From a90c51a862a2e85a1b11e37a4e32f95f0a0c91b6 Mon Sep 17 00:00:00 2001 From: huabing zhao Date: Mon, 22 Apr 2024 12:27:52 -0700 Subject: [PATCH] http2 listener setting impl Signed-off-by: huabing zhao --- api/v1alpha1/clienttrafficpolicy_types.go | 3 + ...y.envoyproxy.io_clienttrafficpolicies.yaml | 2 + internal/gatewayapi/clienttrafficpolicy.go | 60 +++++- ...fer-limit-with-out-of-range-error.out.yaml | 2 +- .../clienttrafficpolicy-http2.in.yaml | 55 +++++ .../clienttrafficpolicy-http2.out.yaml | 191 ++++++++++++++++++ internal/ir/xds.go | 20 +- internal/ir/zz_generated.deepcopy.go | 45 ++++- internal/xds/translator/listener.go | 14 +- .../translator/testdata/in/xds-ir/http2.yaml | 22 ++ .../testdata/out/xds-ir/http2.clusters.yaml | 17 ++ .../testdata/out/xds-ir/http2.endpoints.yaml | 12 ++ .../testdata/out/xds-ir/http2.listeners.yaml | 34 ++++ .../testdata/out/xds-ir/http2.routes.yaml | 14 ++ internal/xds/translator/translator_test.go | 3 + site/content/en/latest/api/extension_types.md | 2 +- 16 files changed, 479 insertions(+), 17 deletions(-) create mode 100644 internal/gatewayapi/testdata/clienttrafficpolicy-http2.in.yaml create mode 100755 internal/gatewayapi/testdata/clienttrafficpolicy-http2.out.yaml create mode 100644 internal/xds/translator/testdata/in/xds-ir/http2.yaml create mode 100755 internal/xds/translator/testdata/out/xds-ir/http2.clusters.yaml create mode 100755 internal/xds/translator/testdata/out/xds-ir/http2.endpoints.yaml create mode 100755 internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml create mode 100755 internal/xds/translator/testdata/out/xds-ir/http2.routes.yaml diff --git a/api/v1alpha1/clienttrafficpolicy_types.go b/api/v1alpha1/clienttrafficpolicy_types.go index c920274008b..19a854766bb 100644 --- a/api/v1alpha1/clienttrafficpolicy_types.go +++ b/api/v1alpha1/clienttrafficpolicy_types.go @@ -222,6 +222,9 @@ type HTTP2Settings struct { // MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection. // If not set, the default value is 100. + // +kubebuilder:validation:Minimum=1 + // +kubebuilder:validation:Maximum=2147483647 + // +optional MaxConcurrentStreams *uint32 `json:"maxConcurrentStreams,omitempty"` } diff --git a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml index b8dacf05eea..90c024d5389 100644 --- a/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml +++ b/charts/gateway-helm/crds/generated/gateway.envoyproxy.io_clienttrafficpolicies.yaml @@ -217,6 +217,8 @@ spec: MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection. If not set, the default value is 100. format: int32 + maximum: 2147483647 + minimum: 1 type: integer type: object http3: diff --git a/internal/gatewayapi/clienttrafficpolicy.go b/internal/gatewayapi/clienttrafficpolicy.go index c8f4ca7ed8f..866e9844289 100644 --- a/internal/gatewayapi/clienttrafficpolicy.go +++ b/internal/gatewayapi/clienttrafficpolicy.go @@ -28,7 +28,11 @@ import ( const ( // Use an invalid string to represent all sections (listeners) within a Gateway - AllSections = "/" + AllSections = "/" + MinHTTP2InitialStreamWindowSize = 65535 // https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-http2protocoloptions-initial-stream-window-size + MaxHTTP2InitialStreamWindowSize = 2147483647 // https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-http2protocoloptions-initial-stream-window-size + MinHTTP2InitialConnectionWindowSize = MinHTTP2InitialStreamWindowSize + MaxHTTP2InitialConnectionWindowSize = MaxHTTP2InitialStreamWindowSize ) func hasSectionName(policy *egv1a1.ClientTrafficPolicy) bool { @@ -409,6 +413,11 @@ func (t *Translator) translateClientTrafficPolicyForListener(policy *egv1a1.Clie return err } + // Translate HTTP2 Settings + if err := translateHTTP2Settings(policy.Spec.HTTP2, httpIR); err != nil { + return err + } + // enable http3 if set and TLS is enabled if httpIR.TLS != nil && policy.Spec.HTTP3 != nil { http3 := &ir.HTTP3Settings{ @@ -576,6 +585,52 @@ func translateHTTP1Settings(http1Settings *egv1a1.HTTP1Settings, httpIR *ir.HTTP return nil } +func translateHTTP2Settings(http2Settings *egv1a1.HTTP2Settings, httpIR *ir.HTTPListener) error { + if http2Settings == nil { + return nil + } + + var ( + http2 = &ir.HTTP2Settings{} + errs error + ) + + if http2Settings.InitialStreamWindowSize != nil { + initialStreamWindowSize, ok := http2Settings.InitialStreamWindowSize.AsInt64() + switch { + case !ok: + errs = errors.Join(errs, fmt.Errorf("invalid InitialStreamWindowSize value %s", http2Settings.InitialStreamWindowSize.String())) + case initialStreamWindowSize < MinHTTP2InitialStreamWindowSize || initialStreamWindowSize > MaxHTTP2InitialStreamWindowSize: + errs = errors.Join(errs, fmt.Errorf("InitialStreamWindowSize value %s is out of range, must be between %d and %d", + http2Settings.InitialStreamWindowSize.String(), + MinHTTP2InitialStreamWindowSize, + MaxHTTP2InitialStreamWindowSize)) + default: + http2.InitialStreamWindowSize = ptr.To(uint32(initialStreamWindowSize)) + } + } + + if http2Settings.InitialConnectionWindowSize != nil { + initialConnectionWindowSize, ok := http2Settings.InitialConnectionWindowSize.AsInt64() + switch { + case !ok: + errs = errors.Join(errs, fmt.Errorf("invalid InitialConnectionWindowSize value %s", http2Settings.InitialConnectionWindowSize.String())) + case initialConnectionWindowSize < MinHTTP2InitialConnectionWindowSize || initialConnectionWindowSize > MaxHTTP2InitialConnectionWindowSize: + errs = errors.Join(errs, fmt.Errorf("InitialConnectionWindowSize value %s is out of range, must be between %d and %d", + http2Settings.InitialConnectionWindowSize.String(), + MinHTTP2InitialConnectionWindowSize, + MaxHTTP2InitialConnectionWindowSize)) + default: + http2.InitialConnectionWindowSize = ptr.To(uint32(initialConnectionWindowSize)) + } + } + + http2.MaxConcurrentStreams = http2Settings.MaxConcurrentStreams + + httpIR.HTTP2 = http2 + return errs +} + func (t *Translator) translateListenerTLSParameters(policy *egv1a1.ClientTrafficPolicy, httpIR *ir.HTTPListener, resources *Resources) error { // Return if this listener isn't a TLS listener. There has to be @@ -711,7 +766,8 @@ func translateListenerConnection(connection *egv1a1.Connection, httpIR *ir.HTTPL return fmt.Errorf("invalid BufferLimit value %s", connection.BufferLimit.String()) } if bufferLimit < 0 || bufferLimit > math.MaxUint32 { - return fmt.Errorf("BufferLimit value %s is out of range", connection.BufferLimit.String()) + return fmt.Errorf("BufferLimit value %s is out of range, must be between 0 and %d", + connection.BufferLimit.String(), math.MaxUint32) } irConnection.BufferLimitBytes = ptr.To(uint32(bufferLimit)) } diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-out-of-range-error.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-out-of-range-error.out.yaml index 1240114ffa9..08c7f6dbbd9 100755 --- a/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-out-of-range-error.out.yaml +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-buffer-limit-with-out-of-range-error.out.yaml @@ -24,7 +24,7 @@ clientTrafficPolicies: sectionName: http-1 conditions: - lastTransitionTime: null - message: BufferLimit value 100G is out of range + message: BufferLimit value 100G is out of range, must be between 0 and 4294967295 reason: Invalid status: "False" type: Accepted diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-http2.in.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-http2.in.yaml new file mode 100644 index 00000000000..150b652d513 --- /dev/null +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-http2.in.yaml @@ -0,0 +1,55 @@ +clientTrafficPolicies: +- apiVersion: gateway.envoyproxy.io/v1alpha1 + kind: ClientTrafficPolicy + metadata: + namespace: envoy-gateway + name: target-gateway-1-section-http-1 + spec: + http2: + initialStreamWindowSize: 64Ki + initialConnectionWindowSize: 32Mi + maxConcurrentStreams: 200 + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: gateway-1 + sectionName: http-1 + namespace: envoy-gateway +- apiVersion: gateway.envoyproxy.io/v1alpha1 + kind: ClientTrafficPolicy + metadata: + namespace: envoy-gateway + name: target-gateway-1-section-http-2 + spec: + http2: + initialStreamWindowSize: 1Ki + initialConnectionWindowSize: 1Ti + maxConcurrentStreams: 200 + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: gateway-1 + sectionName: http-2 + namespace: envoy-gateway +gateways: +- apiVersion: gateway.networking.k8s.io/v1 + kind: Gateway + metadata: + namespace: envoy-gateway + name: gateway-1 + spec: + gatewayClassName: envoy-gateway-class + listeners: + - name: http-1 + protocol: HTTP + port: 80 + allowedRoutes: + namespaces: + from: Same + - name: http-2 + protocol: HTTP + hostname: www.example.com + port: 8080 + allowedRoutes: + namespaces: + from: Same diff --git a/internal/gatewayapi/testdata/clienttrafficpolicy-http2.out.yaml b/internal/gatewayapi/testdata/clienttrafficpolicy-http2.out.yaml new file mode 100755 index 00000000000..96d1fc82fec --- /dev/null +++ b/internal/gatewayapi/testdata/clienttrafficpolicy-http2.out.yaml @@ -0,0 +1,191 @@ +clientTrafficPolicies: +- apiVersion: gateway.envoyproxy.io/v1alpha1 + kind: ClientTrafficPolicy + metadata: + creationTimestamp: null + name: target-gateway-1-section-http-1 + namespace: envoy-gateway + spec: + http2: + initialConnectionWindowSize: 32Mi + initialStreamWindowSize: 64Ki + maxConcurrentStreams: 200 + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: gateway-1 + namespace: envoy-gateway + sectionName: http-1 + status: + ancestors: + - ancestorRef: + group: gateway.networking.k8s.io + kind: Gateway + name: gateway-1 + namespace: envoy-gateway + sectionName: http-1 + conditions: + - lastTransitionTime: null + message: Policy has been accepted. + reason: Accepted + status: "True" + type: Accepted + controllerName: gateway.envoyproxy.io/gatewayclass-controller +- apiVersion: gateway.envoyproxy.io/v1alpha1 + kind: ClientTrafficPolicy + metadata: + creationTimestamp: null + name: target-gateway-1-section-http-2 + namespace: envoy-gateway + spec: + http2: + initialConnectionWindowSize: 1Ti + initialStreamWindowSize: 1Ki + maxConcurrentStreams: 200 + targetRef: + group: gateway.networking.k8s.io + kind: Gateway + name: gateway-1 + namespace: envoy-gateway + sectionName: http-2 + status: + ancestors: + - ancestorRef: + group: gateway.networking.k8s.io + kind: Gateway + name: gateway-1 + namespace: envoy-gateway + sectionName: http-2 + conditions: + - lastTransitionTime: null + message: |- + InitialStreamWindowSize value 1Ki is out of range, must be between 65535 and 2147483647 + InitialConnectionWindowSize value 1Ti is out of range, must be between 65535 and 2147483647 + reason: Invalid + status: "False" + type: Accepted + controllerName: gateway.envoyproxy.io/gatewayclass-controller +gateways: +- apiVersion: gateway.networking.k8s.io/v1 + kind: Gateway + metadata: + creationTimestamp: null + name: gateway-1 + namespace: envoy-gateway + spec: + gatewayClassName: envoy-gateway-class + listeners: + - allowedRoutes: + namespaces: + from: Same + name: http-1 + port: 80 + protocol: HTTP + - allowedRoutes: + namespaces: + from: Same + hostname: www.example.com + name: http-2 + port: 8080 + protocol: HTTP + status: + listeners: + - attachedRoutes: 0 + conditions: + - lastTransitionTime: null + message: Sending translated listener configuration to the data plane + reason: Programmed + status: "True" + type: Programmed + - lastTransitionTime: null + message: Listener has been successfully translated + reason: Accepted + status: "True" + type: Accepted + - lastTransitionTime: null + message: Listener references have been resolved + reason: ResolvedRefs + status: "True" + type: ResolvedRefs + name: http-1 + supportedKinds: + - group: gateway.networking.k8s.io + kind: HTTPRoute + - group: gateway.networking.k8s.io + kind: GRPCRoute + - attachedRoutes: 0 + conditions: + - lastTransitionTime: null + message: Sending translated listener configuration to the data plane + reason: Programmed + status: "True" + type: Programmed + - lastTransitionTime: null + message: Listener has been successfully translated + reason: Accepted + status: "True" + type: Accepted + - lastTransitionTime: null + message: Listener references have been resolved + reason: ResolvedRefs + status: "True" + type: ResolvedRefs + name: http-2 + supportedKinds: + - group: gateway.networking.k8s.io + kind: HTTPRoute + - group: gateway.networking.k8s.io + kind: GRPCRoute +infraIR: + envoy-gateway/gateway-1: + proxy: + listeners: + - address: null + name: envoy-gateway/gateway-1/http-1 + ports: + - containerPort: 10080 + name: http-80 + protocol: HTTP + servicePort: 80 + - address: null + name: envoy-gateway/gateway-1/http-2 + ports: + - containerPort: 8080 + name: http-8080 + protocol: HTTP + servicePort: 8080 + metadata: + labels: + gateway.envoyproxy.io/owning-gateway-name: gateway-1 + gateway.envoyproxy.io/owning-gateway-namespace: envoy-gateway + name: envoy-gateway/gateway-1 +xdsIR: + envoy-gateway/gateway-1: + accessLog: + text: + - path: /dev/stdout + http: + - address: 0.0.0.0 + hostnames: + - '*' + http2: + initialConnectionWindowSize: 65536 + initialStreamWindowSize: 33554432 + maxConcurrentStreams: 200 + isHTTP2: false + name: envoy-gateway/gateway-1/http-1 + path: + escapedSlashesAction: UnescapeAndRedirect + mergeSlashes: true + port: 10080 + - address: 0.0.0.0 + hostnames: + - www.example.com + http2: + maxConcurrentStreams: 200 + isHTTP2: false + name: envoy-gateway/gateway-1/http-2 + path: + escapedSlashesAction: UnescapeAndRedirect + mergeSlashes: true + port: 8080 diff --git a/internal/ir/xds.go b/internal/ir/xds.go index 95bcb5b3a9b..de192170e2e 100644 --- a/internal/ir/xds.go +++ b/internal/ir/xds.go @@ -217,14 +217,17 @@ type HTTPListener struct { EnableProxyProtocol bool `json:"enableProxyProtocol,omitempty" yaml:"enableProxyProtocol,omitempty"` // ClientIPDetection controls how the original client IP address is determined for requests. ClientIPDetection *ClientIPDetectionSettings `json:"clientIPDetection,omitempty" yaml:"clientIPDetection,omitempty"` - // HTTP3 provides HTTP/3 configuration on the listener. - // +optional - HTTP3 *HTTP3Settings `json:"http3,omitempty"` // Path contains settings for path URI manipulations Path PathSettings `json:"path,omitempty"` // HTTP1 provides HTTP/1 configuration on the listener // +optional HTTP1 *HTTP1Settings `json:"http1,omitempty" yaml:"http1,omitempty"` + // HTTP2 provides HTTP/2 configuration on the listener + // +optional + HTTP2 *HTTP2Settings `json:"http2,omitempty" yaml:"http2,omitempty"` + // HTTP3 provides HTTP/3 configuration on the listener. + // +optional + HTTP3 *HTTP3Settings `json:"http3,omitempty"` // ClientTimeout sets the timeout configuration for downstream connections Timeout *ClientTimeout `json:"timeout,omitempty" yaml:"clientTimeout,omitempty"` // Connection settings @@ -394,6 +397,17 @@ type HTTP10Settings struct { DefaultHost *string `json:"defaultHost,omitempty" yaml:"defaultHost,omitempty"` } +// HTTP2Settings provides HTTP/2 configuration on the listener. +// +k8s:deepcopy-gen=true +type HTTP2Settings struct { + // InitialStreamWindowSize is the initial window size for a stream. + InitialStreamWindowSize *uint32 `json:"initialConnectionWindowSize,omitempty" yaml:"initialConnectionWindowSize,omitempty"` + // InitialConnectionWindowSize is the initial window size for a connection. + InitialConnectionWindowSize *uint32 `json:"initialStreamWindowSize,omitempty" yaml:"initialStreamWindowSize,omitempty"` + // MaxConcurrentStreams is the maximum number of concurrent streams that can be opened on a connection. + MaxConcurrentStreams *uint32 `json:"maxConcurrentStreams,omitempty" yaml:"maxConcurrentStreams,omitempty"` +} + // HeaderSettings provides configuration related to header processing on the listener. // +k8s:deepcopy-gen=true type HeaderSettings struct { diff --git a/internal/ir/zz_generated.deepcopy.go b/internal/ir/zz_generated.deepcopy.go index f9602aac288..bffc4639cb6 100644 --- a/internal/ir/zz_generated.deepcopy.go +++ b/internal/ir/zz_generated.deepcopy.go @@ -706,6 +706,36 @@ func (in *HTTP1Settings) DeepCopy() *HTTP1Settings { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTP2Settings) DeepCopyInto(out *HTTP2Settings) { + *out = *in + if in.InitialStreamWindowSize != nil { + in, out := &in.InitialStreamWindowSize, &out.InitialStreamWindowSize + *out = new(uint32) + **out = **in + } + if in.InitialConnectionWindowSize != nil { + in, out := &in.InitialConnectionWindowSize, &out.InitialConnectionWindowSize + *out = new(uint32) + **out = **in + } + if in.MaxConcurrentStreams != nil { + in, out := &in.MaxConcurrentStreams, &out.MaxConcurrentStreams + *out = new(uint32) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTP2Settings. +func (in *HTTP2Settings) DeepCopy() *HTTP2Settings { + if in == nil { + return nil + } + out := new(HTTP2Settings) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HTTPClientTimeout) DeepCopyInto(out *HTTPClientTimeout) { *out = *in @@ -821,17 +851,22 @@ func (in *HTTPListener) DeepCopyInto(out *HTTPListener) { *out = new(ClientIPDetectionSettings) (*in).DeepCopyInto(*out) } - if in.HTTP3 != nil { - in, out := &in.HTTP3, &out.HTTP3 - *out = new(HTTP3Settings) - **out = **in - } out.Path = in.Path if in.HTTP1 != nil { in, out := &in.HTTP1, &out.HTTP1 *out = new(HTTP1Settings) (*in).DeepCopyInto(*out) } + if in.HTTP2 != nil { + in, out := &in.HTTP2, &out.HTTP2 + *out = new(HTTP2Settings) + (*in).DeepCopyInto(*out) + } + if in.HTTP3 != nil { + in, out := &in.HTTP3, &out.HTTP3 + *out = new(HTTP3Settings) + **out = **in + } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout *out = new(ClientTimeout) diff --git a/internal/xds/translator/listener.go b/internal/xds/translator/listener.go index f909fd3ff8c..55b29d168eb 100644 --- a/internal/xds/translator/listener.go +++ b/internal/xds/translator/listener.go @@ -79,16 +79,20 @@ func http1ProtocolOptions(opts *ir.HTTP1Settings) *corev3.Http1ProtocolOptions { return r } -func http2ProtocolOptions() *corev3.Http2ProtocolOptions { +func http2ProtocolOptions(opts *ir.HTTP2Settings) *corev3.Http2ProtocolOptions { + if opts == nil { + opts = &ir.HTTP2Settings{} + } + return &corev3.Http2ProtocolOptions{ MaxConcurrentStreams: &wrappers.UInt32Value{ - Value: http2MaxConcurrentStreamsLimit, + Value: ptr.Deref(opts.MaxConcurrentStreams, http2MaxConcurrentStreamsLimit), }, InitialStreamWindowSize: &wrappers.UInt32Value{ - Value: http2InitialStreamWindowSize, + Value: ptr.Deref(opts.InitialStreamWindowSize, http2InitialStreamWindowSize), }, InitialConnectionWindowSize: &wrappers.UInt32Value{ - Value: http2InitialConnectionWindowSize, + Value: ptr.Deref(opts.InitialConnectionWindowSize, http2InitialConnectionWindowSize), }, } } @@ -244,7 +248,7 @@ func (t *Translator) addHCMToXDSListener(xdsListener *listenerv3.Listener, irLis ServerHeaderTransformation: hcmv3.HttpConnectionManager_PASS_THROUGH, // Add HTTP2 protocol options // Set it by default to also support HTTP1.1 to HTTP2 Upgrades - Http2ProtocolOptions: http2ProtocolOptions(), + Http2ProtocolOptions: http2ProtocolOptions(irListener.HTTP2), // https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_conn_man/headers#x-forwarded-for UseRemoteAddress: &wrappers.BoolValue{Value: useRemoteAddress}, XffNumTrustedHops: xffNumTrustedHops(irListener.ClientIPDetection), diff --git a/internal/xds/translator/testdata/in/xds-ir/http2.yaml b/internal/xds/translator/testdata/in/xds-ir/http2.yaml new file mode 100644 index 00000000000..c95bc0442c0 --- /dev/null +++ b/internal/xds/translator/testdata/in/xds-ir/http2.yaml @@ -0,0 +1,22 @@ +http: +- name: "first-listener" + address: "0.0.0.0" + port: 10080 + hostnames: + - "foo.com" + path: + mergeSlashes: true + escapedSlashesAction: UnescapeAndRedirect + http2: + initialConnectionWindowSize: 65536 + initialStreamWindowSize: 33554432 + maxConcurrentStreams: 200 + routes: + - name: "first-route" + hostname: "*" + destination: + name: "first-route-dest" + settings: + - endpoints: + - host: "1.2.3.4" + port: 50000 diff --git a/internal/xds/translator/testdata/out/xds-ir/http2.clusters.yaml b/internal/xds/translator/testdata/out/xds-ir/http2.clusters.yaml new file mode 100755 index 00000000000..d53a7a1b2ce --- /dev/null +++ b/internal/xds/translator/testdata/out/xds-ir/http2.clusters.yaml @@ -0,0 +1,17 @@ +- circuitBreakers: + thresholds: + - maxRetries: 1024 + commonLbConfig: + localityWeightedLbConfig: {} + connectTimeout: 10s + dnsLookupFamily: V4_ONLY + edsClusterConfig: + edsConfig: + ads: {} + resourceApiVersion: V3 + serviceName: first-route-dest + lbPolicy: LEAST_REQUEST + name: first-route-dest + outlierDetection: {} + perConnectionBufferLimitBytes: 32768 + type: EDS diff --git a/internal/xds/translator/testdata/out/xds-ir/http2.endpoints.yaml b/internal/xds/translator/testdata/out/xds-ir/http2.endpoints.yaml new file mode 100755 index 00000000000..3b3f2d09076 --- /dev/null +++ b/internal/xds/translator/testdata/out/xds-ir/http2.endpoints.yaml @@ -0,0 +1,12 @@ +- clusterName: first-route-dest + endpoints: + - lbEndpoints: + - endpoint: + address: + socketAddress: + address: 1.2.3.4 + portValue: 50000 + loadBalancingWeight: 1 + loadBalancingWeight: 1 + locality: + region: first-route-dest/backend/0 diff --git a/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml b/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml new file mode 100755 index 00000000000..b0f26ec8184 --- /dev/null +++ b/internal/xds/translator/testdata/out/xds-ir/http2.listeners.yaml @@ -0,0 +1,34 @@ +- address: + socketAddress: + address: 0.0.0.0 + portValue: 10080 + defaultFilterChain: + filters: + - name: envoy.filters.network.http_connection_manager + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager + commonHttpProtocolOptions: + headersWithUnderscoresAction: REJECT_REQUEST + http2ProtocolOptions: + initialConnectionWindowSize: 33554432 + initialStreamWindowSize: 65536 + maxConcurrentStreams: 200 + httpFilters: + - name: envoy.filters.http.router + typedConfig: + '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router + suppressEnvoyHeaders: true + mergeSlashes: true + normalizePath: true + pathWithEscapedSlashesAction: UNESCAPE_AND_REDIRECT + rds: + configSource: + ads: {} + resourceApiVersion: V3 + routeConfigName: first-listener + serverHeaderTransformation: PASS_THROUGH + statPrefix: http + useRemoteAddress: true + drainType: MODIFY_ONLY + name: first-listener + perConnectionBufferLimitBytes: 32768 diff --git a/internal/xds/translator/testdata/out/xds-ir/http2.routes.yaml b/internal/xds/translator/testdata/out/xds-ir/http2.routes.yaml new file mode 100755 index 00000000000..0b5b4bee7bb --- /dev/null +++ b/internal/xds/translator/testdata/out/xds-ir/http2.routes.yaml @@ -0,0 +1,14 @@ +- ignorePortInHostMatching: true + name: first-listener + virtualHosts: + - domains: + - '*' + name: first-listener/* + routes: + - match: + prefix: / + name: first-route + route: + cluster: first-route-dest + upgradeConfigs: + - upgradeType: websocket diff --git a/internal/xds/translator/translator_test.go b/internal/xds/translator/translator_test.go index f60d23a8bb1..da07465099f 100644 --- a/internal/xds/translator/translator_test.go +++ b/internal/xds/translator/translator_test.go @@ -338,6 +338,9 @@ func TestTranslateXds(t *testing.T) { { name: "jwt-optional", }, + { + name: "http2", + }, } for _, tc := range testCases { diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md index e5e5d9fd11b..2c3a2e2a868 100644 --- a/site/content/en/latest/api/extension_types.md +++ b/site/content/en/latest/api/extension_types.md @@ -1497,7 +1497,7 @@ _Appears in:_ | --- | --- | --- | --- | | `initialStreamWindowSize` | _[Quantity](#quantity)_ | false | InitialStreamWindowSize sets the initial window size for HTTP/2 streams.
If not set, the default value is 64 KiB(64*1024). | | `initialConnectionWindowSize` | _[Quantity](#quantity)_ | false | InitialConnectionWindowSize sets the initial window size for HTTP/2 connections.
If not set, the default value is 1 MiB. | -| `maxConcurrentStreams` | _integer_ | true | MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection.
If not set, the default value is 100. | +| `maxConcurrentStreams` | _integer_ | false | MaxConcurrentStreams sets the maximum number of concurrent streams allowed per connection.
If not set, the default value is 100. | #### HTTP3Settings