Created
March 24, 2020 21:51
-
-
Save yxue/fd7f4e4318442360913b264014e7620e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "filter_chain_match": { | |
| "prefix_ranges": [ | |
| { | |
| "address_prefix": "0.0.0.0", | |
| "prefix_len": 0 | |
| } | |
| ], | |
| "transport_protocol": "tls", | |
| "application_protocols": [ | |
| "http/1.0", | |
| "http/1.1", | |
| "h2c", | |
| "istio-http/1.0", | |
| "istio-http/1.1", | |
| "istio-h2" | |
| ] | |
| }, | |
| "filters": [ | |
| { | |
| "name": "istio.metadata_exchange", | |
| "typed_config": { | |
| "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", | |
| "type_url": "type.googleapis.com/envoy.tcp.metadataexchange.config.MetadataExchange", | |
| "value": { | |
| "protocol": "istio-peer-exchange" | |
| } | |
| } | |
| }, | |
| { | |
| "name": "envoy.http_connection_manager", | |
| "typed_config": { | |
| "@type": "type.googleapis.com/envoy.config.filter.network.http_connection_manager.v2.HttpConnectionManager", | |
| "stat_prefix": "InboundPassthroughClusterIpv4", | |
| "route_config": { | |
| "name": "InboundPassthroughClusterIpv4", | |
| "virtual_hosts": [ | |
| { | |
| "name": "inbound|http|0", | |
| "domains": [ | |
| "*" | |
| ], | |
| "routes": [ | |
| { | |
| "match": { | |
| "prefix": "/" | |
| }, | |
| "route": { | |
| "cluster": "InboundPassthroughClusterIpv4", | |
| "timeout": "0s", | |
| "max_grpc_timeout": "0s" | |
| }, | |
| "decorator": { | |
| "operation": ":0/*" | |
| }, | |
| "name": "default" | |
| } | |
| ] | |
| } | |
| ], | |
| "validate_clusters": false | |
| }, | |
| "http_filters": [ | |
| { | |
| "name": "istio.metadata_exchange", | |
| "typed_config": { | |
| "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", | |
| "type_url": "type.googleapis.com/envoy.config.filter.http.wasm.v2.Wasm", | |
| "value": { | |
| "config": { | |
| "vm_config": { | |
| "runtime": "envoy.wasm.runtime.null", | |
| "code": { | |
| "local": { | |
| "inline_string": "envoy.wasm.metadata_exchange" | |
| } | |
| } | |
| }, | |
| "configuration": "envoy.wasm.metadata_exchange" | |
| } | |
| } | |
| } | |
| }, | |
| { | |
| "name": "envoy.cors" | |
| }, | |
| { | |
| "name": "envoy.fault" | |
| }, | |
| { | |
| "name": "istio.stats", | |
| "typed_config": { | |
| "@type": "type.googleapis.com/udpa.type.v1.TypedStruct", | |
| "type_url": "type.googleapis.com/envoy.config.filter.http.wasm.v2.Wasm", | |
| "value": { | |
| "config": { | |
| "root_id": "stats_inbound", | |
| "vm_config": { | |
| "vm_id": "stats_inbound", | |
| "runtime": "envoy.wasm.runtime.null", | |
| "code": { | |
| "local": { | |
| "inline_string": "envoy.wasm.stats" | |
| } | |
| } | |
| }, | |
| "configuration": "{\n \"debug\": \"false\",\n \"stat_prefix\": \"istio\",\n}\n" | |
| } | |
| } | |
| } | |
| }, | |
| { | |
| "name": "envoy.router" | |
| } | |
| ], | |
| "tracing": { | |
| "client_sampling": { | |
| "value": 100 | |
| }, | |
| "random_sampling": { | |
| "value": 1 | |
| }, | |
| "overall_sampling": { | |
| "value": 100 | |
| } | |
| }, | |
| "server_name": "istio-envoy", | |
| "access_log": [ | |
| { | |
| "name": "envoy.file_access_log", | |
| "typed_config": { | |
| "@type": "type.googleapis.com/envoy.config.accesslog.v2.FileAccessLog", | |
| "path": "/dev/stdout", | |
| "format": "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% \"%DYNAMIC_METADATA(istio.mixer:status)%\" \"%UPSTREAM_TRANSPORT_FAILURE_REASON%\" %BYTES_RECEIVED% %BYTES_SENT% %DURATION% %RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)% \"%REQ(X-FORWARDED-FOR)%\" \"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" %UPSTREAM_CLUSTER% %UPSTREAM_LOCAL_ADDRESS% %DOWNSTREAM_LOCAL_ADDRESS% %DOWNSTREAM_REMOTE_ADDRESS% %REQUESTED_SERVER_NAME% %ROUTE_NAME%\n" | |
| } | |
| } | |
| ], | |
| "use_remote_address": false, | |
| "generate_request_id": true, | |
| "forward_client_cert_details": "APPEND_FORWARD", | |
| "set_current_client_cert_details": { | |
| "subject": true, | |
| "dns": true, | |
| "uri": true | |
| }, | |
| "upgrade_configs": [ | |
| { | |
| "upgrade_type": "websocket" | |
| } | |
| ], | |
| "stream_idle_timeout": "0s", | |
| "normalize_path": true | |
| } | |
| } | |
| ], | |
| "transport_socket": { | |
| "name": "envoy.transport_sockets.tls", | |
| "typed_config": { | |
| "@type": "type.googleapis.com/envoy.api.v2.auth.DownstreamTlsContext", | |
| "common_tls_context": { | |
| "alpn_protocols": [ | |
| "istio-peer-exchange", | |
| "h2", | |
| "http/1.1" | |
| ], | |
| "tls_certificate_sds_secret_configs": [ | |
| { | |
| "name": "default", | |
| "sds_config": { | |
| "api_config_source": { | |
| "api_type": "GRPC", | |
| "grpc_services": [ | |
| { | |
| "envoy_grpc": { | |
| "cluster_name": "sds-grpc" | |
| } | |
| } | |
| ] | |
| } | |
| } | |
| } | |
| ], | |
| "combined_validation_context": { | |
| "default_validation_context": { | |
| }, | |
| "validation_context_sds_secret_config": { | |
| "name": "ROOTCA", | |
| "sds_config": { | |
| "api_config_source": { | |
| "api_type": "GRPC", | |
| "grpc_services": [ | |
| { | |
| "envoy_grpc": { | |
| "cluster_name": "sds-grpc" | |
| } | |
| } | |
| ] | |
| } | |
| } | |
| } | |
| } | |
| }, | |
| "require_client_certificate": true | |
| } | |
| }, | |
| "name": "virtualInbound-catchall-http" | |
| }, |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment