Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ingress gateway, proxy defaults and envoy_public_listener_json #9280

Closed
pvyaka01 opened this issue Nov 26, 2020 · 1 comment
Closed

Ingress gateway, proxy defaults and envoy_public_listener_json #9280

pvyaka01 opened this issue Nov 26, 2020 · 1 comment
Assignees
@blake

Comments

@pvyaka01
Copy link

pvyaka01 commented Nov 26, 2020
edited
Loading

Overview of the Issue

consul ingress gateway envoy is not including envoy_public_listener_json filter. This is needed for example to specify access logs, to see why an ingress is sometimes gives a 5xx error or specify response headers for distributed tracing (response headers). Without this critical info, it becomes difficult to isolate whether problem is on the gateway side or upstreams. This issue is only with ingress gateway and normal services do show filters specified in envoy_public_listener_json

Thanks for the help!

Reproduction Steps

Steps to reproduce the issue 
**1. Register ingress:**
Kind = "ingress-gateway"
Name = "service-ingress"
Listeners = [
  {
    Port = 8080
    Protocol = "http"
    Services = [
      {
        Name = "service1",
        hosts = ["*"]
      }
    ]
  }
]

**2. Register proxy-defaults:**
Kind = "proxy-defaults"
Name = "global"
Config {
  envoy_tracing_json = <<EOF
{
  "http": {
    "name": "envoy.tracers.zipkin",
    "typed_config": {
      "@type": "type.googleapis.com/envoy.config.trace.v3.ZipkinConfig",
      "collector_cluster": "jaeger",
      "collector_endpoint": "/api/v2/spans",
      "shared_span_context": false,
      "collector_endpoint_version": "HTTP_JSON"
    }
  }
}
  EOF
  envoy_public_listener_json = <<EOF2
        {
            "name": "public_listener",
            "address": {
                "socket_address": {
                    "address": "0.0.0.0",
                    "port_value": 21000
                }
            },
            "filter_chains": [
              {
                "filters": [
                  {
                    "name": "envoy.filters.network.http_connection_manager",
                    "config": {
                      "tracing": {},
                      "add_user_agent": true,
                      "codec_type": "AUTO",
                      "generate_request_id": true,
                      "use_remote_address": true,
                      "access_log": [
                        {
                          "name": "envoy.access_loggers.file",
                          "typed_config": {
                            "@type": "type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog",
                            "path": "/var/log/envoy/envoy_access.log"
                          }
                        }
                      ],
                                "route_config": {
                                    "name": "public_listener",
                                    "virtual_hosts": [
                                        {
                                            "routes": [
                                                {
                                                    "match": {
                                                        "prefix": "/"
                                                    },
                                                    "route": {
                                                        "cluster": "jaeger"
                                                    }
                                                }
                                            ],
                                            "domains": [
                                                "*"
                                            ],
                                            "response_headers_to_add": [
                                              {
                                                "header": {
                                                  "key": "x-b3-traceid",
                                                  "value": "%REQ(x-b3-traceid)%"
                                                },
                                                "header": {
                                                  "key": "x-request-id",
                                                  "value": "%REQ(x-request-id)%"
                                                }
                                              }
                                            ],
                                            "name": "public_listener"
                                        }
                                    ]
                                },
                                "http_filters": [
                                    {
                                        "name": "envoy.filters.http.router"
                                    }
                                ],
                                "stat_prefix": "public_listener_http"
                            }
                        }
                    ]
                }
            ]
        }
    EOF2
  envoy_extra_static_clusters_json = <<EOF3
    {
      "name": "jaeger",
      "type": "STRICT_DNS",
      "connect_timeout": "5s",
      "lb_policy": "round_robin",
      "load_assignment": {
        "cluster_name": "jaeger",
        "endpoints": [
          {
            "lb_endpoints": [
              {
                "endpoint": {
                  "address": {
                    "socket_address": {
                      "address": "127.0.0.1",
                      "port_value": 9411
                    }
                  }
                }
              }
            ]
          }
        ]
      }
    }
  EOF3
}

**3. Start envoy using consul connect envoy command:**

 consul connect envoy -gateway=ingress -register -service identityapi-ingress -admin-access-log-path=/var/log/envoy/envoy-admin.log -address '{{ GetInterfaceIP "eth0" }}:8888'
### Consul info for both Client and Server
Client info 
agent:
        check_monitors = 1
        check_ttls = 0
        checks = 9
        services = 6
build:
        prerelease = beta2
        revision = db08bdc1
        version = 1.9.0
consul:
        acl = disabled
        known_servers = 1
        server = false
runtime:
        arch = amd64
        cpu_count = 2
        goroutines = 602
        max_procs = 2
        os = linux
        version = go1.14.9
serf_lan:
        coordinate_resets = 0
        encrypted = true
        event_queue = 0
        event_time = 10
        failed = 0
        health_score = 0
        intent_queue = 0
        left = 0
        member_time = 20724
        members = 26
        query_queue = 0
        query_time = 1
Server info 
agent:
        check_monitors = 1
        check_ttls = 0
        checks = 5
        services = 4
build:
        prerelease = beta2
        revision = db08bdc1
        version = 1.9.0
consul:
        acl = disabled
        bootstrap = true
        known_datacenters = 1
        leader = true
        leader_addr = xxxxx:8300
        server = true
raft:
        applied_index = 724960
        commit_index = 724960
        fsm_pending = 0
        last_contact = 0
        last_log_index = 724960
        last_log_term = 12
        last_snapshot_index = 721378
        last_snapshot_term = 12
        latest_configuration = [{Suffrage:Voter ID:e5bcd96a-9c66-a8f4-bb43-8a722a14d623 Address: xxxxx:8300}]
        latest_configuration_index = 0
        num_peers = 0
        protocol_version = 3
        protocol_version_max = 3
        protocol_version_min = 0
        snapshot_version_max = 1
        snapshot_version_min = 0
        state = Leader
        term = 12
runtime:
        arch = amd64
        cpu_count = 4
        goroutines = 552
        max_procs = 4
        os = linux
        version = go1.14.9
serf_lan:
        coordinate_resets = 0
        encrypted = true
        event_queue = 0
        event_time = 10
        failed = 0
        health_score = 0
        intent_queue = 0
        left = 0
        member_time = 20724
        members = 26
        query_queue = 0
        query_time = 1
serf_wan:
        coordinate_resets = 0
        encrypted = true
        event_queue = 0
        event_time = 1
        failed = 0
        health_score = 0
        intent_queue = 0
        left = 0
        member_time = 3
        members = 1
        query_queue = 0
        query_time = 1

Operating system and Environment details

Red Hat Enterprise Linux Server release 7.8 (Maipo)
Linux xxxxxx 3.10.0-1127.13.1.el7.x86_64 #1 SMP Fri Jun 12 14:34:17 EDT 2020 x86_64 x86_64 x86_64 GNU/Linux

Log Fragments

1. Check config dump:
curl http://localhost:19000/config_dump > envoy.json

2. Check envoy configuration
Envoy configuration includes what is specified in "envoy_tracing_json" and "envoy_extra_static_clusters_json" but not "envoy_public_listener_json"
@pvyaka01
Copy link
Author

Looks like there are already requests for this. Closing to avoid duplicates

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@blake blake

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@blake @pvyaka01