search

envoyproxy / gateway

Manages Envoy Proxy as a Standalone or Kubernetes-based Application Gateway
https://gateway.envoyproxy.io
Apache License 2.0
1.62k stars 352 forks source link

TCP listener creation failed when there is no TCP route defined #4680

Open zhaohuabing opened 1 week ago

zhaohuabing commented 1 week ago

error: [2024-11-08 04:34:43.214][1][warning][config] [source/extensions/config_subscription/grpc/grpc_subscription_impl.cc:138] gRPC config for type.googleapis.com/envoy.config.listener.v3.Listener rejected: Error adding/updating listener(s) gateway-conformance-infra/same-namespace/tls: error adding listener '0.0.0.0:10443': no filter chains specified

configuration:

apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  name: same-namespace
  namespace: gateway-conformance-infra
spec:
  gatewayClassName: "{GATEWAY_CLASS_NAME}"
  listeners:
    - name: tls
      protocol: TLS
      port: 443
      tls:
        mode: Passthrough
      allowedRoutes:
        namespaces:
          from: Same
arkodg commented 1 week ago

cc @juwon8891

zhaohuabing commented 1 week ago

@juwon8891 @arkodg this is not ipv6 related. A TCP listener without route will be translated to a xDS listener without filter chain and rejected by the Envoy.

It's a minor issue - there is no real impact as no route defined for a TCP listener. To avoid this warning message on the envoy side, EG probably could add a default blackhole route.