Created
January 29, 2024 05:22
-
-
Save zetaab/51279b863eb90ed17b29a5075f56602f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"envoy-gateway-system-external": { | |
"envoy-envoy-gateway-system-external-external-ad2cc5d0-dd7bzml6b": { | |
"@type": "type.googleapis.com/envoy.admin.v3.ListenersConfigDump", | |
"dynamicListeners": [ | |
{ | |
"activeState": { | |
"lastUpdated": "2024-01-28T22:09:37.004Z", | |
"listener": { | |
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener", | |
"accessLog": [ | |
{ | |
"filter": { | |
"responseFlagFilter": { | |
"flags": [ | |
"NR" | |
] | |
} | |
}, | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"logFormat": { | |
"textFormatSource": { | |
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n" | |
} | |
}, | |
"path": "/dev/stdout" | |
} | |
} | |
], | |
"address": { | |
"socketAddress": { | |
"address": "0.0.0.0", | |
"portValue": 10080 | |
} | |
}, | |
"defaultFilterChain": { | |
"filters": [ | |
{ | |
"name": "envoy.filters.network.http_connection_manager", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", | |
"accessLog": [ | |
{ | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"logFormat": { | |
"textFormatSource": { | |
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n" | |
} | |
}, | |
"path": "/dev/stdout" | |
} | |
} | |
], | |
"commonHttpProtocolOptions": { | |
"headersWithUnderscoresAction": "REJECT_REQUEST" | |
}, | |
"http2ProtocolOptions": { | |
"initialConnectionWindowSize": 1048576, | |
"initialStreamWindowSize": 65536, | |
"maxConcurrentStreams": 100 | |
}, | |
"httpFilters": [ | |
{ | |
"name": "envoy.filters.http.router", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" | |
} | |
} | |
], | |
"mergeSlashes": true, | |
"normalizePath": true, | |
"pathWithEscapedSlashesAction": "UNESCAPE_AND_REDIRECT", | |
"rds": { | |
"configSource": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
}, | |
"routeConfigName": "envoy-gateway-system-external/external/http" | |
}, | |
"statPrefix": "http", | |
"upgradeConfigs": [ | |
{ | |
"upgradeType": "websocket" | |
} | |
], | |
"useRemoteAddress": true | |
} | |
} | |
] | |
}, | |
"listenerFilters": [ | |
{ | |
"name": "envoy.filters.listener.proxy_protocol", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol" | |
} | |
} | |
], | |
"name": "envoy-gateway-system-external/external/http", | |
"perConnectionBufferLimitBytes": 32768 | |
}, | |
"versionInfo": "9b5ac4e340ac6b8ff6f6dc2fe042fc674f0bee200ea8067a6f3b9a77549904e5" | |
}, | |
"name": "envoy-gateway-system-external/external/http" | |
}, | |
{ | |
"activeState": { | |
"lastUpdated": "2024-01-29T05:18:32.956Z", | |
"listener": { | |
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener", | |
"accessLog": [ | |
{ | |
"filter": { | |
"responseFlagFilter": { | |
"flags": [ | |
"NR" | |
] | |
} | |
}, | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"logFormat": { | |
"textFormatSource": { | |
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n" | |
} | |
}, | |
"path": "/dev/stdout" | |
} | |
} | |
], | |
"address": { | |
"socketAddress": { | |
"address": "0.0.0.0", | |
"portValue": 10443 | |
} | |
}, | |
"filterChains": [ | |
{ | |
"filterChainMatch": { | |
"serverNames": [ | |
"*.example.com" | |
] | |
}, | |
"filters": [ | |
{ | |
"name": "envoy.filters.network.http_connection_manager", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", | |
"accessLog": [ | |
{ | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"logFormat": { | |
"textFormatSource": { | |
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n" | |
} | |
}, | |
"path": "/dev/stdout" | |
} | |
} | |
], | |
"commonHttpProtocolOptions": { | |
"headersWithUnderscoresAction": "REJECT_REQUEST" | |
}, | |
"http2ProtocolOptions": { | |
"initialConnectionWindowSize": 1048576, | |
"initialStreamWindowSize": 65536, | |
"maxConcurrentStreams": 100 | |
}, | |
"httpFilters": [ | |
{ | |
"name": "envoy.filters.http.router", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" | |
} | |
} | |
], | |
"mergeSlashes": true, | |
"normalizePath": true, | |
"pathWithEscapedSlashesAction": "UNESCAPE_AND_REDIRECT", | |
"rds": { | |
"configSource": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
}, | |
"routeConfigName": "envoy-gateway-system-external/external/https" | |
