Inspect the Envoy configuration

The Microgateway Engine is built on the basis of the Envoy proxy and enriched with Airlock-specific features. For complex problems, it may therefore be useful to also investigate the underlying Envoy configuration.

To simplify this task we have created a CustomResource EnvoyConfiguration which contains the Envoy configuration.

The following example shows an output of such a CustomResource and explains its components.

kubectl describe envoyconfigurations.microgateway.airlock.com webapp-84b785f954-r49wt   
Name:         webapp-84b785f954-r49wt  
Namespace:    default  
Labels:       <none>  
Annotations:  <none>  
API Version:  microgateway.airlock.com/v1alpha1  
Kind:         EnvoyConfiguration  
Metadata:  
  ... 
  ... 
  ... 
Spec:  
  Envoy Resources:  
    Clusters:  
      Connect Timeout:    5s  
      Dns Lookup Family:  V4_ONLY  
      Load Assignment:  
        Cluster Name:  upstream_8080  
        Endpoints:  
          Lb Endpoints:  
            Endpoint:  
              Address:  
                Socket Address:  
                  Address:     127.0.0.1  
                  Port Value:  8080  
      Name:                    upstream_8080  
      Type:                    LOGICAL_DNS  
    Listeners:  
      Address:  
        Socket Address:  
          Address:     0.0.0.0  
          Port Value:  13378  
      Filter Chains:  
        Filter Chain Match:  
          Destination Port:  8080  
        Filters:  
          Name:  envoy.filters.network.http_connection_manager  
          Typed Config:  
            @type:  type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager  
            Access Log:  
              Name:  access_loggers.stdout  
  ...
  ...
  ... 
Status:  
  Conditions:  
    Last Transition Time:  2022-09-13T14:10:58Z  
    Status:                True  
    Type:                  EnvoyXdsSynchronized  
    Last Transition Time:  2022-09-13T14:10:58Z  
    Status:                True  
    Type:                  EnvoyXdsAccepted  
  Status:                  Active  
  Xds:  
    Resource Types:  
      type.googleapis.com/envoy.config.cluster.v3.Cluster:  
        Resources:  
          upstream_8080:  
            Version:  934ffd2b1b111d6c402096234e119d8d4b026b315ec5a3d8baa52d4931c31aa7  
        Status:       Accepted  
        Version:      3  
      type.googleapis.com/envoy.config.listener.v3.Listener:  
        Resources:  
          engine_listener:  
            Version:  dba378690d5e204c9d3f1f839821910f40ea5b06e0e1842d8180d78767d032f1  
        Status:       Accepted  
        Version:      3  
Events:               <none>
  • Spec.Envoy Resources – Contains the Envoy configuration.
  • Status.Conditions​– Shows whether the configuration is synchronized/active on Airlock Engine.
  • Status.Xds – Shows the different Envoy resources and their status.

The CustomResource EnvoyConfiguration is not intended to be created or changed manually. This resource is composed out of the other Airlock Microgateway CustomResources and will be overwritten by the Airlock Microgateway Operator.