Use sts for call credential when STS_PORT is provided in node metadata#144
Merged
kyessenov merged 2 commits intoistio:release-1.5from Feb 10, 2020
Merged
Conversation
Signed-off-by: Pengyuan Bian <bianpengyuan@google.com>
Signed-off-by: Pengyuan Bian <bianpengyuan@google.com>
JimmyCYJ
approved these changes
Feb 10, 2020
|
Please comment with the associated PR/commit from master branch. |
kyessenov
approved these changes
Feb 10, 2020
Author
|
Corresponding PR to enable sts for tracing: envoyproxy#9877 |
|
The PR in upstream envoy is different from this one. Should we try to pick the upstream change instead? We'd have to migrate to that anyways at some point. |
Author
|
I thought you mentioned it is not right to make API change to release branch? :) That is why I am doing one time hack for release-1.5 like the proxy filter. I think it is fine to leave 1.5 in this way. These options are not going to expose to user anyway, they are going to be hard coded by pilot-agent in 1.6. So I am not concerning about compatibility. |
|
Oh OK, thanks for reminding. Yes, making xDS API change is hard since we'd have to upgrade all proto definitions. Good to keep this on the record when the time comes to 1.6. |
istio-testing
pushed a commit
that referenced
this pull request
Mar 4, 2020
…fixes. (#180) * Revert "fix opencensus tracer (#155)" This reverts commit 063eeb9. * Revert "Add x-goog-user-proj header for sts credential (#152)" This reverts commit 37dbbd4. * Revert "Update GrpcService to add StsService. (envoyproxy#411)" This reverts commit ab59731. * Revert "fix tracer ssl credential (#151)" This reverts commit 02901d0. * Revert "remove url validation as it is not implemented" This reverts commit 3eb2101. * Revert "Use gRPC Security Token Service (STS) to get call credentials (envoyproxy#9101)" This reverts commit ec6b907. * Revert "[release-1.4] Use sts for call credential when STS_PORT is provided in node metadata #144 (#148)" This reverts commit 7081e43. * Revert "Upgrade gRPC to 1.25 which has gRPC STS feature (#145)" This reverts commit 03ecfad. * ci: mark //test/integration:protocol_integration_test as flaky. (#162) Backport envoyproxy/envoy-wasm#422 and its prerequisite (envoyproxy#10009). * Plumb the flaky flag from envoy_cc_test to the native.cc_test (envoyproxy#10009) Signed-off-by: Yan Avlasov <yavlasov@google.com> * ci: mark //test/integration:protocol_integration_test as flaky. (envoyproxy#422) Signed-off-by: Piotr Sikora <piotrsikora@google.com> * Remove wasm filter stress test Signed-off-by: gargnupur <gargnupur@google.com> * Remove wasm stress test framework Signed-off-by: gargnupur <gargnupur@google.com> Co-authored-by: Piotr Sikora <piotrsikora@google.com> Co-authored-by: Nupur Garg <37600866+gargnupur@users.noreply.github.com>
brian-avery
pushed a commit
that referenced
this pull request
Jun 30, 2020
…ation due to tracking of H2 data and control frames in the output buffer (#144) Signed-off-by: Antonio Vicente <avd@google.com>
fpesce
pushed a commit
that referenced
this pull request
Jun 30, 2020
…ation due to tracking of H2 data and control frames in the output buffer (#144) Add a drain hook to Buffer::OwnedImpl for use by H2 codec to track when data and control frames are sent on the wire. Tracking frames this way avoids high-memory usage due to output buffer fragmentation. Signed-off-by: Antonio Vicente <avd@google.com> Signed-off-by: John Plevyak <jplevyak@gmail.com>
brian-avery
pushed a commit
that referenced
this pull request
Jun 30, 2020
…ation due to tracking of H2 data and control frames in the output buffer (#144) Add a drain hook to Buffer::OwnedImpl for use by H2 codec to track when data and control frames are sent on the wire. Tracking frames this way avoids high-memory usage due to output buffer fragmentation. Signed-off-by: Antonio Vicente <avd@google.com> Signed-off-by: John Plevyak <jplevyak@gmail.com>
jplevyak
pushed a commit
that referenced
this pull request
Jul 9, 2020
…ation due to tracking of H2 data and control frames in the output buffer (#144) Signed-off-by: antonio <avd@google.com>
Miss-you
pushed a commit
to Miss-you/envoy
that referenced
this pull request
Nov 17, 2020
zh-translation: docs/root/intro/arch_overview/listeners/dns_filter.rst
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
For an explanation of how to fill out the fields, please see the relevant section
in PULL_REQUESTS.md
Description:
Risk Level:
Testing:
Docs Changes:
Release Notes:
[Optional Fixes #Issue]
[Optional Deprecated:]