Terminate CONNECT and manipulate request

[Hussein Jafferjee]

Hi Team,

I am currently running a few experiments with Envoy and have been unsuccessful at using envoy as a forward proxy (with a twist).

Use Case: I would like envoy to terminate TLS + CONNECT, and send the proxy request to another service which will be responsible for fetching the request. The reason is that I'd like to manipulate the request before it goes out.

I am not getting anywhere with https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades, but I did just come across internal listeners. Would love any pointers in this space.

Cheers,

Hussein

[Hussein Jafferjee]

Just as a heads up for anyone else who needs to look at it in the future, internal listener is exactly it and envoy already has a sample you can use: https://github.com/envoyproxy/envoy/blob/c2bccb3e25ae631e94264f3a57f36f391f2a4957/configs/encapsulate_http_in_http2_connect.yaml. Little bit more work is required to add TLS on top of it, but there are tons of examples for that already.

[Yan Avlasov]

Yes, internal listener can be used for accomplishing this. If you have a working example, please consider adding it to the configs/ directory.

--
You received this message because you are subscribed to the Google Groups "envoy-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to envoy-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/envoy-users/7c2719fd-f431-4657-9d7d-72a997ac7c3dn%40googlegroups.com.