-tcp-keepalive.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-tcp-keepalive.listeners.yaml
index afcd96ff6b..93842bc5ce 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-tcp-keepalive.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-tcp-keepalive.listeners.yaml
@@ -30,6 +30,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
socketOptions:
@@ -69,6 +70,7 @@
statPrefix: http-10081
useRemoteAddress: true
name: second-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
socketOptions:
@@ -106,6 +108,7 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
socketOptions:
@@ -124,6 +127,7 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-dest
statPrefix: tcp-10083
+ maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
socketOptions:
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-tcp-without-route.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-tcp-without-route.listeners.yaml
index 6539e7588e..7e8d627484 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-tcp-without-route.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-tcp-without-route.listeners.yaml
@@ -21,6 +21,7 @@
- name: envoy.filters.listener.proxy_protocol
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/tls-1
perConnectionBufferLimitBytes: 50000000
socketOptions:
diff --git a/internal/xds/translator/testdata/out/xds-ir/load-balancer.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/load-balancer.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/load-balancer.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/load-balancer.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/local-ratelimit-distinct.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/local-ratelimit-distinct.listeners.yaml
index 4f2355a56e..ee98980e3e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/local-ratelimit-distinct.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/local-ratelimit-distinct.listeners.yaml
@@ -35,5 +35,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/local-ratelimit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/local-ratelimit.listeners.yaml
index 4f2355a56e..ee98980e3e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/local-ratelimit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/local-ratelimit.listeners.yaml
@@ -35,5 +35,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/lua.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/lua.listeners.yaml
index d28bf2fe25..d7d641dd2d 100644
--- a/internal/xds/translator/testdata/out/xds-ir/lua.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/lua.listeners.yaml
@@ -51,5 +51,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/metrics-virtual-host.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/metrics-virtual-host.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/metrics-virtual-host.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/metrics-virtual-host.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml
index 65814a64bd..31e76f774a 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml
@@ -45,5 +45,6 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml
index 5c6552fd10..8b0b416a06 100755
--- a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml
@@ -163,5 +163,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port.listeners.yaml
index 5c84e82a4a..bd7e033cf5 100644
--- a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port.listeners.yaml
@@ -145,5 +145,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/multiple-simple-tcp-route-same-port.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/multiple-simple-tcp-route-same-port.listeners.yaml
index df909c5396..d4b4e1d6f4 100644
--- a/internal/xds/translator/testdata/out/xds-ir/multiple-simple-tcp-route-same-port.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/multiple-simple-tcp-route-same-port.listeners.yaml
@@ -38,5 +38,6 @@
cluster: tcp-route-simple-4-dest
statPrefix: tcp-10080
name: tcp-route-simple-4
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-simple
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate-with-custom-data.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate-with-custom-data.listeners.yaml
index 13aea564d3..7b0252b6c7 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate-with-custom-data.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate-with-custom-data.listeners.yaml
@@ -55,6 +55,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -115,6 +116,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -177,6 +179,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -241,6 +244,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -307,5 +311,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: fifth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate.listeners.yaml
index 483ada817b..fcb1f4dd3e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate.listeners.yaml
@@ -55,6 +55,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -115,6 +116,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -175,6 +177,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -235,6 +238,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -295,5 +299,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: fifth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-required-client-certificate-disabled.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-required-client-certificate-disabled.listeners.yaml
index 20dbf81f07..47b5e2f00d 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-required-client-certificate-disabled.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-required-client-certificate-disabled.listeners.yaml
@@ -55,6 +55,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -87,5 +88,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mutual-tls.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mutual-tls.listeners.yaml
index b51e1c7c92..3b1c6edfe4 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mutual-tls.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mutual-tls.listeners.yaml
@@ -55,6 +55,7 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: true
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -87,5 +88,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: true
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml
index 8996b15c63..8f1c1028d5 100644
--- a/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml
@@ -157,5 +157,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml
index ab9e55eadf..4e20904646 100644
--- a/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml
@@ -79,5 +79,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml
index 714f4f17ec..f77b96905f 100644
--- a/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml
@@ -123,5 +123,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/panic-threshold.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/panic-threshold.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/panic-threshold.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/panic-threshold.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/path-settings.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/path-settings.listeners.yaml
index d20c59f856..a25791ea52 100644
--- a/internal/xds/translator/testdata/out/xds-ir/path-settings.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/path-settings.listeners.yaml
@@ -29,5 +29,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/proxy-protocol-upstream.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/proxy-protocol-upstream.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/proxy-protocol-upstream.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/proxy-protocol-upstream.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.listeners.yaml
index 0e7cb96a26..5848912b9c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.listeners.yaml
@@ -40,5 +40,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.listeners.yaml
index cd3d911b02..d7dc5d1295 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.listeners.yaml
@@ -39,5 +39,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.listeners.yaml
index 0e7cb96a26..5848912b9c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.listeners.yaml
@@ -40,5 +40,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.listeners.yaml
index fd03d88dca..4df8073ca5 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.listeners.yaml
@@ -60,5 +60,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml
index 0e7cb96a26..5848912b9c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml
@@ -40,5 +40,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.listeners.yaml
index 0e76130891..d8de127ed6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.listeners.yaml
@@ -50,5 +50,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml
index 0e7cb96a26..5848912b9c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml
@@ -40,5 +40,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit.listeners.yaml
index 0e7cb96a26..5848912b9c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit.listeners.yaml
@@ -40,5 +40,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/request-buffer.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/request-buffer.listeners.yaml
index 9c5f330f5a..1b5504bd87 100644
--- a/internal/xds/translator/testdata/out/xds-ir/request-buffer.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/request-buffer.listeners.yaml
@@ -35,6 +35,7 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
- address:
@@ -74,5 +75,6 @@
statPrefix: http-10081
useRemoteAddress: true
name: envoy-gateway/gateway-2/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-2/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/retry-partial-invalid.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/retry-partial-invalid.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/retry-partial-invalid.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/retry-partial-invalid.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/retry.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/retry.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/retry.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/retry.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml
index eb5f36cb40..61573e5b44 100644
--- a/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml
@@ -102,5 +102,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/simple-tls.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/simple-tls.listeners.yaml
index ff45c0826a..6f069367c6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/simple-tls.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/simple-tls.listeners.yaml
@@ -49,5 +49,6 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/suppress-envoy-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/suppress-envoy-headers.listeners.yaml
index e56e13cfd6..26f3b45110 100644
--- a/internal/xds/translator/testdata/out/xds-ir/suppress-envoy-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/suppress-envoy-headers.listeners.yaml
@@ -55,5 +55,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml
index 05e2fc8ffe..c8e9cafa63 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml
@@ -9,5 +9,6 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-simple-dest
statPrefix: tcp-10080
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-route-enable-endpoint-stats
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-listener-ipfamily.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-listener-ipfamily.listeners.yaml
index 33d35dcfdb..a4a42c3230 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-listener-ipfamily.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-listener-ipfamily.listeners.yaml
@@ -11,5 +11,6 @@
cluster: tcp-route-dual-dest
statPrefix: tcp-8082
name: tcp-route-dual
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-dual
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml
index a2ac23f3a1..df212ab00f 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml
@@ -9,5 +9,6 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-simple-dest
statPrefix: tcp-10080
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-route-enable-req-resp-sizes-stats
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-complex.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-complex.listeners.yaml
index 515bc6416b..5f3b38aadb 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-complex.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-complex.listeners.yaml
@@ -19,5 +19,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-complex
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-simple.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-simple.listeners.yaml
index 7ea9adf25b..41d498e6d0 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-simple.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-simple.listeners.yaml
@@ -10,5 +10,6 @@
cluster: tcp-route-simple-dest
statPrefix: tcp-10080
name: tcp-route-simple
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-simple
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-tls-terminate.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-tls-terminate.listeners.yaml
index dc0e37419c..4671321855 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-tls-terminate.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-tls-terminate.listeners.yaml
@@ -49,5 +49,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tls-listener-terminate
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-weighted-backend.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-weighted-backend.listeners.yaml
index 9f8af189de..f16165dde4 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-weighted-backend.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-weighted-backend.listeners.yaml
@@ -19,5 +19,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-weighted-backend
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/timeout.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/timeout.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/timeout.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/timeout.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml
index f209ec6bd6..ddd54fbbc2 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml
@@ -17,6 +17,7 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tls-passthrough-foo
perConnectionBufferLimitBytes: 32768
- address:
@@ -38,5 +39,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tls-passthrough-bar
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml
index 8d7f639980..05c4b3c664 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml
@@ -75,6 +75,7 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -123,5 +124,6 @@
tlsMaximumProtocolVersion: TLSv1_2
tlsMinimumProtocolVersion: TLSv1_0
disableStatefulSessionResumption: true
+ maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.listeners.yaml
index 32f1b0230f..f5d891adb1 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.listeners.yaml
@@ -56,5 +56,6 @@
spawnUpstreamSpan: true
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.listeners.yaml
index abac7a833a..c685e2ac55 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.listeners.yaml
@@ -58,5 +58,6 @@
spawnUpstreamSpan: true
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.listeners.yaml
index a944c42563..362f098ff2 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.listeners.yaml
@@ -59,5 +59,6 @@
spawnUpstreamSpan: true
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing.listeners.yaml
index 3bd86857b6..b7497f7924 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tracing.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tracing.listeners.yaml
@@ -59,5 +59,6 @@
spawnUpstreamSpan: true
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/upstream-tcpkeepalive.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/upstream-tcpkeepalive.listeners.yaml
index 80ae84fd10..5dd5e46e3c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/upstream-tcpkeepalive.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/upstream-tcpkeepalive.listeners.yaml
@@ -30,5 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/wasm.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/wasm.listeners.yaml
index e3a679d1ae..889ca1c6ad 100755
--- a/internal/xds/translator/testdata/out/xds-ir/wasm.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/wasm.listeners.yaml
@@ -112,5 +112,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md
index 8743039e01..c054e4ead4 100644
--- a/site/content/en/latest/api/extension_types.md
+++ b/site/content/en/latest/api/extension_types.md
@@ -678,6 +678,7 @@ _Appears in:_
| --- | --- | --- | --- | --- |
| `connectionLimit` | _[ConnectionLimit](#connectionlimit)_ | false | | ConnectionLimit defines limits related to connections |
| `bufferLimit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#quantity-resource-api)_ | false | | BufferLimit provides configuration for the maximum buffer size in bytes for each incoming connection.
BufferLimit applies to connection streaming (maybe non-streaming) channel between processes, it's in user space.
For example, 20Mi, 1Gi, 256Ki etc.
Note that when the suffix is not provided, the value is interpreted as bytes.
Default: 32768 bytes. |
+| `maxAcceptPerSocketEvent` | _integer_ | false | | MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections
pending accept, connections over this threshold will be accepted in later event loop iterations.
If no value is provided Envoy will accept all connections pending accept from the kernel. |
#### ClientIPDetectionSettings
diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml
index 5f20bbedfa..33804f4023 100644
--- a/test/helm/gateway-crds-helm/all.out.yaml
+++ b/test/helm/gateway-crds-helm/all.out.yaml
@@ -19915,6 +19915,14 @@ spec:
required:
- value
type: object
+ maxAcceptPerSocketEvent:
+ description: |-
+ MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
+ per socket event. If there are more than MaxAcceptPerSocketEvent connections
+ pending accept, connections over this threshold will be accepted in later event loop iterations.
