Skip to content

Integration with Envoy#

Envoy Control exposes configuration to Envoy via v3 xDS API. The integration is based on java-control-plane project.

Sample Envoy configuration#

Sample Envoy configuration that is compatible with Envoy Control is available in tests.

Routes#

Envoy Control can add some default routes via Route Discovery Service (RDS).

Original destination#

By default Envoy does not proxy requests to provided IP address - it's not valid to put an IP address in the Host header. To work around that, a cluster called envoy-original-destination is created. Its name can be used in Host header (Host: envoy-original-destination) and the IP can be put in x-envoy-original-dst-host header (x-envoy-original-dst-host: 127.0.0.2).

Catch all route#

By default, Envoy will respond with 404 status code when it receives a request for a cluster that does not exist. The behavior is changed so that the 503 status code is returned.

ADS Support#

By default, the xDS is used instead of Aggregated Discovery Service (ADS). To use ADS for given node put the

ads: true

in Envoy metadata config. Envoy Control will pick it up and use ADS for this node.

Outlier detection#

You can configure global outlier detection for all clusters with properties described here.

Retry policy#

You can configure retry policies for ingress traffic with properties described here.

Metadata#

After Envoy connects to Envoy Control it sends its metadata. We extract some of the data from it to drive its dynamic configuration. Right now we're focused on permissions and timeouts but in the future we will provide options to configure:

  • retries
  • circuit breakers and more

HTTP/1 and HTTP/2 for clusters#

By default Envoy Control will set HTTP/1 for all clusters under it's control. A preferred protocol for communication is HTTP/2 whenever it's available. If you have a heterogeneous environment and only some of your services support HTTP2 or run Envoy you might want to tweak this option. Based on envoy-control.envoy.snapshot.egress.http2.enabled Envoy Control will enable Http2 for clusters that have a tag with a value equal to property envoy-control.envoy.snapshot.egress.http2.tagName only when it's present on every instance. By default tagName is envoy so if one of your discovery service sources uses that you need to change the value of tagName.