Closed aSapien closed 3 years ago
cc. @lambdai
i suspect the l4 original address is what localhost is resolved to. The 192.168 ip in the curl is not particiing the L4 address match. I can give it a try and update later today
@lambdai thanks! I was able to confirm your suspicion by doing the following:
filter_chain_match
to:
prefix_ranges:
- address_prefix: 127.0.0.1
prefix_len: 24
curl
:
docker exec -it <container_id> /bin/bash
apt update && apt install curl
Test with curl:
# Matches
curl --proxy http://127.0.0.1:10000 http://google.com
curl --proxy http://127.0.0.254:10000 http://google.com
# Does not match
curl --proxy http://127.0.1.1:10000 http://google.com
Can you advise how to filter the destination IP CIDRs when the Envoy cluster acts as a dynamic_forward_proxy
?
To add more context, I would like to add what is my final goal:
I want Envoy to forward HTTP requests that are resolved to a private subnet destination IP via one dynamic forward cluster, and all the requests that resolve to public IP subnets via another.
@aSapien Thank you for the update! Filter chain matching procedure happens immediately after envoy receives the tcp connection. I wouldn't expect to extend the functionality to parse the http request.
I don't see the solution that you can combine multiple httpfilter/cluster/router to reach your goal. Other smarter people can add.
I probably choose one from a) or b)
a) Use 2+ routes to select the target cluster from the 2 dynamic forward clusters
Since you are using dynamic_forward_proxy http filter and you expect branches after the dns resolve, you can write a new filter and insert after dynamic_forward_proxy
. The new filter can
b) Use dynamic forward cluster but different behaviors upon ip pool. Alternatively, you can choose the same cluster for both private and public ip pool. And use the subset/match/upstream_config to choose different behavior. I had an example in https://github.com/envoyproxy/envoy/pull/13915 . I am not sure if the example code could work with dynamic_foward_cluster though.
One more thing I just tried is using the domains
list to match on the virtual_hosts
configuration, instead of the filter_chain_match
.
I was able to match the destination IP on the domains
with a wildcard list using the http_connection_manager
configuration below and running
route_config:
internal_only_headers: [] # TODO: Set intrnal headers
name: local_route
virtual_hosts:
- name: local_service
domains:
- "127.*"
routes:
- match:
prefix: "/"
direct_response:
status: 200
body:
inline_string: |
Filter match!
However, since domains
wildcards cannot really describe or enforce target CIDR filters, this configuration is not suited to solve the above issue that occurs when Envoy is configured to be a dynamic forward proxy.
@lambdai thank you for the suggestions! I'm optimistic again :)
a) ... consume the destination ip and map to route recognisable token
Can you please point me to any docs that would describe the process of implementing a new filter and how I can consume the destination IP from it?
b) Use dynamic forward cluster but different behaviors upon ip pool.
Is it possible to configure the target IP "filter" from within the cluster
configuration?
Can you please point me to any docs that would describe the process of implementing a new filter and how I can consume the destination IP from it?
I don't have the quick answer. You probably need to forge the existing https://github.com/envoyproxy/envoy/blob/main/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.cc
Is it possible to configure the target IP "filter" from within the
cluster
configuration?
The upstream network filter within cluster: https://github.com/envoyproxy/envoy/blob/main/api/envoy/config/cluster/v3/cluster.proto#L963
@lambdai I was thinking about this idea:
Create 2 listeners:
Listener1
that directs all the traffic to the dynamic_forward_proxy
cluster.Listener2
that has the filter_chain_match
configured to match on specific IP CIDRs as in my example.Then configure the dynamic_forward_proxy
cluster
use Listener2
as the only available upstream.
Will the dynamic_forward_proxy
resolve the DNS and the "target" IP (resolved from the host header domain) will be the match candidate on the Listener2
filter chain?
This generally works but there is a critical missing piece.
The filter chain match is always attached to a listener(in your example listener2) which listens on some L4 address "*:80", or "
To complete the last piece, you can
@lambdai thanks for explaining. I see now that there's quite the missing piece there.
- Use iptables to redirect traffic to a port. Istio use this machenism, and redirect traffic to localport 15001. Thus you can use the listener "*:15001" and the filter chain matches there.
Wow, I was reading through this blog post assuming it might help me understand, but I'm not very experienced with iptables
and this solution is too-advanced-for-production in my use-case. However, it looks very interesting and I will try to understand it fully.
- I am creating a short path between cluster and listener in the same envoy process. See #11725 The listener is WIP. But the wip listener allows the listener2 listening on a EnvoyInternalAddress(underlying is a string) and the destination address "public or private address" passed by metadata.
From what I understand, in my use case a listener (listener2) will be able to act as a router/gateway for outgoing traffic from dynamic_forward_proxy
cluster? So it will use the filter_chain_match
and pass requests to any (public or private) upstream, given that the filter chain matched?
I really need the dynamic_forward_proxy
to somehow respect a filter chain prefix_ranges
and act similar to a squid-proxy acl dst.
I think that restricting the destination IPs is an important feature in forward proxies. It seems like (2) will require some wiring/configuration support on dynamic_forward_proxy
side. Should I open a feature request?
Wow, I was reading through this blog post assuming it might help me understand, but I'm not very experienced with
iptables
and this solution is too-advanced-for-production in my use-case. However, it looks very interesting and I will try to understand it fully.
Yeah... It is somewhat overkill.
I really need the
dynamic_forward_proxy
to somehow respect a filter chainprefix_ranges
and act similar to a squid-proxy acl dst.
+1. It can be done by adding functionality in dynamic_forward_proxy cluster, or by chaining the dynamic_forward_proxy
and the internal listener
I am proposing in https://github.com/envoyproxy/envoy/pull/15376
Both require a few changes in dynamic_forward_proxy. It's up to you whether you want to create a dedicated issue or CC more people in this one.
Adding @mattklein123 @alyssawilk, the code owners of dynamic_forward_proxy
🙂
Dear code owners, I would love to have your blessing on the idea of enabling the filter-chain-match
functionality (or equivalent) in the dynamic_forward_proxy
. Any objections? Limitations? Complexity? WDYT?
Dear code owners, I would love to have your blessing on the idea of enabling the filter-chain-match functionality (or equivalent) in the dynamic_forward_proxy. Any objections? Limitations? Complexity? WDYT?
Is there a TL/DR summary of the changes you would like to see?
@mattklein123
The idea is to have an ability to configure an ACL to filter the target upstream of a request coming out of the dynamic_forward_proxy
cluster.
So that when a client connects through Envoy's dynamic_forward_proxy
, I would be able to configure allowed/disallowed upstream IPs/ports.
For example:
curl http://<envoy_ip>:10000 http://<allowed_ip>:<allowed_port> # Should pass
curl http://<envoy_ip>:10000 http://<disallowed_ip>:<or_allowed_port> # Should not pass
curl http://<envoy_ip>:10000 http://<domain_resolving_to_disallowed_ip> # Should not pass
The cluster configuration could look as follows:
clusters:
- name: dynamic_forward_proxy_cluster
connect_timeout: 1s
lb_policy: CLUSTER_PROVIDED
cluster_type:
name: envoy.clusters.dynamic_forward_proxy
typed_config:
"@type": type.googleapis.com/envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig
dns_cache_config:
name: dynamic_forward_proxy_cache_config
dns_lookup_family: V4_ONLY
+ upstream_filters:
+ - upstream_filter_match:
+ prefix_ranges:
+ - address_prefix: 10.0.0.0
+ prefix_len: 8
+ filters:
+ - direct_response:
+ status: 403
+ body:
+ inline_string: |
+ Forbidden
+ - upstream_filter_match:
+ prefix_ranges:
+ - address_prefix: 0.0.0.0
+ prefix_len: 0
+ filters:
+ - proxy_pass: {}
Would a more general solution for ^ be upstream HTTP filters? https://github.com/envoyproxy/envoy/issues/10455 cc @snowp
Yeah I think it would be a good fit, we'd be able to couple this with the unified matching and composite filters to provide per match filter application
@mattklein123 Of course, I would always prefer the general solution as long as it provides the building blocks to compose for a specific use-case :)
@snowp I see that there hadn't been much activity in #10455 recently. What can be done to push it forward?
I haven't had the time to work on it in a bit, though if someone wants to pick it up I would happily review. There is still quite a bit of work left, I had https://github.com/envoyproxy/envoy/pull/13095 open as a POC of integrating the filter manager with the router, which opens up for making upstream HTTP filters configurable via the API.
I would pick it up but I'm afraid I need to catch up on my cpp first 😅
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions.
Title: Prefix ranges for destination CIDR do not match
Description: When using a filter chain match for destination using
prefix_ranges
(for example)192.168.0.0/16
the filter chain is not found and the connection is closed.Repro steps: Start a standard envoy docker container with the command and config (provided below). Once running, try to perform a request and match on the filter, reaching the
dynamic_forward_proxy
cluster.Request command:
The expected result is to have a "Filter match!" response (as defined in the
direct_response
route), but no response is returned (curl: (52) Empty reply from server
) and the log shows that there was no matching filter.Relevant log line:
Envoy docker command:
Admin and Stats Output:
*/stats*: (Click to expand)
```sh cluster.dynamic_forward_proxy_cluster.assignment_stale: 0 cluster.dynamic_forward_proxy_cluster.assignment_timeout_received: 0 cluster.dynamic_forward_proxy_cluster.bind_errors: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.cx_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.cx_pool_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.rq_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.rq_pending_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.default.rq_retry_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.cx_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.cx_pool_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.rq_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.rq_pending_open: 0 cluster.dynamic_forward_proxy_cluster.circuit_breakers.high.rq_retry_open: 0 cluster.dynamic_forward_proxy_cluster.default.total_match_count: 0 cluster.dynamic_forward_proxy_cluster.lb_healthy_panic: 0 cluster.dynamic_forward_proxy_cluster.lb_local_cluster_not_ok: 0 cluster.dynamic_forward_proxy_cluster.lb_recalculate_zone_structures: 0 cluster.dynamic_forward_proxy_cluster.lb_subsets_active: 0 cluster.dynamic_forward_proxy_cluster.lb_subsets_created: 0 cluster.dynamic_forward_proxy_cluster.lb_subsets_fallback: 0 cluster.dynamic_forward_proxy_cluster.lb_subsets_fallback_panic: 0 cluster.dynamic_forward_proxy_cluster.lb_subsets_removed: 0 cluster.dynamic_forward_proxy_cluster.lb_subsets_selected: 0 cluster.dynamic_forward_proxy_cluster.lb_zone_cluster_too_small: 0 cluster.dynamic_forward_proxy_cluster.lb_zone_no_capacity_left: 0 cluster.dynamic_forward_proxy_cluster.lb_zone_number_differs: 0 cluster.dynamic_forward_proxy_cluster.lb_zone_routing_all_directly: 0 cluster.dynamic_forward_proxy_cluster.lb_zone_routing_cross_zone: 0 cluster.dynamic_forward_proxy_cluster.lb_zone_routing_sampled: 0 cluster.dynamic_forward_proxy_cluster.max_host_weight: 0 cluster.dynamic_forward_proxy_cluster.membership_change: 0 cluster.dynamic_forward_proxy_cluster.membership_degraded: 0 cluster.dynamic_forward_proxy_cluster.membership_excluded: 0 cluster.dynamic_forward_proxy_cluster.membership_healthy: 0 cluster.dynamic_forward_proxy_cluster.membership_total: 0 cluster.dynamic_forward_proxy_cluster.original_dst_host_invalid: 0 cluster.dynamic_forward_proxy_cluster.retry_or_shadow_abandoned: 0 cluster.dynamic_forward_proxy_cluster.update_attempt: 0 cluster.dynamic_forward_proxy_cluster.update_empty: 0 cluster.dynamic_forward_proxy_cluster.update_failure: 0 cluster.dynamic_forward_proxy_cluster.update_no_rebuild: 0 cluster.dynamic_forward_proxy_cluster.update_success: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_active: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_close_notify: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_connect_attempts_exceeded: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_connect_fail: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_connect_timeout: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_local: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_local_with_active_rq: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_remote: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_remote_with_active_rq: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_destroy_with_active_rq: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_http1_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_http2_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_idle_timeout: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_max_requests: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_none_healthy: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_overflow: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_pool_overflow: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_protocol_error: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_rx_bytes_buffered: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_rx_bytes_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_tx_bytes_buffered: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_tx_bytes_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_flow_control_backed_up_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_flow_control_drained_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_flow_control_paused_reading_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_flow_control_resumed_reading_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_internal_redirect_failed_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_internal_redirect_succeeded_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_active: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_cancelled: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_completed: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_maintenance_mode: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_max_duration_reached: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_pending_active: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_pending_failure_eject: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_pending_overflow: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_pending_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_per_try_timeout: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_retry: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_backoff_exponential: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_backoff_ratelimited: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_limit_exceeded: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_overflow: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_retry_success: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_rx_reset: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_timeout: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_total: 0 cluster.dynamic_forward_proxy_cluster.upstream_rq_tx_reset: 0 cluster.dynamic_forward_proxy_cluster.version: 0 cluster_manager.active_clusters: 1 cluster_manager.cluster_added: 1 cluster_manager.cluster_modified: 0 cluster_manager.cluster_removed: 0 cluster_manager.cluster_updated: 0 cluster_manager.cluster_updated_via_merge: 0 cluster_manager.update_merge_cancelled: 0 cluster_manager.update_out_of_merge_window: 0 cluster_manager.warming_clusters: 0 dns_cache.dynamic_forward_proxy_cache_config.circuit_breakers.rq_pending_open: 0 dns_cache.dynamic_forward_proxy_cache_config.circuit_breakers.rq_pending_remaining: 1024 dns_cache.dynamic_forward_proxy_cache_config.dns_query_attempt: 0 dns_cache.dynamic_forward_proxy_cache_config.dns_query_failure: 0 dns_cache.dynamic_forward_proxy_cache_config.dns_query_success: 0 dns_cache.dynamic_forward_proxy_cache_config.dns_rq_pending_overflow: 0 dns_cache.dynamic_forward_proxy_cache_config.host_added: 0 dns_cache.dynamic_forward_proxy_cache_config.host_address_changed: 0 dns_cache.dynamic_forward_proxy_cache_config.host_overflow: 0 dns_cache.dynamic_forward_proxy_cache_config.host_removed: 0 dns_cache.dynamic_forward_proxy_cache_config.num_hosts: 0 filesystem.flushed_by_timer: 76 filesystem.reopen_failed: 0 filesystem.write_buffered: 0 filesystem.write_completed: 0 filesystem.write_failed: 0 filesystem.write_total_buffered: 0 http.admin.downstream_cx_active: 1 http.admin.downstream_cx_delayed_close_timeout: 0 http.admin.downstream_cx_destroy: 0 http.admin.downstream_cx_destroy_active_rq: 0 http.admin.downstream_cx_destroy_local: 0 http.admin.downstream_cx_destroy_local_active_rq: 0 http.admin.downstream_cx_destroy_remote: 0 http.admin.downstream_cx_destroy_remote_active_rq: 0 http.admin.downstream_cx_drain_close: 0 http.admin.downstream_cx_http1_active: 1 http.admin.downstream_cx_http1_total: 1 http.admin.downstream_cx_http2_active: 0 http.admin.downstream_cx_http2_total: 0 http.admin.downstream_cx_http3_active: 0 http.admin.downstream_cx_http3_total: 0 http.admin.downstream_cx_idle_timeout: 0 http.admin.downstream_cx_max_duration_reached: 0 http.admin.downstream_cx_overload_disable_keepalive: 0 http.admin.downstream_cx_protocol_error: 0 http.admin.downstream_cx_rx_bytes_buffered: 556 http.admin.downstream_cx_rx_bytes_total: 556 http.admin.downstream_cx_ssl_active: 0 http.admin.downstream_cx_ssl_total: 0 http.admin.downstream_cx_total: 1 http.admin.downstream_cx_tx_bytes_buffered: 0 http.admin.downstream_cx_tx_bytes_total: 0 http.admin.downstream_cx_upgrades_active: 0 http.admin.downstream_cx_upgrades_total: 0 http.admin.downstream_flow_control_paused_reading_total: 0 http.admin.downstream_flow_control_resumed_reading_total: 0 http.admin.downstream_rq_1xx: 0 http.admin.downstream_rq_2xx: 0 http.admin.downstream_rq_3xx: 0 http.admin.downstream_rq_4xx: 0 http.admin.downstream_rq_5xx: 0 http.admin.downstream_rq_active: 1 http.admin.downstream_rq_completed: 0 http.admin.downstream_rq_header_timeout: 0 http.admin.downstream_rq_http1_total: 1 http.admin.downstream_rq_http2_total: 0 http.admin.downstream_rq_http3_total: 0 http.admin.downstream_rq_idle_timeout: 0 http.admin.downstream_rq_max_duration_reached: 0 http.admin.downstream_rq_non_relative_path: 0 http.admin.downstream_rq_overload_close: 0 http.admin.downstream_rq_response_before_rq_complete: 0 http.admin.downstream_rq_rx_reset: 0 http.admin.downstream_rq_timeout: 0 http.admin.downstream_rq_too_large: 0 http.admin.downstream_rq_total: 1 http.admin.downstream_rq_tx_reset: 0 http.admin.downstream_rq_ws_on_non_ws_route: 0 http.admin.rs_too_large: 0 http.async-client.no_cluster: 0 http.async-client.no_route: 0 http.async-client.passthrough_internal_redirect_bad_location: 0 http.async-client.passthrough_internal_redirect_no_route: 0 http.async-client.passthrough_internal_redirect_predicate: 0 http.async-client.passthrough_internal_redirect_too_many_redirects: 0 http.async-client.passthrough_internal_redirect_unsafe_scheme: 0 http.async-client.rq_direct_response: 0 http.async-client.rq_redirect: 0 http.async-client.rq_reset_after_downstream_response_started: 0 http.async-client.rq_total: 0 http.egress_edge.downstream_cx_active: 0 http.egress_edge.downstream_cx_delayed_close_timeout: 0 http.egress_edge.downstream_cx_destroy: 0 http.egress_edge.downstream_cx_destroy_active_rq: 0 http.egress_edge.downstream_cx_destroy_local: 0 http.egress_edge.downstream_cx_destroy_local_active_rq: 0 http.egress_edge.downstream_cx_destroy_remote: 0 http.egress_edge.downstream_cx_destroy_remote_active_rq: 0 http.egress_edge.downstream_cx_drain_close: 0 http.egress_edge.downstream_cx_http1_active: 0 http.egress_edge.downstream_cx_http1_total: 0 http.egress_edge.downstream_cx_http2_active: 0 http.egress_edge.downstream_cx_http2_total: 0 http.egress_edge.downstream_cx_http3_active: 0 http.egress_edge.downstream_cx_http3_total: 0 http.egress_edge.downstream_cx_idle_timeout: 0 http.egress_edge.downstream_cx_max_duration_reached: 0 http.egress_edge.downstream_cx_overload_disable_keepalive: 0 http.egress_edge.downstream_cx_protocol_error: 0 http.egress_edge.downstream_cx_rx_bytes_buffered: 0 http.egress_edge.downstream_cx_rx_bytes_total: 0 http.egress_edge.downstream_cx_ssl_active: 0 http.egress_edge.downstream_cx_ssl_total: 0 http.egress_edge.downstream_cx_total: 0 http.egress_edge.downstream_cx_tx_bytes_buffered: 0 http.egress_edge.downstream_cx_tx_bytes_total: 0 http.egress_edge.downstream_cx_upgrades_active: 0 http.egress_edge.downstream_cx_upgrades_total: 0 http.egress_edge.downstream_flow_control_paused_reading_total: 0 http.egress_edge.downstream_flow_control_resumed_reading_total: 0 http.egress_edge.downstream_rq_1xx: 0 http.egress_edge.downstream_rq_2xx: 0 http.egress_edge.downstream_rq_3xx: 0 http.egress_edge.downstream_rq_4xx: 0 http.egress_edge.downstream_rq_5xx: 0 http.egress_edge.downstream_rq_active: 0 http.egress_edge.downstream_rq_completed: 0 http.egress_edge.downstream_rq_header_timeout: 0 http.egress_edge.downstream_rq_http1_total: 0 http.egress_edge.downstream_rq_http2_total: 0 http.egress_edge.downstream_rq_http3_total: 0 http.egress_edge.downstream_rq_idle_timeout: 0 http.egress_edge.downstream_rq_max_duration_reached: 0 http.egress_edge.downstream_rq_non_relative_path: 0 http.egress_edge.downstream_rq_overload_close: 0 http.egress_edge.downstream_rq_response_before_rq_complete: 0 http.egress_edge.downstream_rq_rx_reset: 0 http.egress_edge.downstream_rq_timeout: 0 http.egress_edge.downstream_rq_too_large: 0 http.egress_edge.downstream_rq_total: 0 http.egress_edge.downstream_rq_tx_reset: 0 http.egress_edge.downstream_rq_ws_on_non_ws_route: 0 http.egress_edge.no_cluster: 0 http.egress_edge.no_route: 0 http.egress_edge.passthrough_internal_redirect_bad_location: 0 http.egress_edge.passthrough_internal_redirect_no_route: 0 http.egress_edge.passthrough_internal_redirect_predicate: 0 http.egress_edge.passthrough_internal_redirect_too_many_redirects: 0 http.egress_edge.passthrough_internal_redirect_unsafe_scheme: 0 http.egress_edge.rq_direct_response: 0 http.egress_edge.rq_redirect: 0 http.egress_edge.rq_reset_after_downstream_response_started: 0 http.egress_edge.rq_total: 0 http.egress_edge.rs_too_large: 0 http.egress_edge.tracing.client_enabled: 0 http.egress_edge.tracing.health_check: 0 http.egress_edge.tracing.not_traceable: 0 http.egress_edge.tracing.random_sampling: 0 http.egress_edge.tracing.service_forced: 0 http1.dropped_headers_with_underscores: 0 http1.metadata_not_supported_error: 0 http1.requests_rejected_with_underscores_in_headers: 0 http1.response_flood: 0 listener.0.0.0.0_10000.downstream_cx_active: 0 listener.0.0.0.0_10000.downstream_cx_destroy: 0 listener.0.0.0.0_10000.downstream_cx_overflow: 0 listener.0.0.0.0_10000.downstream_cx_overload_reject: 0 listener.0.0.0.0_10000.downstream_cx_total: 0 listener.0.0.0.0_10000.downstream_global_cx_overflow: 0 listener.0.0.0.0_10000.downstream_pre_cx_active: 0 listener.0.0.0.0_10000.downstream_pre_cx_timeout: 0 listener.0.0.0.0_10000.http.egress_edge.downstream_rq_1xx: 0 listener.0.0.0.0_10000.http.egress_edge.downstream_rq_2xx: 0 listener.0.0.0.0_10000.http.egress_edge.downstream_rq_3xx: 0 listener.0.0.0.0_10000.http.egress_edge.downstream_rq_4xx: 0 listener.0.0.0.0_10000.http.egress_edge.downstream_rq_5xx: 0 listener.0.0.0.0_10000.http.egress_edge.downstream_rq_completed: 0 listener.0.0.0.0_10000.no_filter_chain_match: 1 listener.0.0.0.0_10000.worker_0.downstream_cx_active: 0 listener.0.0.0.0_10000.worker_0.downstream_cx_total: 0 listener.0.0.0.0_10000.worker_1.downstream_cx_active: 0 listener.0.0.0.0_10000.worker_1.downstream_cx_total: 0 listener.0.0.0.0_10000.worker_2.downstream_cx_active: 0 listener.0.0.0.0_10000.worker_2.downstream_cx_total: 0 listener.0.0.0.0_10000.worker_3.downstream_cx_active: 0 listener.0.0.0.0_10000.worker_3.downstream_cx_total: 0 listener.admin.downstream_cx_active: 1 listener.admin.downstream_cx_destroy: 0 listener.admin.downstream_cx_overflow: 0 listener.admin.downstream_cx_overload_reject: 0 listener.admin.downstream_cx_total: 1 listener.admin.downstream_global_cx_overflow: 0 listener.admin.downstream_pre_cx_active: 0 listener.admin.downstream_pre_cx_timeout: 0 listener.admin.http.admin.downstream_rq_1xx: 0 listener.admin.http.admin.downstream_rq_2xx: 0 listener.admin.http.admin.downstream_rq_3xx: 0 listener.admin.http.admin.downstream_rq_4xx: 0 listener.admin.http.admin.downstream_rq_5xx: 0 listener.admin.http.admin.downstream_rq_completed: 0 listener.admin.main_thread.downstream_cx_active: 1 listener.admin.main_thread.downstream_cx_total: 1 listener.admin.no_filter_chain_match: 0 listener_manager.listener_added: 1 listener_manager.listener_create_failure: 0 listener_manager.listener_create_success: 4 listener_manager.listener_in_place_updated: 0 listener_manager.listener_modified: 0 listener_manager.listener_removed: 0 listener_manager.listener_stopped: 0 listener_manager.total_filter_chains_draining: 0 listener_manager.total_listeners_active: 1 listener_manager.total_listeners_draining: 0 listener_manager.total_listeners_warming: 0 listener_manager.workers_started: 1 main_thread.watchdog_mega_miss: 0 main_thread.watchdog_miss: 0 runtime.admin_overrides_active: 0 runtime.deprecated_feature_seen_since_process_start: 1 runtime.deprecated_feature_use: 1 runtime.load_error: 0 runtime.load_success: 1 runtime.num_keys: 0 runtime.num_layers: 2 runtime.override_dir_exists: 0 runtime.override_dir_not_exists: 1 server.concurrency: 4 server.days_until_first_cert_expiring: 2147483647 server.debug_assertion_failures: 0 server.dynamic_unknown_fields: 0 server.envoy_bug_failures: 0 server.hot_restart_epoch: 0 server.hot_restart_generation: 1 server.live: 1 server.main_thread.watchdog_mega_miss: 0 server.main_thread.watchdog_miss: 0 server.memory_allocated: 8553744 server.memory_heap_size: 12582912 server.memory_physical_size: 14303382 server.parent_connections: 0 server.seconds_until_first_ocsp_response_expiring: 0 server.state: 0 server.static_unknown_fields: 0 server.stats_recent_lookups: 1160 server.total_connections: 0 server.uptime: 385 server.version: 14066761 server.worker_0.watchdog_mega_miss: 0 server.worker_0.watchdog_miss: 0 server.worker_1.watchdog_mega_miss: 0 server.worker_1.watchdog_miss: 0 server.worker_2.watchdog_mega_miss: 0 server.worker_2.watchdog_miss: 0 server.worker_3.watchdog_mega_miss: 0 server.worker_3.watchdog_miss: 0 vhost.local_service.vcluster.other.upstream_rq_retry: 0 vhost.local_service.vcluster.other.upstream_rq_retry_limit_exceeded: 0 vhost.local_service.vcluster.other.upstream_rq_retry_overflow: 0 vhost.local_service.vcluster.other.upstream_rq_retry_success: 0 vhost.local_service.vcluster.other.upstream_rq_timeout: 0 vhost.local_service.vcluster.other.upstream_rq_total: 0 workers.watchdog_mega_miss: 0 workers.watchdog_miss: 0 cluster.dynamic_forward_proxy_cluster.upstream_cx_connect_ms: No recorded values cluster.dynamic_forward_proxy_cluster.upstream_cx_length_ms: No recorded values http.admin.downstream_cx_length_ms: No recorded values http.admin.downstream_rq_time: No recorded values http.egress_edge.downstream_cx_length_ms: No recorded values http.egress_edge.downstream_rq_time: No recorded values listener.0.0.0.0_10000.downstream_cx_length_ms: No recorded values listener.admin.downstream_cx_length_ms: No recorded values server.initialization_time_ms: P0(nan,22.0) P25(nan,22.25) P50(nan,22.5) P75(nan,22.75) P90(nan,22.9) P95(nan,22.95) P99(nan,22.99) P99.5(nan,22.995) P99.9(nan,22.999) P100(nan,23.0) ```*/clusters*: (Click to expand)
```sh dynamic_forward_proxy_cluster::default_priority::max_connections::1024 dynamic_forward_proxy_cluster::default_priority::max_pending_requests::1024 dynamic_forward_proxy_cluster::default_priority::max_requests::1024 dynamic_forward_proxy_cluster::default_priority::max_retries::3 dynamic_forward_proxy_cluster::high_priority::max_connections::1024 dynamic_forward_proxy_cluster::high_priority::max_pending_requests::1024 dynamic_forward_proxy_cluster::high_priority::max_requests::1024 dynamic_forward_proxy_cluster::high_priority::max_retries::3 dynamic_forward_proxy_cluster::added_via_api::false ```*/server_info*: (Click to expand)
```sh { "version": "d6a4496e712d7a2335b26e2f76210d5904002c26/1.17.1/Clean/RELEASE/BoringSSL", "state": "LIVE", "hot_restart_version": "11.104", "command_line_options": { "base_id": "0", "use_dynamic_base_id": false, "base_id_path": "", "concurrency": 4, "config_path": "/config.yaml", "config_yaml": "", "allow_unknown_static_fields": false, "reject_unknown_dynamic_fields": false, "ignore_unknown_dynamic_fields": false, "admin_address_path": "", "local_address_ip_version": "v4", "log_level": "debug", "component_log_level": "", "log_format": "[%Y-%m-%d %T.%e][%t][%l][%n] [%g:%#] %v", "log_format_escaped": false, "log_path": "", "service_cluster": "", "service_node": "", "service_zone": "", "drain_strategy": "Gradual", "mode": "Serve", "disable_hot_restart": false, "enable_mutex_tracing": false, "restart_epoch": 0, "cpuset_threads": false, "disabled_extensions": [], "bootstrap_version": 0, "enable_fine_grain_logging": false, "socket_path": "@envoy_domain_socket", "socket_mode": 0, "hidden_envoy_deprecated_max_stats": "0", "hidden_envoy_deprecated_max_obj_name_len": "0", "file_flush_interval": "10s", "drain_time": "600s", "parent_shutdown_time": "900s" }, "node": { "id": "", "cluster": "", "user_agent_name": "envoy", "user_agent_build_version": { "version": { "major_number": 1, "minor_number": 17, "patch": 1 }, "metadata": { "build.type": "RELEASE", "revision.sha": "d6a4496e712d7a2335b26e2f76210d5904002c26", "ssl.version": "BoringSSL", "revision.status": "Clean" } }, "extensions": [ { "name": "dubbo", "category": "envoy.dubbo_proxy.protocols", "type_descriptor": "", "disabled": false }, { "name": "envoy.dynamic.ot", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.lightstep", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.tracers.datadog", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.tracers.dynamic_ot", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.tracers.lightstep", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.tracers.opencensus", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.tracers.skywalking", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.tracers.xray", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.tracers.zipkin", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "envoy.zipkin", "category": "envoy.tracers", "type_descriptor": "", "disabled": false }, { "name": "udp_default_writer", "category": "envoy.udp_packet_writers", "type_descriptor": "", "disabled": false }, { "name": "udp_gso_batch_writer", "category": "envoy.udp_packet_writers", "type_descriptor": "", "disabled": false }, { "name": "envoy.bootstrap.wasm", "category": "envoy.bootstrap", "type_descriptor": "", "disabled": false }, { "name": "envoy.extensions.network.socket_interface.default_socket_interface", "category": "envoy.bootstrap", "type_descriptor": "", "disabled": false }, { "name": "envoy.extensions.http.cache.simple", "category": "envoy.http.cache", "type_descriptor": "", "disabled": false }, { "name": "quiche_quic_listener", "category": "envoy.udp_listeners", "type_descriptor": "", "disabled": false }, { "name": "raw_udp_listener", "category": "envoy.udp_listeners", "type_descriptor": "", "disabled": false }, { "name": "envoy.access_loggers.file", "category": "envoy.access_loggers", "type_descriptor": "", "disabled": false }, { "name": "envoy.access_loggers.http_grpc", "category": "envoy.access_loggers", "type_descriptor": "", "disabled": false }, { "name": "envoy.access_loggers.tcp_grpc", "category": "envoy.access_loggers", "type_descriptor": "", "disabled": false }, { "name": "envoy.access_loggers.wasm", "category": "envoy.access_loggers", "type_descriptor": "", "disabled": false }, { "name": "envoy.file_access_log", "category": "envoy.access_loggers", "type_descriptor": "", "disabled": false }, { "name": "envoy.http_grpc_access_log", "category": "envoy.access_loggers", "type_descriptor": "", "disabled": false }, { "name": "envoy.tcp_grpc_access_log", "category": "envoy.access_loggers", "type_descriptor": "", "disabled": false }, { "name": "envoy.wasm_access_log", "category": "envoy.access_loggers", "type_descriptor": "", "disabled": false }, { "name": "envoy.buffer", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.cors", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.csrf", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.ext_authz", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.ext_proc", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.fault", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.adaptive_concurrency", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.admission_control", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.aws_lambda", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.aws_request_signing", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.buffer", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.cache", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.cdn_loop", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.compressor", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.cors", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.csrf", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.decompressor", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.dynamic_forward_proxy", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.dynamo", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.ext_authz", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.ext_proc", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.fault", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.grpc_http1_bridge", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.grpc_http1_reverse_bridge", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.grpc_json_transcoder", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.grpc_stats", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.grpc_web", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.gzip", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.header_to_metadata", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.health_check", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.ip_tagging", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.jwt_authn", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.local_ratelimit", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.lua", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.oauth2", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.on_demand", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.original_src", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.ratelimit", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.rbac", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.router", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.squash", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.tap", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.http.wasm", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.grpc_http1_bridge", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.grpc_json_transcoder", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.grpc_web", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.gzip", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.health_check", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.http_dynamo_filter", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.ip_tagging", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.local_rate_limit", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.lua", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.rate_limit", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.router", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.squash", "category": "envoy.filters.http", "type_descriptor": "", "disabled": false }, { "name": "envoy.watchdog.abort_action", "category": "envoy.guarddog_actions", "type_descriptor": "", "disabled": false }, { "name": "envoy.watchdog.profile_action", "category": "envoy.guarddog_actions", "type_descriptor": "", "disabled": false }, { "name": "envoy.ip", "category": "envoy.resolvers", "type_descriptor": "", "disabled": false }, { "name": "quiche", "category": "envoy.quic_server_codec", "type_descriptor": "", "disabled": false }, { "name": "envoy.extensions.upstreams.http.v3.HttpProtocolOptions", "category": "envoy.upstream_options", "type_descriptor": "", "disabled": false }, { "name": "envoy.upstreams.http.http_protocol_options", "category": "envoy.upstream_options", "type_descriptor": "", "disabled": false }, { "name": "envoy.grpc_credentials.aws_iam", "category": "envoy.grpc_credentials", "type_descriptor": "", "disabled": false }, { "name": "envoy.grpc_credentials.default", "category": "envoy.grpc_credentials", "type_descriptor": "", "disabled": false }, { "name": "envoy.grpc_credentials.file_based_metadata", "category": "envoy.grpc_credentials", "type_descriptor": "", "disabled": false }, { "name": "envoy.client_ssl_auth", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.echo", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.ext_authz", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.client_ssl_auth", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.direct_response", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.dubbo_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.echo", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.ext_authz", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.http_connection_manager", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.kafka_broker", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.local_ratelimit", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.mongo_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.mysql_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.postgres_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.ratelimit", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.rbac", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.redis_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.rocketmq_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.sni_cluster", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.sni_dynamic_forward_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.tcp_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.thrift_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.wasm", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.network.zookeeper_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.http_connection_manager", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.mongo_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.ratelimit", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.redis_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "envoy.tcp_proxy", "category": "envoy.filters.network", "type_descriptor": "", "disabled": false }, { "name": "auto", "category": "envoy.thrift_proxy.transports", "type_descriptor": "", "disabled": false }, { "name": "framed", "category": "envoy.thrift_proxy.transports", "type_descriptor": "", "disabled": false }, { "name": "header", "category": "envoy.thrift_proxy.transports", "type_descriptor": "", "disabled": false }, { "name": "unframed", "category": "envoy.thrift_proxy.transports", "type_descriptor": "", "disabled": false }, { "name": "envoy.cluster.eds", "category": "envoy.clusters", "type_descriptor": "", "disabled": false }, { "name": "envoy.cluster.logical_dns", "category": "envoy.clusters", "type_descriptor": "", "disabled": false }, { "name": "envoy.cluster.original_dst", "category": "envoy.clusters", "type_descriptor": "", "disabled": false }, { "name": "envoy.cluster.static", "category": "envoy.clusters", "type_descriptor": "", "disabled": false }, { "name": "envoy.cluster.strict_dns", "category": "envoy.clusters", "type_descriptor": "", "disabled": false }, { "name": "envoy.clusters.aggregate", "category": "envoy.clusters", "type_descriptor": "", "disabled": false }, { "name": "envoy.clusters.dynamic_forward_proxy", "category": "envoy.clusters", "type_descriptor": "", "disabled": false }, { "name": "envoy.clusters.redis", "category": "envoy.clusters", "type_descriptor": "", "disabled": false }, { "name": "dubbo.hessian2", "category": "envoy.dubbo_proxy.serializers", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.udp.dns_filter", "category": "envoy.filters.udp_listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.udp_listener.udp_proxy", "category": "envoy.filters.udp_listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.internal_redirect_predicates.allow_listed_routes", "category": "envoy.internal_redirect_predicates", "type_descriptor": "", "disabled": false }, { "name": "envoy.internal_redirect_predicates.previous_routes", "category": "envoy.internal_redirect_predicates", "type_descriptor": "", "disabled": false }, { "name": "envoy.internal_redirect_predicates.safe_cross_scheme", "category": "envoy.internal_redirect_predicates", "type_descriptor": "", "disabled": false }, { "name": "envoy.compression.gzip.decompressor", "category": "envoy.compression.decompressor", "type_descriptor": "", "disabled": false }, { "name": "envoy.rate_limit_descriptors.expr", "category": "envoy.rate_limit_descriptors", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.alts", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.quic", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.raw_buffer", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.starttls", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.tap", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.tls", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "raw_buffer", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "starttls", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "tls", "category": "envoy.transport_sockets.downstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.listener.http_inspector", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.listener.original_dst", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.listener.original_src", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.listener.proxy_protocol", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.listener.tls_inspector", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.listener.http_inspector", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.listener.original_dst", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.listener.original_src", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.listener.proxy_protocol", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.listener.tls_inspector", "category": "envoy.filters.listener", "type_descriptor": "", "disabled": false }, { "name": "envoy.compression.gzip.compressor", "category": "envoy.compression.compressor", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.dubbo.router", "category": "envoy.dubbo_proxy.filters", "type_descriptor": "", "disabled": false }, { "name": "envoy.resource_monitors.fixed_heap", "category": "envoy.resource_monitors", "type_descriptor": "", "disabled": false }, { "name": "envoy.resource_monitors.injected_resource", "category": "envoy.resource_monitors", "type_descriptor": "", "disabled": false }, { "name": "quiche", "category": "envoy.quic_client_codec", "type_descriptor": "", "disabled": false }, { "name": "envoy.retry_priorities.previous_priorities", "category": "envoy.retry_priorities", "type_descriptor": "", "disabled": false }, { "name": "auto", "category": "envoy.thrift_proxy.protocols", "type_descriptor": "", "disabled": false }, { "name": "binary", "category": "envoy.thrift_proxy.protocols", "type_descriptor": "", "disabled": false }, { "name": "binary/non-strict", "category": "envoy.thrift_proxy.protocols", "type_descriptor": "", "disabled": false }, { "name": "compact", "category": "envoy.thrift_proxy.protocols", "type_descriptor": "", "disabled": false }, { "name": "twitter", "category": "envoy.thrift_proxy.protocols", "type_descriptor": "", "disabled": false }, { "name": "envoy.retry_host_predicates.omit_canary_hosts", "category": "envoy.retry_host_predicates", "type_descriptor": "", "disabled": false }, { "name": "envoy.retry_host_predicates.omit_host_metadata", "category": "envoy.retry_host_predicates", "type_descriptor": "", "disabled": false }, { "name": "envoy.retry_host_predicates.previous_hosts", "category": "envoy.retry_host_predicates", "type_descriptor": "", "disabled": false }, { "name": "envoy.health_checkers.redis", "category": "envoy.health_checkers", "type_descriptor": "", "disabled": false }, { "name": "default", "category": "envoy.dubbo_proxy.route_matchers", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.thrift.rate_limit", "category": "envoy.thrift_proxy.filters", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.thrift.router", "category": "envoy.thrift_proxy.filters", "type_descriptor": "", "disabled": false }, { "name": "envoy.dog_statsd", "category": "envoy.stats_sinks", "type_descriptor": "", "disabled": false }, { "name": "envoy.metrics_service", "category": "envoy.stats_sinks", "type_descriptor": "", "disabled": false }, { "name": "envoy.stat_sinks.dog_statsd", "category": "envoy.stats_sinks", "type_descriptor": "", "disabled": false }, { "name": "envoy.stat_sinks.hystrix", "category": "envoy.stats_sinks", "type_descriptor": "", "disabled": false }, { "name": "envoy.stat_sinks.metrics_service", "category": "envoy.stats_sinks", "type_descriptor": "", "disabled": false }, { "name": "envoy.stat_sinks.statsd", "category": "envoy.stats_sinks", "type_descriptor": "", "disabled": false }, { "name": "envoy.stat_sinks.wasm", "category": "envoy.stats_sinks", "type_descriptor": "", "disabled": false }, { "name": "envoy.statsd", "category": "envoy.stats_sinks", "type_descriptor": "", "disabled": false }, { "name": "envoy.filters.connection_pools.tcp.generic", "category": "envoy.upstreams", "type_descriptor": "", "disabled": false }, { "name": "envoy.wasm.runtime.null", "category": "envoy.wasm.runtime", "type_descriptor": "", "disabled": false }, { "name": "envoy.wasm.runtime.v8", "category": "envoy.wasm.runtime", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.alts", "category": "envoy.transport_sockets.upstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.quic", "category": "envoy.transport_sockets.upstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.raw_buffer", "category": "envoy.transport_sockets.upstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.tap", "category": "envoy.transport_sockets.upstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.tls", "category": "envoy.transport_sockets.upstream", "type_descriptor": "", "disabled": false }, { "name": "envoy.transport_sockets.upstream_proxy_protocol", "category": "envoy.transport_sockets.upstream", "type_descriptor": "", "disabled": false }, { "name": "raw_buffer", "category": "envoy.transport_sockets.upstream", "type_descriptor": "", "disabled": false }, { "name": "tls", "category": "envoy.transport_sockets.upstream", "type_descriptor": "", "disabled": false } ], "client_features": [], "listening_addresses": [], "hidden_envoy_deprecated_build_version": "d6a4496e712d7a2335b26e2f76210d5904002c26/1.17.1/Clean/RELEASE/BoringSSL" }, "uptime_current_epoch": "100s", "uptime_all_epochs": "100s" } ```Config:
*Logs*: (Click to expand)
```sh [2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:323] initializing epoch 0 (base id=0, hot restart version=11.104) [2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:325] statically linked extensions: [2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:327] envoy.compression.decompressor: envoy.compression.gzip.decompressor [2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:327] envoy.grpc_credentials: envoy.grpc_credentials.aws_iam, envoy.grpc_credentials.default, envoy.grpc_credentials.file_based_metadata [2021-03-06 23:12:20.765][1][info][main] [source/server/server.cc:327] envoy.udp_listeners: quiche_quic_listener, raw_udp_listener [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.guarddog_actions: envoy.watchdog.abort_action, envoy.watchdog.profile_action [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.resolvers: envoy.ip [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.filters.network: envoy.client_ssl_auth, envoy.echo, envoy.ext_authz, envoy.filters.network.client_ssl_auth, envoy.filters.network.direct_response, envoy.filters.network.dubbo_proxy, envoy.filters.network.echo, envoy.filters.network.ext_authz, envoy.filters.network.http_connection_manager, envoy.filters.network.kafka_broker, envoy.filters.network.local_ratelimit, envoy.filters.network.mongo_proxy, envoy.filters.network.mysql_proxy, envoy.filters.network.postgres_proxy, envoy.filters.network.ratelimit, envoy.filters.network.rbac, envoy.filters.network.redis_proxy, envoy.filters.network.rocketmq_proxy, envoy.filters.network.sni_cluster, envoy.filters.network.sni_dynamic_forward_proxy, envoy.filters.network.tcp_proxy, envoy.filters.network.thrift_proxy, envoy.filters.network.wasm, envoy.filters.network.zookeeper_proxy, envoy.http_connection_manager, envoy.mongo_proxy, envoy.ratelimit, envoy.redis_proxy, envoy.tcp_proxy [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.filters.http: envoy.buffer, envoy.cors, envoy.csrf, envoy.ext_authz, envoy.ext_proc, envoy.fault, envoy.filters.http.adaptive_concurrency, envoy.filters.http.admission_control, envoy.filters.http.aws_lambda, envoy.filters.http.aws_request_signing, envoy.filters.http.buffer, envoy.filters.http.cache, envoy.filters.http.cdn_loop, envoy.filters.http.compressor, envoy.filters.http.cors, envoy.filters.http.csrf, envoy.filters.http.decompressor, envoy.filters.http.dynamic_forward_proxy, envoy.filters.http.dynamo, envoy.filters.http.ext_authz, envoy.filters.http.ext_proc, envoy.filters.http.fault, envoy.filters.http.grpc_http1_bridge, envoy.filters.http.grpc_http1_reverse_bridge, envoy.filters.http.grpc_json_transcoder, envoy.filters.http.grpc_stats, envoy.filters.http.grpc_web, envoy.filters.http.gzip, envoy.filters.http.header_to_metadata, envoy.filters.http.health_check, envoy.filters.http.ip_tagging, envoy.filters.http.jwt_authn, envoy.filters.http.local_ratelimit, envoy.filters.http.lua, envoy.filters.http.oauth2, envoy.filters.http.on_demand, envoy.filters.http.original_src, envoy.filters.http.ratelimit, envoy.filters.http.rbac, envoy.filters.http.router, envoy.filters.http.squash, envoy.filters.http.tap, envoy.filters.http.wasm, envoy.grpc_http1_bridge, envoy.grpc_json_transcoder, envoy.grpc_web, envoy.gzip, envoy.health_check, envoy.http_dynamo_filter, envoy.ip_tagging, envoy.local_rate_limit, envoy.lua, envoy.rate_limit, envoy.router, envoy.squash [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.compression.compressor: envoy.compression.gzip.compressor [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.udp_packet_writers: udp_default_writer, udp_gso_batch_writer [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.resource_monitors: envoy.resource_monitors.fixed_heap, envoy.resource_monitors.injected_resource [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.rate_limit_descriptors: envoy.rate_limit_descriptors.expr [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.tracers: envoy.dynamic.ot, envoy.lightstep, envoy.tracers.datadog, envoy.tracers.dynamic_ot, envoy.tracers.lightstep, envoy.tracers.opencensus, envoy.tracers.skywalking, envoy.tracers.xray, envoy.tracers.zipkin, envoy.zipkin [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.filters.udp_listener: envoy.filters.udp.dns_filter, envoy.filters.udp_listener.udp_proxy [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.retry_host_predicates: envoy.retry_host_predicates.omit_canary_hosts, envoy.retry_host_predicates.omit_host_metadata, envoy.retry_host_predicates.previous_hosts [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.access_loggers: envoy.access_loggers.file, envoy.access_loggers.http_grpc, envoy.access_loggers.tcp_grpc, envoy.access_loggers.wasm, envoy.file_access_log, envoy.http_grpc_access_log, envoy.tcp_grpc_access_log, envoy.wasm_access_log [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.upstreams: envoy.filters.connection_pools.tcp.generic [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.transport_sockets.downstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tls, raw_buffer, starttls, tls [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.quic_server_codec: quiche [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.thrift_proxy.transports: auto, framed, header, unframed [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.stats_sinks: envoy.dog_statsd, envoy.metrics_service, envoy.stat_sinks.dog_statsd, envoy.stat_sinks.hystrix, envoy.stat_sinks.metrics_service, envoy.stat_sinks.statsd, envoy.stat_sinks.wasm, envoy.statsd [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.filters.listener: envoy.filters.listener.http_inspector, envoy.filters.listener.original_dst, envoy.filters.listener.original_src, envoy.filters.listener.proxy_protocol, envoy.filters.listener.tls_inspector, envoy.listener.http_inspector, envoy.listener.original_dst, envoy.listener.original_src, envoy.listener.proxy_protocol, envoy.listener.tls_inspector [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.clusters: envoy.cluster.eds, envoy.cluster.logical_dns, envoy.cluster.original_dst, envoy.cluster.static, envoy.cluster.strict_dns, envoy.clusters.aggregate, envoy.clusters.dynamic_forward_proxy, envoy.clusters.redis [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.thrift_proxy.protocols: auto, binary, binary/non-strict, compact, twitter [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.dubbo_proxy.filters: envoy.filters.dubbo.router [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.wasm.runtime: envoy.wasm.runtime.null, envoy.wasm.runtime.v8 [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.upstream_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions, envoy.upstreams.http.http_protocol_options [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.retry_priorities: envoy.retry_priorities.previous_priorities [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.health_checkers: envoy.health_checkers.redis [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.dubbo_proxy.protocols: dubbo [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.dubbo_proxy.serializers: dubbo.hessian2 [2021-03-06 23:12:20.766][1][info][main] [source/server/server.cc:327] envoy.thrift_proxy.filters: envoy.filters.thrift.rate_limit, envoy.filters.thrift.router [2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327] envoy.bootstrap: envoy.bootstrap.wasm, envoy.extensions.network.socket_interface.default_socket_interface [2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327] envoy.quic_client_codec: quiche [2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327] envoy.transport_sockets.upstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.tap, envoy.transport_sockets.tls, envoy.transport_sockets.upstream_proxy_protocol, raw_buffer, tls [2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327] envoy.http.cache: envoy.extensions.http.cache.simple [2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327] envoy.dubbo_proxy.route_matchers: default [2021-03-06 23:12:20.767][1][info][main] [source/server/server.cc:327] envoy.internal_redirect_predicates: envoy.internal_redirect_predicates.allow_listed_routes, envoy.internal_redirect_predicates.previous_routes, envoy.internal_redirect_predicates.safe_cross_scheme [2021-03-06 23:12:20.776][1][warning][misc] [source/common/protobuf/message_validator_impl.cc:21] Deprecated field: type envoy.api.v2.Listener Using deprecated option 'envoy.api.v2.Listener.use_original_dst' from file listener.proto. This configuration will be removed from Envoy soon. Please see https://www.envoyproxy.io/docs/envoy/latest/version_history/version_history for details. If continued use of this field is absolutely necessary, see https://www.envoyproxy.io/docs/envoy/latest/configuration/operations/runtime#using-runtime-overrides-for-deprecated-features for how to apply a temporary and highly discouraged override. [2021-03-06 23:12:20.776][1][info][main] [source/server/server.cc:343] HTTP header map info: [2021-03-06 23:12:20.777][1][warning][runtime] [source/common/runtime/runtime_features.cc:31] Unable to use runtime singleton for feature envoy.http.headermap.lazy_map_min_size [2021-03-06 23:12:20.777][1][warning][runtime] [source/common/runtime/runtime_features.cc:31] Unable to use runtime singleton for feature envoy.http.headermap.lazy_map_min_size [2021-03-06 23:12:20.778][1][warning][runtime] [source/common/runtime/runtime_features.cc:31] Unable to use runtime singleton for feature envoy.http.headermap.lazy_map_min_size [2021-03-06 23:12:20.778][1][warning][runtime] [source/common/runtime/runtime_features.cc:31] Unable to use runtime singleton for feature envoy.http.headermap.lazy_map_min_size [2021-03-06 23:12:20.778][1][info][main] [source/server/server.cc:346] request header map: 616 bytes: :authority,:method,:path,:protocol,:scheme,accept,accept-encoding,access-control-request-method,authentication,authorization,cache-control,cdn-loop,connection,content-encoding,content-length,content-type,expect,grpc-accept-encoding,grpc-timeout,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,keep-alive,origin,pragma,proxy-connection,referer,te,transfer-encoding,upgrade,user-agent,via,x-client-trace-id,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-downstream-service-cluster,x-envoy-downstream-service-node,x-envoy-expected-rq-timeout-ms,x-envoy-external-address,x-envoy-force-trace,x-envoy-hedge-on-per-try-timeout,x-envoy-internal,x-envoy-ip-tags,x-envoy-max-retries,x-envoy-original-path,x-envoy-original-url,x-envoy-retriable-header-names,x-envoy-retriable-status-codes,x-envoy-retry-grpc-on,x-envoy-retry-on,x-envoy-upstream-alt-stat-name,x-envoy-upstream-rq-per-try-timeout-ms,x-envoy-upstream-rq-timeout-alt-response,x-envoy-upstream-rq-timeout-ms,x-forwarded-client-cert,x-forwarded-for,x-forwarded-proto,x-ot-span-context,x-request-id [2021-03-06 23:12:20.778][1][info][main] [source/server/server.cc:346] request trailer map: 128 bytes: [2021-03-06 23:12:20.779][1][info][main] [source/server/server.cc:346] response header map: 424 bytes: :status,access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-expose-headers,access-control-max-age,age,cache-control,connection,content-encoding,content-length,content-type,date,etag,expires,grpc-message,grpc-status,keep-alive,last-modified,location,proxy-connection,server,transfer-encoding,upgrade,vary,via,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-degraded,x-envoy-immediate-health-check-fail,x-envoy-ratelimited,x-envoy-upstream-canary,x-envoy-upstream-healthchecked-cluster,x-envoy-upstream-service-time,x-request-id [2021-03-06 23:12:20.779][1][info][main] [source/server/server.cc:346] response trailer map: 152 bytes: grpc-message,grpc-status [2021-03-06 23:12:20.780][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.shrink_heap. [2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.stop_accepting_connections. [2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.reject_incoming_connections. [2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.stop_accepting_connections. [2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.reject_incoming_connections. [2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.stop_accepting_connections. [2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.reject_incoming_connections. [2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.stop_accepting_connections. [2021-03-06 23:12:20.781][1][debug][main] [source/server/overload_manager_impl.cc:385] No overload action is configured for envoy.overload_actions.reject_incoming_connections. [2021-03-06 23:12:20.781][1][info][main] [source/server/server.cc:486] admin address: 0.0.0.0:9901 [2021-03-06 23:12:20.783][1][info][main] [source/server/server.cc:634] runtime: layers: - name: base static_layer: {} - name: admin admin_layer: {} [2021-03-06 23:12:20.783][1][info][config] [source/server/configuration_impl.cc:125] loading tracing configuration [2021-03-06 23:12:20.783][1][info][config] [source/server/configuration_impl.cc:85] loading 0 static secret(s) [2021-03-06 23:12:20.783][1][info][config] [source/server/configuration_impl.cc:91] loading 1 cluster(s) [2021-03-06 23:12:20.784][12][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running [2021-03-06 23:12:20.785][1][debug][upstream] [source/common/upstream/upstream_impl.cc:1018] initializing Primary cluster dynamic_forward_proxy_cluster completed [2021-03-06 23:12:20.785][1][debug][init] [source/common/init/manager_impl.cc:49] init manager Cluster dynamic_forward_proxy_cluster contains no targets [2021-03-06 23:12:20.785][1][debug][init] [source/common/init/watcher_impl.cc:14] init manager Cluster dynamic_forward_proxy_cluster initialized, notifying ClusterImplBase [2021-03-06 23:12:20.785][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster [2021-03-06 23:12:20.785][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:120] cm init: init complete: cluster=dynamic_forward_proxy_cluster primary=0 secondary=0 [2021-03-06 23:12:20.785][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:140] maybe finish initialize state: 0 [2021-03-06 23:12:20.786][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:91] cm init: adding: cluster=dynamic_forward_proxy_cluster primary=0 secondary=0 [2021-03-06 23:12:20.786][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:140] maybe