Envoy supports dynamic configuration using the xDS protocol. When receiving a new configuration, Envoy first verifies that all fields are valid, according to their protoc-gen-validate (PGV) constraints, and that the new config keeps Envoy’s internal state correct. If a given config violates a constraint, that config is rejected (see ACK/NACK and resource type instance version).
In addition to the above, Envoy also supports custom config validations where verifications can be made, when using gRPC-based subscriptions <xds_protocol_streaming_grpc_subscriptions> . An example of such a validator is where an Envoy instance is expected to always have a minimal number of clusters, then any config update that results with a number of clusters which is less than the threshold should be rejected.
Custom config validators are defined using Envoy’s extension framework. Envoy’s builtin config validators are listed here.
To use a config validation extension, it needs to be added to the config_validators list field of the API configuration source that will be validated.