}, | |
"statPrefix": "https", | |
"upgradeConfigs": [ | |
{ | |
"upgradeType": "websocket" | |
} | |
], | |
"useRemoteAddress": true | |
} | |
} | |
], | |
"transportSocket": { | |
"name": "envoy.transport_sockets.tls", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext", | |
"commonTlsContext": { | |
"alpnProtocols": [ | |
"h2", | |
"http/1.1" | |
], | |
"tlsCertificateSdsSecretConfigs": [ | |
{ | |
"name": "envoy-gateway-system-external-default-tls", | |
"sdsConfig": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
} | |
} | |
], | |
"tlsParams": { | |
"tlsMaximumProtocolVersion": "TLSv1_3", | |
"tlsMinimumProtocolVersion": "TLSv1_2" | |
} | |
} | |
} | |
} | |
} | |
], | |
"listenerFilters": [ | |
{ | |
"name": "envoy.filters.listener.proxy_protocol", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol" | |
} | |
}, | |
{ | |
"name": "envoy.filters.listener.tls_inspector", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector" | |
} | |
} | |
], | |
"name": "envoy-gateway-system-external/external/https", | |
"perConnectionBufferLimitBytes": 32768 | |
}, | |
"versionInfo": "df38e86414a543c7d73e9f100a428d6c47c6a12b4edf225947f9d8b08f4f359e" | |
}, | |
"errorState": { | |
"details": "OAuth2 filter: unknown cluster 'oidc_example_com_443' in config. Please specify which cluster to direct OAuth requests to.", | |
"failedConfiguration": { | |
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener", | |
"accessLog": [ | |
{ | |
"filter": { | |
"responseFlagFilter": { | |
"flags": [ | |
"NR" | |
] | |
} | |
}, | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"logFormat": { | |
"textFormatSource": { | |
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n" | |
} | |
}, | |
"path": "/dev/stdout" | |
} | |
} | |
], | |
"address": { | |
"socketAddress": { | |
"address": "0.0.0.0", | |
"portValue": 10443 | |
} | |
}, | |
"filterChains": [ | |
{ | |
"filterChainMatch": { | |
"serverNames": [ | |
"*.example.com" | |
] | |
}, | |
"filters": [ | |
{ | |
"name": "envoy.filters.network.http_connection_manager", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", | |
"accessLog": [ | |
{ | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"logFormat": { | |
"textFormatSource": { | |
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n" | |
} | |
}, | |
"path": "/dev/stdout" | |
} | |
} | |
], | |
"commonHttpProtocolOptions": { | |
"headersWithUnderscoresAction": "REJECT_REQUEST" | |
}, | |
"http2ProtocolOptions": { | |
"initialConnectionWindowSize": 1048576, | |
"initialStreamWindowSize": 65536, | |
"maxConcurrentStreams": 100 | |
}, | |
"httpFilters": [ | |
{ | |
"name": "envoy.filters.http.oauth2_httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2", | |
"config": { | |
"authScopes": [ | |
"openid", | |
"email", | |
"profile", | |
"groups" | |
], | |
"authType": "BASIC_AUTH", | |
"authorizationEndpoint": "https://oidc.example.com/oauth2/authorize", | |
"credentials": { | |
"clientId": "8g5wl57tcxTVVa5AK7Pwd8PC", | |
"hmacSecret": { | |
"name": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/oauth2/hmac_secret", | |
"sdsConfig": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
} | |
}, | |
"tokenSecret": { | |
"name": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/oauth2/client_secret", | |
"sdsConfig": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
} | |
} | |
}, | |
"forwardBearerToken": true, | |
"redirectPathMatcher": { | |
"path": { | |
"exact": "/oauth2/callback" | |
} | |
}, | |
"redirectUri": "%REQ(x-forwarded-proto)%://%REQ(:authority)%/oauth2/callback", | |
"signoutPath": { | |
"path": { | |
"exact": "/logout" | |
} | |
}, | |
"tokenEndpoint": { | |
"cluster": "oidc_example_com_443", | |
"timeout": "10s", | |
"uri": "https://oidc.example.com/oauth2/token" | |
} | |
} | |
} | |
}, | |
{ | |
"name": "envoy.filters.http.jwt_authn", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication", | |
"providers": { | |
"httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/kaas": { | |
"claimToHeaders": [ | |
{ | |
"claimName": "email", | |
"headerName": "x-email" | |
}, | |
{ | |
"claimName": "groups", | |
"headerName": "x-groups" | |
}, | |
{ | |
"claimName": "name", | |
"headerName": "x-name" | |
}, | |
{ | |
"claimName": "sub", | |
"headerName": "x-sub" | |
} | |
], | |
