-
Notifications
You must be signed in to change notification settings - Fork 347
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Health check for backends.gateway.envoyproxy.io #3987
Comments
@czczycz can you elaborate on the issue ? |
Hi @czczycz ! BackendTrafficPolicy only applies to xRoutes, not backend objects. If you have a route with a ref to a backend, you can apply the policy to that route. If your backend is not referenced by a route (e.g. ext-auth, observability sinks, ... ): there is currently an effort to support such capabilities for this as well: #3069, #3954 . I hope that this would enable your use case. |
Hey @guydc , thanks for attention! #3954 looks really nice. Will targetRefs in PolicyTargetReferences support backends.gateway.envoyproxy.io resource? |
You can read the high-level design and some naming discussion for this policy here: #1821.
There shouldn't be a conflict. In Envoy Gateway, each route produces a separate envoy cluster. As a result, different policies would be isolated to different clusters.
Depends on the policy. For example, BackendTLSPolicy attaches to a backend-like resources, such as service, serviceImport and backends.gateway.envoyproxy.io (already). However, most policies (BackendTrafficPolicy, ClientTrafficPolicy, SecurityPolicy, EnvoyExtensionPolicy) support attachment to a subset of [Gateway, Listener and Route]. These are not likely to support attachment to backends.gateway.envoyproxy.io. |
the diagram in https://gateway.envoyproxy.io/docs/concepts/concepts_overview/ should help understand which policies can target which resource |
Hi @guydc ! Thank you very much for your patient response. Besides configuration conflicts, duplicate configurations might also be an issue. If multiple HTTPRoutes are configured with the same Backend, you need to configure a BackendTrafficPolicy for each HTTPRoute. However, the health check configurations are the same (for the same backend). |
@arkodg Thanks! This diagram is very helpful. |
closing this one, attaching BTP to the route should resolve this issue |
something like:
The text was updated successfully, but these errors were encountered: