You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
I use HTTPRoute and SecurityPolicies to expose api routes. I applied an EnvoyExtensionPolicy with the goal to count requests base on request headers. After I applied it, all requests with matching HTTPRoutes with an open security policy resulted in 503s, and all requests with matching HTTPRoutes with an authz security policy (using extAuthz gRPC) resulted in 403s.
^Something odd with the log is that a lot of fields that come from request headers are unexpectedly null, so its possible this is not an EG issue but rather the wasm is messing up the request, though my wasm binary is compiled from something very similar if not nearly identical to this: https://github.com/tetratelabs/proxy-wasm-go-sdk/blob/main/examples/metrics/main.go.
The text was updated successfully, but these errors were encountered:
do you see any error (Accepted: False) in the status of the policies ?
do requests work w/o the WASM module ?
No, Accepted: True in security policies and envoyextension policy.
Yes, the requests are routed properly without the wasm module added via the envoyextension policy.
Description:
I use HTTPRoute and SecurityPolicies to expose api routes. I applied an EnvoyExtensionPolicy with the goal to count requests base on request headers. After I applied it, all requests with matching HTTPRoutes with an open security policy resulted in 503s, and all requests with matching HTTPRoutes with an authz security policy (using extAuthz gRPC) resulted in 403s.
Repro steps:
Environment:
Envoy gateway v1.1
Logs:
envoy-envoy-gateway-system-eg-5391c79d-657b89f787-6ppmz envoy {"path":"/openRoute","bytes_received":0,"x_user_id":null,"bytes_sent":0,"authority":"www.example.com","x_client_id":null,"upstream_host":null,"cluster":null,"duration":0,"method":"GET","x_forwarded_for":"xx.xxx.xxx.xxx","start_time":"2024-09-05T15:22:26+0000","user_agent":"axios/1.5.1","status":503,"x_request_id":"d8c5ccb9-742c-426b-a6fb-32a23bdef6a0"}
^Something odd with the log is that a lot of fields that come from request headers are unexpectedly null, so its possible this is not an EG issue but rather the wasm is messing up the request, though my wasm binary is compiled from something very similar if not nearly identical to this: https://github.com/tetratelabs/proxy-wasm-go-sdk/blob/main/examples/metrics/main.go.
The text was updated successfully, but these errors were encountered: