#
Start and configure a basic Envoy proxy
In order to start the Envoy proxy, we need to create the Envoy configuration file first.
Let's start with the following file for the moment:
envoy-demo.yaml
static_resources:
listeners:
- name: listener_0
address:
socket_address:
address: 0.0.0.0
port_value: 10000
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
stat_prefix: ingress_http
access_log:
- name: envoy.access_loggers.stdout
typed_config:
"@type": type.googleapis.com/envoy.extensions.access_loggers.stream.v3.StdoutAccessLog
http_filters:
- name: envoy.filters.http.router
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: local_route
virtual_hosts:
- name: local_service
domains: ["*"]
routes:
- match:
prefix: "/"
route:
host_rewrite_literal: www.envoyproxy.io
cluster: service_envoyproxy_io
clusters:
- name: service_envoyproxy_io
type: LOGICAL_DNS
# Comment out the following line to test on v6 networks
dns_lookup_family: V4_ONLY
connect_timeout: 6s
load_assignment:
cluster_name: service_envoyproxy_io
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: www.envoyproxy.io
port_value: 443
transport_socket:
name: envoy.transport_sockets.tls
typed_config:
"@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
sni: www.envoyproxy.io
Info
This startup configuration file was taken from Envoy official web site.
Download this file and put it somewhere on the disk. In my case I put it under /u01/envoy
.
Now we can start the Envoy proxy:
cd /u01/envoy
envoy -c envoy-demo.yaml
If you receive the Field 'connect_timeout' is missing in: name: "service_envoyproxy_io" error, you might be need to add the line #40 from the code above which is not in the original script.
When you start Envoy you will see something like this:
envoy -c envoy-demo.yaml
[2023-01-07 11:46:55.446][3798][info][main] [external/envoy/source/server/server.cc:330] initializing epoch 0 (base id=0, hot restart version=11.104)
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:332] statically linked extensions:
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.dubbo_proxy.protocols: dubbo
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.grpc_credentials: envoy.grpc_credentials.aws_iam, envoy.grpc_credentials.default, envoy.grpc_credentials.file_based_metadata
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.thrift_proxy.transports: auto, framed, header, unframed
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.retry_host_predicates: envoy.retry_host_predicates.omit_canary_hosts, envoy.retry_host_predicates.omit_host_metadata, envoy.retry_host_predicates.previous_hosts
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.retry_priorities: envoy.retry_priorities.previous_priorities
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.dubbo_proxy.filters: envoy.filters.dubbo.router
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.internal_redirect_predicates: envoy.internal_redirect_predicates.allow_listed_routes, envoy.internal_redirect_predicates.previous_routes, envoy.internal_redirect_predicates.safe_cross_scheme
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.wasm.runtime: envoy.wasm.runtime.null, envoy.wasm.runtime.v8
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.transport_sockets.upstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.tap, envoy.transport_sockets.tls, envoy.transport_sockets.upstream_proxy_protocol, raw_buffer, tls
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.http.cache: envoy.extensions.http.cache.simple
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.resource_monitors: envoy.resource_monitors.fixed_heap, envoy.resource_monitors.injected_resource
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.thrift_proxy.protocols: auto, binary, binary/non-strict, compact, twitter
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.resolvers: envoy.ip
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.compression.compressor: envoy.compression.brotli.compressor, envoy.compression.gzip.compressor
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.request_id: envoy.request_id.uuid
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.matching.http.input: request-headers, request-trailers, response-headers, response-trailers
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.matching.common_inputs: envoy.matching.common_inputs.environment_variable
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.clusters: envoy.cluster.eds, envoy.cluster.logical_dns, envoy.cluster.original_dst, envoy.cluster.static, envoy.cluster.strict_dns, envoy.clusters.aggregate, envoy.clusters.dynamic_forward_proxy, envoy.clusters.redis
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.filters.network: envoy.client_ssl_auth, envoy.echo, envoy.ext_authz, envoy.filters.network.client_ssl_auth, envoy.filters.network.direct_response, envoy.filters.network.dubbo_proxy, envoy.filters.network.echo, envoy.filters.network.ext_authz, envoy.filters.network.http_connection_manager, envoy.filters.network.kafka_broker, envoy.filters.network.local_ratelimit, envoy.filters.network.mongo_proxy, envoy.filters.network.mysql_proxy, envoy.filters.network.postgres_proxy, envoy.filters.network.ratelimit, envoy.filters.network.rbac, envoy.filters.network.redis_proxy, envoy.filters.network.rocketmq_proxy, envoy.filters.network.sni_cluster, envoy.filters.network.sni_dynamic_forward_proxy, envoy.filters.network.tcp_proxy, envoy.filters.network.thrift_proxy, envoy.filters.network.wasm, envoy.filters.network.zookeeper_proxy, envoy.http_connection_manager, envoy.mongo_proxy, envoy.ratelimit, envoy.redis_proxy, envoy.tcp_proxy
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.rate_limit_descriptors: envoy.rate_limit_descriptors.expr
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.bootstrap: envoy.bootstrap.wasm, envoy.extensions.network.socket_interface.default_socket_interface
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.transport_sockets.downstream: envoy.transport_sockets.alts, envoy.transport_sockets.quic, envoy.transport_sockets.raw_buffer, envoy.transport_sockets.starttls, envoy.transport_sockets.tap, envoy.transport_sockets.tls, raw_buffer, starttls, tls
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.dubbo_proxy.serializers: dubbo.hessian2
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.guarddog_actions: envoy.watchdog.abort_action, envoy.watchdog.profile_action
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.filters.http: envoy.buffer, envoy.cors, envoy.csrf, envoy.ext_authz, envoy.ext_proc, envoy.fault, envoy.filters.http.adaptive_concurrency, envoy.filters.http.admission_control, envoy.filters.http.aws_lambda, envoy.filters.http.aws_request_signing, envoy.filters.http.buffer, envoy.filters.http.cache, envoy.filters.http.cdn_loop, envoy.filters.http.composite, envoy.filters.http.compressor, envoy.filters.http.cors, envoy.filters.http.csrf, envoy.filters.http.decompressor, envoy.filters.http.dynamic_forward_proxy, envoy.filters.http.dynamo, envoy.filters.http.ext_authz, envoy.filters.http.ext_proc, envoy.filters.http.fault, envoy.filters.http.grpc_http1_bridge, envoy.filters.http.grpc_http1_reverse_bridge, envoy.filters.http.grpc_json_transcoder, envoy.filters.http.grpc_stats, envoy.filters.http.grpc_web, envoy.filters.http.gzip, envoy.filters.http.header_to_metadata, envoy.filters.http.health_check, envoy.filters.http.ip_tagging, envoy.filters.http.jwt_authn, envoy.filters.http.local_ratelimit, envoy.filters.http.lua, envoy.filters.http.oauth2, envoy.filters.http.on_demand, envoy.filters.http.original_src, envoy.filters.http.ratelimit, envoy.filters.http.rbac, envoy.filters.http.router, envoy.filters.http.squash, envoy.filters.http.tap, envoy.filters.http.wasm, envoy.grpc_http1_bridge, envoy.grpc_json_transcoder, envoy.grpc_web, envoy.gzip, envoy.health_check, envoy.http_dynamo_filter, envoy.ip_tagging, envoy.local_rate_limit, envoy.lua, envoy.rate_limit, envoy.router, envoy.squash, match-wrapper
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.upstream_options: envoy.extensions.upstreams.http.v3.HttpProtocolOptions, envoy.upstreams.http.http_protocol_options
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.http.stateful_header_formatters: preserve_case
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.health_checkers: envoy.health_checkers.redis
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.filters.udp_listener: envoy.filters.udp.dns_filter, envoy.filters.udp_listener.udp_proxy
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.compression.decompressor: envoy.compression.brotli.decompressor, envoy.compression.gzip.decompressor
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.stats_sinks: envoy.dog_statsd, envoy.metrics_service, envoy.stat_sinks.dog_statsd, envoy.stat_sinks.hystrix, envoy.stat_sinks.metrics_service, envoy.stat_sinks.statsd, envoy.stat_sinks.wasm, envoy.statsd
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.dubbo_proxy.route_matchers: default
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.access_loggers: envoy.access_loggers.file, envoy.access_loggers.http_grpc, envoy.access_loggers.open_telemetry, envoy.access_loggers.stderr, envoy.access_loggers.stdout, envoy.access_loggers.tcp_grpc, envoy.access_loggers.wasm, envoy.file_access_log, envoy.http_grpc_access_log, envoy.open_telemetry_access_log, envoy.stderr_access_log, envoy.stdout_access_log, envoy.tcp_grpc_access_log, envoy.wasm_access_log
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.matching.input_matchers: envoy.matching.matchers.consistent_hashing
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.tracers: envoy.dynamic.ot, envoy.lightstep, envoy.tracers.datadog, envoy.tracers.dynamic_ot, envoy.tracers.lightstep, envoy.tracers.opencensus, envoy.tracers.skywalking, envoy.tracers.xray, envoy.tracers.zipkin, envoy.zipkin
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.upstreams: envoy.filters.connection_pools.tcp.generic
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.thrift_proxy.filters: envoy.filters.thrift.rate_limit, envoy.filters.thrift.router
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.matching.action: composite-action, skip
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.tls.cert_validator: envoy.tls.cert_validator.default, envoy.tls.cert_validator.spiffe
[2023-01-07 11:46:55.447][3798][info][main] [external/envoy/source/server/server.cc:334] envoy.filters.listener: envoy.filters.listener.http_inspector, envoy.filters.listener.original_dst, envoy.filters.listener.original_src, envoy.filters.listener.proxy_protocol, envoy.filters.listener.tls_inspector, envoy.listener.http_inspector, envoy.listener.original_dst, envoy.listener.original_src, envoy.listener.proxy_protocol, envoy.listener.tls_inspector
[2023-01-07 11:46:55.453][3798][info][main] [external/envoy/source/server/server.cc:350] HTTP header map info:
[2023-01-07 11:46:55.454][3798][info][main] [external/envoy/source/server/server.cc:353] request header map: 632 bytes: :authority,:method,:path,:protocol,:scheme,accept,accept-encoding,access-control-request-method,authentication,authorization,cache-control,cdn-loop,connection,content-encoding,content-length,content-type,expect,grpc-accept-encoding,grpc-timeout,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,keep-alive,origin,pragma,proxy-connection,referer,te,transfer-encoding,upgrade,user-agent,via,x-client-trace-id,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-downstream-service-cluster,x-envoy-downstream-service-node,x-envoy-expected-rq-timeout-ms,x-envoy-external-address,x-envoy-force-trace,x-envoy-hedge-on-per-try-timeout,x-envoy-internal,x-envoy-ip-tags,x-envoy-max-retries,x-envoy-original-path,x-envoy-original-url,x-envoy-retriable-header-names,x-envoy-retriable-status-codes,x-envoy-retry-grpc-on,x-envoy-retry-on,x-envoy-upstream-alt-stat-name,x-envoy-upstream-rq-per-try-timeout-ms,x-envoy-upstream-rq-timeout-alt-response,x-envoy-upstream-rq-timeout-ms,x-forwarded-client-cert,x-forwarded-for,x-forwarded-proto,x-ot-span-context,x-request-id
[2023-01-07 11:46:55.454][3798][info][main] [external/envoy/source/server/server.cc:353] request trailer map: 144 bytes:
[2023-01-07 11:46:55.454][3798][info][main] [external/envoy/source/server/server.cc:353] response header map: 440 bytes: :status,access-control-allow-credentials,access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-expose-headers,access-control-max-age,age,cache-control,connection,content-encoding,content-length,content-type,date,etag,expires,grpc-message,grpc-status,keep-alive,last-modified,location,proxy-connection,server,transfer-encoding,upgrade,vary,via,x-envoy-attempt-count,x-envoy-decorator-operation,x-envoy-degraded,x-envoy-immediate-health-check-fail,x-envoy-ratelimited,x-envoy-upstream-canary,x-envoy-upstream-healthchecked-cluster,x-envoy-upstream-service-time,x-request-id
[2023-01-07 11:46:55.454][3798][info][main] [external/envoy/source/server/server.cc:353] response trailer map: 168 bytes: grpc-message,grpc-status
[2023-01-07 11:46:55.455][3798][warning][main] [external/envoy/source/server/server.cc:506] No admin address given, so no admin HTTP server started.
[2023-01-07 11:46:55.455][3798][info][main] [external/envoy/source/server/server.cc:667] runtime: layers:
- name: base
static_layer:
{}
- name: admin
admin_layer:
{}
[2023-01-07 11:46:55.455][3798][info][config] [external/envoy/source/server/configuration_impl.cc:128] loading tracing configuration
[2023-01-07 11:46:55.455][3798][info][config] [external/envoy/source/server/configuration_impl.cc:88] loading 0 static secret(s)
[2023-01-07 11:46:55.455][3798][info][config] [external/envoy/source/server/configuration_impl.cc:94] loading 1 cluster(s)
[2023-01-07 11:46:55.457][3798][info][config] [external/envoy/source/server/configuration_impl.cc:98] loading 1 listener(s)
[2023-01-07 11:46:55.461][3798][info][config] [external/envoy/source/server/configuration_impl.cc:110] loading stats configuration
[2023-01-07 11:46:55.461][3798][info][main] [external/envoy/source/server/server.cc:764] starting main dispatch loop
[2023-01-07 11:46:55.573][3798][info][runtime] [external/envoy/source/common/runtime/runtime_impl.cc:428] RTDS has finished initialization
[2023-01-07 11:46:55.574][3798][info][upstream] [external/envoy/source/common/upstream/cluster_manager_impl.cc:192] cm init: all clusters initialized
[2023-01-07 11:46:55.574][3798][info][main] [external/envoy/source/server/server.cc:745] all clusters initialized. initializing init manager
[2023-01-07 11:46:55.574][3798][info][config] [external/envoy/source/server/listener_manager_impl.cc:888] all dependencies initialized. starting workers
[2023-01-07 11:46:55.574][3798][warning][main] [external/envoy/source/server/server.cc:642] there is no configured limit to the number of allowed active connections. Set a limit via the runtime key overload.global_downstream_max_connections
In order to test the Envoy proxy, you can run the following command:
curl -v localhost:10000
This will bring you the www.envoyproxy.io page and all pass through your Envoy proxy.