Created
August 29, 2022 16:02
-
-
Save notmedia/13591d52db1c04152381618ad0af6369 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| static_resources: | |
| listeners: | |
| - name: listener_0 | |
| address: | |
| socket_address: { address: 0.0.0.0, port_value: 8080 } | |
| filter_chains: | |
| - filters: | |
| - name: envoy.filters.network.http_connection_manager | |
| typed_config: | |
| "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager | |
| codec_type: auto | |
| stat_prefix: ingress_http | |
| route_config: | |
| name: local_route | |
| virtual_hosts: | |
| - name: local_service | |
| domains: ["*"] | |
| routes: | |
| - match: { prefix: "/" } | |
| route: | |
| cluster: simple_service | |
| timeout: 0s | |
| max_stream_duration: | |
| grpc_timeout_header_max: 0s | |
| cors: | |
| allow_origin_string_match: | |
| - prefix: "*" | |
| allow_methods: GET, PUT, DELETE, POST, OPTIONS | |
| allow_headers: keep-alive,user-agent,cache-control,content-type,content-transfer-encoding,custom-header-1,x-accept-content-transfer-encoding,x-accept-response-streaming,x-user-agent,x-grpc-web,grpc-timeout | |
| max_age: "1728000" | |
| expose_headers: custom-header-1,grpc-status,grpc-message | |
| http_filters: | |
| - name: envoy.filters.http.grpc_web | |
| typed_config: | |
| "@type": type.googleapis.com/envoy.extensions.filters.http.grpc_web.v3.GrpcWeb | |
| - name: envoy.filters.http.cors | |
| typed_config: | |
| "@type": type.googleapis.com/envoy.extensions.filters.http.cors.v3.Cors | |
| - name: envoy.filters.http.router | |
| typed_config: | |
| "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router | |
| transport_socket: | |
| name: envoy.transport_sockets.tls | |
| typed_config: | |
| # https://www.envoyproxy.io/docs/envoy/v1.15.0/api-v3/extensions/transport_sockets/tls/v3/tls.proto#extensions-transport-sockets-tls-v3-downstreamtlscontext | |
| "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext | |
| common_tls_context: | |
| tls_certificates: | |
| - certificate_chain: | |
| # Certificate must be PEM-encoded | |
| filename: /etc/server-cert.pem | |
| private_key: | |
| filename: /etc/server-key.pem | |
| clusters: | |
| - name: simple_service | |
| connect_timeout: 0.25s | |
| type: logical_dns | |
| http2_protocol_options: {} | |
| lb_policy: round_robin | |
| load_assignment: | |
| cluster_name: cluster_0 | |
| endpoints: | |
| - lb_endpoints: | |
| - endpoint: | |
| address: | |
| socket_address: | |
| # address: host.docker.internal - for macOS | |
| # address: 0.0.0.0 - for others | |
| address: host.docker.internal | |
| port_value: 4000 | |
| # http2_protocol_options: {} # Force HTTP/2 | |
| # Your grpc server communicates over TLS. You must configure the transport | |
| # socket. If you care about the overhead, you should configure the grpc | |
| # server to listen without TLS. If you need to listen to grpc-web and grpc | |
| # over HTTP/2 both you can also proxy your TCP traffic with the envoy. | |
| transport_socket: | |
| name: envoy.transport_sockets.tls | |
| typed_config: | |
| "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment