HttpListenerOptions

Package: gloo.solo.io

Types:

Source File: github.com/solo-io/gloo/projects/gloo/api/v1/http_listener_options.proto


HttpListenerOptions

Optional, feature-specific configuration that lives on http listeners

"grpcWeb": .grpc_web.options.gloo.solo.io.GrpcWeb
"httpConnectionManagerSettings": .hcm.options.gloo.solo.io.HttpConnectionManagerSettings
"healthCheck": .healthcheck.options.gloo.solo.io.HealthCheck
"extensions": .gloo.solo.io.Extensions
"waf": .waf.options.gloo.solo.io.Settings
"dlp": .dlp.options.gloo.solo.io.FilterConfig
"wasm": .wasm.options.gloo.solo.io.PluginSource
"extauth": .enterprise.gloo.solo.io.Settings
"ratelimitServer": .ratelimit.options.gloo.solo.io.Settings
"caching": .caching.options.gloo.solo.io.Settings
"disableExtProc": .google.protobuf.BoolValue
"extProc": .extproc.options.gloo.solo.io.Settings
"gzip": .solo.io.envoy.config.filter.http.gzip.v2.Gzip
"proxyLatency": .envoy.config.filter.http.proxylatency.v2.ProxyLatency
"buffer": .solo.io.envoy.extensions.filters.http.buffer.v3.Buffer
"csrf": .solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy
"grpcJsonTranscoder": .grpc_json.options.gloo.solo.io.GrpcJsonTranscoder
"sanitizeClusterHeader": .google.protobuf.BoolValue
"leftmostXffAddress": .google.protobuf.BoolValue
"dynamicForwardProxy": .dfp.options.gloo.solo.io.FilterConfig
"connectionLimit": .connection_limit.options.gloo.solo.io.ConnectionLimit
"networkLocalRatelimit": .local_ratelimit.options.gloo.solo.io.TokenBucket
"httpLocalRatelimit": .local_ratelimit.options.gloo.solo.io.Settings
"router": .gloo.solo.io.Router
"tap": .tap.options.gloo.solo.io.Tap
"statefulSession": .stateful_session.options.gloo.solo.io.StatefulSession
"headerValidationSettings": .header_validation.options.gloo.solo.io.HeaderValidationSettings

Field Type Description
grpcWeb .grpc_web.options.gloo.solo.io.GrpcWeb
httpConnectionManagerSettings .hcm.options.gloo.solo.io.HttpConnectionManagerSettings
healthCheck .healthcheck.options.gloo.solo.io.HealthCheck enable Envoy health checks on this listener.
extensions .gloo.solo.io.Extensions Extensions will be passed along from Listeners, Gateways, VirtualServices, Routes, and Route tables to the underlying Proxy, making them useful for controllers, validation tools, etc. which interact with kubernetes yaml. Some sample use cases: * controllers, deployment pipelines, helm charts, etc. which wish to use extensions as a kind of opaque metadata. * In the future, Gloo may support gRPC-based plugins which communicate with the Gloo translator out-of-process. Opaque Extensions enables development of out-of-process plugins without requiring recompiling & redeploying Gloo’s API.
waf .waf.options.gloo.solo.io.Settings Enterprise-only: Config for Web Application Firewall (WAF), supporting the popular ModSecurity 3.0 ruleset.
dlp .dlp.options.gloo.solo.io.FilterConfig Enterprise-only: Config for data loss prevention.
wasm .wasm.options.gloo.solo.io.PluginSource Enterprise-only: WASM related configuration [experimental!].
extauth .enterprise.gloo.solo.io.Settings Enterprise-only: External auth related settings.
ratelimitServer .ratelimit.options.gloo.solo.io.Settings Enterprise-only: Settings for the rate limiting server itself.
caching .caching.options.gloo.solo.io.Settings Enterprise-only: Settings for the cache server itself.
disableExtProc .google.protobuf.BoolValue Enterprise-only: Set to true to disable the External Processing filter for this listener. This can be overridden by child VirtualHostOptions or RouteOptions. Only one of disableExtProc or extProc can be set.
extProc .extproc.options.gloo.solo.io.Settings Enterprise-only: External Processing filter settings for the listener. This can be used to override the defaults from the global settings (via shallow merge). Some of the settings on the listener can be overridden by child VirtualHostOptions or RouteOptions. Only one of extProc or disableExtProc can be set.
gzip .solo.io.envoy.config.filter.http.gzip.v2.Gzip Gzip is an HTTP option which enables Gloo to compress data returned from an upstream service upon client request. Compression is useful in situations where large payloads need to be transmitted without compromising the response time. Example: gzip: contentType: - "application/json" compressionLevel: BEST.
proxyLatency .envoy.config.filter.http.proxylatency.v2.ProxyLatency Enterprise-only: Proxy latency.
buffer .solo.io.envoy.extensions.filters.http.buffer.v3.Buffer Buffer can be used to set the maximum request size that the filter will buffer before the connection manager will stop buffering and return a 413 response.
csrf .solo.io.envoy.extensions.filters.http.csrf.v3.CsrfPolicy Csrf can be used to set percent of requests for which the CSRF filter is enabled, enable shadow-only mode where policies will be evaluated and tracked, but not enforced and add additional source origins that will be allowed in addition to the destination origin. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v2/config/filter/http/csrf/v2/csrf.proto.
grpcJsonTranscoder .grpc_json.options.gloo.solo.io.GrpcJsonTranscoder Exposed envoy config for the gRPC to JSON transcoding filter, envoy.filters.http.grpc_json_transcoder. For more, see https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/grpc_json_transcoder/v3/transcoder.proto.
sanitizeClusterHeader .google.protobuf.BoolValue Enterprise-only: If using the HTTP header specified by cluster_header to direct traffic to a cluster, this option will sanitize that header from downstream traffic. Defaults to false.
leftmostXffAddress .google.protobuf.BoolValue Enterprise-only: Setting this value to true will grab the leftmost IP address from the x-forwarded-for header and set it as the downstream address. It is worth noting that the x-forwarded-for header can be tampered with by clients and should therefore be sanitized by any preceding proxies / load balancers if this option is to be used.
dynamicForwardProxy .dfp.options.gloo.solo.io.FilterConfig
connectionLimit .connection_limit.options.gloo.solo.io.ConnectionLimit ConnectionLimit can be used to limit the number of active connections per gateway. Useful for resource protection as well as DoS prevention.
networkLocalRatelimit .local_ratelimit.options.gloo.solo.io.TokenBucket NetworkLocalRatelimit can be used to rate limit the connections per gateway at the L4 layer and works pre-auth. It uses envoy’s own local rate limit filter to do so, without the need for an external rate limit server to be set up.
httpLocalRatelimit .local_ratelimit.options.gloo.solo.io.Settings HttpLocalRatelimit can be used to rate limit the number of requests per gateway and works pre-auth. Unlike the NetworkLocalRatelimit, this works as part of the HCM (ie: L7 layer). All virtual host and routes that are part of this gateway will share this rate limit unless explicity configured with another limit. It uses envoy’s own local rate limit filter to do so, without the need for an external rate limit server to be set up.
router .gloo.solo.io.Router Router is an extension of the envoy http filters Maps to https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/router/v3/router.proto.
tap .tap.options.gloo.solo.io.Tap Enterprise only: Tap filter settings (experimental).
statefulSession .stateful_session.options.gloo.solo.io.StatefulSession Enterprise only: Listener-level stateful session settings.
headerValidationSettings .header_validation.options.gloo.solo.io.HeaderValidationSettings Header validation settings - fields in this message can be used to determine whether requests should be rejected based on the contents of the header.