connect: configure envoy as dynamic forward proxy #6736
Labels
theme/connect
Anything related to Consul Connect, Service Mesh, Side Car Proxies
theme/envoy/xds
Related to Envoy support
type/question
Not an "enhancement" or "bug". Please post on discuss.hashicorp
Comments
schristoff
added
the
theme/connect
|
Hey there, Feel free to check out the community forum as well! |
stale
bot
added
the
waiting-reply
jkirschner-hashicorp
added
type/question
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We'd like to setup envoy as dynamic forward proxy with consul's escape hatch feature.
While the example from the docs provided as yaml/json to envoy at startup worked pretty well, we couldn't manage to get it running with consul, seeing errors like
[2019-11-01 10:32:36.606][1][warning][config] [bazel-out/k8-opt/bin/source/common/config/_virtual_includes/grpc_stream_lib/common/config/grpc_stream.h:91] gRPC config stream closed: 2, can't unmarshal Any nested proto *v2.Cluster: unknown value "CLUSTER_PROVIDED" for enum envoy.api.v2.Cluster_LbPolicyReplacing
CLUSTER_PROVIDEDwith6brought another error[2019-11-01 10:34:20.004][1][warning][config] [bazel-out/k8-opt/bin/source/common/config/_virtual_includes/grpc_stream_lib/common/config/grpc_stream.h:91] gRPC config stream closed: 2, can't unmarshal Any nested proto *v2.Cluster: unknown message type "envoy.config.cluster.dynamic_forward_proxy.v2alpha.ClusterConfig"That's our consul service registration
service { name = "journal" address = "192.168.144.9" port = 8888 connect { sidecar_service { proxy { upstreams { destination_name = "dynamic_forward_proxy_cluster" local_bind_port = 22222 config { envoy_cluster_json = <<EOL { "@type": "type.googleapis.com/envoy.api.v2.Cluster", "name": "dynamic_forward_proxy_cluster", "lb_policy": "CLUSTER_PROVIDED", "connect_timeout": "1s", "cluster_type": { "name": "envoy.clusters.dynamic_forward_proxy", "typed_config": { "@type": "type.googleapis.com/envoy.config.cluster.dynamic_forward_proxy.v2alpha.ClusterConfig", "dns_cache_config": { "name": "dynamic_forward_proxy_cache_config", "dns_lookup_family": "V4_ONLY" } } } } EOL envoy_listener_json = <<EOL { "@type": "type.googleapis.com/envoy.api.v2.Listener", "name": "listener_0", "address": { "socket_address": { "address": "127.0.0.1", "port_value": 22222 } }, "filterChains": [ { "filters": [ { "name": "envoy.http_connection_manager", "typed_config": { "@type": "type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager", "stat_prefix": "ingress_http", "route_config": { "name": "local_route", "virtual_hosts": [ { "name": "local_service", "domains": ["*"], "routes": [ { "match": { "prefix": "/" }, "route": { "cluster": "dynamic_forward_proxy_cluster" } } ] } ] }, "http_filters": [ { "name": "envoy.filters.http.dynamic_forward_proxy", "config": { "dns_cache_config": { "name": "dynamic_forward_proxy_cache_config", "dns_lookup_family": "V4_ONLY" } } }, { "name": "envoy.router", "config": {} } ] } } ] } ] } EOL } } } } } }I asked envoy guys but they recommended me to ask here.
We tried that with consul 1.6.0 and envoy 1.11.2 and from master. Are we doing something wrong here?
The text was updated successfully, but these errors were encountered: