Consul Connect sidecar proxies require additional configuration for gRPC-TLS listener #15360

krarey · 2022-11-22T17:53:31Z

Nomad version

Nomad v1.4.3 (f464aca)

Issue

Consul 1.14 introduced changes to the gRPC listener used for Envoy xDS configuration, splitting support for plaintext and TLS-enabled listeners for the protocol across two ports.

An initial fix for discovering the TLS-enabled listener via Consul's /agent/self endpoint landed in #15309, however when utilizing gRPC over TLS the consul connect envoy [...] command internally invoked by Nomad to bootstrap Envoy requires the addition of the -grpc-ca-file or -grpc-ca-path flags (or environment variable equivalents) to inject a trusted CA certificate into the generated Envoy config.

When the gRPC CA has not been explicitly passed, Envoy sidecar proxy tasks will initially deploy but will never retrieve their running configuration from the local Consul agent, sitting in a fail/retry loop unable to negotiate a connection with the gRPC-TLS listener..

To support this, Nomad will likely need to make a CA certificate available ~~within the allocation filesystem wherever a sidecar_service{} stanza has been defined,~~ on disk on each scheduler, or the Consul CLI will need to be extended to allow other means of providing the CA certificate (i.e. as an inline PEM rather than file path).

As a temporary workaround to restore proxy connectivity, the plaintext Consul HTTP and gRPC endpoints may be enabled and bound to a loopback interface within the local Consul agent, as Nomad will default to discovering the plaintext gRPC listener as long as HTTP is the URL schema in the consul.address configuration.

The text was updated successfully, but these errors were encountered:

mmeier86 · 2023-01-01T21:35:49Z

I believe it might be worth it to add this information also to the Consul Update Docs page, as it currently still reads as follows:

If you operate Consul service mesh using Nomad 1.4.2 or earlier, do not upgrade to Consul 1.14 until hashicorp/nomad#15266 is fixed

I've just tried an update of my Consul cluster to 1.14.3, and because I was running Nomad 1.4.3 I disregarded the warning.

The Connect sidecar starts, but the actual workload tasks get "connection refused" errors when trying to connect to their consul connect upstreams.

Sorry, please disregard above, I just saw that @jrasell's PR above already corrects the docs. Should be merged ASAP.

shoenig · 2023-01-05T18:34:43Z

Working on this in #15701
However I need help debugging the Envoy problems.

versions

➜ consul version 
Consul v1.14.3
Revision bd257019
Build Date 2022-12-13T17:13:55Z
Protocol 2 spoken by default, understands 2 to 3 (agent will automatically use protocol >2 when speaking to compatible agents)

➜ nomad version 
Nomad v1.4.4-dev (5f1ae914413cbd1459d40934c63cb1eda948cb1b)

consul.hcl

datacenter = "dc1"
advertise_addr = "127.0.0.1"
bind_addr = "127.0.0.1"
client_addr = "127.0.0.1"
data_dir = "./data"
node_name = "s0"
server = true
bootstrap_expect = 1
ports {
  http = -1
  https = 8501
  grpc_tls = 8503
}

ui_config {
  enabled = false
}


tls {
  defaults {
    ca_file = "./tls/consul-agent-ca.pem"
    cert_file = "./tls/dc1-server-consul-0.pem"
    key_file = "./tls/dc1-server-consul-0-key.pem"    
    verify_incoming = true
    verify_outgoing = true
  }
  internal_rpc {
    verify_server_hostname = true    
  }
}


auto_encrypt {
  allow_tls = true
}

nomad.hcl

server {
  enabled = true
}

client {
  enabled = true
}

consul {
  grpc_ca_file = "/home/shoenig/Work/tickets/grpc-connect/tls/consul-agent-ca.pem"
  ca_file = "/home/shoenig/Work/tickets/grpc-connect/tls/consul-agent-ca.pem"
  cert_file = "/home/shoenig/Work/tickets/grpc-connect/tls/dc1-client-consul-0.pem"
  key_file = "/home/shoenig/Work/tickets/grpc-connect/tls/dc1-client-consul-0-key.pem"
  ssl = true
  address = "127.0.0.1:8501"
  grpc_address = "127.0.0.1:8503"
}

tls files

➜ ls -lha ./tls

-rw------- 1 shoenig shoenig  227 Jan  5 09:28 consul-agent-ca-key.pem
-rw-rw-r-- 1 shoenig shoenig 1.1K Jan  5 09:28 consul-agent-ca.pem
-rw------- 1 shoenig shoenig  227 Jan  5 09:44 dc1-client-consul-0-key.pem
-rw-rw-r-- 1 shoenig shoenig  964 Jan  5 09:44 dc1-client-consul-0.pem
-rw------- 1 shoenig shoenig  227 Jan  5 09:29 dc1-server-consul-0-key.pem
-rw-rw-r-- 1 shoenig shoenig  964 Jan  5 09:29 dc1-server-consul-0.pem

Start consul

consul agent -config-file=consul.hcl

Start nomad

➜ sudo nomad agent -dev-connect -config=nomad.hcl

nomad node status

➜ nomad node status -self -verbose
ID              = 462996cd-c782-7e02-173b-e9ab8fc96480
...
Attributes
consul.connect                  = true
consul.datacenter               = dc1
consul.ft.namespaces            = false
consul.grpc                     = 8503
consul.revision                 = bd257019
consul.server                   = true
consul.sku                      = oss
consul.version                  = 1.14.3

api.nomad

job "api" {
  datacenters = ["dc1"]

  group "api" {
    network {
      mode = "bridge"
    }

    service {
      name = "count-api"
      port = "9001"

      connect {
        sidecar_service {}
      }
    }

    task "web" {
      driver = "docker"

      config {
        image          = "hashicorpdev/counter-api:v3"
        auth_soft_fail = true
      }
    }
  }
}

Envoy bootstrap log line

    2023-01-05T12:18:03.215-0600 [INFO]  client.alloc_runner.task_runner.task_hook.envoy_bootstrap: CONSUL GRPC DEBUG: alloc_id=e4fb7468-b79f-4536-7041-b505a47a107d task=connect-proxy-count-api 

bootstrap args=["connect", "envoy", 
"-grpc-addr", "unix://alloc/tmp/consul_grpc.sock", 
"-http-addr", "127.0.0.1:8501", 
"-admin-bind", "127.0.0.2:19001", 
"-address", "127.0.0.1:19101", 
"-proxy-id", "_nomad-task-e4fb7468-b79f-4536-7041-b505a47a107d-group-api-count-api-9001-sidecar-proxy", 
"-bootstrap", 
"-grpc-ca-file", "/home/shoenig/Work/tickets/grpc-connect/tls/consul-agent-ca.pem", 
"-ca-file", "/home/shoenig/Work/tickets/grpc-connect/tls/consul-agent-ca.pem", 
"-client-cert", "/home/shoenig/Work/tickets/grpc-connect/tls/dc1-client-consul-0.pem", 
"-client-key", "/home/shoenig/Work/tickets/grpc-connect/tls/dc1-client-consul-0-key.pem"
]

Envoy logs in the alloc

2023-01-05 18:18:03.417][1][info][admin] [source/server/admin/admin.cc:67] admin address: 127.0.0.2:19001
[2023-01-05 18:18:03.417][1][info][config] [source/server/configuration_impl.cc:131] loading tracing configuration
[2023-01-05 18:18:03.417][1][info][config] [source/server/configuration_impl.cc:91] loading 0 static secret(s)
[2023-01-05 18:18:03.417][1][info][config] [source/server/configuration_impl.cc:97] loading 1 cluster(s)
[2023-01-05 18:18:03.441][1][info][config] [source/server/configuration_impl.cc:101] loading 0 listener(s)
[2023-01-05 18:18:03.441][1][info][config] [source/server/configuration_impl.cc:113] loading stats configuration
[2023-01-05 18:18:03.441][1][info][runtime] [source/common/runtime/runtime_impl.cc:463] RTDS has finished initialization
[2023-01-05 18:18:03.441][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:222] cm init: initializing cds
[2023-01-05 18:18:03.441][1][warning][main] [source/server/server.cc:783] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
[2023-01-05 18:18:03.441][1][info][main] [source/server/server.cc:904] starting main dispatch loop
[2023-01-05 18:18:18.440][1][warning][config] [source/common/config/grpc_subscription_impl.cc:120] gRPC config: initial fetch timed out for type.googleapis.com/envoy.config.cluster.v3.Cluster
[2023-01-05 18:18:18.440][1][info][upstream] [source/common/upstream/cluster_manager_impl.cc:226] cm init: all clusters initialized
[2023-01-05 18:18:18.441][1][info][main] [source/server/server.cc:885] all clusters initialized. initializing init manager
[2023-01-05 18:18:33.444][1][warning][config] [source/common/config/grpc_subscription_impl.cc:120] gRPC config: initial fetch timed out for type.googleapis.com/envoy.config.listener.v3.Listener
[2023-01-05 18:18:33.444][1][info][config] [source/server/listener_manager_impl.cc:831] all dependencies initialized. starting workers
[2023-01-05 18:18:51.829][1][warning][config] [./source/common/config/grpc_stream.h:201] DeltaAggregatedResources gRPC config stream to local_agent closed since 48s ago: 14, upstream connect error or disconnect/reset before headers. reset reason: connection termination
(repeating)

In the alloc,

root@01eeb85bc86e:/# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.2:19001         0.0.0.0:*               LISTEN      -                   
tcp6       0      0 :::9001                 :::*                    LISTEN      -

root@01eeb85bc86e:/# curl 127.0.0.2:19001/certs
{
 "certificates": []
}

config_dump

root@01eeb85bc86e:/# curl 127.0.0.2:19001/config_dump
{
 "configs": [
  {
   "@type": "type.googleapis.com/envoy.admin.v3.BootstrapConfigDump",
   "bootstrap": {
    "node": {
     "id": "_nomad-task-e4fb7468-b79f-4536-7041-b505a47a107d-group-api-count-api-9001-sidecar-proxy",
     "cluster": "count-api",
     "metadata": {
      "partition": "default",
      "namespace": "default"
     },
     "user_agent_name": "envoy",
     "user_agent_build_version": {
      "version": {
       "major_number": 1,
       "minor_number": 24
      },
      "metadata": {
       "build.type": "RELEASE",
       "revision.status": "Clean",
       "revision.sha": "15baf56003f33a07e0ab44f82f75a660040db438",
       "ssl.version": "BoringSSL"
      }
     },
     "extensions": [
      {
       "name": "envoy.request_id.uuid",
       "category": "envoy.request_id",
       "type_urls": [
        "envoy.extensions.request_id.uuid.v3.UuidRequestIdConfig"
       ]
      },
      {
       "name": "envoy.matching.custom_matchers.trie_matcher",
       "category": "envoy.matching.network.custom_matchers",
       "type_urls": [
        "xds.type.matcher.v3.IPMatcher"
       ]
      },
      {
       "name": "envoy.path.match.uri_template.uri_template_matcher",
       "category": "envoy.path.match",
       "type_urls": [
        "envoy.extensions.path.match.uri_template.v3.UriTemplateMatchConfig"
       ]
      },
      {
       "name": "envoy.key_value.file_based",
       "category": "envoy.common.key_value",
       "type_urls": [
        "envoy.extensions.key_value.file_based.v3.FileBasedKeyValueStoreConfig"
       ]
      },
      {
       "name": "envoy.filters.connection_pools.tcp.generic",
       "category": "envoy.upstreams",
       "type_urls": [
        "envoy.extensions.upstreams.tcp.generic.v3.GenericConnectionPoolProto"
       ]
      },
      {
       "name": "envoy.filters.listener.http_inspector",
       "category": "envoy.filters.listener",
       "type_urls": [
        "envoy.extensions.filters.listener.http_inspector.v3.HttpInspector"
       ]
      },
      {
       "name": "envoy.filters.listener.original_dst",
       "category": "envoy.filters.listener",
       "type_urls": [
        "envoy.extensions.filters.listener.original_dst.v3.OriginalDst"
       ]
      },
      {
       "name": "envoy.filters.listener.original_src",
       "category": "envoy.filters.listener",
       "type_urls": [
        "envoy.extensions.filters.listener.original_src.v3.OriginalSrc"
       ]
      },
      {
       "name": "envoy.filters.listener.proxy_protocol",
       "category": "envoy.filters.listener",
       "type_urls": [
        "envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol"
       ]
      },
      {
       "name": "envoy.filters.listener.tls_inspector",
       "category": "envoy.filters.listener",
       "type_urls": [
        "envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector"
       ]
      },
      {
       "name": "envoy.listener.http_inspector",
       "category": "envoy.filters.listener"
      },
      {
       "name": "envoy.listener.original_dst",
       "category": "envoy.filters.listener"
      },
      {
       "name": "envoy.listener.original_src",
       "category": "envoy.filters.listener"
      },
      {
       "name": "envoy.listener.proxy_protocol",
       "category": "envoy.filters.listener"
      },
      {
       "name": "envoy.listener.tls_inspector",
       "category": "envoy.filters.listener"
      },
      {
       "name": "envoy.access_loggers.extension_filters.cel",
       "category": "envoy.access_loggers.extension_filters",
       "type_urls": [
        "envoy.extensions.access_loggers.filters.cel.v3.ExpressionFilter"
       ]
      },
      {
       "name": "dubbo.hessian2",
       "category": "envoy.dubbo_proxy.serializers"
      },
      {
       "name": "envoy.resource_monitors.fixed_heap",
       "category": "envoy.resource_monitors",
       "type_urls": [
        "envoy.extensions.resource_monitors.fixed_heap.v3.FixedHeapConfig"
       ]
      },
      {
       "name": "envoy.resource_monitors.injected_resource",
       "category": "envoy.resource_monitors",
       "type_urls": [
        "envoy.extensions.resource_monitors.injected_resource.v3.InjectedResourceConfig"
       ]
      },
      {
       "name": "envoy.regex_engines.google_re2",
       "category": "envoy.regex_engines",
       "type_urls": [
        "envoy.extensions.regex_engines.v3.GoogleRE2"
       ]
      },
      {
       "name": "envoy.retry_priorities.previous_priorities",
       "category": "envoy.retry_priorities",
       "type_urls": [
        "envoy.extensions.retry.priority.previous_priorities.v3.PreviousPrioritiesConfig"
       ]
      },
      {
       "name": "envoy.access_loggers.file",
       "category": "envoy.access_loggers",
       "type_urls": [
        "envoy.extensions.access_loggers.file.v3.FileAccessLog"
       ]
      },
      {
       "name": "envoy.access_loggers.http_grpc",
       "category": "envoy.access_loggers",
       "type_urls": [
        "envoy.extensions.access_loggers.grpc.v3.HttpGrpcAccessLogConfig"
       ]
      },
      {
       "name": "envoy.access_loggers.open_telemetry",
       "category": "envoy.access_loggers",
       "type_urls": [
        "envoy.extensions.access_loggers.open_telemetry.v3.OpenTelemetryAccessLogConfig"
       ]
      },
      {
       "name": "envoy.access_loggers.stderr",
       "category": "envoy.access_loggers",
       "type_urls": [
        "envoy.extensions.access_loggers.stream.v3.StderrAccessLog"
       ]
      },
      {
       "name": "envoy.access_loggers.stdout",
       "category": "envoy.access_loggers",
       "type_urls": [
        "envoy.extensions.access_loggers.stream.v3.StdoutAccessLog"
       ]
      },
      {
       "name": "envoy.access_loggers.tcp_grpc",
       "category": "envoy.access_loggers",
       "type_urls": [
        "envoy.extensions.access_loggers.grpc.v3.TcpGrpcAccessLogConfig"
       ]
      },
      {
       "name": "envoy.access_loggers.wasm",
       "category": "envoy.access_loggers",
       "type_urls": [
        "envoy.extensions.access_loggers.wasm.v3.WasmAccessLog"
       ]
      },
      {
       "name": "envoy.file_access_log",
       "category": "envoy.access_loggers"
      },
      {
       "name": "envoy.http_grpc_access_log",
       "category": "envoy.access_loggers"
      },
      {
       "name": "envoy.open_telemetry_access_log",
       "category": "envoy.access_loggers"
      },
      {
       "name": "envoy.stderr_access_log",
       "category": "envoy.access_loggers"
      },
      {
       "name": "envoy.stdout_access_log",
       "category": "envoy.access_loggers"
      },
      {
       "name": "envoy.tcp_grpc_access_log",
       "category": "envoy.access_loggers"
      },
      {
       "name": "envoy.wasm_access_log",
       "category": "envoy.access_loggers"
      },
      {
       "name": "default",
       "category": "network.connection.client"
      },
      {
       "name": "envoy_internal",
       "category": "network.connection.client"
      },
      {
       "name": "envoy.rbac.matchers.upstream_ip_port",
       "category": "envoy.rbac.matchers",
       "type_urls": [
        "envoy.extensions.rbac.matchers.upstream_ip_port.v3.UpstreamIpPortMatcher"
       ]
      },
      {
       "name": "envoy.formatter.metadata",
       "category": "envoy.formatter",
       "type_urls": [
        "envoy.extensions.formatter.metadata.v3.Metadata"
       ]
      },
      {
       "name": "envoy.formatter.req_without_query",
       "category": "envoy.formatter",
       "type_urls": [
        "envoy.extensions.formatter.req_without_query.v3.ReqWithoutQuery"
       ]
      },
      {
       "name": "envoy.dynamic.ot",
       "category": "envoy.tracers"
      },
      {
       "name": "envoy.tracers.datadog",
       "category": "envoy.tracers",
       "type_urls": [
        "envoy.config.trace.v3.DatadogConfig"
       ]
      },
      {
       "name": "envoy.tracers.dynamic_ot",
       "category": "envoy.tracers",
       "type_urls": [
        "envoy.config.trace.v3.DynamicOtConfig"
       ]
      },
      {
       "name": "envoy.tracers.opencensus",
       "category": "envoy.tracers",
       "type_urls": [
        "envoy.config.trace.v3.OpenCensusConfig"
       ]
      },
      {
       "name": "envoy.tracers.opentelemetry",
       "category": "envoy.tracers",
       "type_urls": [
        "envoy.config.trace.v3.OpenTelemetryConfig"
       ]
      },
      {
       "name": "envoy.tracers.skywalking",
       "category": "envoy.tracers",
       "type_urls": [
        "envoy.config.trace.v3.SkyWalkingConfig"
       ]
      },
      {
       "name": "envoy.tracers.xray",
       "category": "envoy.tracers",
       "type_urls": [
        "envoy.config.trace.v3.XRayConfig"
       ]
      },
      {
       "name": "envoy.tracers.zipkin",
       "category": "envoy.tracers",
       "type_urls": [
        "envoy.config.trace.v3.ZipkinConfig"
       ]
      },
      {
       "name": "envoy.zipkin",
       "category": "envoy.tracers"
      },
      {
       "name": "envoy.quic.crypto_stream.server.quiche",
       "category": "envoy.quic.server.crypto_stream",
       "type_urls": [
        "envoy.extensions.quic.crypto_stream.v3.CryptoServerStreamConfig"
       ]
      },
      {
       "name": "envoy.grpc_credentials.aws_iam",
       "category": "envoy.grpc_credentials"
      },
      {
       "name": "envoy.grpc_credentials.default",
       "category": "envoy.grpc_credentials"
      },
      {
       "name": "envoy.grpc_credentials.file_based_metadata",
       "category": "envoy.grpc_credentials"
      },
      {
       "name": "envoy.http.header_validators.envoy_default",
       "category": "envoy.http.header_validators",
       "type_urls": [
        "envoy.extensions.http.header_validators.envoy_default.v3.HeaderValidatorConfig"
       ]
      },
      {
       "name": "envoy.http.original_ip_detection.custom_header",
       "category": "envoy.http.original_ip_detection",
       "type_urls": [
        "envoy.extensions.http.original_ip_detection.custom_header.v3.CustomHeaderConfig"
       ]
      },
      {
       "name": "envoy.http.original_ip_detection.xff",
       "category": "envoy.http.original_ip_detection",
       "type_urls": [
        "envoy.extensions.http.original_ip_detection.xff.v3.XffConfig"
       ]
      },
      {
       "name": "auto",
       "category": "envoy.thrift_proxy.protocols"
      },
      {
       "name": "binary",
       "category": "envoy.thrift_proxy.protocols"
      },
      {
       "name": "binary/non-strict",
       "category": "envoy.thrift_proxy.protocols"
      },
      {
       "name": "compact",
       "category": "envoy.thrift_proxy.protocols"
      },
      {
       "name": "twitter",
       "category": "envoy.thrift_proxy.protocols"
      },
      {
       "name": "envoy.internal_redirect_predicates.allow_listed_routes",
       "category": "envoy.internal_redirect_predicates",
       "type_urls": [
        "envoy.extensions.internal_redirect.allow_listed_routes.v3.AllowListedRoutesConfig"
       ]
      },
      {
       "name": "envoy.internal_redirect_predicates.previous_routes",
       "category": "envoy.internal_redirect_predicates",
       "type_urls": [
        "envoy.extensions.internal_redirect.previous_routes.v3.PreviousRoutesConfig"
       ]
      },
      {
       "name": "envoy.internal_redirect_predicates.safe_cross_scheme",
       "category": "envoy.internal_redirect_predicates",
       "type_urls": [
        "envoy.extensions.internal_redirect.safe_cross_scheme.v3.SafeCrossSchemeConfig"
       ]
      },
      {
       "name": "envoy.extensions.upstreams.http.v3.HttpProtocolOptions",
       "category": "envoy.upstream_options",
       "type_urls": [
        "envoy.extensions.upstreams.http.v3.HttpProtocolOptions"
       ]
      },
      {
       "name": "envoy.upstreams.http.http_protocol_options",
       "category": "envoy.upstream_options"
      },
      {
       "name": "envoy.buffer",
       "category": "envoy.filters.http.upstream"
      },
      {
       "name": "envoy.filters.http.admission_control",
       "category": "envoy.filters.http.upstream",
       "type_urls": [
        "envoy.extensions.filters.http.admission_control.v3.AdmissionControl"
       ]
      },
      {
       "name": "envoy.filters.http.buffer",
       "category": "envoy.filters.http.upstream",
       "type_urls": [
        "envoy.extensions.filters.http.buffer.v3.Buffer",
        "envoy.extensions.filters.http.buffer.v3.BufferPerRoute"
       ]
      },
      {
       "name": "envoy.filters.http.upstream_codec",
       "category": "envoy.filters.http.upstream",
       "type_urls": [
        "envoy.extensions.filters.http.upstream_codec.v3.UpstreamCodec"
       ]
      },
      {
       "name": "envoy.compression.brotli.compressor",
       "category": "envoy.compression.compressor",
       "type_urls": [
        "envoy.extensions.compression.brotli.compressor.v3.Brotli"
       ]
      },
      {
       "name": "envoy.compression.gzip.compressor",
       "category": "envoy.compression.compressor",
       "type_urls": [
        "envoy.extensions.compression.gzip.compressor.v3.Gzip"
       ]
      },
      {
       "name": "envoy.compression.zstd.compressor",
       "category": "envoy.compression.compressor",
       "type_urls": [
        "envoy.extensions.compression.zstd.compressor.v3.Zstd"
       ]
      },
      {
       "name": "envoy.filters.udp.dns_filter",
       "category": "envoy.filters.udp_listener",
       "type_urls": [
        "envoy.extensions.filters.udp.dns_filter.v3.DnsFilterConfig"
       ]
      },
      {
       "name": "envoy.filters.udp_listener.udp_proxy",
       "category": "envoy.filters.udp_listener",
       "type_urls": [
        "envoy.extensions.filters.udp.udp_proxy.v3.UdpProxyConfig"
       ]
      },
      {
       "name": "envoy.quic.proof_source.filter_chain",
       "category": "envoy.quic.proof_source",
       "type_urls": [
        "envoy.extensions.quic.proof_source.v3.ProofSourceConfig"
       ]
      },
      {
       "name": "envoy.matching.inputs.application_protocol",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.ApplicationProtocolInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.destination_ip",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.DestinationIPInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.destination_port",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.DestinationPortInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.direct_source_ip",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.DirectSourceIPInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.dns_san",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.ssl.v3.DnsSanInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.server_name",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.ServerNameInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.source_ip",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.SourceIPInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.source_port",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.SourcePortInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.source_type",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.SourceTypeInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.subject",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.ssl.v3.SubjectInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.transport_protocol",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.TransportProtocolInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.uri_san",
       "category": "envoy.matching.network.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.ssl.v3.UriSanInput"
       ]
      },
      {
       "name": "envoy.filters.dubbo.router",
       "category": "envoy.dubbo_proxy.filters",
       "type_urls": [
        "envoy.extensions.filters.network.dubbo_proxy.router.v3.Router"
       ]
      },
      {
       "name": "envoy.filters.thrift.header_to_metadata",
       "category": "envoy.thrift_proxy.filters",
       "type_urls": [
        "envoy.extensions.filters.network.thrift_proxy.filters.header_to_metadata.v3.HeaderToMetadata"
       ]
      },
      {
       "name": "envoy.filters.thrift.rate_limit",
       "category": "envoy.thrift_proxy.filters",
       "type_urls": [
        "envoy.extensions.filters.network.thrift_proxy.filters.ratelimit.v3.RateLimit"
       ]
      },
      {
       "name": "envoy.filters.thrift.router",
       "category": "envoy.thrift_proxy.filters",
       "type_urls": [
        "envoy.extensions.filters.network.thrift_proxy.router.v3.Router"
       ]
      },
      {
       "name": "envoy.matching.inputs.destination_ip",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.DestinationIPInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.destination_port",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.DestinationPortInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.direct_source_ip",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.DirectSourceIPInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.dns_san",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.ssl.v3.DnsSanInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.request_headers",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.type.matcher.v3.HttpRequestHeaderMatchInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.request_trailers",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.type.matcher.v3.HttpRequestTrailerMatchInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.response_headers",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.type.matcher.v3.HttpResponseHeaderMatchInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.response_trailers",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.type.matcher.v3.HttpResponseTrailerMatchInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.server_name",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.ServerNameInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.source_ip",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.SourceIPInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.source_port",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.SourcePortInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.source_type",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.network.v3.SourceTypeInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.subject",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.ssl.v3.SubjectInput"
       ]
      },
      {
       "name": "envoy.matching.inputs.uri_san",
       "category": "envoy.matching.http.input",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.ssl.v3.UriSanInput"
       ]
      },
      {
       "name": "envoy.transport_sockets.alts",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.alts.v3.Alts"
       ]
      },
      {
       "name": "envoy.transport_sockets.http_11_proxy",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.http_11_proxy.v3.Http11ProxyUpstreamTransport"
       ]
      },
      {
       "name": "envoy.transport_sockets.internal_upstream",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.internal_upstream.v3.InternalUpstreamTransport"
       ]
      },
      {
       "name": "envoy.transport_sockets.quic",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.quic.v3.QuicUpstreamTransport"
       ]
      },
      {
       "name": "envoy.transport_sockets.raw_buffer",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer"
       ]
      },
      {
       "name": "envoy.transport_sockets.starttls",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.starttls.v3.UpstreamStartTlsConfig"
       ]
      },
      {
       "name": "envoy.transport_sockets.tap",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.tap.v3.Tap"
       ]
      },
      {
       "name": "envoy.transport_sockets.tcp_stats",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.tcp_stats.v3.Config"
       ]
      },
      {
       "name": "envoy.transport_sockets.tls",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext"
       ]
      },
      {
       "name": "envoy.transport_sockets.upstream_proxy_protocol",
       "category": "envoy.transport_sockets.upstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.proxy_protocol.v3.ProxyProtocolUpstreamTransport"
       ]
      },
      {
       "name": "raw_buffer",
       "category": "envoy.transport_sockets.upstream"
      },
      {
       "name": "starttls",
       "category": "envoy.transport_sockets.upstream"
      },
      {
       "name": "tls",
       "category": "envoy.transport_sockets.upstream"
      },
      {
       "name": "dubbo",
       "category": "envoy.dubbo_proxy.protocols"
      },
      {
       "name": "envoy.matching.custom_matchers.trie_matcher",
       "category": "envoy.matching.http.custom_matchers",
       "type_urls": [
        "xds.type.matcher.v3.IPMatcher"
       ]
      },
      {
       "name": "envoy.ip",
       "category": "envoy.resolvers"
      },
      {
       "name": "auto",
       "category": "envoy.thrift_proxy.transports"
      },
      {
       "name": "framed",
       "category": "envoy.thrift_proxy.transports"
      },
      {
       "name": "header",
       "category": "envoy.thrift_proxy.transports"
      },
      {
       "name": "unframed",
       "category": "envoy.thrift_proxy.transports"
      },
      {
       "name": "envoy.http.stateful_session.cookie",
       "category": "envoy.http.stateful_session",
       "type_urls": [
        "envoy.extensions.http.stateful_session.cookie.v3.CookieBasedSessionState"
       ]
      },
      {
       "name": "envoy.http.stateful_session.header",
       "category": "envoy.http.stateful_session",
       "type_urls": [
        "envoy.extensions.http.stateful_session.header.v3.HeaderBasedSessionState"
       ]
      },
      {
       "name": "envoy.dog_statsd",
       "category": "envoy.stats_sinks"
      },
      {
       "name": "envoy.graphite_statsd",
       "category": "envoy.stats_sinks"
      },
      {
       "name": "envoy.metrics_service",
       "category": "envoy.stats_sinks"
      },
      {
       "name": "envoy.stat_sinks.dog_statsd",
       "category": "envoy.stats_sinks",
       "type_urls": [
        "envoy.config.metrics.v3.DogStatsdSink"
       ]
      },
      {
       "name": "envoy.stat_sinks.graphite_statsd",
       "category": "envoy.stats_sinks",
       "type_urls": [
        "envoy.extensions.stat_sinks.graphite_statsd.v3.GraphiteStatsdSink"
       ]
      },
      {
       "name": "envoy.stat_sinks.hystrix",
       "category": "envoy.stats_sinks",
       "type_urls": [
        "envoy.config.metrics.v3.HystrixSink"
       ]
      },
      {
       "name": "envoy.stat_sinks.metrics_service",
       "category": "envoy.stats_sinks",
       "type_urls": [
        "envoy.config.metrics.v3.MetricsServiceConfig"
       ]
      },
      {
       "name": "envoy.stat_sinks.statsd",
       "category": "envoy.stats_sinks",
       "type_urls": [
        "envoy.config.metrics.v3.StatsdSink"
       ]
      },
      {
       "name": "envoy.stat_sinks.wasm",
       "category": "envoy.stats_sinks",
       "type_urls": [
        "envoy.extensions.stat_sinks.wasm.v3.Wasm"
       ]
      },
      {
       "name": "envoy.statsd",
       "category": "envoy.stats_sinks"
      },
      {
       "name": "envoy.http.stateful_header_formatters.preserve_case",
       "category": "envoy.http.stateful_header_formatters",
       "type_urls": [
        "envoy.extensions.http.header_formatters.preserve_case.v3.PreserveCaseFormatterConfig"
       ]
      },
      {
       "name": "preserve_case",
       "category": "envoy.http.stateful_header_formatters"
      },
      {
       "name": "envoy.echo",
       "category": "envoy.filters.network"
      },
      {
       "name": "envoy.ext_authz",
       "category": "envoy.filters.network"
      },
      {
       "name": "envoy.filters.network.connection_limit",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.connection_limit.v3.ConnectionLimit"
       ]
      },
      {
       "name": "envoy.filters.network.direct_response",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.direct_response.v3.Config"
       ]
      },
      {
       "name": "envoy.filters.network.dubbo_proxy",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.dubbo_proxy.v3.DubboProxy"
       ]
      },
      {
       "name": "envoy.filters.network.echo",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.echo.v3.Echo"
       ]
      },
      {
       "name": "envoy.filters.network.ext_authz",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.ext_authz.v3.ExtAuthz"
       ]
      },
      {
       "name": "envoy.filters.network.http_connection_manager",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager"
       ]
      },
      {
       "name": "envoy.filters.network.local_ratelimit",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.local_ratelimit.v3.LocalRateLimit"
       ]
      },
      {
       "name": "envoy.filters.network.mongo_proxy",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.mongo_proxy.v3.MongoProxy"
       ]
      },
      {
       "name": "envoy.filters.network.ratelimit",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.ratelimit.v3.RateLimit"
       ]
      },
      {
       "name": "envoy.filters.network.rbac",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.rbac.v3.RBAC"
       ]
      },
      {
       "name": "envoy.filters.network.redis_proxy",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.redis_proxy.v3.RedisProxy"
       ]
      },
      {
       "name": "envoy.filters.network.sni_cluster",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.sni_cluster.v3.SniCluster"
       ]
      },
      {
       "name": "envoy.filters.network.sni_dynamic_forward_proxy",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.sni_dynamic_forward_proxy.v3.FilterConfig"
       ]
      },
      {
       "name": "envoy.filters.network.tcp_proxy",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy"
       ]
      },
      {
       "name": "envoy.filters.network.thrift_proxy",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.thrift_proxy.v3.ThriftProxy"
       ]
      },
      {
       "name": "envoy.filters.network.wasm",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.wasm.v3.Wasm"
       ]
      },
      {
       "name": "envoy.filters.network.zookeeper_proxy",
       "category": "envoy.filters.network",
       "type_urls": [
        "envoy.extensions.filters.network.zookeeper_proxy.v3.ZooKeeperProxy"
       ]
      },
      {
       "name": "envoy.http_connection_manager",
       "category": "envoy.filters.network"
      },
      {
       "name": "envoy.mongo_proxy",
       "category": "envoy.filters.network"
      },
      {
       "name": "envoy.ratelimit",
       "category": "envoy.filters.network"
      },
      {
       "name": "envoy.redis_proxy",
       "category": "envoy.filters.network"
      },
      {
       "name": "envoy.tcp_proxy",
       "category": "envoy.filters.network"
      },
      {
       "name": "envoy.path.rewrite.uri_template.uri_template_rewriter",
       "category": "envoy.path.rewrite",
       "type_urls": [
        "envoy.extensions.path.rewrite.uri_template.v3.UriTemplateRewriteConfig"
       ]
      },
      {
       "name": "envoy.transport_sockets.alts",
       "category": "envoy.transport_sockets.downstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.alts.v3.Alts"
       ]
      },
      {
       "name": "envoy.transport_sockets.quic",
       "category": "envoy.transport_sockets.downstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.quic.v3.QuicDownstreamTransport"
       ]
      },
      {
       "name": "envoy.transport_sockets.raw_buffer",
       "category": "envoy.transport_sockets.downstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.raw_buffer.v3.RawBuffer"
       ]
      },
      {
       "name": "envoy.transport_sockets.starttls",
       "category": "envoy.transport_sockets.downstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.starttls.v3.StartTlsConfig"
       ]
      },
      {
       "name": "envoy.transport_sockets.tap",
       "category": "envoy.transport_sockets.downstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.tap.v3.Tap"
       ]
      },
      {
       "name": "envoy.transport_sockets.tcp_stats",
       "category": "envoy.transport_sockets.downstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.tcp_stats.v3.Config"
       ]
      },
      {
       "name": "envoy.transport_sockets.tls",
       "category": "envoy.transport_sockets.downstream",
       "type_urls": [
        "envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext"
       ]
      },
      {
       "name": "raw_buffer",
       "category": "envoy.transport_sockets.downstream"
      },
      {
       "name": "starttls",
       "category": "envoy.transport_sockets.downstream"
      },
      {
       "name": "tls",
       "category": "envoy.transport_sockets.downstream"
      },
      {
       "name": "envoy.network.dns_resolver.cares",
       "category": "envoy.network.dns_resolver",
       "type_urls": [
        "envoy.extensions.network.dns_resolver.cares.v3.CaresDnsResolverConfig"
       ]
      },
      {
       "name": "envoy.network.dns_resolver.getaddrinfo",
       "category": "envoy.network.dns_resolver",
       "type_urls": [
        "envoy.extensions.network.dns_resolver.getaddrinfo.v3.GetAddrInfoDnsResolverConfig"
       ]
      },
      {
       "name": "envoy.udp_packet_writer.default",
       "category": "envoy.udp_packet_writer",
       "type_urls": [
        "envoy.extensions.udp_packet_writer.v3.UdpDefaultWriterFactory"
       ]
      },
      {
       "name": "envoy.udp_packet_writer.gso",
       "category": "envoy.udp_packet_writer",
       "type_urls": [
        "envoy.extensions.udp_packet_writer.v3.UdpGsoBatchWriterFactory"
       ]
      },
      {
       "name": "envoy.wasm.runtime.null",
       "category": "envoy.wasm.runtime"
      },
      {
       "name": "envoy.wasm.runtime.v8",
       "category": "envoy.wasm.runtime"
      },
      {
       "name": "envoy.extensions.http.cache.simple",
       "category": "envoy.http.cache",
       "type_urls": [
        "envoy.extensions.cache.simple_http_cache.v3.SimpleHttpCacheConfig"
       ]
      },
      {
       "name": "envoy.rate_limit_descriptors.expr",
       "category": "envoy.rate_limit_descriptors",
       "type_urls": [
        "envoy.extensions.rate_limit_descriptors.expr.v3.Descriptor"
       ]
      },
      {
       "name": "envoy.config.validators.minimum_clusters",
       "category": "envoy.config.validators"
      },
      {
       "name": "envoy.config.validators.minimum_clusters_validator",
       "category": "envoy.config.validators",
       "type_urls": [
        "envoy.extensions.config.validators.minimum_clusters.v3.MinimumClustersValidator"
       ]
      },
      {
       "name": "envoy.health_checkers.redis",
       "category": "envoy.health_checkers",
       "type_urls": [
        "envoy.extensions.health_checkers.redis.v3.Redis"
       ]
      },
      {
       "name": "envoy.health_checkers.thrift",
       "category": "envoy.health_checkers",
       "type_urls": [
        "envoy.extensions.health_checkers.thrift.v3.Thrift"
       ]
      },
      {
       "name": "envoy.bandwidth_limit",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.buffer",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.cors",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.csrf",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.ext_authz",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.ext_proc",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.fault",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.filters.http.adaptive_concurrency",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.adaptive_concurrency.v3.AdaptiveConcurrency"
       ]
      },
      {
       "name": "envoy.filters.http.admission_control",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.admission_control.v3.AdmissionControl"
       ]
      },
      {
       "name": "envoy.filters.http.alternate_protocols_cache",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.alternate_protocols_cache.v3.FilterConfig"
       ]
      },
      {
       "name": "envoy.filters.http.aws_lambda",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.aws_lambda.v3.Config",
        "envoy.extensions.filters.http.aws_lambda.v3.PerRouteConfig"
       ]
      },
      {
       "name": "envoy.filters.http.aws_request_signing",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.aws_request_signing.v3.AwsRequestSigning"
       ]
      },
      {
       "name": "envoy.filters.http.bandwidth_limit",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.bandwidth_limit.v3.BandwidthLimit"
       ]
      },
      {
       "name": "envoy.filters.http.buffer",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.buffer.v3.Buffer",
        "envoy.extensions.filters.http.buffer.v3.BufferPerRoute"
       ]
      },
      {
       "name": "envoy.filters.http.cache",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.cache.v3.CacheConfig"
       ]
      },
      {
       "name": "envoy.filters.http.cdn_loop",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.cdn_loop.v3.CdnLoopConfig"
       ]
      },
      {
       "name": "envoy.filters.http.composite",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.composite.v3.Composite"
       ]
      },
      {
       "name": "envoy.filters.http.compressor",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.compressor.v3.Compressor"
       ]
      },
      {
       "name": "envoy.filters.http.cors",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.cors.v3.Cors",
        "envoy.extensions.filters.http.cors.v3.CorsPolicy"
       ]
      },
      {
       "name": "envoy.filters.http.csrf",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.csrf.v3.CsrfPolicy"
       ]
      },
      {
       "name": "envoy.filters.http.decompressor",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.decompressor.v3.Decompressor"
       ]
      },
      {
       "name": "envoy.filters.http.dynamic_forward_proxy",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig",
        "envoy.extensions.filters.http.dynamic_forward_proxy.v3.PerRouteConfig"
       ]
      },
      {
       "name": "envoy.filters.http.ext_authz",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.ext_authz.v3.ExtAuthz",
        "envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute"
       ]
      },
      {
       "name": "envoy.filters.http.ext_proc",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.ext_proc.v3.ExtProcPerRoute",
        "envoy.extensions.filters.http.ext_proc.v3.ExternalProcessor"
       ]
      },
      {
       "name": "envoy.filters.http.fault",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.fault.v3.HTTPFault"
       ]
      },
      {
       "name": "envoy.filters.http.file_system_buffer",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.file_system_buffer.v3.FileSystemBufferFilterConfig"
       ]
      },
      {
       "name": "envoy.filters.http.gcp_authn",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.gcp_authn.v3.GcpAuthnFilterConfig"
       ]
      },
      {
       "name": "envoy.filters.http.grpc_http1_bridge",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.grpc_http1_bridge.v3.Config"
       ]
      },
      {
       "name": "envoy.filters.http.grpc_http1_reverse_bridge",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3.FilterConfig",
        "envoy.extensions.filters.http.grpc_http1_reverse_bridge.v3.FilterConfigPerRoute"
       ]
      },
      {
       "name": "envoy.filters.http.grpc_json_transcoder",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.grpc_json_transcoder.v3.GrpcJsonTranscoder"
       ]
      },
      {
       "name": "envoy.filters.http.grpc_stats",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.grpc_stats.v3.FilterConfig"
       ]
      },
      {
       "name": "envoy.filters.http.grpc_web",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.grpc_web.v3.GrpcWeb"
       ]
      },
      {
       "name": "envoy.filters.http.header_to_metadata",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.header_to_metadata.v3.Config"
       ]
      },
      {
       "name": "envoy.filters.http.health_check",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.health_check.v3.HealthCheck"
       ]
      },
      {
       "name": "envoy.filters.http.ip_tagging",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.ip_tagging.v3.IPTagging"
       ]
      },
      {
       "name": "envoy.filters.http.jwt_authn",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication",
        "envoy.extensions.filters.http.jwt_authn.v3.PerRouteConfig"
       ]
      },
      {
       "name": "envoy.filters.http.local_ratelimit",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.local_ratelimit.v3.LocalRateLimit"
       ]
      },
      {
       "name": "envoy.filters.http.lua",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.lua.v3.Lua",
        "envoy.extensions.filters.http.lua.v3.LuaPerRoute"
       ]
      },
      {
       "name": "envoy.filters.http.match_delegate",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.common.matching.v3.ExtensionWithMatcher"
       ]
      },
      {
       "name": "envoy.filters.http.oauth2",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.oauth2.v3.OAuth2"
       ]
      },
      {
       "name": "envoy.filters.http.on_demand",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.on_demand.v3.OnDemand",
        "envoy.extensions.filters.http.on_demand.v3.PerRouteConfig"
       ]
      },
      {
       "name": "envoy.filters.http.original_src",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.original_src.v3.OriginalSrc"
       ]
      },
      {
       "name": "envoy.filters.http.ratelimit",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.ratelimit.v3.RateLimit",
        "envoy.extensions.filters.http.ratelimit.v3.RateLimitPerRoute"
       ]
      },
      {
       "name": "envoy.filters.http.rbac",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.rbac.v3.RBAC",
        "envoy.extensions.filters.http.rbac.v3.RBACPerRoute"
       ]
      },
      {
       "name": "envoy.filters.http.router",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.router.v3.Router"
       ]
      },
      {
       "name": "envoy.filters.http.set_metadata",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.set_metadata.v3.Config"
       ]
      },
      {
       "name": "envoy.filters.http.stateful_session",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.stateful_session.v3.StatefulSession",
        "envoy.extensions.filters.http.stateful_session.v3.StatefulSessionPerRoute"
       ]
      },
      {
       "name": "envoy.filters.http.tap",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.tap.v3.Tap"
       ]
      },
      {
       "name": "envoy.filters.http.wasm",
       "category": "envoy.filters.http",
       "type_urls": [
        "envoy.extensions.filters.http.wasm.v3.Wasm"
       ]
      },
      {
       "name": "envoy.grpc_http1_bridge",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.grpc_json_transcoder",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.grpc_web",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.health_check",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.ip_tagging",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.local_rate_limit",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.lua",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.rate_limit",
       "category": "envoy.filters.http"
      },
      {
       "name": "envoy.router",
       "category": "envoy.filters.http"
      },
      {
       "name": "composite-action",
       "category": "envoy.matching.action",
       "type_urls": [
        "envoy.extensions.filters.http.composite.v3.ExecuteFilterAction"
       ]
      },
      {
       "name": "skip",
       "category": "envoy.matching.action",
       "type_urls": [
        "envoy.extensions.filters.common.matcher.action.v3.SkipFilter"
       ]
      },
      {
       "name": "envoy.tls.cert_validator.default",
       "category": "envoy.tls.cert_validator"
      },
      {
       "name": "envoy.tls.cert_validator.spiffe",
       "category": "envoy.tls.cert_validator"
      },
      {
       "name": "envoy.cluster.eds",
       "category": "envoy.clusters"
      },
      {
       "name": "envoy.cluster.logical_dns",
       "category": "envoy.clusters"
      },
      {
       "name": "envoy.cluster.original_dst",
       "category": "envoy.clusters"
      },
      {
       "name": "envoy.cluster.static",
       "category": "envoy.clusters"
      },
      {
       "name": "envoy.cluster.strict_dns",
       "category": "envoy.clusters"
      },
      {
       "name": "envoy.clusters.aggregate",
       "category": "envoy.clusters"
      },
      {
       "name": "envoy.clusters.dynamic_forward_proxy",
       "category": "envoy.clusters"
      },
      {
       "name": "envoy.clusters.redis",
       "category": "envoy.clusters"
      },
      {
       "name": "envoy.route.early_data_policy.default",
       "category": "envoy.route.early_data_policy",
       "type_urls": [
        "envoy.extensions.early_data.v3.DefaultEarlyDataPolicy"
       ]
      },
      {
       "name": "envoy.bootstrap.internal_listener",
       "category": "envoy.bootstrap",
       "type_urls": [
        "envoy.extensions.bootstrap.internal_listener.v3.InternalListener"
       ]
      },
      {
       "name": "envoy.bootstrap.wasm",
       "category": "envoy.bootstrap",
       "type_urls": [
        "envoy.extensions.wasm.v3.WasmService"
       ]
      },
      {
       "name": "envoy.extensions.network.socket_interface.default_socket_interface",
       "category": "envoy.bootstrap",
       "type_urls": [
        "envoy.extensions.network.socket_interface.v3.DefaultSocketInterface"
       ]
      },
      {
       "name": "envoy.matching.common_inputs.environment_variable",
       "category": "envoy.matching.common_inputs",
       "type_urls": [
        "envoy.extensions.matching.common_inputs.environment_variable.v3.Config"
       ]
      },
      {
       "name": "envoy.matching.matchers.consistent_hashing",
       "category": "envoy.matching.input_matchers",
       "type_urls": [
        "envoy.extensions.matching.input_matchers.consistent_hashing.v3.ConsistentHashing"
       ]
      },
      {
       "name": "envoy.matching.matchers.ip",
       "category": "envoy.matching.input_matchers",
       "type_urls": [
        "envoy.extensions.matching.input_matchers.ip.v3.Ip"
       ]
      },
      {
       "name": "envoy.retry_host_predicates.omit_canary_hosts",
       "category": "envoy.retry_host_predicates",
       "type_urls": [
        "envoy.extensions.retry.host.omit_canary_hosts.v3.OmitCanaryHostsPredicate"
       ]
      },
      {
       "name": "envoy.retry_host_predicates.omit_host_metadata",
       "category": "envoy.retry_host_predicates",
       "type_urls": [
        "envoy.extensions.retry.host.omit_host_metadata.v3.OmitHostMetadataConfig"
       ]
      },
      {
       "name": "envoy.retry_host_predicates.previous_hosts",
       "category": "envoy.retry_host_predicates",
       "type_urls": [
        "envoy.extensions.retry.host.previous_hosts.v3.PreviousHostsPredicate"
       ]
      },
      {
       "name": "envoy.compression.brotli.decompressor",
       "category": "envoy.compression.decompressor",
       "type_urls": [
        "envoy.extensions.compression.brotli.decompressor.v3.Brotli"
       ]
      },
      {
       "name": "envoy.compression.gzip.decompressor",
       "category": "envoy.compression.decompressor",
       "type_urls": [
        "envoy.extensions.compression.gzip.decompressor.v3.Gzip"
       ]
      },
      {
       "name": "envoy.compression.zstd.decompressor",
       "category": "envoy.compression.decompressor",
       "type_urls": [
        "envoy.extensions.compression.zstd.decompressor.v3.Zstd"
       ]
      },
      {
       "name": "envoy.watchdog.abort_action",
       "category": "envoy.guarddog_actions",
       "type_urls": [
        "envoy.watchdog.v3.AbortActionConfig"
       ]
      },
      {
       "name": "envoy.watchdog.profile_action",
       "category": "envoy.guarddog_actions",
       "type_urls": [
        "envoy.extensions.watchdog.profile_action.v3.ProfileActionConfig"
       ]
      }
     ]
    },
    "static_resources": {
     "clusters": [
      {
       "name": "local_agent",
       "type": "STATIC",
       "connect_timeout": "1s",
       "http2_protocol_options": {},
       "load_assignment": {
        "cluster_name": "local_agent",
        "endpoints": [
         {
          "lb_endpoints": [
           {
            "endpoint": {
             "address": {
              "pipe": {
               "path": "alloc/tmp/consul_grpc.sock"
              }
             }
            }
           }
          ]
         }
        ]
       }
      }
     ]
    },
    "dynamic_resources": {
     "lds_config": {
      "ads": {},
      "resource_api_version": "V3"
     },
     "cds_config": {
      "ads": {},
      "resource_api_version": "V3"
     },
     "ads_config": {
      "api_type": "DELTA_GRPC",
      "grpc_services": [
       {
        "envoy_grpc": {
         "cluster_name": "local_agent"
        },
        "initial_metadata": [
         {
          "key": "x-consul-token"
         }
        ]
       }
      ],
      "transport_api_version": "V3"
     }
    },
    "admin": {
     "access_log_path": "/dev/null",
     "address": {
      "socket_address": {
       "address": "127.0.0.2",
       "port_value": 19001
      }
     }
    },
    "stats_config": {
     "stats_tags": [
      {
       "tag_name": "nomad.alloc_id",
       "fixed_value": "e4fb7468-b79f-4536-7041-b505a47a107d"
      },
      {
       "tag_name": "nomad.group",
       "fixed_value": "api"
      },
      {
       "tag_name": "nomad.job",
       "fixed_value": "api"
      },
      {
       "tag_name": "nomad.namespace",
       "fixed_value": "default"
      },
      {
       "tag_name": "consul.destination.custom_hash",
       "regex": "^cluster\\.(?:passthrough~)?((?:([^.]+)~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.service_subset",
       "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:([^.]+)\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.service",
       "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.namespace",
       "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.partition",
       "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:([^.]+)\\.)?[^.]+\\.internal[^.]*\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.datacenter",
       "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?([^.]+)\\.internal[^.]*\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.peer",
       "regex": "^cluster\\.([^.]+\\.(?:[^.]+\\.)?([^.]+)\\.external\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.routing_type",
       "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.trust_domain",
       "regex": "^cluster\\.(?:passthrough~)?((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.([^.]+)\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.target",
       "regex": "^cluster\\.(?:passthrough~)?(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.destination.full_target",
       "regex": "^cluster\\.(?:passthrough~)?(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+)\\.consul\\.)"
      },
      {
       "tag_name": "consul.upstream.service",
       "regex": "^(?:tcp|http)\\.upstream(?:_peered)?\\.(([^.]+)(?:\\.[^.]+)?(?:\\.[^.]+)?\\.[^.]+\\.)"
      },
      {
       "tag_name": "consul.upstream.datacenter",
       "regex": "^(?:tcp|http)\\.upstream\\.([^.]+(?:\\.[^.]+)?(?:\\.[^.]+)?\\.([^.]+)\\.)"
      },
      {
       "tag_name": "consul.upstream.peer",
       "regex": "^(?:tcp|http)\\.upstream_peered\\.([^.]+(?:\\.[^.]+)?\\.([^.]+)\\.)"
      },
      {
       "tag_name": "consul.upstream.namespace",
       "regex": "^(?:tcp|http)\\.upstream(?:_peered)?\\.([^.]+(?:\\.([^.]+))?(?:\\.[^.]+)?\\.[^.]+\\.)"
      },
      {
       "tag_name": "consul.upstream.partition",
       "regex": "^(?:tcp|http)\\.upstream\\.([^.]+(?:\\.[^.]+)?(?:\\.([^.]+))?\\.[^.]+\\.)"
      },
      {
       "tag_name": "consul.custom_hash",
       "regex": "^cluster\\.((?:([^.]+)~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.service_subset",
       "regex": "^cluster\\.((?:[^.]+~)?(?:([^.]+)\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.service",
       "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?([^.]+)\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.namespace",
       "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.datacenter",
       "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?([^.]+)\\.internal[^.]*\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.routing_type",
       "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.([^.]+)\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.trust_domain",
       "regex": "^cluster\\.((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.([^.]+)\\.consul\\.)"
      },
      {
       "tag_name": "consul.target",
       "regex": "^cluster\\.(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+)\\.[^.]+\\.[^.]+\\.consul\\.)"
      },
      {
       "tag_name": "consul.full_target",
       "regex": "^cluster\\.(((?:[^.]+~)?(?:[^.]+\\.)?[^.]+\\.[^.]+\\.(?:[^.]+\\.)?[^.]+\\.[^.]+\\.[^.]+)\\.consul\\.)"
      },
      {
       "tag_name": "local_cluster",
       "fixed_value": "count-api"
      },
      {
       "tag_name": "consul.source.service",
       "fixed_value": "count-api"
      },
      {
       "tag_name": "consul.source.namespace",
       "fixed_value": "default"
      },
      {
       "tag_name": "consul.source.partition",
       "fixed_value": "default"
      },
      {
       "tag_name": "consul.source.datacenter",
       "fixed_value": "dc1"
      }
     ],
     "use_all_default_tags": true
    },
    "layered_runtime": {
     "layers": [
      {
       "name": "base",
       "static_layer": {
        "re2.max_program_size.error_level": 1048576
       }
      }
     ]
    }
   },
   "last_updated": "2023-01-05T18:18:03.411Z"
  },
  {
   "@type": "type.googleapis.com/envoy.admin.v3.ClustersConfigDump",
   "static_clusters": [
    {
     "cluster": {
      "@type": "type.googleapis.com/envoy.config.cluster.v3.Cluster",
      "name": "local_agent",
      "type": "STATIC",
      "connect_timeout": "1s",
      "http2_protocol_options": {},
      "load_assignment": {
       "cluster_name": "local_agent",
       "endpoints": [
        {
         "lb_endpoints": [
          {
           "endpoint": {
            "address": {
             "pipe": {
              "path": "alloc/tmp/consul_grpc.sock"
             }
            }
           }
          }
         ]
        }
       ]
      }
     },
     "last_updated": "2023-01-05T18:18:03.436Z"
    }
   ]
  },
  {
   "@type": "type.googleapis.com/envoy.admin.v3.ListenersConfigDump"
  },
  {
   "@type": "type.googleapis.com/envoy.admin.v3.SecretsConfigDump"
  }
 ]
}

shoenig · 2023-01-06T15:56:35Z

Should be able to get this working with fixes on the Consul side: hashicorp/consul#15913

github-actions · 2023-05-14T02:11:34Z

I'm going to lock this issue because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

krarey added the type/bug label Nov 22, 2022

tgross added the theme/consul/connect Consul Connect integration label Nov 22, 2022

tgross added this to the 1.4.x milestone Nov 22, 2022

jrasell mentioned this issue Nov 23, 2022

docs: update Nomad 1.14 upgrade note to detail additional info. hashicorp/consul#15538

Closed

jrasell pinned this issue Nov 23, 2022

jrasell assigned shoenig Nov 30, 2022

lgfa29 added the stage/accepted Confirmed, and intend to work on. No timeline committment though. label Nov 30, 2022

ferhatvurucu mentioned this issue Dec 8, 2022

SPIFFE ID is not in the expected format hashicorp/consul#15668

Closed

hashi-derek mentioned this issue Jan 5, 2023

Fix issue where TLS configuration was ignored for unix sockets in consul connect envoy. hashicorp/consul#15913

Merged

hc-github-team-consul-core mentioned this issue Jan 6, 2023

Backport of Fix issue where TLS configuration was ignored for unix sockets in consul connect envoy. into release/1.14.x hashicorp/consul#15934

Merged

shoenig mentioned this issue Jan 9, 2023

consul: add client configuration for grpc_ca_file #15701

Merged

shoenig closed this as completed in #15701 Jan 11, 2023

lgfa29 added the theme/networking label Jan 13, 2023

boxofrad mentioned this issue Jan 26, 2023

docs: update Nomad 1.14 upgrade note to detail additonal info. hashicorp/consul#16071

Merged

This was referenced Jan 26, 2023

Backport of docs: update Nomad 1.14 upgrade note to detail additonal info. into stable-website hashicorp/consul#16078

Merged

Backport of docs: update Nomad 1.14 upgrade note to detail additonal info. into release/1.14.x hashicorp/consul#16079

Merged

shoenig mentioned this issue Feb 14, 2023

Consul connect service mesh not working with consul 1.4.0 #16186

Closed

shoenig unpinned this issue Apr 4, 2023

CarbonCollins mentioned this issue May 6, 2023

Sidecar proxy with TLSV1_ALERT_PROTOCOL_VERSION error hashicorp/consul#17362

Open

github-actions bot locked as resolved and limited conversation to collaborators May 14, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Consul Connect sidecar proxies require additional configuration for gRPC-TLS listener #15360

Consul Connect sidecar proxies require additional configuration for gRPC-TLS listener #15360

krarey commented Nov 22, 2022 •

edited

Loading

mmeier86 commented Jan 1, 2023 •

edited

Loading

shoenig commented Jan 5, 2023

shoenig commented Jan 6, 2023

github-actions bot commented May 14, 2023

Consul Connect sidecar proxies require additional configuration for gRPC-TLS listener #15360

Consul Connect sidecar proxies require additional configuration for gRPC-TLS listener #15360

Comments

krarey commented Nov 22, 2022 • edited Loading

Nomad version

Issue

mmeier86 commented Jan 1, 2023 • edited Loading

shoenig commented Jan 5, 2023

shoenig commented Jan 6, 2023

github-actions bot commented May 14, 2023

krarey commented Nov 22, 2022 •

edited

Loading

mmeier86 commented Jan 1, 2023 •

edited

Loading