A collection of WebAssemby filters for Envoy proxy written in C,C++,C# and Rust for exercising different features provided by envoy-wasm.
See the Image Hub as a related project (a sample application). Also, see Meshery's filter management capabitilies.
See all community meeting details --> https://meet.layer5.io
- Topic: WebAssembly Filters Meeting
- Day: Weekly on Mondays
- Time: 7:30pm IST / 3:00pm UK / 9:00am Central
- WASM Filters call: https://meet.layer5.io/wasm
- Meeting Minutes: https://bit.ly/3zGZgGg
Our projects are community-built and welcome collaboration. 👍 Be sure to see the Layer5 Community Welcome Guide for a tour of resources available to you and jump into our Slack!
✔️ Join community meetings. See details on the Layer5 community calendar.
✔️ Watch community meeting recordings.
✔️ Access the Community Drive by completing a community Member Form.
✔️ Discuss in the Community Forum.
Not sure where to start? Grab an open issue with the help-wanted label.
Layer5's cloud native application and infrastructure management software enables organizations to expect more from their infrastructure. We embrace developer-defined infrastructure. We empower engineer to change how they write applications, support operators in rethinking how they run modern infrastructure and enable product owners to regain full control over their product portfolio.
To compile Rust filters to WASM, the nightly toolchain and support for wasm compilation target is needed. Make sure you have Rust and Cargo installed using Rustup. If you're on a *nix system (Unix, Linux, MacOS), in the project root directory, run:
make rust-toolchainThis will also install wasm-pack for you. Also, take a look at installing wasm-pack for OS other than *nix.
Upstream is a webserver which is used by few of the filters mentioned above. It provides a route for :
- Mock authentication
- Storing Metrics
- Retrieving Metrics
Build the docker Image for Upstream before proceeding with the examples.
Build Image:
cd upstream
makeSimulates handling authentication of requests at proxy level. Requests with a header token with value hello are accepted as authorized while the rest unauthorized. The actual authentication is handled by the Upstream server. Whenever the proxy recieves a request it extracts the token header and makes a request to the Upstream server which validates the token and returns a response.
Build and deploy:
cd http-auth
make run-filteredTest:
curl -H "token":"hello" 0.0.0.0:18000 -v # Authorized
curl -H "token":"world" 0.0.0.0:18000 -v # UnauthorizedCollects simple metrics for every TCP packet and logs it.
Build and deploy:
cd tcp-metrics
make run-filteredTest:
curl 0.0.0.0:18000 -v -d "request body"Check the logs for the metrics.
Parses the contents of every TCP packet the proxy receives and logs it.
Build and deploy:
cd tcp-packet-parse
make run-filteredTest:
curl 0.0.0.0:18000 -v -d "request body"Check the logs for the packet contents.
An example which depicts an singleton HTTP WASM service which does an HTTP call once every 2 seconds.
Build and deploy:
cd singleton-http-call
make run-filteredCheck the logs for the response of the request.
This example showcases communication between a WASM filter and a service via shared queue. It combines the Singleton-HTTP-Call and TCP-Metrics examples. The filter collects metrics and enqueues it onto the queue while the service dequeues it and sends it to upstream server where it is stored.
Build and deploy:
cd metrics-store
make run-filteredTest:
curl 0.0.0.0:18000 -v -d "request body" # make a few of these calls
curl 0.0.0.0:8080/retrieve -v # Retrieves the stored stats
# x | y | z === x : downstream bytes, y : upstream bytes, z: the latency for application server to respond