envoy
envoy copied to clipboard
envoyproxy
upstream: Add network namespace for upstream binding
Add network namespace for upstream binding
This change builds upon #39517 to add network namespace support for client/outbound connections via the upstream bind config.
The UpstreamBindConfig (both at the bootstrap/cluster_manager level and per-cluster) now supports network_namespace_filepath within its source_address. When specified on Linux, connections initiated by the cluster to upstream hosts will attempt to bind to the source_address within the designated network namespace.
Validation has also been added to prevent individual Host definitions (e.g., in static clusters or EDS) from specifying a network namespace directly with their address. Network namespace configuration is intended to be set in the listener or bind configuration- it is meaningless for hosts.
Risk Level: Low. Testing: Unit tests Docs Changes: Proto description updated. Release Notes: Done. Platform Specific Features: Linux.
Fixes https://github.com/envoyproxy/envoy/issues/38947
CC @envoyproxy/api-shepherds: Your approval is needed for changes made to (api/envoy/|docs/root/api-docs/).
envoyproxy/api-shepherds assignee is @markdroth
CC @envoyproxy/api-watchers: FYI only for changes made to (api/envoy/|docs/root/api-docs/).
:cat:
Caused by: https://github.com/envoyproxy/envoy/pull/39782 was opened by tonya11en.
![repokitteh-read-only[bot] avatar](https://avatars.githubusercontent.com/in/16729?v=4 "Published by a pub.dev verified publisher"){kind=small}
CI failures are likely related to the ongoing GCP outage.. we'll wait it out and try again.
CC @envoyproxy/coverage-shephards: FYI only for changes made to (test/coverage.yaml).
envoyproxy/coverage-shephards assignee is @RyanTheOptimist
:cat:
Caused by: https://github.com/envoyproxy/envoy/pull/39782 was synchronize by tonya11en.
