Need v2 tcp proxy example. #2891
Comments
|
Here's a super simple client TCP Proxy config I had from experimenting with Thrift behind Envoy. Any particular schema issues? |
|
Thanks @derekargueta . This helps. |
|
@josdotso here is another simple one that uses SDS and includes stats for CockroachDB. {
"admin": {
"access_log_path": "/home/Library/envoy/cockroach_front_admin_access.log",
"address": {
"socket_address": {
"address": "::",
"port_value": 9007
}
}
},
"static_resources": {
"clusters": [
{
"connect_timeout": "0.5s",
"eds_cluster_config": {
"eds_config": {
"api_config_source": {
"api_type": "REST_LEGACY",
"cluster_names": [
"sds_cluster"
],
"refresh_delay": "5s"
}
}
},
"http2_protocol_options": {
"hpack_table_size": 0
},
"lb_policy": "ROUND_ROBIN",
"name": "cockroach",
"type": "EDS"
},
{
"connect_timeout": "0.25s",
"lb_policy": "ROUND_ROBIN",
"hosts": [
{
"socket_address": {
"address": "computer-hostname",
"port_value": 8883
}
}
],
"name": "sds_cluster",
"type": "LOGICAL_DNS"
}
],
"listeners": [
{
"address": {
"socket_address": {
"address": "127.0.0.1",
"port_value": 9008
}
},
"filter_chains": [
{
"filters": [
{
"config": {
"cluster": "cockroach",
"stat_prefix": "ingress_cockroach"
},
"name": "envoy.tcp_proxy"
}
]
}
],
"name": "tcp_proxy"
}
]
},
"stats_sinks": [
{
"config": {
"address": {
"socket_address": {
"address": "::1",
"port_value": 9125
}
}
},
"name": "envoy.statsd"
}
]
} |
|
How to enable TLS termination and SNI for TCP proxy? Here is my configadmin:
access_log_path: /tmp/admin_access.log
address:
socket_address:
protocol: TCP
address: 127.0.0.1
port_value: 9901
static_resources:
listeners:
# - name: listener_other
- name: listener_mqtt
address:
socket_address:
protocol: TCP
address: 0.0.0.0
port_value: 1883
listener_filters:
- name: "envoy.listener.tls_inspector"
config: {}
filter_chains:
- filter_chain_match:
server_names: ["dev.8hoot.com"]
transport_protocol: tls
application_protocols: []
tls_context:
common_tls_context:
tls_certificates:
- certificate_chain:
filename: "./docker_volume_path/cert.pem"
private_key:
filename: "./docker_volume_path/privkey.pem"
filters:
- name: envoy.tcp_proxy
config:
stat_prefix: ingress_tcp
cluster: service_mqtt
clusters:
# - name: service_other
- name: service_mqtt
connect_timeout: 0.25s
type: STATIC
dns_lookup_family: V4_ONLY
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: service_mqtt
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: 172.17.0.10
port_value: 1883I am using Mosquitto CLI to connect with the MQTT server. If I comment out the TLS and SNI related lines in the config then I can connect to the MQTT server using Mosquitto CLI using the IP address of the server. What changes will help fix this issue? |
|
@chintan-mishra Hello, did you resolve the issue? Could you share your config? I have one similar issue. |
|
@dotw I haven't had the time to manage infrastructure in the past few days. Please read the comment below. The user seems to have solved the issue. I haven't had the time to look and experiment myself |
Hi. I've been trying to piece together a v2 tcp proxy example, but I keep running into schema issues. Would you be willing to include one in the docs? Thanks!
The text was updated successfully, but these errors were encountered: