Comments (6)
Yes let's remove it
from gateway.
Thanks, change to mergepatch solves this problem:
apiVersion: gateway.envoyproxy.io/v1alpha1
kind: EnvoyProxy
metadata:
name: eg2
namespace: envoy-gateway-system
spec:
shutdown:
drainTimeout: "1s"
minDrainDuration: "1s"
provider:
type: Kubernetes
kubernetes:
envoyService:
type: ClusterIP
envoyDeployment:
patch:
type: StrategicMerge
value:
spec:
template:
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
from gateway.
cc @Xunzhuo
from gateway.
You should set dnsPolicy: ClusterFirstWithHostNet
too, the xds_clusters of envoyproxy used service name for looking up control plane:
"cluster": {
"@type": "type.googleapis.com/envoy.config.cluster.v3.Cluster",
"connectTimeout": "10s",
"loadAssignment": {
"clusterName": "xds_cluster",
"endpoints": [
{
"lbEndpoints": [
{
"endpoint": {
"address": {
"socketAddress": {
"address": "envoy-gateway",
"portValue": 18000
}
}
},
"loadBalancingWeight": 1
}
],
"loadBalancingWeight": 1
}
]
When you are using hostNetwork
, we need to set dnsPolicy to ClusterFirstWithHostNet
too.
Refer to: #2374 (comment)
from gateway.
Since we have supported deployment/svc mergepatch, I think we need to remove hostnetwork support on Envoyproxy API or have a more complete implementation for it.
Any thoughts on it @arkodg ?
from gateway.
Let me handle it before GA.
from gateway.
Related Issues (20)
- extAuth - headersToExtAuth translation case-sensitivity HOT 2
- Deploy envoy gateway without load balancer via node port HOT 5
- make experimental gateway api crds optional so that gateway-api upgrade don't break envoy gateway HOT 1
- Helm reference site docs not updated when helm values are updated HOT 4
- Envoy Gateways are restarted when a resource is updated HOT 1
- OIDC SecurityPolicy: Ability to set forward_bearer_token to false
- OIDC SecurityPolicy: original authorization header removed HOT 14
- Automatic Certificate Rotation HOT 2
- Unable to remove XRateLimitHeaders HOT 3
- Build is failing
- docs: Observability of Envoy Gateway Component (not Envoy) HOT 6
- Extend OIDC Configurability
- Support OTEL over HTTP for Access Logs HOT 5
- TLSBackendPolicy´s TargetRef Name must be unique across all namespaces HOT 1
- probably want to use `RouteDestination` here HOT 1
- Use sets in the kube provider to keep track of existing resources
- Trigger a reconcile when the Otel backendRefs / `Service` changes
- API Reference doc cannot describe types from gateway-api package HOT 1
- Add a hook for failed test suite
- Option to use Secret as CaCertificateRefs in BackendTLSPolicy HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gateway.