Skip to content

Instantly share code, notes, and snippets.

@zetaab
Created January 29, 2024 05:22
Show Gist options
  • Save zetaab/51279b863eb90ed17b29a5075f56602f to your computer and use it in GitHub Desktop.
Save zetaab/51279b863eb90ed17b29a5075f56602f to your computer and use it in GitHub Desktop.
{
"envoy-gateway-system-external": {
"envoy-envoy-gateway-system-external-external-ad2cc5d0-dd7bzml6b": {
"@type": "type.googleapis.com/envoy.admin.v3.ListenersConfigDump",
"dynamicListeners": [
{
"activeState": {
"lastUpdated": "2024-01-28T22:09:37.004Z",
"listener": {
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener",
"accessLog": [
{
"filter": {
"responseFlagFilter": {
"flags": [
"NR"
]
}
},
"name": "envoy.access_loggers.file",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
"logFormat": {
"textFormatSource": {
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n"
}
},
"path": "/dev/stdout"
}
}
],
"address": {
"socketAddress": {
"address": "0.0.0.0",
"portValue": 10080
}
},
"defaultFilterChain": {
"filters": [
{
"name": "envoy.filters.network.http_connection_manager",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager",
"accessLog": [
{
"name": "envoy.access_loggers.file",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
"logFormat": {
"textFormatSource": {
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n"
}
},
"path": "/dev/stdout"
}
}
],
"commonHttpProtocolOptions": {
"headersWithUnderscoresAction": "REJECT_REQUEST"
},
"http2ProtocolOptions": {
"initialConnectionWindowSize": 1048576,
"initialStreamWindowSize": 65536,
"maxConcurrentStreams": 100
},
"httpFilters": [
{
"name": "envoy.filters.http.router",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}
}
],
"mergeSlashes": true,
"normalizePath": true,
"pathWithEscapedSlashesAction": "UNESCAPE_AND_REDIRECT",
"rds": {
"configSource": {
"ads": {},
"resourceApiVersion": "V3"
},
"routeConfigName": "envoy-gateway-system-external/external/http"
},
"statPrefix": "http",
"upgradeConfigs": [
{
"upgradeType": "websocket"
}
],
"useRemoteAddress": true
}
}
]
},
"listenerFilters": [
{
"name": "envoy.filters.listener.proxy_protocol",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol"
}
}
],
"name": "envoy-gateway-system-external/external/http",
"perConnectionBufferLimitBytes": 32768
},
"versionInfo": "9b5ac4e340ac6b8ff6f6dc2fe042fc674f0bee200ea8067a6f3b9a77549904e5"
},
"name": "envoy-gateway-system-external/external/http"
},
{
"activeState": {
"lastUpdated": "2024-01-29T05:18:32.956Z",
"listener": {
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener",
"accessLog": [
{
"filter": {
"responseFlagFilter": {
"flags": [
"NR"
]
}
},
"name": "envoy.access_loggers.file",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
"logFormat": {
"textFormatSource": {
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n"
}
},
"path": "/dev/stdout"
}
}
],
"address": {
"socketAddress": {
"address": "0.0.0.0",
"portValue": 10443
}
},
"filterChains": [
{
"filterChainMatch": {
"serverNames": [
"*.example.com"
]
},
"filters": [
{
"name": "envoy.filters.network.http_connection_manager",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager",
"accessLog": [
{
"name": "envoy.access_loggers.file",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
"logFormat": {
"textFormatSource": {
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n"
}
},
"path": "/dev/stdout"
}
}
],
"commonHttpProtocolOptions": {
"headersWithUnderscoresAction": "REJECT_REQUEST"
},
"http2ProtocolOptions": {
"initialConnectionWindowSize": 1048576,
"initialStreamWindowSize": 65536,
"maxConcurrentStreams": 100
},
"httpFilters": [
{
"name": "envoy.filters.http.router",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}
}
],
"mergeSlashes": true,
"normalizePath": true,
"pathWithEscapedSlashesAction": "UNESCAPE_AND_REDIRECT",
"rds": {
"configSource": {
"ads": {},
"resourceApiVersion": "V3"
},
"routeConfigName": "envoy-gateway-system-external/external/https"
},
"statPrefix": "https",