+ If no value is provided Envoy will accept all connections pending accept from the kernel.
+ format: int32
+ type: integer
socketBufferLimit:
allOf:
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
index bd81062b65..fb059ee104 100644
--- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
+++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
@@ -2603,6 +2603,14 @@ spec:
required:
- value
type: object
+ maxAcceptPerSocketEvent:
+ description: |-
+ MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
+ per socket event. If there are more than MaxAcceptPerSocketEvent connections
+ pending accept, connections over this threshold will be accepted in later event loop iterations.
+ If no value is provided Envoy will accept all connections pending accept from the kernel.
+ format: int32
+ type: integer
socketBufferLimit:
allOf:
- pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
From 3471fa39b576616c3765d41a975548935d3bb04c Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Thu, 29 May 2025 16:19:48 -0600
Subject: [PATCH 2/9] testdata
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
.../egctl/testdata/translate/out/default-resources.all.yaml | 4 ++++
.../testdata/translate/out/from-gateway-api-to-xds.all.json | 4 ++++
.../testdata/translate/out/from-gateway-api-to-xds.all.yaml | 4 ++++
.../translate/out/from-gateway-api-to-xds.listener.yaml | 4 ++++
.../out/jwt-single-route-single-match-to-xds.all.json | 1 +
.../out/jwt-single-route-single-match-to-xds.all.yaml | 1 +
.../out/jwt-single-route-single-match-to-xds.listener.yaml | 1 +
.../testdata/translate/out/no-service-cluster-ip.all.yaml | 1 +
8 files changed, 20 insertions(+)
diff --git a/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml b/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml
index e1c8190985..3c5bfb19ad 100644
--- a/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml
@@ -1166,6 +1166,7 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: default/eg/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/http
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -1277,6 +1278,7 @@ xds:
statPrefix: http-8080
useRemoteAddress: true
name: default/eg/grpc
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/grpc
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -1360,6 +1362,7 @@ xds:
cluster: tcproute/default/backend/rule/-1
statPrefix: tcp-1234
name: tcproute/default/backend
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tcp
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -1450,6 +1453,7 @@ xds:
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tls-passthrough
perConnectionBufferLimitBytes: 32768
- activeState:
diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json
index ac020e294a..c32087bfe3 100644
--- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json
+++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json
@@ -977,6 +977,7 @@
],
"name": "default/eg/http"
},
+ "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "default/eg/http",
"perConnectionBufferLimitBytes": 32768
}
@@ -1128,6 +1129,7 @@
],
"name": "default/eg/grpc"
},
+ "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "default/eg/grpc",
"perConnectionBufferLimitBytes": 32768
}
@@ -1239,6 +1241,7 @@
"name": "tcproute/default/backend"
}
],
+ "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "default/eg/tcp",
"perConnectionBufferLimitBytes": 32768
}
@@ -1363,6 +1366,7 @@
}
}
],
+ "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "default/eg/tls-passthrough",
"perConnectionBufferLimitBytes": 32768
}
diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml
index c8ddd01d8b..d08bc8ecb7 100644
--- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml
@@ -581,6 +581,7 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: default/eg/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/http
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -692,6 +693,7 @@ xds:
statPrefix: http-8080
useRemoteAddress: true
name: default/eg/grpc
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/grpc
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -775,6 +777,7 @@ xds:
cluster: tcproute/default/backend/rule/-1
statPrefix: tcp-1234
name: tcproute/default/backend
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tcp
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -865,6 +868,7 @@ xds:
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tls-passthrough
perConnectionBufferLimitBytes: 32768
- activeState:
diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml
index 349c627ad5..c0fa7da7c8 100644
--- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml
@@ -142,6 +142,7 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: default/eg/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/http
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -253,6 +254,7 @@ xds:
statPrefix: http-8080
useRemoteAddress: true
name: default/eg/grpc
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/grpc
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -336,6 +338,7 @@ xds:
cluster: tcproute/default/backend/rule/-1
statPrefix: tcp-1234
name: tcproute/default/backend
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tcp
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -426,6 +429,7 @@ xds:
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
+ maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tls-passthrough
perConnectionBufferLimitBytes: 32768
- activeState:
diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json
index b7051f5469..3ab4ac3d4e 100644
--- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json
+++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json
@@ -726,6 +726,7 @@
],
"name": "envoy-gateway-system/eg/http"
},
+ "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "envoy-gateway-system/eg/http",
"perConnectionBufferLimitBytes": 32768
}
diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml
index f56c075117..efdd90974e 100644
--- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml
@@ -439,6 +439,7 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway-system/eg/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway-system/eg/http
perConnectionBufferLimitBytes: 32768
- '@type': type.googleapis.com/envoy.admin.v3.RoutesConfigDump
diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml
index 72b2696cac..6eeb127d70 100644
--- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml
@@ -162,5 +162,6 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway-system/eg/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway-system/eg/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml b/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml
index b3e3bda8c0..82db180ada 100644
--- a/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml
@@ -382,6 +382,7 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway-system/eg/http
+ maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway-system/eg/http
perConnectionBufferLimitBytes: 32768
- '@type': type.googleapis.com/envoy.admin.v3.RoutesConfigDump
From 1a0533e6391b7726093142b4d5fc6a69597ff556 Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Thu, 29 May 2025 16:30:46 -0600
Subject: [PATCH 3/9] regen
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
.../testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml | 1 +
1 file changed, 1 insertion(+)
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml
index 4250f0a6b5..68b0133abe 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml
@@ -10,5 +10,6 @@
cluster: EmptyCluster
statPrefix: tcp-10080
name: EmptyCluster
+ maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-with-no-routes
perConnectionBufferLimitBytes: 32768
From d3992382ff333050816baaf4664b0842adffbc4f Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Thu, 29 May 2025 16:34:13 -0600
Subject: [PATCH 4/9] adjust description
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
api/v1alpha1/connection_types.go | 2 +-
.../generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml | 2 +-
.../generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml | 2 +-
site/content/en/latest/api/extension_types.md | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/api/v1alpha1/connection_types.go b/api/v1alpha1/connection_types.go
index 81889a6203..618809af0e 100644
--- a/api/v1alpha1/connection_types.go
+++ b/api/v1alpha1/connection_types.go
@@ -40,7 +40,7 @@ type ClientConnection struct {
// MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
// per socket event. If there are more than MaxAcceptPerSocketEvent connections
// pending accept, connections over this threshold will be accepted in later event loop iterations.
- // If no value is provided Envoy will accept all connections pending accept from the kernel.
+ // Default: 1
// +optional
MaxAcceptPerSocketEvent *uint32 `json:"maxAcceptPerSocketEvent,omitempty"`
}
diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
index 34fc353110..2595096612 100644
--- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
+++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
@@ -158,7 +158,7 @@ spec:
MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections
pending accept, connections over this threshold will be accepted in later event loop iterations.
- If no value is provided Envoy will accept all connections pending accept from the kernel.
+ Default: 1
format: int32
type: integer
socketBufferLimit:
diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
index 3dd69e7b26..6ced0c1641 100644
--- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
+++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
@@ -157,7 +157,7 @@ spec:
MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections
pending accept, connections over this threshold will be accepted in later event loop iterations.
- If no value is provided Envoy will accept all connections pending accept from the kernel.
+ Default: 1
format: int32
type: integer
socketBufferLimit:
diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md
index 9e14a56cfc..76d9c3e12b 100644
--- a/site/content/en/latest/api/extension_types.md
+++ b/site/content/en/latest/api/extension_types.md
@@ -678,7 +678,7 @@ _Appears in:_
| --- | --- | --- | --- | --- |
| `connectionLimit` | _[ConnectionLimit](#connectionlimit)_ | false | | ConnectionLimit defines limits related to connections |
| `bufferLimit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#quantity-resource-api)_ | false | | BufferLimit provides configuration for the maximum buffer size in bytes for each incoming connection.
BufferLimit applies to connection streaming (maybe non-streaming) channel between processes, it's in user space.
For example, 20Mi, 1Gi, 256Ki etc.
Note that when the suffix is not provided, the value is interpreted as bytes.
Default: 32768 bytes. |
-| `maxAcceptPerSocketEvent` | _integer_ | false | | MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections
pending accept, connections over this threshold will be accepted in later event loop iterations.
If no value is provided Envoy will accept all connections pending accept from the kernel. |
+| `maxAcceptPerSocketEvent` | _integer_ | false | | MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections
pending accept, connections over this threshold will be accepted in later event loop iterations.
Default: 1 |
#### ClientIPDetectionSettings
From 791a56937a0869eb99a6b9a40cda49db78bea322 Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Thu, 29 May 2025 16:40:49 -0600
Subject: [PATCH 5/9] add test
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
.../in/xds-ir/max-conn-per-socket-event.yaml | 36 +++++++++++++
.../max-conn-per-socket-event.clusters.yaml | 34 +++++++++++++
.../max-conn-per-socket-event.endpoints.yaml | 24 +++++++++
.../max-conn-per-socket-event.listeners.yaml | 50 +++++++++++++++++++
.../max-conn-per-socket-event.routes.yaml | 14 ++++++
test/helm/gateway-crds-helm/all.out.yaml | 2 +-
.../envoy-gateway-crds.out.yaml | 2 +-
7 files changed, 160 insertions(+), 2 deletions(-)
create mode 100644 internal/xds/translator/testdata/in/xds-ir/max-conn-per-socket-event.yaml
create mode 100644 internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.clusters.yaml
create mode 100644 internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.endpoints.yaml
create mode 100644 internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.listeners.yaml
create mode 100644 internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.routes.yaml
diff --git a/internal/xds/translator/testdata/in/xds-ir/max-conn-per-socket-event.yaml b/internal/xds/translator/testdata/in/xds-ir/max-conn-per-socket-event.yaml
new file mode 100644
index 0000000000..402fef29e2
--- /dev/null
+++ b/internal/xds/translator/testdata/in/xds-ir/max-conn-per-socket-event.yaml
@@ -0,0 +1,36 @@
+http:
+ - name: "first-listener"
+ address: "::"
+ port: 10080
+ hostnames:
+ - "*"
+ path:
+ mergeSlashes: true
+ escapedSlashesAction: UnescapeAndRedirect
+ routes:
+ - name: "first-route"
+ hostname: "*"
+ destination:
+ name: "first-route-dest"
+ settings:
+ - endpoints:
+ - host: "1.2.3.4"
+ port: 50000
+ name: "first-route-dest/backend/0"
+ connection:
+ maxAcceptPerSocketEvent: 2
+tcp:
+ - name: "second-listener"
+ address: "::"
+ connection:
+ maxAcceptPerSocketEvent: 3
+ port: 10081
+ routes:
+ - name: "tcp-route-dest"
+ destination:
+ name: "tcp-route-dest"
+ settings:
+ - endpoints:
+ - host: "1.2.3.4"
+ port: 50000
+ name: "tcp-route-dest/backend/0"
diff --git a/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.clusters.yaml
new file mode 100644
index 0000000000..1b8a0dcfcd
--- /dev/null
+++ b/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.clusters.yaml
@@ -0,0 +1,34 @@
+- circuitBreakers:
+ thresholds:
+ - maxRetries: 1024
+ commonLbConfig:
+ localityWeightedLbConfig: {}
+ connectTimeout: 10s
+ dnsLookupFamily: V4_PREFERRED
+ edsClusterConfig:
+ edsConfig:
+ ads: {}
+ resourceApiVersion: V3
+ serviceName: first-route-dest
+ ignoreHealthOnHostRemoval: true
+ lbPolicy: LEAST_REQUEST
+ name: first-route-dest
+ perConnectionBufferLimitBytes: 32768
+ type: EDS
+- circuitBreakers:
+ thresholds:
+ - maxRetries: 1024
+ commonLbConfig:
+ localityWeightedLbConfig: {}
+ connectTimeout: 10s
+ dnsLookupFamily: V4_PREFERRED
+ edsClusterConfig:
+ edsConfig:
+ ads: {}
+ resourceApiVersion: V3
+ serviceName: tcp-route-dest
+ ignoreHealthOnHostRemoval: true
+ lbPolicy: LEAST_REQUEST
+ name: tcp-route-dest
+ perConnectionBufferLimitBytes: 32768
+ type: EDS
diff --git a/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.endpoints.yaml b/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.endpoints.yaml
new file mode 100644
index 0000000000..0e783f21a8
--- /dev/null
+++ b/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.endpoints.yaml
@@ -0,0 +1,24 @@
+- clusterName: first-route-dest
+ endpoints:
+ - lbEndpoints:
+ - endpoint:
+ address:
+ socketAddress:
+ address: 1.2.3.4
+ portValue: 50000
+ loadBalancingWeight: 1
+ loadBalancingWeight: 1
+ locality:
+ region: first-route-dest/backend/0
+- clusterName: tcp-route-dest
+ endpoints:
+ - lbEndpoints:
+ - endpoint:
+ address:
+ socketAddress:
+ address: 1.2.3.4
+ portValue: 50000
+ loadBalancingWeight: 1
+ loadBalancingWeight: 1
+ locality:
+ region: tcp-route-dest/backend/0
diff --git a/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.listeners.yaml
new file mode 100644
index 0000000000..71fca9e49d
--- /dev/null
+++ b/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.listeners.yaml
@@ -0,0 +1,50 @@
+- address:
+ socketAddress:
+ address: '::'
+ portValue: 10080
+ defaultFilterChain:
+ filters:
+ - name: envoy.filters.network.http_connection_manager
+ typedConfig:
+ '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+ commonHttpProtocolOptions:
+ headersWithUnderscoresAction: REJECT_REQUEST
+ http2ProtocolOptions:
+ initialConnectionWindowSize: 1048576
+ initialStreamWindowSize: 65536
+ maxConcurrentStreams: 100
+ httpFilters:
+ - name: envoy.filters.http.router
+ typedConfig:
+ '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
+ suppressEnvoyHeaders: true
+ mergeSlashes: true
+ normalizePath: true
+ pathWithEscapedSlashesAction: UNESCAPE_AND_REDIRECT
+ rds:
+ configSource:
+ ads: {}
+ resourceApiVersion: V3
+ routeConfigName: first-listener
+ serverHeaderTransformation: PASS_THROUGH
+ statPrefix: http-10080
+ useRemoteAddress: true
+ name: first-listener
+ maxConnectionsToAcceptPerSocketEvent: 2
+ name: first-listener
+ perConnectionBufferLimitBytes: 32768
+- address:
+ socketAddress:
+ address: '::'
+ portValue: 10081
+ filterChains:
+ - filters:
+ - name: envoy.filters.network.tcp_proxy
+ typedConfig:
+ '@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
+ cluster: tcp-route-dest
+ statPrefix: tcp-10081
+ name: tcp-route-dest
+ maxConnectionsToAcceptPerSocketEvent: 3
+ name: second-listener
+ perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.routes.yaml
new file mode 100644
index 0000000000..0b5b4bee7b
--- /dev/null
+++ b/internal/xds/translator/testdata/out/xds-ir/max-conn-per-socket-event.routes.yaml
@@ -0,0 +1,14 @@
+- ignorePortInHostMatching: true
+ name: first-listener
+ virtualHosts:
+ - domains:
+ - '*'
+ name: first-listener/*
+ routes:
+ - match:
+ prefix: /
+ name: first-route
+ route:
+ cluster: first-route-dest
+ upgradeConfigs:
+ - upgradeType: websocket
diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml
index 61cc24a6df..e3b5065356 100644
--- a/test/helm/gateway-crds-helm/all.out.yaml
+++ b/test/helm/gateway-crds-helm/all.out.yaml
@@ -19931,7 +19931,7 @@ spec:
MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections
pending accept, connections over this threshold will be accepted in later event loop iterations.
- If no value is provided Envoy will accept all connections pending accept from the kernel.
+ Default: 1
format: int32
type: integer
socketBufferLimit:
diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
index afb53789e7..cad7a00162 100644
--- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
+++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
@@ -2619,7 +2619,7 @@ spec:
MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections
pending accept, connections over this threshold will be accepted in later event loop iterations.
- If no value is provided Envoy will accept all connections pending accept from the kernel.
+ Default: 1
format: int32
type: integer
socketBufferLimit:
From 807865e996d401b1a6bf6702ab26ff4c51dbec00 Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Thu, 29 May 2025 16:43:05 -0600
Subject: [PATCH 6/9] Release note
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
release-notes/current.yaml | 1 +
1 file changed, 1 insertion(+)
diff --git a/release-notes/current.yaml b/release-notes/current.yaml
index d269adce3a..62b565d0c9 100644
--- a/release-notes/current.yaml
+++ b/release-notes/current.yaml
@@ -16,6 +16,7 @@ new features: |
Added XDS metadata for clusters and endpoints from xRoutes and referenced backend resources (Backend, Service, ServiceImport).
Added support for setting ownerreference to infra resources when enable gateway namespace mode.
Added support for configuring hostname in active HTTP healthchecks.
+ Added support for configuring maxConnectionsToAcceptPerSocketEvent in listener via ClientTrafficPolicy.
bug fixes: |
Handle integer zone annotation values
From f914ac984894e5b929239af49175e7fc199d9d3c Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Fri, 30 May 2025 09:39:46 -0600
Subject: [PATCH 7/9] remove defaulting logic
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
api/v1alpha1/connection_types.go | 6 +++---
.../gateway.envoyproxy.io_clienttrafficpolicies.yaml | 6 +++---
.../gateway.envoyproxy.io_clienttrafficpolicies.yaml | 6 +++---
.../egctl/testdata/translate/out/default-resources.all.yaml | 4 ----
.../testdata/translate/out/from-gateway-api-to-xds.all.json | 4 ----
.../testdata/translate/out/from-gateway-api-to-xds.all.yaml | 4 ----
.../translate/out/from-gateway-api-to-xds.listener.yaml | 4 ----
.../out/jwt-single-route-single-match-to-xds.all.json | 1 -
.../out/jwt-single-route-single-match-to-xds.all.yaml | 1 -
.../out/jwt-single-route-single-match-to-xds.listener.yaml | 1 -
.../testdata/translate/out/no-service-cluster-ip.all.yaml | 1 -
internal/xds/translator/listener.go | 5 ++---
.../extensionpolicy-tcp-udp-http.listeners.yaml | 1 -
.../http-route-extension-filter.listeners.yaml | 1 -
.../http-route-extension-listener-error.listeners.yaml | 1 -
.../http-route-extension-route-error.listeners.yaml | 1 -
.../http-route-extension-translate-error.listeners.yaml | 1 -
.../http-route-extension-virtualhost-error.listeners.yaml | 1 -
.../testdata/out/extension-xds-ir/http-route.listeners.yaml | 1 -
.../out/extension-xds-ir/listener-policy.listeners.yaml | 1 -
.../multiple-listeners-same-port-error.listeners.yaml | 1 -
.../testdata/out/xds-ir/accesslog-cel.listeners.yaml | 1 -
.../out/xds-ir/accesslog-endpoint-stats.listeners.yaml | 1 -
.../testdata/out/xds-ir/accesslog-formatters.listeners.yaml | 1 -
.../testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml | 1 -
.../testdata/out/xds-ir/accesslog-types.listeners.yaml | 1 -
.../out/xds-ir/accesslog-with-format.listeners.yaml | 1 -
.../translator/testdata/out/xds-ir/accesslog.listeners.yaml | 1 -
.../testdata/out/xds-ir/api-key-auth.listeners.yaml | 1 -
.../out/xds-ir/authorization-client-cidr.listeners.yaml | 1 -
.../out/xds-ir/authorization-http-header.listeners.yaml | 1 -
.../out/xds-ir/authorization-jwt-claim.listeners.yaml | 1 -
.../out/xds-ir/authorization-jwt-scope.listeners.yaml | 1 -
.../xds-ir/authorization-multiple-principals.listeners.yaml | 1 -
.../testdata/out/xds-ir/backend-buffer-limit.listeners.yaml | 2 --
.../testdata/out/xds-ir/backend-priority.listeners.yaml | 1 -
.../out/xds-ir/basic-auth-username-header.listeners.yaml | 1 -
.../testdata/out/xds-ir/basic-auth.listeners.yaml | 1 -
.../testdata/out/xds-ir/btp-telemetry.listeners.yaml | 1 -
.../testdata/out/xds-ir/circuit-breaker.listeners.yaml | 1 -
.../testdata/out/xds-ir/client-buffer-limit.listeners.yaml | 2 --
.../testdata/out/xds-ir/client-ip-detection.listeners.yaml | 4 ----
.../testdata/out/xds-ir/client-timeout.listeners.yaml | 2 --
.../testdata/out/xds-ir/compression.listeners.yaml | 1 -
.../out/xds-ir/cors-from-httpcorsfilter.listeners.yaml | 1 -
.../xds/translator/testdata/out/xds-ir/cors.listeners.yaml | 1 -
.../credential-injection-backend-filter.listeners.yaml | 1 -
.../testdata/out/xds-ir/credential-injection.listeners.yaml | 1 -
.../testdata/out/xds-ir/custom-filter-order.listeners.yaml | 1 -
.../testdata/out/xds-ir/custom-response.listeners.yaml | 1 -
.../testdata/out/xds-ir/dns-lookup-family.listeners.yaml | 1 -
.../testdata/out/xds-ir/ext-auth-backend.listeners.yaml | 1 -
.../testdata/out/xds-ir/ext-auth-body.listeners.yaml | 1 -
.../out/xds-ir/ext-auth-recomputation.listeners.yaml | 1 -
.../translator/testdata/out/xds-ir/ext-auth.listeners.yaml | 1 -
.../xds-ir/ext-proc-with-traffic-settings.listeners.yaml | 1 -
.../translator/testdata/out/xds-ir/ext-proc.listeners.yaml | 1 -
.../testdata/out/xds-ir/fault-injection.listeners.yaml | 1 -
.../xds-ir/headers-with-disable-request-id.listeners.yaml | 2 --
.../xds-ir/headers-with-generate-request-id.listeners.yaml | 2 --
...ders-with-preserve-or-generate-request-id.listeners.yaml | 2 --
.../xds-ir/headers-with-preserve-request-id.listeners.yaml | 2 --
.../xds-ir/headers-with-underscores-action.listeners.yaml | 4 ----
.../testdata/out/xds-ir/health-check.listeners.yaml | 1 -
.../out/xds-ir/http-early-header-mutation.listeners.yaml | 2 --
.../testdata/out/xds-ir/http-endpoint-stats.listeners.yaml | 1 -
.../testdata/out/xds-ir/http-health-check.listeners.yaml | 1 -
.../out/xds-ir/http-preserve-client-protocol.listeners.yaml | 1 -
.../out/xds-ir/http-req-resp-sizes-stats.listeners.yaml | 1 -
.../out/xds-ir/http-route-direct-response.listeners.yaml | 1 -
.../out/xds-ir/http-route-dns-cluster.listeners.yaml | 1 -
.../out/xds-ir/http-route-dynamic-resolver.listeners.yaml | 1 -
.../testdata/out/xds-ir/http-route-mirror.listeners.yaml | 1 -
.../out/xds-ir/http-route-mirrors-percentage.listeners.yaml | 1 -
.../out/xds-ir/http-route-multiple-matches.listeners.yaml | 1 -
.../http-route-multiple-mirrors-percentage.listeners.yaml | 1 -
.../out/xds-ir/http-route-multiple-mirrors.listeners.yaml | 1 -
.../out/xds-ir/http-route-partial-invalid.listeners.yaml | 1 -
.../testdata/out/xds-ir/http-route-redirect.listeners.yaml | 1 -
.../testdata/out/xds-ir/http-route-regex.listeners.yaml | 1 -
.../out/xds-ir/http-route-request-headers.listeners.yaml | 1 -
.../xds-ir/http-route-response-add-headers.listeners.yaml | 1 -
.../http-route-response-add-remove-headers.listeners.yaml | 1 -
.../http-route-response-remove-headers.listeners.yaml | 1 -
.../http-route-rewrite-root-path-url-prefix.listeners.yaml | 1 -
...oute-rewrite-sufixx-with-slash-url-prefix.listeners.yaml | 1 -
.../xds-ir/http-route-rewrite-url-fullpath.listeners.yaml | 1 -
.../out/xds-ir/http-route-rewrite-url-host.listeners.yaml | 1 -
.../out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml | 1 -
.../out/xds-ir/http-route-rewrite-url-regex.listeners.yaml | 1 -
.../xds-ir/http-route-session-persistence.listeners.yaml | 1 -
.../testdata/out/xds-ir/http-route-timeout.listeners.yaml | 1 -
.../http-route-weighted-backend-uds-ip.listeners.yaml | 1 -
.../http-route-weighted-backend-with-filters.listeners.yaml | 1 -
.../out/xds-ir/http-route-weighted-backend.listeners.yaml | 1 -
.../http-route-weighted-invalid-backend.listeners.yaml | 1 -
.../out/xds-ir/http-route-with-clientcert.listeners.yaml | 1 -
.../out/xds-ir/http-route-with-metadata.listeners.yaml | 1 -
.../http-route-with-tls-system-truststore.listeners.yaml | 1 -
.../http-route-with-tlsbundle-multiple-certs.listeners.yaml | 2 --
.../out/xds-ir/http-route-with-tlsbundle.listeners.yaml | 1 -
...ttp-route-zonal-routing-weighted-clusters.listeners.yaml | 1 -
.../out/xds-ir/http-route-zonal-routing.listeners.yaml | 1 -
.../testdata/out/xds-ir/http-route.listeners.yaml | 1 -
.../testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml | 1 -
.../out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml | 1 -
.../testdata/out/xds-ir/http1-preserve-case.listeners.yaml | 2 --
.../testdata/out/xds-ir/http1-trailers.listeners.yaml | 1 -
.../translator/testdata/out/xds-ir/http10.listeners.yaml | 1 -
.../testdata/out/xds-ir/http2-mixed.listeners.yaml | 1 -
.../testdata/out/xds-ir/http2-route.listeners.yaml | 1 -
.../xds/translator/testdata/out/xds-ir/http2.listeners.yaml | 1 -
.../xds/translator/testdata/out/xds-ir/http3.listeners.yaml | 1 -
.../out/xds-ir/jsonpatch-missing-resource.listeners.yaml | 1 -
.../out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml | 1 -
.../translator/testdata/out/xds-ir/jsonpatch.listeners.yaml | 1 -
.../testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml | 1 -
.../xds-ir/jwt-multi-route-multi-provider.listeners.yaml | 1 -
.../xds-ir/jwt-multi-route-single-provider.listeners.yaml | 1 -
.../testdata/out/xds-ir/jwt-optional.listeners.yaml | 1 -
.../testdata/out/xds-ir/jwt-ratelimit.listeners.yaml | 1 -
.../out/xds-ir/jwt-single-route-single-match.listeners.yaml | 1 -
.../out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml | 1 -
.../out/xds-ir/listener-connection-limit.listeners.yaml | 4 ----
.../xds-ir/listener-overlapping-tls-config.listeners.yaml | 1 -
.../out/xds-ir/listener-proxy-protocol.listeners.yaml | 2 --
.../out/xds-ir/listener-tcp-keepalive.listeners.yaml | 4 ----
.../out/xds-ir/listener-tcp-without-route.listeners.yaml | 1 -
.../testdata/out/xds-ir/load-balancer.listeners.yaml | 1 -
.../out/xds-ir/local-ratelimit-distinct.listeners.yaml | 1 -
.../testdata/out/xds-ir/local-ratelimit.listeners.yaml | 1 -
.../xds/translator/testdata/out/xds-ir/lua.listeners.yaml | 1 -
.../testdata/out/xds-ir/metrics-virtual-host.listeners.yaml | 1 -
.../testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml | 1 -
...isteners-same-port-with-different-filters.listeners.yaml | 1 -
.../out/xds-ir/multiple-listeners-same-port.listeners.yaml | 1 -
.../multiple-simple-tcp-route-same-port.listeners.yaml | 1 -
...rward-client-certificate-with-custom-data.listeners.yaml | 5 -----
.../mutual-tls-forward-client-certificate.listeners.yaml | 5 -----
...-tls-required-client-certificate-disabled.listeners.yaml | 2 --
.../testdata/out/xds-ir/mutual-tls.listeners.yaml | 2 --
.../out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml | 1 -
.../out/xds-ir/oidc-backend-cluster-provider.listeners.yaml | 1 -
.../xds/translator/testdata/out/xds-ir/oidc.listeners.yaml | 1 -
.../testdata/out/xds-ir/panic-threshold.listeners.yaml | 1 -
.../testdata/out/xds-ir/path-settings.listeners.yaml | 1 -
.../out/xds-ir/proxy-protocol-upstream.listeners.yaml | 1 -
.../out/xds-ir/ratelimit-custom-domain.listeners.yaml | 1 -
.../out/xds-ir/ratelimit-disable-headers.listeners.yaml | 1 -
.../out/xds-ir/ratelimit-endpoint-stats.listeners.yaml | 1 -
.../out/xds-ir/ratelimit-global-shared.listeners.yaml | 1 -
.../out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml | 1 -
.../out/xds-ir/ratelimit-multi-global-shared.listeners.yaml | 1 -
.../testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml | 1 -
.../translator/testdata/out/xds-ir/ratelimit.listeners.yaml | 1 -
.../testdata/out/xds-ir/request-buffer.listeners.yaml | 2 --
.../out/xds-ir/retry-partial-invalid.listeners.yaml | 1 -
.../xds/translator/testdata/out/xds-ir/retry.listeners.yaml | 1 -
.../securitypolicy-with-oidc-jwt-authz.listeners.yaml | 1 -
.../testdata/out/xds-ir/simple-tls.listeners.yaml | 1 -
.../out/xds-ir/suppress-envoy-headers.listeners.yaml | 1 -
.../testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml | 1 -
.../out/xds-ir/tcp-listener-ipfamily.listeners.yaml | 1 -
.../out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml | 1 -
.../testdata/out/xds-ir/tcp-route-complex.listeners.yaml | 1 -
.../testdata/out/xds-ir/tcp-route-simple.listeners.yaml | 1 -
.../out/xds-ir/tcp-route-tls-terminate.listeners.yaml | 1 -
.../out/xds-ir/tcp-route-weighted-backend.listeners.yaml | 1 -
.../out/xds-ir/tcp-route-with-no-routes.listeners.yaml | 1 -
.../translator/testdata/out/xds-ir/timeout.listeners.yaml | 1 -
.../out/xds-ir/tls-route-passthrough.listeners.yaml | 2 --
.../xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml | 2 --
.../testdata/out/xds-ir/tracing-datadog.listeners.yaml | 1 -
.../out/xds-ir/tracing-endpoint-stats.listeners.yaml | 1 -
.../testdata/out/xds-ir/tracing-zipkin.listeners.yaml | 1 -
.../translator/testdata/out/xds-ir/tracing.listeners.yaml | 1 -
.../out/xds-ir/upstream-tcpkeepalive.listeners.yaml | 1 -
.../xds/translator/testdata/out/xds-ir/wasm.listeners.yaml | 1 -
site/content/en/latest/api/extension_types.md | 2 +-
test/helm/gateway-crds-helm/all.out.yaml | 6 +++---
test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml | 6 +++---
181 files changed, 18 insertions(+), 241 deletions(-)
diff --git a/api/v1alpha1/connection_types.go b/api/v1alpha1/connection_types.go
index 618809af0e..9720aab271 100644
--- a/api/v1alpha1/connection_types.go
+++ b/api/v1alpha1/connection_types.go
@@ -38,9 +38,9 @@ type ClientConnection struct {
SocketBufferLimit *resource.Quantity `json:"socketBufferLimit,omitempty"`
// MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
- // per socket event. If there are more than MaxAcceptPerSocketEvent connections
- // pending accept, connections over this threshold will be accepted in later event loop iterations.
- // Default: 1
+ // per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
+ // this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
+ // all connections pending accept from the kernel.
// +optional
MaxAcceptPerSocketEvent *uint32 `json:"maxAcceptPerSocketEvent,omitempty"`
}
diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
index 2595096612..e69876f6fa 100644
--- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
+++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
@@ -156,9 +156,9 @@ spec:
maxAcceptPerSocketEvent:
description: |-
MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
- per socket event. If there are more than MaxAcceptPerSocketEvent connections
- pending accept, connections over this threshold will be accepted in later event loop iterations.
- Default: 1
+ per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
+ this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
+ all connections pending accept from the kernel.
format: int32
type: integer
socketBufferLimit:
diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
index 6ced0c1641..6632c46f45 100644
--- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
+++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
@@ -155,9 +155,9 @@ spec:
maxAcceptPerSocketEvent:
description: |-
MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
- per socket event. If there are more than MaxAcceptPerSocketEvent connections
- pending accept, connections over this threshold will be accepted in later event loop iterations.
- Default: 1
+ per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
+ this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
+ all connections pending accept from the kernel.
format: int32
type: integer
socketBufferLimit:
diff --git a/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml b/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml
index 3a504865c9..cefeca7d51 100644
--- a/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/default-resources.all.yaml
@@ -1090,7 +1090,6 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: default/eg/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/http
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -1202,7 +1201,6 @@ xds:
statPrefix: http-8080
useRemoteAddress: true
name: default/eg/grpc
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/grpc
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -1286,7 +1284,6 @@ xds:
cluster: tcproute/default/backend/rule/-1
statPrefix: tcp-1234
name: tcproute/default/backend
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tcp
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -1377,7 +1374,6 @@ xds:
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tls-passthrough
perConnectionBufferLimitBytes: 32768
- activeState:
diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json
index d055a12efb..3d2e1433e4 100644
--- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json
+++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.json
@@ -912,7 +912,6 @@
],
"name": "default/eg/http"
},
- "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "default/eg/http",
"perConnectionBufferLimitBytes": 32768
}
@@ -1064,7 +1063,6 @@
],
"name": "default/eg/grpc"
},
- "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "default/eg/grpc",
"perConnectionBufferLimitBytes": 32768
}
@@ -1176,7 +1174,6 @@
"name": "tcproute/default/backend"
}
],
- "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "default/eg/tcp",
"perConnectionBufferLimitBytes": 32768
}
@@ -1301,7 +1298,6 @@
}
}
],
- "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "default/eg/tls-passthrough",
"perConnectionBufferLimitBytes": 32768
}
diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml
index de52ee5e6c..ef19b7dd56 100644
--- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.all.yaml
@@ -543,7 +543,6 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: default/eg/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/http
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -655,7 +654,6 @@ xds:
statPrefix: http-8080
useRemoteAddress: true
name: default/eg/grpc
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/grpc
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -739,7 +737,6 @@ xds:
cluster: tcproute/default/backend/rule/-1
statPrefix: tcp-1234
name: tcproute/default/backend
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tcp
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -830,7 +827,6 @@ xds:
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tls-passthrough
perConnectionBufferLimitBytes: 32768
- activeState:
diff --git a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml
index c0fa7da7c8..349c627ad5 100644
--- a/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/from-gateway-api-to-xds.listener.yaml
@@ -142,7 +142,6 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: default/eg/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/http
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -254,7 +253,6 @@ xds:
statPrefix: http-8080
useRemoteAddress: true
name: default/eg/grpc
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/grpc
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -338,7 +336,6 @@ xds:
cluster: tcproute/default/backend/rule/-1
statPrefix: tcp-1234
name: tcproute/default/backend
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tcp
perConnectionBufferLimitBytes: 32768
- activeState:
@@ -429,7 +426,6 @@ xds:
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/eg/tls-passthrough
perConnectionBufferLimitBytes: 32768
- activeState:
diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json
index 28ecacdd2f..aacad63882 100644
--- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json
+++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.json
@@ -661,7 +661,6 @@
],
"name": "envoy-gateway-system/eg/http"
},
- "maxConnectionsToAcceptPerSocketEvent": 1,
"name": "envoy-gateway-system/eg/http",
"perConnectionBufferLimitBytes": 32768
}
diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml
index dae303a9f7..899fefe9b5 100644
--- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.all.yaml
@@ -401,7 +401,6 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway-system/eg/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway-system/eg/http
perConnectionBufferLimitBytes: 32768
- '@type': type.googleapis.com/envoy.admin.v3.RoutesConfigDump
diff --git a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml
index 6eeb127d70..72b2696cac 100644
--- a/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/jwt-single-route-single-match-to-xds.listener.yaml
@@ -162,6 +162,5 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway-system/eg/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway-system/eg/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml b/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml
index 9d138baa57..da32fd6a55 100644
--- a/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml
+++ b/internal/cmd/egctl/testdata/translate/out/no-service-cluster-ip.all.yaml
@@ -344,7 +344,6 @@ xds:
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway-system/eg/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway-system/eg/http
perConnectionBufferLimitBytes: 32768
- '@type': type.googleapis.com/envoy.admin.v3.RoutesConfigDump
diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go
index 6a384fe254..a8ea8748d3 100644
--- a/internal/xds/translator/listener.go
+++ b/internal/xds/translator/listener.go
@@ -52,8 +52,7 @@ const (
// https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-http2protocoloptions-initial-connection-window-size
http2InitialConnectionWindowSize = 1048576 // 1 MiB
// https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/connection_limit/v3/connection_limit.proto
- networkConnectionLimit = "envoy.filters.network.connection_limit"
- maxConnAcceptPerSocketEvent = 1
+ networkConnectionLimit = "envoy.filters.network.connection_limit"
)
func http1ProtocolOptions(opts *ir.HTTP1Settings) *corev3.Http1ProtocolOptions {
@@ -237,7 +236,7 @@ func buildMaxAcceptPerSocketEvent(connection *ir.ClientConnection) *wrapperspb.U
if connection != nil && connection.MaxAcceptPerSocketEvent != nil {
return wrapperspb.UInt32(*connection.MaxAcceptPerSocketEvent)
}
- return wrapperspb.UInt32(maxConnAcceptPerSocketEvent)
+ return nil
}
// buildXdsQuicListener creates a xds Listener resource for quic
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/extensionpolicy-tcp-udp-http.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/extensionpolicy-tcp-udp-http.listeners.yaml
index 146bc9f121..6fbaf5053e 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/extensionpolicy-tcp-udp-http.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/extensionpolicy-tcp-udp-http.listeners.yaml
@@ -37,7 +37,6 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-dest
statPrefix: tcp-10080
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http1
perConnectionBufferLimitBytes: 32768
statPrefix: envoy-gateway/gateway-1/http1
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-filter.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-filter.listeners.yaml
index 7deec13dbb..e6777ebece 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-filter.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-filter.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: extension-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: extension-listener
perConnectionBufferLimitBytes: 32768
statPrefix: mock-extension-inserted-prefix
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-listener-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-listener-error.listeners.yaml
index f9ce671f37..5c1d57a440 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-listener-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-listener-error.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: extension-post-xdslistener-hook-error
- maxConnectionsToAcceptPerSocketEvent: 1
name: extension-post-xdslistener-hook-error
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-route-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-route-error.listeners.yaml
index a5bc288824..c3fb113017 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-route-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-route-error.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-translate-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-translate-error.listeners.yaml
index 877c7b5140..467a1d467f 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-translate-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-translate-error.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: extension-post-xdstranslate-hook-error
- maxConnectionsToAcceptPerSocketEvent: 1
name: extension-post-xdstranslate-hook-error
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-virtualhost-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-virtualhost-error.listeners.yaml
index cb8f77fd5e..96c45d3ee2 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-virtualhost-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route-extension-virtualhost-error.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: extension-post-xdsvirtualhost-hook-error
- maxConnectionsToAcceptPerSocketEvent: 1
name: extension-post-xdsvirtualhost-hook-error
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/http-route.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/http-route.listeners.yaml
index a5bc288824..c3fb113017 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/http-route.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/http-route.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/listener-policy.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/listener-policy.listeners.yaml
index 8f78e66fc6..7837e1509f 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/listener-policy.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/listener-policy.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-10081
useRemoteAddress: true
name: policyextension-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: policyextension-listener
perConnectionBufferLimitBytes: 32768
statPrefix: from-the-policy
diff --git a/internal/xds/translator/testdata/out/extension-xds-ir/multiple-listeners-same-port-error.listeners.yaml b/internal/xds/translator/testdata/out/extension-xds-ir/multiple-listeners-same-port-error.listeners.yaml
index b55f7c0187..dcbd7c627a 100644
--- a/internal/xds/translator/testdata/out/extension-xds-ir/multiple-listeners-same-port-error.listeners.yaml
+++ b/internal/xds/translator/testdata/out/extension-xds-ir/multiple-listeners-same-port-error.listeners.yaml
@@ -97,6 +97,5 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener-error
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.listeners.yaml
index 4b9be88849..82af12d133 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-cel.listeners.yaml
@@ -179,6 +179,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.listeners.yaml
index 84191a28eb..ac530c829e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-endpoint-stats.listeners.yaml
@@ -140,6 +140,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.listeners.yaml
index 27a30cef38..7e51cbeb1d 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-formatters.listeners.yaml
@@ -196,6 +196,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml
index 706fd501e6..f1efd67797 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-multi-cel.listeners.yaml
@@ -215,6 +215,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-types.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-types.listeners.yaml
index 2296779c28..9b89cf5c79 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-types.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-types.listeners.yaml
@@ -344,6 +344,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.listeners.yaml
index 152e77f6cb..20adb39d58 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog-with-format.listeners.yaml
@@ -174,6 +174,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/accesslog.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/accesslog.listeners.yaml
index ffce14f778..71f4affea9 100644
--- a/internal/xds/translator/testdata/out/xds-ir/accesslog.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/accesslog.listeners.yaml
@@ -174,6 +174,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/api-key-auth.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/api-key-auth.listeners.yaml
index 7e4465d144..3ab3e53f2e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/api-key-auth.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/api-key-auth.listeners.yaml
@@ -40,6 +40,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-client-cidr.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-client-cidr.listeners.yaml
index 0501674cf7..907d28f78b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-client-cidr.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-client-cidr.listeners.yaml
@@ -33,6 +33,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-http-header.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-http-header.listeners.yaml
index 0501674cf7..907d28f78b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-http-header.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-http-header.listeners.yaml
@@ -33,6 +33,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.listeners.yaml
index 261038728f..2bfa9b5130 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-claim.listeners.yaml
@@ -74,6 +74,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.listeners.yaml
index 261038728f..2bfa9b5130 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-jwt-scope.listeners.yaml
@@ -74,6 +74,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/authorization-multiple-principals.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/authorization-multiple-principals.listeners.yaml
index 0501674cf7..907d28f78b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/authorization-multiple-principals.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/authorization-multiple-principals.listeners.yaml
@@ -33,6 +33,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/backend-buffer-limit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/backend-buffer-limit.listeners.yaml
index 09c320b7f3..688cef1f74 100644
--- a/internal/xds/translator/testdata/out/xds-ir/backend-buffer-limit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/backend-buffer-limit.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -45,7 +44,6 @@
cluster: tcp-route-dest
statPrefix: tcp-10081
name: tcp-route-dest
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 1500
- address:
diff --git a/internal/xds/translator/testdata/out/xds-ir/backend-priority.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/backend-priority.listeners.yaml
index 7f609a90d1..55e2fde715 100644
--- a/internal/xds/translator/testdata/out/xds-ir/backend-priority.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/backend-priority.listeners.yaml
@@ -44,6 +44,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/basic-auth-username-header.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/basic-auth-username-header.listeners.yaml
index 102acc609b..1ab0be3569 100644
--- a/internal/xds/translator/testdata/out/xds-ir/basic-auth-username-header.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/basic-auth-username-header.listeners.yaml
@@ -44,6 +44,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/basic-auth.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/basic-auth.listeners.yaml
index df9365142e..686a1d85b7 100644
--- a/internal/xds/translator/testdata/out/xds-ir/basic-auth.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/basic-auth.listeners.yaml
@@ -42,6 +42,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/btp-telemetry.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/btp-telemetry.listeners.yaml
index 4d0fe90c54..09426a3177 100644
--- a/internal/xds/translator/testdata/out/xds-ir/btp-telemetry.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/btp-telemetry.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/circuit-breaker.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/circuit-breaker.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/circuit-breaker.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/circuit-breaker.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/client-buffer-limit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/client-buffer-limit.listeners.yaml
index 6f2229df69..9ae223623d 100644
--- a/internal/xds/translator/testdata/out/xds-ir/client-buffer-limit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/client-buffer-limit.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 1500
- address:
@@ -45,6 +44,5 @@
cluster: tcp-route-dest
statPrefix: tcp-10081
name: tcp-route-dest
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 1500
