-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
admin: include cilium networkpolicies in envoy config dump #184
admin: include cilium networkpolicies in envoy config dump #184
Conversation
Currently, only builtin Envoy resources are part of the Envoy config dump on the admin API (/admin/config_dump). This commit adds Ciliums NetworkPolicies to the config dump, by registering a callback to the configtracker of the adminserver. This way, the network policies which are actually taken into account by the Envoy Cilium filters are also part of Ciliums sysdump. Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
/test-cilium-integration ciliumCli=d3fe1c3d38bc83c1c3dc350f09d95fa2811fdd2a -> Cilium Integration Tests are failing due to cilium/cilium-cli#1520 (edit: fixed ✔️ ) -> But it looks like the issue_comment triggered action gets skipped 🤔 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is awesome! Wanted for this for the longest time, but never got to dig out how to do this, thank you :-)
This commit updates the Cilium Proxy docker image to the latest version with underlying Envoy 1.25 (`797bea843de17da8f8a096747c4691405b540aa8`). It comes with the following changes / new features: * Support Ingress ID also for east/west Ingress cilium/proxy#167 * admin: include cilium networkpolicies in envoy config dump cilium/proxy#184 * patches: Update for upstreamed versions cilium/proxy#183 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
This commit updates the latest Cilium Proxy API matching. It includes the following changes / new features: * Support Ingress ID also for east/west Ingress cilium/proxy#167 * admin: include cilium networkpolicies in envoy config dump cilium/proxy#184 * patches: Update for upstreamed versions cilium/proxy#183 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
This commit updates the Cilium Proxy docker image to the latest version with underlying Envoy 1.25 (`797bea843de17da8f8a096747c4691405b540aa8`). It comes with the following changes / new features: * Support Ingress ID also for east/west Ingress cilium/proxy#167 * admin: include cilium networkpolicies in envoy config dump cilium/proxy#184 * patches: Update for upstreamed versions cilium/proxy#183 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
This commit updates the latest Cilium Proxy API matching. It includes the following changes / new features: * Support Ingress ID also for east/west Ingress cilium/proxy#167 * admin: include cilium networkpolicies in envoy config dump cilium/proxy#184 * patches: Update for upstreamed versions cilium/proxy#183 Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
Currently, only builtin Envoy resources are part of the Envoy config dump on the admin API (
/admin/config_dump
).This commit adds Ciliums NetworkPolicies to the config dump, by registering a callback to the configtracker of the adminserver.
This way, the network policies which are actually taken into account by the Envoy Cilium filters are also part of Ciliums sysdump.
Example output (Network Policy output manually flattened to reduce vertical usage)