Peer metadata HTTP filter (proto)
This extension has the qualified name envoy.filters.http.peer_metadata
Note
This extension is only available in contrib images.
Note
This extension is functional but has not had substantial production burn time, use only with this caveat.
This extension is not hardened and should only be used in deployments where both the downstream and upstream are trusted.
Tip
This extension extends and can be used with the following extension category:
This extension must be configured with one of the following type URLs:
type.googleapis.com/io.istio.http.peer_metadata.Config
Peer metadata HTTP filter for deriving and propagating peer telemetry attributes.
.io.istio.http.peer_metadata.Config
[.io.istio.http.peer_metadata.Config proto]
Peer metadata provider filter. This filter encapsulates the discovery of the peer telemetry attributes for consumption by the telemetry filters.
{
"downstream_discovery": [],
"upstream_discovery": [],
"downstream_propagation": [],
"upstream_propagation": [],
"shared_with_upstream": ...,
"additional_labels": []
}
- downstream_discovery
(repeated .io.istio.http.peer_metadata.Config.DiscoveryMethod) The order of the derivation of the downstream peer metadata, in the precedence order. First successful lookup wins.
- upstream_discovery
(repeated .io.istio.http.peer_metadata.Config.DiscoveryMethod) The order of the derivation of the upstream peer metadata, in the precedence order. First successful lookup wins.
- downstream_propagation
(repeated .io.istio.http.peer_metadata.Config.PropagationMethod) Downstream injection of the metadata via a response header.
- upstream_propagation
(repeated .io.istio.http.peer_metadata.Config.PropagationMethod) Upstream injection of the metadata via a request header.
- additional_labels
(repeated string) Additional labels to be added to the peer metadata to help your understand the traffic. e.g.
role,locationetc.
.io.istio.http.peer_metadata.Config.Baggage
[.io.istio.http.peer_metadata.Config.Baggage proto]
DEPRECATED.
This method uses baggage header encoding.
.io.istio.http.peer_metadata.Config.WorkloadDiscovery
[.io.istio.http.peer_metadata.Config.WorkloadDiscovery proto]
This method uses the workload metadata xDS. Requires that the bootstrap extension is enabled. For downstream discovery, the remote address is the lookup key in xDS. For upstream discovery:
If the upstream host address is an IP, this IP is used as the lookup key;
If the upstream host address is internal, uses the
filter_metadata.tunnel.destinationdynamic metadata value as the lookup key.
.io.istio.http.peer_metadata.Config.IstioHeaders
[.io.istio.http.peer_metadata.Config.IstioHeaders proto]
This method uses Istio HTTP metadata exchange headers, e.g. x-envoy-peer-metadata. Removes these headers if found.
{
"skip_external_clusters": ...
}
- skip_external_clusters
(bool) Strip
x-envoy-peer-metadataandx-envoy-peer-metadata-idheaders on HTTP requests to services outside the mesh. Detects upstream clusters withistioandexternalfilter metadata fields
.io.istio.http.peer_metadata.Config.DiscoveryMethod
[.io.istio.http.peer_metadata.Config.DiscoveryMethod proto]
An exhaustive list of the derivation methods.
{
"baggage": {...},
"workload_discovery": {...},
"istio_headers": {...}
}
- baggage
(.io.istio.http.peer_metadata.Config.Baggage)
Only one of baggage, workload_discovery, istio_headers may be set.
- workload_discovery
(.io.istio.http.peer_metadata.Config.WorkloadDiscovery)
Only one of baggage, workload_discovery, istio_headers may be set.
- istio_headers
(.io.istio.http.peer_metadata.Config.IstioHeaders)
Only one of baggage, workload_discovery, istio_headers may be set.
.io.istio.http.peer_metadata.Config.PropagationMethod
[.io.istio.http.peer_metadata.Config.PropagationMethod proto]
An exhaustive list of the metadata propagation methods.
{
"istio_headers": {...}
}
- istio_headers
(.io.istio.http.peer_metadata.Config.IstioHeaders)