diff --git a/internal/xds/translator/testdata/out/xds-ir/client-ip-detection.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/client-ip-detection.listeners.yaml
index 0a81c11e30..58d7f823ae 100644
--- a/internal/xds/translator/testdata/out/xds-ir/client-ip-detection.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/client-ip-detection.listeners.yaml
@@ -34,7 +34,6 @@
statPrefix: http-8081
useRemoteAddress: false
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -73,7 +72,6 @@
statPrefix: http-8082
useRemoteAddress: false
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -114,7 +112,6 @@
statPrefix: http-8083
useRemoteAddress: false
name: third-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -160,6 +157,5 @@
statPrefix: http-8084
useRemoteAddress: false
name: fourth-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/client-timeout.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/client-timeout.listeners.yaml
index 4ec0aeddf6..59b7902b54 100644
--- a/internal/xds/translator/testdata/out/xds-ir/client-timeout.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/client-timeout.listeners.yaml
@@ -32,7 +32,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -48,6 +47,5 @@
idleTimeout: 1200s
statPrefix: tcp-10081
name: second-route
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/compression.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/compression.listeners.yaml
index e0bba0b836..c042cdcfa6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/compression.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/compression.listeners.yaml
@@ -46,6 +46,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/cors-from-httpcorsfilter.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/cors-from-httpcorsfilter.listeners.yaml
index 6a7b66b8be..e43d6e27f7 100644
--- a/internal/xds/translator/testdata/out/xds-ir/cors-from-httpcorsfilter.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/cors-from-httpcorsfilter.listeners.yaml
@@ -33,6 +33,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/cors.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/cors.listeners.yaml
index 6a7b66b8be..e43d6e27f7 100644
--- a/internal/xds/translator/testdata/out/xds-ir/cors.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/cors.listeners.yaml
@@ -33,6 +33,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/credential-injection-backend-filter.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/credential-injection-backend-filter.listeners.yaml
index 4d0fe90c54..09426a3177 100644
--- a/internal/xds/translator/testdata/out/xds-ir/credential-injection-backend-filter.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/credential-injection-backend-filter.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/credential-injection.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/credential-injection.listeners.yaml
index 7a127ec768..b05991e953 100644
--- a/internal/xds/translator/testdata/out/xds-ir/credential-injection.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/credential-injection.listeners.yaml
@@ -58,6 +58,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.listeners.yaml
index 14804eca76..7003a2ea33 100644
--- a/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/custom-filter-order.listeners.yaml
@@ -125,6 +125,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/custom-response.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/custom-response.listeners.yaml
index bab8f6e0b5..455f453eda 100644
--- a/internal/xds/translator/testdata/out/xds-ir/custom-response.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/custom-response.listeners.yaml
@@ -147,6 +147,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.listeners.yaml
index 4fec6ff354..cb9e097946 100644
--- a/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/dns-lookup-family.listeners.yaml
@@ -176,6 +176,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.listeners.yaml
index 7700a8986c..0ccea8c2bc 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-backend.listeners.yaml
@@ -65,6 +65,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.listeners.yaml
index 50c1b91ee9..84bea029d0 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-body.listeners.yaml
@@ -67,6 +67,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.listeners.yaml
index 2cd9c22f99..e205456276 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth-recomputation.listeners.yaml
@@ -66,6 +66,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-auth.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-auth.listeners.yaml
index d4b0d94c49..84b95081c8 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-auth.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-auth.listeners.yaml
@@ -65,6 +65,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-proc-with-traffic-settings.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-proc-with-traffic-settings.listeners.yaml
index 7f609a90d1..55e2fde715 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ext-proc-with-traffic-settings.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-proc-with-traffic-settings.listeners.yaml
@@ -44,6 +44,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ext-proc.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ext-proc.listeners.yaml
index 3a3d159e9a..16f3139344 100755
--- a/internal/xds/translator/testdata/out/xds-ir/ext-proc.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ext-proc.listeners.yaml
@@ -119,6 +119,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/fault-injection.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/fault-injection.listeners.yaml
index 578b85950b..72f0a0a123 100644
--- a/internal/xds/translator/testdata/out/xds-ir/fault-injection.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/fault-injection.listeners.yaml
@@ -33,6 +33,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-disable-request-id.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-disable-request-id.listeners.yaml
index b28018159a..e51008bb62 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-disable-request-id.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-disable-request-id.listeners.yaml
@@ -29,7 +29,6 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -62,6 +61,5 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-generate-request-id.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-generate-request-id.listeners.yaml
index 2da2dbb0b0..a00caeb6cf 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-generate-request-id.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-generate-request-id.listeners.yaml
@@ -29,7 +29,6 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -62,6 +61,5 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-or-generate-request-id.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-or-generate-request-id.listeners.yaml
index 7b5d0e785e..5cb5a43f73 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-or-generate-request-id.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-or-generate-request-id.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -63,6 +62,5 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-request-id.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-request-id.listeners.yaml
index 1cbee6b41e..0bf1746e73 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-request-id.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-preserve-request-id.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -63,6 +62,5 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/headers-with-underscores-action.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/headers-with-underscores-action.listeners.yaml
index 3c5a4ce9de..d0509c239c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/headers-with-underscores-action.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/headers-with-underscores-action.listeners.yaml
@@ -28,7 +28,6 @@
statPrefix: http-8081
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -60,7 +59,6 @@
statPrefix: http-8082
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -93,7 +91,6 @@
statPrefix: http-8083
useRemoteAddress: true
name: third-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -126,6 +123,5 @@
statPrefix: http-8084
useRemoteAddress: true
name: fourth-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/health-check.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/health-check.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/health-check.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/health-check.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-early-header-mutation.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-early-header-mutation.listeners.yaml
index 5f3b4cd635..73dcc99a8b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-early-header-mutation.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-early-header-mutation.listeners.yaml
@@ -36,7 +36,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -103,6 +102,5 @@
statPrefix: http-10081
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-endpoint-stats.listeners.yaml
index a88611caf1..8b810de954 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-endpoint-stats.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: listener-enable-endpoint-stats
- maxConnectionsToAcceptPerSocketEvent: 1
name: listener-enable-endpoint-stats
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-health-check.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-health-check.listeners.yaml
index 2208eb5ee2..1548f88fd6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-health-check.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-health-check.listeners.yaml
@@ -38,6 +38,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-preserve-client-protocol.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-preserve-client-protocol.listeners.yaml
index 4d0fe90c54..09426a3177 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-preserve-client-protocol.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-preserve-client-protocol.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-req-resp-sizes-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-req-resp-sizes-stats.listeners.yaml
index 89d3361c24..ac62b3d7a0 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-req-resp-sizes-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-req-resp-sizes-stats.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: listener-enable-req-resp-sizes-stats
- maxConnectionsToAcceptPerSocketEvent: 1
name: listener-enable-req-resp-sizes-stats
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-direct-response.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-direct-response.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-direct-response.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-direct-response.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-dns-cluster.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.listeners.yaml
index f869509943..9677ab7557 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-dynamic-resolver.listeners.yaml
@@ -66,6 +66,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-mirror.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-mirror.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-mirror.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-mirror.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-mirrors-percentage.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-mirrors-percentage.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-mirrors-percentage.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-mirrors-percentage.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-matches.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-matches.listeners.yaml
index a5bc288824..c3fb113017 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-matches.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-matches.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors-percentage.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors-percentage.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors-percentage.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors-percentage.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-multiple-mirrors.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-partial-invalid.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-partial-invalid.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-partial-invalid.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-partial-invalid.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-redirect.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-redirect.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-redirect.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-redirect.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-regex.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-regex.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-regex.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-regex.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-request-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-request-headers.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-request-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-request-headers.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-headers.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-headers.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-remove-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-remove-headers.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-remove-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-response-add-remove-headers.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-response-remove-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-response-remove-headers.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-response-remove-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-response-remove-headers.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-root-path-url-prefix.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-sufixx-with-slash-url-prefix.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-sufixx-with-slash-url-prefix.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-sufixx-with-slash-url-prefix.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-sufixx-with-slash-url-prefix.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-fullpath.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-host.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-prefix.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-regex.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-regex.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-regex.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-rewrite-url-regex.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-session-persistence.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-session-persistence.listeners.yaml
index 26dedfa4ee..5e9d0478cf 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-session-persistence.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-session-persistence.listeners.yaml
@@ -74,6 +74,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-timeout.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-timeout.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-timeout.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-timeout.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-uds-ip.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-uds-ip.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-uds-ip.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-uds-ip.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-with-filters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-with-filters.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-with-filters.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend-with-filters.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-backend.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-invalid-backend.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-invalid-backend.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-invalid-backend.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-weighted-invalid-backend.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-clientcert.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-clientcert.listeners.yaml
index 86036a19d5..657d2b42a8 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-clientcert.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-clientcert.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-btls/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-metadata.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-metadata.listeners.yaml
index a5bc288824..c3fb113017 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-metadata.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-metadata.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tls-system-truststore.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tls-system-truststore.listeners.yaml
index 86036a19d5..657d2b42a8 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tls-system-truststore.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tls-system-truststore.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-btls/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle-multiple-certs.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle-multiple-certs.listeners.yaml
index 59e6ae249f..5a43997887 100755
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle-multiple-certs.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle-multiple-certs.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-btls/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls/http
perConnectionBufferLimitBytes: 32768
- address:
@@ -65,6 +64,5 @@
statPrefix: http-10081
useRemoteAddress: true
name: envoy-gateway/gateway-btls-2/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls-2/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle.listeners.yaml
index 86036a19d5..657d2b42a8 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-with-tlsbundle.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-btls/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-btls/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing-weighted-clusters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing-weighted-clusters.listeners.yaml
index 5c7db41545..ec43e34f36 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing-weighted-clusters.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing-weighted-clusters.listeners.yaml
@@ -28,6 +28,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing.listeners.yaml
index 5c7db41545..ec43e34f36 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route-zonal-routing.listeners.yaml
@@ -28,6 +28,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-route.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-route.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-route.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-route.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml
index 4d0fe90c54..09426a3177 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-upgrade-spdy.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml
index 4d0fe90c54..09426a3177 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http-upgrade-websocket-spdy.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http1-preserve-case.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http1-preserve-case.listeners.yaml
index 22947a5cce..8cebad7030 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http1-preserve-case.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http1-preserve-case.listeners.yaml
@@ -36,7 +36,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -78,6 +77,5 @@
statPrefix: http-10081
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http1-trailers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http1-trailers.listeners.yaml
index a7721414c8..eb0e689ae9 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http1-trailers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http1-trailers.listeners.yaml
@@ -32,6 +32,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http10.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http10.listeners.yaml
index f8f81a1f1b..61260cb950 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http10.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http10.listeners.yaml
@@ -33,6 +33,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http2-mixed.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http2-mixed.listeners.yaml
index 368dab5a9b..0ac436eeb7 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http2-mixed.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http2-mixed.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http2-route.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http2-route.listeners.yaml
index b2e4d2fb20..460fcf1fc0 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http2-route.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http2-route.listeners.yaml
@@ -38,6 +38,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml
index 368dab5a9b..0ac436eeb7 100755
--- a/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/http3.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http3.listeners.yaml
index 80d7bc1b38..49a651da85 100644
--- a/internal/xds/translator/testdata/out/xds-ir/http3.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/http3.listeners.yaml
@@ -100,6 +100,5 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/tls
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jsonpatch-missing-resource.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jsonpatch-missing-resource.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jsonpatch-missing-resource.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jsonpatch-missing-resource.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml
index cebf87c73f..8aaea6d5fd 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jsonpatch-with-jsonpath.listeners.yaml
@@ -61,6 +61,5 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jsonpatch.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jsonpatch.listeners.yaml
index cebf87c73f..8aaea6d5fd 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jsonpatch.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jsonpatch.listeners.yaml
@@ -61,6 +61,5 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml
index 2385014f06..d5b2dfa8ee 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-custom-extractor.listeners.yaml
@@ -60,6 +60,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.listeners.yaml
index 97c317be07..33b51edd61 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-multi-provider.listeners.yaml
@@ -126,6 +126,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.listeners.yaml
index cb66d4dcf1..39cf6a7bba 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-multi-route-single-provider.listeners.yaml
@@ -96,6 +96,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-optional.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-optional.listeners.yaml
index 051a776b32..4a6a9a0631 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-optional.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-optional.listeners.yaml
@@ -63,6 +63,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.listeners.yaml
index a4d81f0e11..53af66649b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-ratelimit.listeners.yaml
@@ -63,6 +63,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.listeners.yaml
index 15f6b00844..eb828bbc9d 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-single-route-single-match.listeners.yaml
@@ -53,6 +53,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml
index 672ec20c19..4c1b6b0fc2 100644
--- a/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/jwt-with-backend-tls-retry.listeners.yaml
@@ -62,6 +62,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-connection-limit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-connection-limit.listeners.yaml
index 7cd7ecbd04..079ca70cfd 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-connection-limit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-connection-limit.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -70,7 +69,6 @@
statPrefix: http-10081
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -96,7 +94,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -116,6 +113,5 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-dest
statPrefix: tcp-10083
- maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-overlapping-tls-config.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-overlapping-tls-config.listeners.yaml
index b97274df2b..5fa916377e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-overlapping-tls-config.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-overlapping-tls-config.listeners.yaml
@@ -95,6 +95,5 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/https-1
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-proxy-protocol.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-proxy-protocol.listeners.yaml
index f166c8abef..89258f9070 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-proxy-protocol.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-proxy-protocol.listeners.yaml
@@ -59,7 +59,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -78,6 +77,5 @@
- name: envoy.filters.listener.proxy_protocol
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-tcp-keepalive.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-tcp-keepalive.listeners.yaml
index 93842bc5ce..afcd96ff6b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-tcp-keepalive.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-tcp-keepalive.listeners.yaml
@@ -30,7 +30,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
socketOptions:
@@ -70,7 +69,6 @@
statPrefix: http-10081
useRemoteAddress: true
name: second-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
socketOptions:
@@ -108,7 +106,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
socketOptions:
@@ -127,7 +124,6 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-dest
statPrefix: tcp-10083
- maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
socketOptions:
diff --git a/internal/xds/translator/testdata/out/xds-ir/listener-tcp-without-route.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/listener-tcp-without-route.listeners.yaml
index 7e8d627484..6539e7588e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/listener-tcp-without-route.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/listener-tcp-without-route.listeners.yaml
@@ -21,7 +21,6 @@
- name: envoy.filters.listener.proxy_protocol
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/tls-1
perConnectionBufferLimitBytes: 50000000
socketOptions:
diff --git a/internal/xds/translator/testdata/out/xds-ir/load-balancer.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/load-balancer.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/load-balancer.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/load-balancer.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/local-ratelimit-distinct.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/local-ratelimit-distinct.listeners.yaml
index ee98980e3e..4f2355a56e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/local-ratelimit-distinct.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/local-ratelimit-distinct.listeners.yaml
@@ -35,6 +35,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/local-ratelimit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/local-ratelimit.listeners.yaml
index ee98980e3e..4f2355a56e 100644
--- a/internal/xds/translator/testdata/out/xds-ir/local-ratelimit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/local-ratelimit.listeners.yaml
@@ -35,6 +35,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/lua.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/lua.listeners.yaml
index d7d641dd2d..d28bf2fe25 100644
--- a/internal/xds/translator/testdata/out/xds-ir/lua.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/lua.listeners.yaml
@@ -51,6 +51,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/metrics-virtual-host.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/metrics-virtual-host.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/metrics-virtual-host.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/metrics-virtual-host.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml
index 31e76f774a..65814a64bd 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mixed-tls-jwt-authn.listeners.yaml
@@ -45,6 +45,5 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml
index 8b0b416a06..5c6552fd10 100755
--- a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port-with-different-filters.listeners.yaml
@@ -163,6 +163,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: default/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: default/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port.listeners.yaml
index bd7e033cf5..5c84e82a4a 100644
--- a/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/multiple-listeners-same-port.listeners.yaml
@@ -145,6 +145,5 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/multiple-simple-tcp-route-same-port.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/multiple-simple-tcp-route-same-port.listeners.yaml
index d4b4e1d6f4..df909c5396 100644
--- a/internal/xds/translator/testdata/out/xds-ir/multiple-simple-tcp-route-same-port.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/multiple-simple-tcp-route-same-port.listeners.yaml
@@ -38,6 +38,5 @@
cluster: tcp-route-simple-4-dest
statPrefix: tcp-10080
name: tcp-route-simple-4
- maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-simple
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate-with-custom-data.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate-with-custom-data.listeners.yaml
index 7b0252b6c7..13aea564d3 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate-with-custom-data.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate-with-custom-data.listeners.yaml
@@ -55,7 +55,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -116,7 +115,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -179,7 +177,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -244,7 +241,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -311,6 +307,5 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: fifth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate.listeners.yaml
index fcb1f4dd3e..483ada817b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-forward-client-certificate.listeners.yaml
@@ -55,7 +55,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -116,7 +115,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -177,7 +175,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: third-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -238,7 +235,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: fourth-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -299,6 +295,5 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: fifth-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-required-client-certificate-disabled.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-required-client-certificate-disabled.listeners.yaml
index 47b5e2f00d..20dbf81f07 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mutual-tls-required-client-certificate-disabled.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mutual-tls-required-client-certificate-disabled.listeners.yaml
@@ -55,7 +55,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -88,6 +87,5 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: false
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/mutual-tls.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/mutual-tls.listeners.yaml
index 3b1c6edfe4..b51e1c7c92 100644
--- a/internal/xds/translator/testdata/out/xds-ir/mutual-tls.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/mutual-tls.listeners.yaml
@@ -55,7 +55,6 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: true
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -88,6 +87,5 @@
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
requireClientCertificate: true
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml
index 8f1c1028d5..8996b15c63 100644
--- a/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/oidc-and-jwt-with-passthrough.listeners.yaml
@@ -157,6 +157,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml
index 4e20904646..ab9e55eadf 100644
--- a/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/oidc-backend-cluster-provider.listeners.yaml
@@ -79,6 +79,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml
index 496d62dc62..3a94b3a8bd 100644
--- a/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/oidc.listeners.yaml
@@ -140,6 +140,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/panic-threshold.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/panic-threshold.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/panic-threshold.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/panic-threshold.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/path-settings.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/path-settings.listeners.yaml
index a25791ea52..d20c59f856 100644
--- a/internal/xds/translator/testdata/out/xds-ir/path-settings.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/path-settings.listeners.yaml
@@ -29,6 +29,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/proxy-protocol-upstream.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/proxy-protocol-upstream.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/proxy-protocol-upstream.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/proxy-protocol-upstream.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.listeners.yaml
index 5848912b9c..0e7cb96a26 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-custom-domain.listeners.yaml
@@ -40,6 +40,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.listeners.yaml
index d7dc5d1295..cd3d911b02 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-disable-headers.listeners.yaml
@@ -39,6 +39,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.listeners.yaml
index 5848912b9c..0e7cb96a26 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-endpoint-stats.listeners.yaml
@@ -40,6 +40,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.listeners.yaml
index 8576ebeb03..fd3c8f9467 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-global-shared.listeners.yaml
@@ -60,6 +60,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml
index 5848912b9c..0e7cb96a26 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-headers-and-cidr.listeners.yaml
@@ -40,6 +40,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.listeners.yaml
index 8576ebeb03..fd3c8f9467 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-multi-global-shared.listeners.yaml
@@ -60,6 +60,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml
index 5848912b9c..0e7cb96a26 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit-sourceip.listeners.yaml
@@ -40,6 +40,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/ratelimit.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/ratelimit.listeners.yaml
index 5848912b9c..0e7cb96a26 100644
--- a/internal/xds/translator/testdata/out/xds-ir/ratelimit.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/ratelimit.listeners.yaml
@@ -40,6 +40,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/request-buffer.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/request-buffer.listeners.yaml
index 1b5504bd87..9c5f330f5a 100644
--- a/internal/xds/translator/testdata/out/xds-ir/request-buffer.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/request-buffer.listeners.yaml
@@ -35,7 +35,6 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
- address:
@@ -75,6 +74,5 @@
statPrefix: http-10081
useRemoteAddress: true
name: envoy-gateway/gateway-2/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-2/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/retry-partial-invalid.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/retry-partial-invalid.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/retry-partial-invalid.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/retry-partial-invalid.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/retry.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/retry.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/retry.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/retry.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml
index 61573e5b44..eb5f36cb40 100644
--- a/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/securitypolicy-with-oidc-jwt-authz.listeners.yaml
@@ -102,6 +102,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/simple-tls.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/simple-tls.listeners.yaml
index 6f069367c6..ff45c0826a 100644
--- a/internal/xds/translator/testdata/out/xds-ir/simple-tls.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/simple-tls.listeners.yaml
@@ -49,6 +49,5 @@
resourceApiVersion: V3
disableStatefulSessionResumption: true
disableStatelessSessionResumption: true
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/suppress-envoy-headers.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/suppress-envoy-headers.listeners.yaml
index 26f3b45110..e56e13cfd6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/suppress-envoy-headers.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/suppress-envoy-headers.listeners.yaml
@@ -55,6 +55,5 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml
index c8e9cafa63..05e2fc8ffe 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-endpoint-stats.listeners.yaml
@@ -9,6 +9,5 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-simple-dest
statPrefix: tcp-10080
- maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-route-enable-endpoint-stats
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-listener-ipfamily.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-listener-ipfamily.listeners.yaml
index a4a42c3230..33d35dcfdb 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-listener-ipfamily.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-listener-ipfamily.listeners.yaml
@@ -11,6 +11,5 @@
cluster: tcp-route-dual-dest
statPrefix: tcp-8082
name: tcp-route-dual
- maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-dual
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml
index df212ab00f..a2ac23f3a1 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-req-resp-sizes-stats.listeners.yaml
@@ -9,6 +9,5 @@
'@type': type.googleapis.com/envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy
cluster: tcp-route-simple-dest
statPrefix: tcp-10080
- maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-route-enable-req-resp-sizes-stats
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-complex.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-complex.listeners.yaml
index 5f3b38aadb..515bc6416b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-complex.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-complex.listeners.yaml
@@ -19,6 +19,5 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-complex
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-simple.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-simple.listeners.yaml
index 41d498e6d0..7ea9adf25b 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-simple.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-simple.listeners.yaml
@@ -10,6 +10,5 @@
cluster: tcp-route-simple-dest
statPrefix: tcp-10080
name: tcp-route-simple
- maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-simple
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-tls-terminate.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-tls-terminate.listeners.yaml
index 4671321855..dc0e37419c 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-tls-terminate.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-tls-terminate.listeners.yaml
@@ -49,6 +49,5 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: tls-listener-terminate
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-weighted-backend.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-weighted-backend.listeners.yaml
index f16165dde4..9f8af189de 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-weighted-backend.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-weighted-backend.listeners.yaml
@@ -19,6 +19,5 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-weighted-backend
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml
index 68b0133abe..4250f0a6b5 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tcp-route-with-no-routes.listeners.yaml
@@ -10,6 +10,5 @@
cluster: EmptyCluster
statPrefix: tcp-10080
name: EmptyCluster
- maxConnectionsToAcceptPerSocketEvent: 1
name: tcp-listener-with-no-routes
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/timeout.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/timeout.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/timeout.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/timeout.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml
index ddd54fbbc2..f209ec6bd6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tls-route-passthrough.listeners.yaml
@@ -17,7 +17,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: tls-passthrough-foo
perConnectionBufferLimitBytes: 32768
- address:
@@ -39,6 +38,5 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: tls-passthrough-bar
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml
index 05c4b3c664..8d7f639980 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tls-with-ciphers-versions-alpn.listeners.yaml
@@ -75,7 +75,6 @@
- name: envoy.filters.listener.tls_inspector
typedConfig:
'@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
- address:
@@ -124,6 +123,5 @@
tlsMaximumProtocolVersion: TLSv1_2
tlsMinimumProtocolVersion: TLSv1_0
disableStatefulSessionResumption: true
- maxConnectionsToAcceptPerSocketEvent: 1
name: second-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.listeners.yaml
index f5d891adb1..32f1b0230f 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tracing-datadog.listeners.yaml
@@ -56,6 +56,5 @@
spawnUpstreamSpan: true
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.listeners.yaml
index c685e2ac55..abac7a833a 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tracing-endpoint-stats.listeners.yaml
@@ -58,6 +58,5 @@
spawnUpstreamSpan: true
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.listeners.yaml
index 362f098ff2..a944c42563 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tracing-zipkin.listeners.yaml
@@ -59,6 +59,5 @@
spawnUpstreamSpan: true
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/tracing.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/tracing.listeners.yaml
index b7497f7924..3bd86857b6 100644
--- a/internal/xds/translator/testdata/out/xds-ir/tracing.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/tracing.listeners.yaml
@@ -59,6 +59,5 @@
spawnUpstreamSpan: true
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/upstream-tcpkeepalive.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/upstream-tcpkeepalive.listeners.yaml
index 5dd5e46e3c..80ae84fd10 100644
--- a/internal/xds/translator/testdata/out/xds-ir/upstream-tcpkeepalive.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/upstream-tcpkeepalive.listeners.yaml
@@ -30,6 +30,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: first-listener
- maxConnectionsToAcceptPerSocketEvent: 1
name: first-listener
perConnectionBufferLimitBytes: 32768
diff --git a/internal/xds/translator/testdata/out/xds-ir/wasm.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/wasm.listeners.yaml
index 35a1d5fdee..62f562343a 100755
--- a/internal/xds/translator/testdata/out/xds-ir/wasm.listeners.yaml
+++ b/internal/xds/translator/testdata/out/xds-ir/wasm.listeners.yaml
@@ -112,6 +112,5 @@
statPrefix: http-10080
useRemoteAddress: true
name: envoy-gateway/gateway-1/http
- maxConnectionsToAcceptPerSocketEvent: 1
name: envoy-gateway/gateway-1/http
perConnectionBufferLimitBytes: 32768
diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md
index 76d9c3e12b..3d50687606 100644
--- a/site/content/en/latest/api/extension_types.md
+++ b/site/content/en/latest/api/extension_types.md
@@ -678,7 +678,7 @@ _Appears in:_
| --- | --- | --- | --- | --- |
| `connectionLimit` | _[ConnectionLimit](#connectionlimit)_ | false | | ConnectionLimit defines limits related to connections |
| `bufferLimit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#quantity-resource-api)_ | false | | BufferLimit provides configuration for the maximum buffer size in bytes for each incoming connection.
BufferLimit applies to connection streaming (maybe non-streaming) channel between processes, it's in user space.
For example, 20Mi, 1Gi, 256Ki etc.
Note that when the suffix is not provided, the value is interpreted as bytes.
Default: 32768 bytes. |
-| `maxAcceptPerSocketEvent` | _integer_ | false | | MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections
pending accept, connections over this threshold will be accepted in later event loop iterations.
Default: 1 |
+| `maxAcceptPerSocketEvent` | _integer_ | false | | MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
all connections pending accept from the kernel. |
#### ClientIPDetectionSettings
diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml
index e3b5065356..6a7d8a8680 100644
--- a/test/helm/gateway-crds-helm/all.out.yaml
+++ b/test/helm/gateway-crds-helm/all.out.yaml
@@ -19929,9 +19929,9 @@ spec:
maxAcceptPerSocketEvent:
description: |-
MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
- per socket event. If there are more than MaxAcceptPerSocketEvent connections
- pending accept, connections over this threshold will be accepted in later event loop iterations.
- Default: 1
+ per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
+ this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
+ all connections pending accept from the kernel.
format: int32
type: integer
socketBufferLimit:
diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
index cad7a00162..ac0bfa33dd 100644
--- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
+++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
@@ -2617,9 +2617,9 @@ spec:
maxAcceptPerSocketEvent:
description: |-
MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
- per socket event. If there are more than MaxAcceptPerSocketEvent connections
- pending accept, connections over this threshold will be accepted in later event loop iterations.
- Default: 1
+ per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
+ this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
+ all connections pending accept from the kernel.
format: int32
type: integer
socketBufferLimit:
From 983d72bb2ff7201e99982e3a7ba1c9c5624baf2c Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Tue, 3 Jun 2025 09:38:57 -0600
Subject: [PATCH 8/9] Adjust description
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
api/v1alpha1/connection_types.go | 3 +++
.../generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml | 2 ++
.../generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml | 2 ++
site/content/en/latest/api/extension_types.md | 2 +-
4 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/api/v1alpha1/connection_types.go b/api/v1alpha1/connection_types.go
index 9720aab271..be71718c2a 100644
--- a/api/v1alpha1/connection_types.go
+++ b/api/v1alpha1/connection_types.go
@@ -41,6 +41,9 @@ type ClientConnection struct {
// per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
// this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
// all connections pending accept from the kernel.
+ // It is recommended to lower this value for better overload management and reduced per-event cost.
+ // Setting it to 1 is a viable option with no noticeable impact on performance.
+ //
// +optional
MaxAcceptPerSocketEvent *uint32 `json:"maxAcceptPerSocketEvent,omitempty"`
}
diff --git a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
index e69876f6fa..3a48215f6a 100644
--- a/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
+++ b/charts/gateway-crds-helm/templates/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
@@ -159,6 +159,8 @@ spec:
per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
all connections pending accept from the kernel.
+ It is recommended to lower this value for better overload management and reduced per-event cost.
+ Setting it to 1 is a viable option with no noticeable impact on performance.
format: int32
type: integer
socketBufferLimit:
diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
index 6632c46f45..fd37c74bdf 100644
--- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
+++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml
@@ -158,6 +158,8 @@ spec:
per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
all connections pending accept from the kernel.
+ It is recommended to lower this value for better overload management and reduced per-event cost.
+ Setting it to 1 is a viable option with no noticeable impact on performance.
format: int32
type: integer
socketBufferLimit:
diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md
index f326608b91..9769473151 100644
--- a/site/content/en/latest/api/extension_types.md
+++ b/site/content/en/latest/api/extension_types.md
@@ -677,7 +677,7 @@ _Appears in:_
| --- | --- | --- | --- | --- |
| `connectionLimit` | _[ConnectionLimit](#connectionlimit)_ | false | | ConnectionLimit defines limits related to connections |
| `bufferLimit` | _[Quantity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#quantity-resource-api)_ | false | | BufferLimit provides configuration for the maximum buffer size in bytes for each incoming connection.
BufferLimit applies to connection streaming (maybe non-streaming) channel between processes, it's in user space.
For example, 20Mi, 1Gi, 256Ki etc.
Note that when the suffix is not provided, the value is interpreted as bytes.
Default: 32768 bytes. |
-| `maxAcceptPerSocketEvent` | _integer_ | false | | MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
all connections pending accept from the kernel. |
+| `maxAcceptPerSocketEvent` | _integer_ | false | | MaxAcceptPerSocketEvent provides configuration for the maximum number of connections to accept from the kernel
per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
all connections pending accept from the kernel.
It is recommended to lower this value for better overload management and reduced per-event cost.
Setting it to 1 is a viable option with no noticeable impact on performance. |
#### ClientIPDetectionSettings
From 64d77e2a70dfe337937138f8e3747591c805963b Mon Sep 17 00:00:00 2001
From: jukie <10012479+Jukie@users.noreply.github.com>
Date: Tue, 3 Jun 2025 10:39:31 -0600
Subject: [PATCH 9/9] regen
Signed-off-by: jukie <10012479+Jukie@users.noreply.github.com>
---
test/helm/gateway-crds-helm/all.out.yaml | 2 ++
test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml | 2 ++
2 files changed, 4 insertions(+)
diff --git a/test/helm/gateway-crds-helm/all.out.yaml b/test/helm/gateway-crds-helm/all.out.yaml
index 330a64932a..a8c4aa2c58 100644
--- a/test/helm/gateway-crds-helm/all.out.yaml
+++ b/test/helm/gateway-crds-helm/all.out.yaml
@@ -20054,6 +20054,8 @@ spec:
per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
all connections pending accept from the kernel.
+ It is recommended to lower this value for better overload management and reduced per-event cost.
+ Setting it to 1 is a viable option with no noticeable impact on performance.
format: int32
type: integer
socketBufferLimit:
diff --git a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
index 90fc353698..6147012da8 100644
--- a/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
+++ b/test/helm/gateway-crds-helm/envoy-gateway-crds.out.yaml
@@ -2742,6 +2742,8 @@ spec:
per socket event. If there are more than MaxAcceptPerSocketEvent connections pending accept, connections over
this threshold will be accepted in later event loop iterations. If no value is provided Envoy will accept
all connections pending accept from the kernel.
+ It is recommended to lower this value for better overload management and reduced per-event cost.
+ Setting it to 1 is a viable option with no noticeable impact on performance.
format: int32
type: integer
socketBufferLimit: