proxy-wasm-cpp-sdk icon indicating copy to clipboard operation
proxy-wasm-cpp-sdk copied to clipboard

Published 20 hours ago verified publisher icon proxy-wasm

httpCall should be able to call by host

Open mandarjog opened this issue 5 years ago • 4 comments

Httpcall and grpc call have very different APIs.

HttpCall requires an upstream cluster, where are grpc calls can define their own. It is very convenient to define cluster with the plugin config so as to not rely on out of band clusters.

Simplegrpcall already supports this.

mandarjog avatar Jul 02 '20 17:07 mandarjog

@jplevyak @PiotrSikora

mandarjog avatar Jul 02 '20 17:07 mandarjog

It's actually the other way around, both should require a valid upstream name (see: https://github.com/envoyproxy/envoy-wasm/issues/594).

Passing upstream definitions over ABI boundary isn't very portable, and it breaks the future operator/plugin sandbox boundary for allowing/denying outgoing connections to specific upstreams. It also requires that keying material is available inside the plugin, which is another security issue.

PiotrSikora avatar Aug 18 '20 23:08 PiotrSikora

We don’t want upstream definition, just ability to specify a fqdn or ip. The host code can create an upstream or lookup a cluster by properties.

mandarjog avatar Aug 19 '20 06:08 mandarjog

There are pros and cons to each. You can't do mTLS with simple calls, which you need to call in-cluster backends. I think we need both versions: one for basic HTTP calls, and one that uses an upstream definition.

kyessenov avatar Aug 19 '20 15:08 kyessenov