HttpListenerOptions
Package: gloo.solo.io
Types:
Source File: github.com/solo-io/gloo/projects/gloo/api/v1/http_listener_options.proto
HttpListenerOptions
Optional, feature-specific configuration that lives on http listeners
"grpcWeb": .grpc_web.options.gloo.solo.io.GrpcWeb
"httpConnectionManagerSettings": .hcm.options.gloo.solo.io.HttpConnectionManagerSettings
"healthCheck": .healthcheck.options.gloo.solo.io.HealthCheck
"extensions": .gloo.solo.io.Extensions
"waf": .waf.options.gloo.solo.io.Settings
"dlp": .dlp.options.gloo.solo.io.FilterConfig
"wasm": .wasm.options.gloo.solo.io.PluginSource
"extauth": .enterprise.gloo.solo.io.Settings
"ratelimitServer": .ratelimit.options.gloo.solo.io.Settings
"caching": .caching.options.gloo.solo.io.Settings
"disableExtProc": .google.protobuf.BoolValue
"extProc": .extproc.options.gloo.solo.io.Settings
"gzip": .solo.io.envoy.config.filter.http.gzip.v2.Gzip
"proxyLatency": .envoy.config.filter.http.proxylatency.v2.ProxyLatency
"buffer": .solo.io.envoy.extensions.filters.http.buffer.v3.Buffer
"csrf": .solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy
"grpcJsonTranscoder": .grpc_json.options.gloo.solo.io.GrpcJsonTranscoder
"sanitizeClusterHeader": .google.protobuf.BoolValue
"leftmostXffAddress": .google.protobuf.BoolValue
"dynamicForwardProxy": .dfp.options.gloo.solo.io.FilterConfig
"connectionLimit": .connection_limit.options.gloo.solo.io.ConnectionLimit
"networkLocalRatelimit": .local_ratelimit.options.gloo.solo.io.TokenBucket
"httpLocalRatelimit": .local_ratelimit.options.gloo.solo.io.Settings
"router": .gloo.solo.io.Router
"tap": .tap.options.gloo.solo.io.Tap
"statefulSession": .stateful_session.options.gloo.solo.io.StatefulSession
"headerValidationSettings": .header_validation.options.gloo.solo.io.HeaderValidationSettings
Field | Type | Description |
---|---|---|
grpcWeb |
.grpc_web.options.gloo.solo.io.GrpcWeb | |
httpConnectionManagerSettings |
.hcm.options.gloo.solo.io.HttpConnectionManagerSettings | |
healthCheck |
.healthcheck.options.gloo.solo.io.HealthCheck | enable Envoy health checks on this listener. |
extensions |
.gloo.solo.io.Extensions | Extensions will be passed along from Listeners, Gateways, VirtualServices, Routes, and Route tables to the underlying Proxy, making them useful for controllers, validation tools, etc. which interact with kubernetes yaml. Some sample use cases: * controllers, deployment pipelines, helm charts, etc. which wish to use extensions as a kind of opaque metadata. * In the future, Gloo may support gRPC-based plugins which communicate with the Gloo translator out-of-process. Opaque Extensions enables development of out-of-process plugins without requiring recompiling & redeploying Gloo’s API. |
waf |
.waf.options.gloo.solo.io.Settings | Enterprise-only: Config for Web Application Firewall (WAF), supporting the popular ModSecurity 3.0 ruleset. |
dlp |
.dlp.options.gloo.solo.io.FilterConfig | Enterprise-only: Config for data loss prevention. |
wasm |
.wasm.options.gloo.solo.io.PluginSource | Enterprise-only: WASM related configuration [experimental!]. |
extauth |
.enterprise.gloo.solo.io.Settings | Enterprise-only: External auth related settings. |
ratelimitServer |
.ratelimit.options.gloo.solo.io.Settings | Enterprise-only: Settings for the rate limiting server itself. |
caching |
.caching.options.gloo.solo.io.Settings | Enterprise-only: Settings for the cache server itself. |
disableExtProc |
.google.protobuf.BoolValue | Enterprise-only: Set to true to disable the External Processing filter for this listener. This can be overridden by child VirtualHostOptions or RouteOptions. Only one of disableExtProc or extProc can be set. |
extProc |
.extproc.options.gloo.solo.io.Settings | Enterprise-only: External Processing filter settings for the listener. This can be used to override the defaults from the global settings (via shallow merge). Some of the settings on the listener can be overridden by child VirtualHostOptions or RouteOptions. Only one of extProc or disableExtProc can be set. |
gzip |
.solo.io.envoy.config.filter.http.gzip.v2.Gzip | Gzip is an HTTP option which enables Gloo to compress data returned from an upstream service upon client request. Compression is useful in situations where large payloads need to be transmitted without compromising the response time. Example: gzip: contentType: - "application/json" compressionLevel: BEST . |
proxyLatency |
.envoy.config.filter.http.proxylatency.v2.ProxyLatency | Enterprise-only: Proxy latency. |
buffer |
.solo.io.envoy.extensions.filters.http.buffer.v3.Buffer | Buffer can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response. |
csrf |
.solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy | Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto. |
grpcJsonTranscoder |
.grpc_json.options.gloo.solo.io.GrpcJsonTranscoder | Exposed envoy config for the gRPC to JSON transcoding filter, envoy.filters.http.grpc_json_transcoder. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/grpc_json_transcoder/v3/transcoder.proto. |
sanitizeClusterHeader |
.google.protobuf.BoolValue | Enterprise-only: If using the HTTP header specified by cluster_header to direct traffic to a cluster, this option will sanitize that header from downstream traffic. Defaults to false. |
leftmostXffAddress |
.google.protobuf.BoolValue | Enterprise-only: Setting this value to true will grab the leftmost IP address from the x-forwarded-for header and set it as the downstream address. It is worth noting that the x-forwarded-for header can be tampered with by clients and should therefore be sanitized by any preceding proxies / load balancers if this option is to be used. |
dynamicForwardProxy |
.dfp.options.gloo.solo.io.FilterConfig | |
connectionLimit |
.connection_limit.options.gloo.solo.io.ConnectionLimit | ConnectionLimit can be used to limit the number of active connections per gateway. Useful for resource protection as well as DoS prevention. |
networkLocalRatelimit |
.local_ratelimit.options.gloo.solo.io.TokenBucket | NetworkLocalRatelimit can be used to rate limit the connections per gateway at the L4 layer and works pre-auth. It uses envoy’s own local rate limit filter to do so, without the need for an external rate limit server to be set up. |
httpLocalRatelimit |
.local_ratelimit.options.gloo.solo.io.Settings | HttpLocalRatelimit can be used to rate limit the number of requests per gateway and works pre-auth. Unlike the NetworkLocalRatelimit, this works as part of the HCM (ie: L7 layer). All virtual host and routes that are part of this gateway will share this rate limit unless explicity configured with another limit. It uses envoy’s own local rate limit filter to do so, without the need for an external rate limit server to be set up. |
router |
.gloo.solo.io.Router | Router is an extension of the envoy http filters Maps to https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/router/v3/router.proto. |
tap |
.tap.options.gloo.solo.io.Tap | Enterprise only: Tap filter settings (experimental). |
statefulSession |
.stateful_session.options.gloo.solo.io.StatefulSession | Enterprise only: Listener-level stateful session settings. |
headerValidationSettings |
.header_validation.options.gloo.solo.io.HeaderValidationSettings | Header validation settings - fields in this message can be used to determine whether requests should be rejected based on the contents of the header. |