How to use the envoy with the ocelot API gateway?

[deadislove]

Expected Behavior / New Feature

I want to use the envoy interface with ocelot API gateway in docker-compose.yml files. Expected behavior:

client -> envoy -> ocelot API gateway -> backend API(C#)

envoy config(envoy.yaml)

overload_manager:
  refresh_interval: 0.25s
  resource_monitors:
  - name: "envoy.resource_monitors.fixed_heap"
    typed_config:
      "@type": type.googleapis.com/envoy.extensions.resource_monitors.fixed_heap.v3.FixedHeapConfig
      # TODO: Tune for your system.
      max_heap_size_bytes: 2147483648  # 2 GiB
  actions:
  - name: "envoy.overload_actions.shrink_heap"
    triggers:
    - name: "envoy.resource_monitors.fixed_heap"
      threshold:
        value: 0.95
  - name: "envoy.overload_actions.stop_accepting_requests"
    triggers:
    - name: "envoy.resource_monitors.fixed_heap"
      threshold:
        value: 0.98

admin:
  access_log_path: /tmp/admin_access.log
  address:
    socket_address:
      protocol: TCP
      address: 0.0.0.0
      port_value: 9901
static_resources:
  listeners:
  - name: listener_0
    address:
      socket_address:
        protocol: TCP
        address: 0.0.0.0
        port_value: 10000
    filter_chains:
    - filters:
      - name: envoy.filters.network.http_connection_manager
        typed_config:
          "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
          stat_prefix: ingress_http
          access_log:
          - name: envoy.access_loggers.stdout
            typed_config:
              "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog
          http_filters:
          - name: envoy.filters.http.router
            typed_config:
              "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
          route_config:
            name: local_route
            virtual_hosts:
            - name: local_service
              domains: ["*"]
              routes:
              - match:
                  prefix: "/"
                route:
                  host_rewrite_literal: www.envoyproxy.io
                  cluster: service_envoyproxy_io
  - name: listener_1
    address:
      socket_address:
        protocol: TCP
        address: 0.0.0.0
        port_value: 9902    
    filter_chains:
    # Downstream TLS configuration.
    - transport_socket:
        name: envoy.transport_sockets.tls
        type_config:
          "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext
    - filters:
      - name: envoy.filters.network.http_connection_manager
        typed_config:
          "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
          stat_prefix: ingress_http
          access_log:
          - name: envoy.access_loggers.stdout
            typed_config:
              "@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog
          http_filters:
          - name: envoy.filters.http.router
            typed_config:
              "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
          route_config:
            name: local_route
            virtual_hosts:
            - name: local_service
              domains: ["*"]
              routes:
              - match:
                  prefix: "/webapi"
                route:
                  # host_rewrite_literal: www.envoyproxy.io
                  prefix_rewrite: "/api"
                  cluster: service_web_api

  clusters:
  - name: service_envoyproxy_io
    # onnect_timeout: 0.25s
    type: LOGICAL_DNS
    # Comment out the following line to test on v6 networks
    dns_lookup_family: V4_ONLY
    lb_policy: ROUND_ROBIN
    load_assignment:
      cluster_name: service_envoyproxy_io
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address:
                address: www.envoyproxy.io
                port_value: 443
    transport_socket:
      name: envoy.transport_sockets.tls
      typed_config:
        "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
        sni: www.envoyproxy.io

  - name: service_web_api
    # Upstream TLS configuration.
    transport_socket:
      name: envoy.transport_sockets.tls
      typed_config:
        "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
    # connect_timeout: 0.25s
    type: LOGICAL_DNS
    # Comment out the following line to test on v5 networks
    dns_lookup_family: V4_ONLY
    lb_policy: ROUND_ROBIN
    load_assignment:
      cluster_name: service_web_api
      endpoints:
      - lb_endpoints:
        - endpoint:
            address:
              socket_address:
                address: dotnet5_web.api
                port_value: 80 

layered_runtime:
  layers:
  - name: static_layer_0
    static_layer:
      envoy:
        resource_limits:
          listener:
            listener_1:
              connection_limit: 10000
      overload:
        global_downstream_max_connections: 50000

docker compose yaml files(docker-compose.yml)

version: '3.4'

services:
  envoyproxy:
    build: EnvoyproxyDocker/
    container_name: envoyproxygw
    ports:
     - '9901:9901'
     - '10000:10000'
     - '9902:9902'
    depends_on:
     - dotnet5_web.api
    volumes:
     - ./EnvoyproxyDocker/envoy.yaml:/etc/envoy.yaml
     - ./EnvoyproxyDocker/https.crt:/etc/ssl/certs/https.crt
     - ./EnvoyproxyDocker/key.pem:/etc/ssl/certs/key.pem 
  dotnet5_web.ocelotapigw:
    image: ${DOCKER_REGISTRY-}dotnet5webocelotapigw
    container_name: apigw
    build:
      context: .
      dockerfile: DotNet5_web.OcelotApiGw/Dockerfile
    ports:
    - "24898:80"
    networks:
    - api-network
  dotnet5_web.api:
    image: ${DOCKER_REGISTRY-}dotnet5webapi
    container_name: api
    environment:
      ASPNETCORE_URLS: "http://+"
    build:
        context: .
        dockerfile: DotNet5_web.API/Dockerfile
    ports:
    - "32769:80" 
    networks:
    - api-network
    - api-envoy-network
networks:
  api-network:
  api-envoy-network:  

Actual Behavior / Motivation for New Feature

In actual behavior, the docker can run envoy server, but the envoy server can not connection or directed to ocelot API gateway or backend API.

Steps to Reproduce the Problem

1. Create ocelot API project and backend API project (c#)
2. Write docker files for ocelot API and backend API
3. Write envoy docker file and envoy config.
4. Write docker-compose.yml flie.
5. Run docker.

Specifications

• Version:

  Microsoft.EntityFrameworkCore v5.017
  Microsoft.EntityFrameworkCore.Design v5.017
  Microsoft.EntityFrameworkCore.SqlServer v5.017
  Newtonsoft.Json v13.0.2
  Serilog.Extensions.Logging v3.1.0
  Serilog.Extensions.Logging.File v3.0.0
  Swashbuckle.AspNetCore v5.6.3
  Ocelot v17.0.1
  Microsoft.Extensions.Caching.SqlServer v6.0.0

• Platform:

  OS: Windows
  Complier: VS 2022 professorial 

• Subsystem:

  ubuntu(Microsoft WSL)

[raman-m]

You wrote a lot of Envoy gateway configs which are not Ocelot ones! Good luck in your researches using Envoy!

Connection issues in Docker are problems of Docker environment (network). They are not related to Ocelot programming model!

[raman-m]

@deadislove David, You can re-open your question in Discussions space aka Q&A category. 😉