finish initialize state: 1 [2021-03-06 23:12:20.786][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:149] maybe finish initialize primary init clusters empty: true [2021-03-06 23:12:20.786][1][info][config] [source/server/configuration_impl.cc:95] loading 1 listener(s) [2021-03-06 23:12:20.786][1][debug][config] [source/server/configuration_impl.cc:97] listener #0: [2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:395] begin add/update listener: name=listener_0 hash=18262469619681037125 [2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:432] use full listener update path for listener name=listener_0 hash=18262469619681037125 [2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:129] filter #0: [2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:130] name: envoy.listener.original_dst [2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:137] config: {} [2021-03-06 23:12:20.788][1][warning][misc] [bazel-out/k8-opt/bin/source/extensions/common/_virtual_includes/utility_lib/extensions/common/utility.h:65] Using deprecated extension name 'envoy.listener.original_dst' for 'envoy.filters.listener.original_dst'. This name will be removed from Envoy soon. Please see https://www.envoyproxy.io/docs/envoy/latest/version_history/version_history for details. [2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:95] filter #0: [2021-03-06 23:12:20.788][1][debug][config] [source/server/listener_manager_impl.cc:96] name: envoy.filters.network.http_connection_manager [2021-03-06 23:12:20.789][1][debug][config] [source/server/listener_manager_impl.cc:103] config: { "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager", "http_filters": [ { "typed_config": { "@type": "type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig", "dns_cache_config": { "dns_lookup_family": "V4_ONLY", "name": "dynamic_forward_proxy_cache_config" } }, "name": "envoy.filters.http.dynamic_forward_proxy" }, { "name": "envoy.filters.http.router", "typed_config": { "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" } } ], "access_log": [ { "name": "envoy.access_loggers.file", "typed_config": { "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog", "path": "/dev/stdout" } } ], "route_config": { "name": "local_route", "virtual_hosts": [ { "routes": [ { "direct_response": { "body": { "inline_string": "Filter match!\n" }, "status": 200 }, "match": { "prefix": "/" } }, { "match": { "connect_matcher": {} }, "route": { "cluster": "dynamic_forward_proxy_cluster", "upgrade_configs": [ { "connect_config": {}, "upgrade_type": "CONNECT" } ] } } ], "name": "local_service", "domains": [ "*" ] } ] }, "stat_prefix": "egress_edge" } [2021-03-06 23:12:20.793][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:495] http filter #0 [2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:517] name: envoy.filters.http.dynamic_forward_proxy [2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:524] config: { "@type": "type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig", "dns_cache_config": { "dns_lookup_family": "V4_ONLY", "name": "dynamic_forward_proxy_cache_config" } } [2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:495] http filter #1 [2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:517] name: envoy.filters.http.router [2021-03-06 23:12:20.796][1][debug][config] [source/extensions/filters/network/http_connection_manager/config.cc:524] config: { "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router" } [2021-03-06 23:12:20.797][1][debug][config] [source/server/filter_chain_manager_impl.cc:222] new fc_contexts has 1 filter chains, including 1 newly built [2021-03-06 23:12:20.797][1][debug][init] [source/common/init/manager_impl.cc:24] added target Listener-init-target listener_0 to init manager Server [2021-03-06 23:12:20.797][1][debug][config] [source/server/listener_impl.cc:130] Create listen socket for listener listener_0 on address 0.0.0.0:10000 [2021-03-06 23:12:20.797][1][debug][config] [source/server/listener_impl.cc:120] Set listener listener_0 socket factory local address to 0.0.0.0:10000 [2021-03-06 23:12:20.797][1][debug][config] [source/server/listener_impl.cc:683] add active listener: name=listener_0, hash=18262469619681037125, address=0.0.0.0:10000 [2021-03-06 23:12:20.797][1][info][config] [source/server/configuration_impl.cc:107] loading stats configuration [2021-03-06 23:12:20.797][1][debug][init] [source/common/init/manager_impl.cc:49] init manager RTDS contains no targets [2021-03-06 23:12:20.797][1][debug][init] [source/common/init/watcher_impl.cc:14] init manager RTDS initialized, notifying RTDS [2021-03-06 23:12:20.797][1][info][runtime] [source/common/runtime/runtime_impl.cc:425] RTDS has finished initialization [2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:209] continue initializing secondary clusters [2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:140] maybe finish initialize state: 2 [2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:149] maybe finish initialize primary init clusters empty: true [2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:164] maybe finish initialize secondary init clusters empty: true [2021-03-06 23:12:20.797][1][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:185] maybe finish initialize cds api ready: false [2021-03-06 23:12:20.797][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:191] cm init: all clusters initialized [2021-03-06 23:12:20.797][1][warning][main] [source/server/server.cc:609] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections [2021-03-06 23:12:20.798][1][info][main] [source/server/server.cc:712] all clusters initialized. initializing init manager [2021-03-06 23:12:20.798][1][debug][init] [source/common/init/manager_impl.cc:53] init manager Server initializing [2021-03-06 23:12:20.798][1][debug][init] [source/common/init/target_impl.cc:15] init manager Server initializing target Listener-init-target listener_0 [2021-03-06 23:12:20.798][1][debug][init] [source/common/init/manager_impl.cc:49] init manager Listener-local-init-manager listener_0 18262469619681037125 contains no targets [2021-03-06 23:12:20.798][1][debug][init] [source/common/init/watcher_impl.cc:14] init manager Listener-local-init-manager listener_0 18262469619681037125 initialized, notifying Listener-local-init-watcher listener_0 [2021-03-06 23:12:20.798][1][debug][init] [source/common/init/watcher_impl.cc:14] target Listener-init-target listener_0 initialized, notifying init manager Server [2021-03-06 23:12:20.798][1][debug][init] [source/common/init/watcher_impl.cc:14] init manager Server initialized, notifying RunHelper [2021-03-06 23:12:20.798][1][info][config] [source/server/listener_manager_impl.cc:888] all dependencies initialized. starting workers [2021-03-06 23:12:20.799][1][debug][config] [source/server/listener_manager_impl.cc:899] starting worker 0 [2021-03-06 23:12:20.799][1][debug][config] [source/server/listener_manager_impl.cc:899] starting worker 1 [2021-03-06 23:12:20.799][1][debug][config] [source/server/listener_manager_impl.cc:899] starting worker 2 [2021-03-06 23:12:20.799][16][debug][main] [source/server/worker_impl.cc:127] worker entering dispatch loop [2021-03-06 23:12:20.799][1][debug][config] [source/server/listener_manager_impl.cc:899] starting worker 3 [2021-03-06 23:12:20.799][18][debug][main] [source/server/worker_impl.cc:127] worker entering dispatch loop [2021-03-06 23:12:20.799][16][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster [2021-03-06 23:12:20.800][1][info][main] [source/server/server.cc:731] starting main dispatch loop [2021-03-06 23:12:20.800][19][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running [2021-03-06 23:12:20.800][18][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster [2021-03-06 23:12:20.800][20][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running [2021-03-06 23:12:20.800][17][debug][main] [source/server/worker_impl.cc:127] worker entering dispatch loop [2021-03-06 23:12:20.800][15][debug][main] [source/server/worker_impl.cc:127] worker entering dispatch loop [2021-03-06 23:12:20.801][15][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster [2021-03-06 23:12:20.801][22][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running [2021-03-06 23:12:20.801][17][debug][upstream] [source/common/upstream/cluster_manager_impl.cc:947] adding TLS cluster dynamic_forward_proxy_cluster [2021-03-06 23:12:20.801][21][debug][grpc] [source/common/grpc/google_async_client_impl.cc:50] completionThread running [2021-03-06 23:12:23.656][17][debug][filter] [source/extensions/filters/listener/original_dst/original_dst.cc:18] original_dst: New connection accepted [2021-03-06 23:12:23.656][17][debug][filter] [source/extensions/filters/listener/original_dst/original_dst.cc:18] original_dst: New connection accepted [2021-03-06 23:12:23.656][17][debug][conn_handler] [source/server/connection_handler_impl.cc:469] closing connection: no matching filter chain found ```