"upgradeConfigs": [
{
"upgradeType": "websocket"
}
],
"useRemoteAddress": true
}
}
],
"transportSocket": {
"name": "envoy.transport_sockets.tls",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext",
"commonTlsContext": {
"alpnProtocols": [
"h2",
"http/1.1"
],
"tlsCertificateSdsSecretConfigs": [
{
"name": "envoy-gateway-system-external-default-tls",
"sdsConfig": {
"ads": {},
"resourceApiVersion": "V3"
}
}
],
"tlsParams": {
"tlsMaximumProtocolVersion": "TLSv1_3",
"tlsMinimumProtocolVersion": "TLSv1_2"
}
}
}
}
}
],
"listenerFilters": [
{
"name": "envoy.filters.listener.proxy_protocol",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol"
}
},
{
"name": "envoy.filters.listener.tls_inspector",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector"
}
}
],
"name": "envoy-gateway-system-external/external/https",
"perConnectionBufferLimitBytes": 32768
},
"versionInfo": "df38e86414a543c7d73e9f100a428d6c47c6a12b4edf225947f9d8b08f4f359e"
},
"errorState": {
"details": "OAuth2 filter: unknown cluster 'oidc_example_com_443' in config. Please specify which cluster to direct OAuth requests to.",
"failedConfiguration": {
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener",
"accessLog": [
{
"filter": {
"responseFlagFilter": {
"flags": [
"NR"
]
}
},
"name": "envoy.access_loggers.file",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
"logFormat": {
"textFormatSource": {
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n"
}
},
"path": "/dev/stdout"
}
}
],
"address": {
"socketAddress": {
"address": "0.0.0.0",
"portValue": 10443
}
},
"filterChains": [
{
"filterChainMatch": {
"serverNames": [
"*.example.com"
]
},
"filters": [
{
"name": "envoy.filters.network.http_connection_manager",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager",
"accessLog": [
{
"name": "envoy.access_loggers.file",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
"logFormat": {
"textFormatSource": {
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n"
}
},
"path": "/dev/stdout"
}
}
],
"commonHttpProtocolOptions": {
"headersWithUnderscoresAction": "REJECT_REQUEST"
},
"http2ProtocolOptions": {
"initialConnectionWindowSize": 1048576,
"initialStreamWindowSize": 65536,
"maxConcurrentStreams": 100
},
"httpFilters": [
{
"name": "envoy.filters.http.oauth2_httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2",
"config": {
"authScopes": [
"openid",
"email",
"profile",
"groups"
],
"authType": "BASIC_AUTH",
"authorizationEndpoint": "https://oidc.example.com/oauth2/authorize",
"credentials": {
"clientId": "8g5wl57tcxTVVa5AK7Pwd8PC",
"hmacSecret": {
"name": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/oauth2/hmac_secret",
"sdsConfig": {
"ads": {},
"resourceApiVersion": "V3"
}
},
"tokenSecret": {
"name": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/oauth2/client_secret",
"sdsConfig": {
"ads": {},
"resourceApiVersion": "V3"
}
}
},
"forwardBearerToken": true,
"redirectPathMatcher": {
"path": {
"exact": "/oauth2/callback"
}
},
"redirectUri": "%REQ(x-forwarded-proto)%://%REQ(:authority)%/oauth2/callback",
"signoutPath": {
"path": {
"exact": "/logout"
}
},
"tokenEndpoint": {
"cluster": "oidc_example_com_443",
"timeout": "10s",
"uri": "https://oidc.example.com/oauth2/token"
}
}
}
},
{
"name": "envoy.filters.http.jwt_authn",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication",
"providers": {
"httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/kaas": {
"claimToHeaders": [
{
"claimName": "email",
"headerName": "x-email"
},
{
"claimName": "groups",
"headerName": "x-groups"
},
{
"claimName": "name",
"headerName": "x-name"
},
{
"claimName": "sub",
"headerName": "x-sub"
}
],
"forward": true,
"remoteJwks": {
"asyncFetch": {},
"cacheDuration": "300s",
"httpUri": {
"cluster": "oidc_example_com_443",
"timeout": "5s",
"uri": "https://oidc.example.com/.well-known/jwks.json"
},
"retryPolicy": {}
}
}
},
"requirementMap": {
"httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com": {
"providerName": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/kaas"
}
}
}
},
{
"name": "envoy.filters.http.router",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}
}
],
"mergeSlashes": true,
"normalizePath": true,
"pathWithEscapedSlashesAction": "UNESCAPE_AND_REDIRECT",
"rds": {
"configSource": {
"ads": {},
"resourceApiVersion": "V3"
},
"routeConfigName": "envoy-gateway-system-external/external/https"
},
"statPrefix": "https",
"upgradeConfigs": [
{
"upgradeType": "websocket"
}
],
"useRemoteAddress": true
}
}
],
"transportSocket": {
"name": "envoy.transport_sockets.tls",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext",
"commonTlsContext": {
"alpnProtocols": [
"h2",
"http/1.1"
],
"tlsCertificateSdsSecretConfigs": [
{
"name": "envoy-gateway-system-external-default-tls",
"sdsConfig": {
"ads": {},
"resourceApiVersion": "V3"
}
}
],
"tlsParams": {
"tlsMaximumProtocolVersion": "TLSv1_3",
"tlsMinimumProtocolVersion": "TLSv1_2"
}
}
}
}
}
],
"listenerFilters": [
{
"name": "envoy.filters.listener.proxy_protocol",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol"
}
},
{
"name": "envoy.filters.listener.tls_inspector",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector"
}
}
],
"name": "envoy-gateway-system-external/external/https",
"perConnectionBufferLimitBytes": 32768
},
"lastUpdateAttempt": "2024-01-29T05:18:58.832Z"
},
"name": "envoy-gateway-system-external/external/https"
},
{
"errorState": {
"details": "OAuth2 filter: unknown cluster 'oidc_example_com_443' in config. Please specify which cluster to direct OAuth requests to.",
"failedConfiguration": {
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener",
"accessLog": [
{
"filter": {
"responseFlagFilter": {
"flags": [
"NR"
]
}
},
"name": "envoy.access_loggers.file",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
"logFormat": {
"textFormatSource": {
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n"
}
},
"path": "/dev/stdout"
}
}
],
"address": {
"socketAddress": {
"address": "0.0.0.0",
"portValue": 10443
}
},
"filterChains": [
{
"filterChainMatch": {
"serverNames": [
"*.example.com"
]
},
"filters": [
{
"name": "envoy.filters.network.http_connection_manager",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager",
"accessLog": [
{
"name": "envoy.access_loggers.file",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
"logFormat": {
"textFormatSource": {
"inlineString": "{\"start_time\":\"%START_TIME%\",\"method\":\"%REQ(:METHOD)%\",\"x-envoy-origin-path\":\"%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%\",\"protocol\":\"%PROTOCOL%\",\"response_code\":\"%RESPONSE_CODE%\",\"response_flags\":\"%RESPONSE_FLAGS%\",\"response_code_details\":\"%RESPONSE_CODE_DETAILS%\",\"connection_termination_details\":\"%CONNECTION_TERMINATION_DETAILS%\",\"upstream_transport_failure_reason\":\"%UPSTREAM_TRANSPORT_FAILURE_REASON%\",\"bytes_received\":\"%BYTES_RECEIVED%\",\"bytes_sent\":\"%BYTES_SENT%\",\"duration\":\"%DURATION%\",\"x-envoy-upstream-service-time\":\"%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%\",\"x-forwarded-for\":\"%REQ(X-FORWARDED-FOR)%\",\"user-agent\":\"%REQ(USER-AGENT)%\",\"x-request-id\":\"%REQ(X-REQUEST-ID)%\",\":authority\":\"%REQ(:AUTHORITY)%\",\"upstream_host\":\"%UPSTREAM_HOST%\",\"upstream_cluster\":\"%UPSTREAM_CLUSTER%\",\"upstream_local_address\":\"%UPSTREAM_LOCAL_ADDRESS%\",\"downstream_local_address\":\"%DOWNSTREAM_LOCAL_ADDRESS%\",\"downstream_remote_address\":\"%DOWNSTREAM_REMOTE_ADDRESS%\",\"requested_server_name\":\"%REQUESTED_SERVER_NAME%\",\"route_name\":\"%ROUTE_NAME%\"}\n"
}
},
"path": "/dev/stdout"
}
}
],
"commonHttpProtocolOptions": {
"headersWithUnderscoresAction": "REJECT_REQUEST"
},
"http2ProtocolOptions": {
"initialConnectionWindowSize": 1048576,
"initialStreamWindowSize": 65536,
"maxConcurrentStreams": 100
},
"httpFilters": [
{
"name": "envoy.filters.http.oauth2_httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2",
"config": {
"authScopes": [
"openid",
"email",
"profile",
"groups"
],
"authType": "BASIC_AUTH",
"authorizationEndpoint": "https://oidc.example.com/oauth2/authorize",
"credentials": {
"clientId": "8g5wl57tcxTVVa5AK7Pwd8PC",
"hmacSecret": {
"name": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/oauth2/hmac_secret",
"sdsConfig": {
"ads": {},
"resourceApiVersion": "V3"
}
},
"tokenSecret": {
"name": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/oauth2/client_secret",
"sdsConfig": {
"ads": {},
"resourceApiVersion": "V3"
}
}
},
"forwardBearerToken": true,
"redirectPathMatcher": {
"path": {
"exact": "/oauth2/callback"
}
},
"redirectUri": "%REQ(x-forwarded-proto)%://%REQ(:authority)%/oauth2/callback",
"signoutPath": {
"path": {
"exact": "/logout"
}
},
"tokenEndpoint": {
"cluster": "oidc_example_com_443",
"timeout": "10s",
"uri": "https://oidc.example.com/oauth2/token"
}
}
}
},
{
"name": "envoy.filters.http.jwt_authn",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication",
"providers": {
"httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/kaas": {
"claimToHeaders": [
{
"claimName": "email",
"headerName": "x-email"
},
{
"claimName": "groups",
"headerName": "x-groups"
},
{
"claimName": "name",
"headerName": "x-name"
},
{
"claimName": "sub",
"headerName": "x-sub"
}
],
"forward": true,
"remoteJwks": {
"asyncFetch": {},
"cacheDuration": "300s",
"httpUri": {
"cluster": "oidc_example_com_443",
"timeout": "5s",
"uri": "https://oidc.example.com/.well-known/jwks.json"
},
"retryPolicy": {}
}
}
},
"requirementMap": {
"httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com": {
"providerName": "httproute/echoserver/echoserver-ext/rule/0/match/0/eg-ext_example_com/kaas"
}
}
}
},
{
"name": "envoy.filters.http.router",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}
}
],
"mergeSlashes": true,
"normalizePath": true,
"pathWithEscapedSlashesAction": "UNESCAPE_AND_REDIRECT",
"rds": {
"configSource": {
"ads": {},
"resourceApiVersion": "V3"
},
"routeConfigName": "envoy-gateway-system-external/external/https"
},
"statPrefix": "https",
"upgradeConfigs": [
{
"upgradeType": "websocket"
}
],
"useRemoteAddress": true
}
}
],
"transportSocket": {
"name": "envoy.transport_sockets.tls",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext",
"commonTlsContext": {
"alpnProtocols": [
"h2",
"http/1.1"
],
"tlsCertificateSdsSecretConfigs": [
{
"name": "envoy-gateway-system-external-default-tls",
"sdsConfig": {
"ads": {},
"resourceApiVersion": "V3"
}
}
],
"tlsParams": {
"tlsMaximumProtocolVersion": "TLSv1_3",
"tlsMinimumProtocolVersion": "TLSv1_2"
}
}
}
}
}
],
"listenerFilters": [
{
"name": "envoy.filters.listener.proxy_protocol",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol"
}
},
{
"name": "envoy.filters.listener.tls_inspector",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector"
}
}
],
"name": "envoy-gateway-system-external/external/https",
"perConnectionBufferLimitBytes": 32768
}
}
}
],
"staticListeners": [
{
"lastUpdated": "2024-01-28T22:09:36.951Z",
"listener": {
"@type": "type.googleapis.com/envoy.config.listener.v3.Listener",
"address": {
"socketAddress": {
"address": "0.0.0.0",
"portValue": 19001
}
},
"filterChains": [
{
"filters": [
{
"name": "envoy.filters.network.http_connection_manager",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager",
"httpFilters": [
{
"name": "envoy.filters.http.health_check",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.health_check.v3.HealthCheck",
"headers": [
{
"name": ":path",
"stringMatch": {
"exact": "/ready"
}
}
],
"passThroughMode": false
}
},
{
"name": "envoy.filters.http.router",
"typedConfig": {
"@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
}
}
],
"routeConfig": {
"name": "local_route",
"virtualHosts": [
{
"domains": [
"*"
],
"name": "prometheus_stats",
"routes": [
{
"match": {
"prefix": "/stats/prometheus"
},
"route": {
"cluster": "prometheus_stats"
}
}
]
}
]
},
"statPrefix": "eg-ready-http"
}
}
]
}
],
"name": "envoy-gateway-proxy-ready-0.0.0.0-19001"
}
}
],
"versionInfo": "23"
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment