there are two services A and B in default namespace. All of them are with injected sidecard istio-proxy and etc. When A sends request to B, request URL can be up to 80KiB. Which leads to 431 response.
I’m trying to increase max header size by applying following envoy filter:
apiVersion: networking.istio.io/v1alpha3 kind: EnvoyFilter metadata: name: max-request-headers namespace: istio-system spec: configPatches: - applyTo: NETWORK_FILTER # http connection manager is a filter in Envoy match: listener: filterChain: filter: name: "envoy.filters.network.http_connection_manager" patch: operation: MERGE value: typed_config: "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager" max_request_headers_kb: 81
but to no availability.
Filter was tested within
istio-config and as in example
As of that have following questions:
- How to verify that envoy filter was applied?
- Does istio apply Filter configuration on the fly if not, which services needs to be restarted? only sidecarts? istiod?
- What is wrong with envoy filter provided in example?