"forward": true, | |
"remoteJwks": { | |
"asyncFetch": {}, | |
"cacheDuration": "300s", | |
"httpUri": { | |
"cluster": "oidc_example_com_443", | |
"timeout": "5s", | |
"uri": "https://oidc.example.com/.well-known/jwks.json" | |
}, | |
"retryPolicy": {} | |
} | |
} | |
}, | |
"requirementMap": { | |
"httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com": { | |
"providerName": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/kaas" | |
} | |
} | |
} | |
}, | |
{ | |
"name": "envoy.filters.http.router", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" | |
} | |
} | |
], | |
"mergeSlashes": true, | |
"normalizePath": true, | |
"pathWithEscapedSlashesAction": "UNESCAPE_AND_REDIRECT", | |
"rds": { | |
"configSource": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
}, | |
"routeConfigName": "envoy-gateway-system-external/external/https" | |
}, | |
"statPrefix": "https", | |
"upgradeConfigs": [ | |
{ | |
"upgradeType": "websocket" | |
} | |
], | |
"useRemoteAddress": true | |
} | |
} | |
], | |
"transportSocket": { | |
"name": "envoy.transport_sockets.tls", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext", | |
"commonTlsContext": { | |
"alpnProtocols": [ | |
"h2", | |
"http/1.1" | |
], | |
"tlsCertificateSdsSecretConfigs": [ | |
{ | |
"name": "envoy-gateway-system-external-default-tls", | |
"sdsConfig": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
} | |
} | |
], | |
"tlsParams": { | |
"tlsMaximumProtocolVersion": "TLSv1_3", | |
"tlsMinimumProtocolVersion": "TLSv1_2" | |
} | |
} | |
} | |
} | |
} | |
], | |
"listenerFilters": [ | |
{ | |
"name": "envoy.filters.listener.proxy_protocol", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol" | |
} | |
}, | |
{ | |
"name": "envoy.filters.listener.tls_inspector", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector" | |
} | |
} | |
], | |
"name": "envoy-gateway-system-external/external/https", | |
"perConnectionBufferLimitBytes": 32768 | |
}, | |
"lastUpdateAttempt": "2024-01-29T05:18:58.832Z" | |
}, | |
"name": "envoy-gateway-system-external/external/https" | |
}, | |
{ | |
"errorState": { | |
"details": "OAuth2 filter: unknown cluster 'oidc_example_com_443' in config. Please specify which cluster to direct OAuth requests to.", | |
"failedConfiguration": { | |
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener", | |
"accessLog": [ | |
{ | |
"filter": { | |
"responseFlagFilter": { | |
"flags": [ | |
"NR" | |
] | |
} | |
}, | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"logFormat": { | |
"textFormatSource": { | |
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n" | |
} | |
}, | |
"path": "/dev/stdout" | |
} | |
} | |
], | |
"address": { | |
"socketAddress": { | |
"address": "0.0.0.0", | |
"portValue": 10443 | |
} | |
}, | |
"filterChains": [ | |
{ | |
"filterChainMatch": { | |
"serverNames": [ | |
"*.example.com" | |
] | |
}, | |
"filters": [ | |
{ | |
"name": "envoy.filters.network.http_connection_manager", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", | |
"accessLog": [ | |
{ | |
"name": "envoy.access_loggers.file", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", | |
"logFormat": { | |
"textFormatSource": { | |
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n" | |
} | |
}, | |
"path": "/dev/stdout" | |
} | |
} | |
], | |
"commonHttpProtocolOptions": { | |
"headersWithUnderscoresAction": "REJECT_REQUEST" | |
}, | |
"http2ProtocolOptions": { | |
"initialConnectionWindowSize": 1048576, | |
"initialStreamWindowSize": 65536, | |
"maxConcurrentStreams": 100 | |
}, | |
"httpFilters": [ | |
{ | |
"name": "envoy.filters.http.oauth2_httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2", | |
"config": { | |
"authScopes": [ | |
"openid", | |
"email", | |
"profile", | |
"groups" | |
], | |
"authType": "BASIC_AUTH", | |
"authorizationEndpoint": "https://oidc.example.com/oauth2/authorize", | |
"credentials": { | |
"clientId": "8g5wl57tcxTVVa5AK7Pwd8PC", | |
"hmacSecret": { | |
"name": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/oauth2/hmac_secret", | |
"sdsConfig": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
} | |
}, | |
"tokenSecret": { | |
"name": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/oauth2/client_secret", | |
"sdsConfig": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
} | |
} | |
}, | |
"forwardBearerToken": true, | |
"redirectPathMatcher": { | |
"path": { | |
"exact": "/oauth2/callback" | |
} | |
}, | |
"redirectUri": "%REQ(x-forwarded-proto)%://%REQ(:authority)%/oauth2/callback", | |
"signoutPath": { | |
"path": { | |
"exact": "/logout" | |
} | |
}, | |
"tokenEndpoint": { | |
"cluster": "oidc_example_com_443", | |
"timeout": "10s", | |
"uri": "https://oidc.example.com/oauth2/token" | |
} | |
} | |
} | |
}, | |
{ | |
"name": "envoy.filters.http.jwt_authn", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication", | |
"providers": { | |
"httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/kaas": { | |
"claimToHeaders": [ | |
{ | |
"claimName": "email", | |
"headerName": "x-email" | |
}, | |
{ | |
"claimName": "groups", | |
"headerName": "x-groups" | |
}, | |
{ | |
"claimName": "name", | |
"headerName": "x-name" | |
}, | |
{ | |
"claimName": "sub", | |
"headerName": "x-sub" | |
} | |
], | |
"forward": true, | |
"remoteJwks": { | |
"asyncFetch": {}, | |
"cacheDuration": "300s", | |
"httpUri": { | |
"cluster": "oidc_example_com_443", | |
"timeout": "5s", | |
"uri": "https://oidc.example.com/.well-known/jwks.json" | |
}, | |
"retryPolicy": {} | |
} | |
} | |
}, | |
"requirementMap": { | |
"httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com": { | |
"providerName": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/kaas" | |
} | |
} | |
} | |
}, | |
{ | |
"name": "envoy.filters.http.router", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" | |
} | |
} | |
], | |
"mergeSlashes": true, | |
"normalizePath": true, | |
"pathWithEscapedSlashesAction": "UNESCAPE_AND_REDIRECT", | |
"rds": { | |
"configSource": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
}, | |
"routeConfigName": "envoy-gateway-system-external/external/https" | |
}, | |
"statPrefix": "https", | |
"upgradeConfigs": [ | |
{ | |
"upgradeType": "websocket" | |
} | |
], | |
"useRemoteAddress": true | |
} | |
} | |
], | |
"transportSocket": { | |
"name": "envoy.transport_sockets.tls", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext", | |
"commonTlsContext": { | |
"alpnProtocols": [ | |
"h2", | |
"http/1.1" | |
], | |
"tlsCertificateSdsSecretConfigs": [ | |
{ | |
"name": "envoy-gateway-system-external-default-tls", | |
"sdsConfig": { | |
"ads": {}, | |
"resourceApiVersion": "V3" | |
} | |
} | |
], | |
"tlsParams": { | |
"tlsMaximumProtocolVersion": "TLSv1_3", | |
"tlsMinimumProtocolVersion": "TLSv1_2" | |
} | |
} | |
} | |
} | |
} | |
], | |
"listenerFilters": [ | |
{ | |
"name": "envoy.filters.listener.proxy_protocol", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol" | |
} | |
}, | |
{ | |
"name": "envoy.filters.listener.tls_inspector", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector" | |
} | |
} | |
], | |
"name": "envoy-gateway-system-external/external/https", | |
"perConnectionBufferLimitBytes": 32768 | |
} | |
} | |
} | |
], | |
"staticListeners": [ | |
{ | |
"lastUpdated": "2024-01-28T22:09:36.951Z", | |
"listener": { | |
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener", | |
"address": { | |
"socketAddress": { | |
"address": "0.0.0.0", | |
"portValue": 19001 | |
} | |
}, | |
"filterChains": [ | |
{ | |
"filters": [ | |
{ | |
"name": "envoy.filters.network.http_connection_manager", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", | |
"httpFilters": [ | |
{ | |
"name": "envoy.filters.http.health_check", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck", | |
"headers": [ | |
{ | |
"name": ":path", | |
"stringMatch": { | |
"exact": "/ready" | |
} | |
} | |
], | |
"passThroughMode": false | |
} | |
}, | |
{ | |
"name": "envoy.filters.http.router", | |
"typedConfig": { | |
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" | |
} | |
} | |
], | |
"routeConfig": { | |
"name": "local_route", | |
"virtualHosts": [ | |
{ | |
"domains": [ | |
"*" | |
], | |
"name": "prometheus_stats", | |
"routes": [ | |
{ | |
"match": { | |
"prefix": "/stats/prometheus" | |
}, | |
"route": { | |
"cluster": "prometheus_stats" | |
} | |
} | |
] | |
} | |
] | |
}, | |
"statPrefix": "eg-ready-http" | |
} | |
} | |
] | |
} | |
], | |
"name": "envoy-gateway-proxy-ready-0.0.0.0-19001" | |
} | |
} | |
], | |
"versionInfo": "23" | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment