Description:
Bootstrap extensions that are compiled-in get reported as node.extensions, even when it's not explicitly configured.
However, there are no attributes for the control plane to distinguish between a bootstrap extension that is "compiled-in" vs "compiled-in and configured"
Repro Steps:
- Extension is pulled in via extensions_build_config.bzl
"envoy.bootstrap.internal_listener": "//source/extensions/bootstrap/internal_listener:config",
- We want to vend an internal listener on nodes that have envoy.bootstrap.internal_listener configured in bootstrap.json, e.g:
"bootstrapExtensions": [
{
"name": "envoy.bootstrap.internal_listener",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.bootstrap.internal_listener.v3.InternalListener"
}
}
],
- However, some nodes may not have internal listener configured despite running the same binary.
- Control Plane see "envoy.bootstrap.internal_listener" in node.extensions, but has no way of knowing whether the extension is explicitly configured
- The node that does not explicit register internal listener then sees error:
[external/envoy/source/extensions/config_subscription/grpc/delta_subscription_state.cc:282] delta config for type.googleapis.com/envoy.config.listener.v3.Listener rejected: Error adding/updating
listener(s) tunneling_encap_listener: error adding listener named 'tunneling_encap_listener': InternalListener bootstrap extension is mandatory
A few notes
- Current workaround is to use node metadata to signal which bootstrap extension is configured
- Control plane should have a way to distinguish whether an extension is configured or not - either via node or extension state.
Description:
Bootstrap extensions that are compiled-in get reported as node.extensions, even when it's not explicitly configured.
However, there are no attributes for the control plane to distinguish between a bootstrap extension that is "compiled-in" vs "compiled-in and configured"
Repro Steps:
A few notes