ext_authz http filter not working...
37 views
Skip to first unread message
pmool...@monoxor.com
Apr 25, 2020, 9:32:25 PM4/25/20
to envoy-users
I have written flask service for external auth which I want to be used for each request. When I add ext_authz filter, all the connections are being dropped, and without it all the services are working fine and I am able to get response.
Below is my envoy config, please let me know what's wrong:
static_resources: listeners: - name: listener_0 address: socket_address: { address: 0.0.0.0, port_value: 80 } filter_chains: - filters: - name: envoy.http_connection_manager config: stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: ["*"] routes: - match: { prefix: "/api" } route: { host_rewrite: reqres.in, prefix_rewrite: "/api", cluster: service_google } - match: { prefix: "/eatio" } route: { host_rewrite: www.eatio.co, prefix_rewrite: "/", cluster: web_eatio } http_filters: - name: envoy.ext_authz config: http_service: server_uri: uri: pankaj.moolrajani.sb.intern.monoxor.com:5000 cluster: ext-authz timeout: 0.5s allowed_request_headers: - Authorization - name: envoy.router config: {}
clusters: - name: service_google connect_timeout: 0.5s type: LOGICAL_DNS dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN hosts: [{ socket_address: { address: reqres.in, port_value: 443 }}] tls_context: { sni: reqres.in } - name: web_eatio connect_timeout: 0.5s type: LOGICAL_DNS dns_lookup_family: V4_ONLY lb_policy: ROUND_ROBIN hosts: [{ socket_address: { address: www.eatio.co, port_value: 443 }}] tls_context: { sni: www.eatio.co } - name: ext-authz connect_timeout: 0.5s type: LOGICAL_DNS lb_policy: ROUND_ROBIN hosts: - socket_address: address: pankaj.moolrajani.sb.intern.monoxor.com port_value: 5000
admin: access_log_path: /tmp/admin_access.log address: socket_address: { address: 0.0.0.0, port_value: 9901 }Reply all
Reply to author
Forward
0 new messages