envoy: use typed extension protocol options for static bootstrap cluster (#3268)

2025-04-29 10:26:29 +02:00 · 2022-04-12 19:13:32 +00:00 · 2022-04-12 19:13:32 +00:00 · 9ae5c26f42
commit 9ae5c26f42
parent 66af458856
4 changed files with 22 additions and 8 deletions
--- a/config/envoyconfig/bootstrap.go
+++ b/config/envoyconfig/bootstrap.go
@ -7,7 +7,6 @@ import (
 	envoy_config_accesslog_v3 "github.com/envoyproxy/go-control-plane/envoy/config/accesslog/v3"
 	envoy_config_bootstrap_v3 "github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3"
 	envoy_config_cluster_v3 "github.com/envoyproxy/go-control-plane/envoy/config/cluster/v3"
-	envoy_config_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
 	envoy_config_endpoint_v3 "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3"
 	envoy_config_metrics_v3 "github.com/envoyproxy/go-control-plane/envoy/config/metrics/v3"
 	envoy_extensions_access_loggers_file_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/access_loggers/file/v3"
@ -100,7 +99,7 @@ func (b *Builder) BuildBootstrapStaticResources() (*envoy_config_bootstrap_v3.Bo
 				},
 			},
 		},
-		Http2ProtocolOptions: &envoy_config_core_v3.Http2ProtocolOptions{},
+		TypedExtensionProtocolOptions: buildTypedExtensionProtocolOptions(nil, upstreamProtocolHTTP2),
 	}

 	staticCfg := &envoy_config_bootstrap_v3.Bootstrap_StaticResources{
--- a/config/envoyconfig/bootstrap_test.go
+++ b/config/envoyconfig/bootstrap_test.go
@ -68,7 +68,6 @@ func TestBuilder_BuildBootstrapStaticResources(t *testing.T) {
 						"name": "pomerium-control-plane-grpc",
 						"type": "STATIC",
 						"connectTimeout": "5s",
-						"http2ProtocolOptions": {},
 						"loadAssignment": {
 							"clusterName": "pomerium-control-plane-grpc",
 							"endpoints": [{
@ -83,6 +82,19 @@ func TestBuilder_BuildBootstrapStaticResources(t *testing.T) {
 									}
 								}]
 							}]
+						},
+						"typedExtensionProtocolOptions": {
+							"envoy.extensions.upstreams.http.v3.HttpProtocolOptions": {
+								"@type": "type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions",
+								"explicitHttpConfig": {
+									"http2ProtocolOptions": {
+										"allowConnect": true,
+										"initialConnectionWindowSize": 1048576,
+										"initialStreamWindowSize": 65536,
+										"maxConcurrentStreams": 100
+									}
+								}
+							}
 						}
 					}
 				]
--- a/config/envoyconfig/clusters.go
+++ b/config/envoyconfig/clusters.go
@ -14,7 +14,6 @@ import (
 	envoy_config_endpoint_v3 "github.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3"
 	envoy_extensions_transport_sockets_tls_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
 	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/types/known/anypb"
 	"google.golang.org/protobuf/types/known/durationpb"
 	"google.golang.org/protobuf/types/known/structpb"
 	"google.golang.org/protobuf/types/known/wrapperspb"
@ -394,10 +393,7 @@ func (b *Builder) buildCluster(
 		cluster.TransportSocket = cluster.TransportSocketMatches[0].TransportSocket
 	}

-	cluster.TypedExtensionProtocolOptions = map[string]*anypb.Any{
-		"envoy.extensions.upstreams.http.v3.HttpProtocolOptions": marshalAny(buildUpstreamProtocolOptions(endpoints, upstreamProtocol)),
-	}
-
+	cluster.TypedExtensionProtocolOptions = buildTypedExtensionProtocolOptions(endpoints, upstreamProtocol)
 	cluster.ClusterDiscoveryType = getClusterDiscoveryType(lbEndpoints)

 	return cluster.Validate()
--- a/config/envoyconfig/protocols.go
+++ b/config/envoyconfig/protocols.go
@ -5,6 +5,7 @@ import (

 	envoy_config_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
 	envoy_extensions_upstreams_http_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/http/v3"
+	"google.golang.org/protobuf/types/known/anypb"
 	"google.golang.org/protobuf/types/known/wrapperspb"

 	"github.com/pomerium/pomerium/config"
@ -34,6 +35,12 @@ var http2ProtocolOptions = &envoy_config_core_v3.Http2ProtocolOptions{
 	InitialConnectionWindowSize: wrapperspb.UInt32(initialConnectionWindowSizeLimit),
 }

+func buildTypedExtensionProtocolOptions(endpoints []Endpoint, upstreamProtocol upstreamProtocolConfig) map[string]*anypb.Any {
+	return map[string]*anypb.Any{
+		"envoy.extensions.upstreams.http.v3.HttpProtocolOptions": marshalAny(buildUpstreamProtocolOptions(endpoints, upstreamProtocol)),
+	}
+}
+
 func buildUpstreamProtocolOptions(endpoints []Endpoint, upstreamProtocol upstreamProtocolConfig) *envoy_extensions_upstreams_http_v3.HttpProtocolOptions {
 	switch upstreamProtocol {
 	case upstreamProtocolHTTP2: