IP Tagging Configuration

dansiviter · February 19, 2020, 10:59am

OK, I’ve got it working, but only in a very specific state. Using the following command I was able to verify the applied config:

istioctl proxy-config listener istio-ingressgateway-N -n istio-system -o json

Working config:

apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
  name: tagger
  namespace: istio-system
spec:
  configPatches:
  - applyTo: HTTP_FILTER
    match:
      context: GATEWAY
      listener:
        filterChain:
          filter:
            name: "envoy.http_connection_manager"
            subFilter:
              name: "envoy.router" 
    patch:
      operation: INSERT_BEFORE
      value:
        name: envoy.ip_tagging
        config:
          request_type: INTERNAL
          ip_tags:
          - ip_tag_name: GOTCHA
            ip_list:
            - address_prefix: 0.0.0.1

It seems I have to pick either envoy.router, envoy.cors and envoy.fault. I’m not able to INSERT_AFTER envoy.router and ADD just doesn’t work.

This seems really strange!

Topic		Replies	Views
EnvoyFilter migration Config	0	360	January 4, 2024
Error setting up EnvoyFilter for PROXY protocol Networking	0	953	April 20, 2022
EnvoyFilter Applies but no changes are made Config	1	303	May 17, 2023
Unable to create EnvoyFilter for ext_proc Config	1	1298	January 19, 2022
Edge Proxy Best Practice EnvoyFIlter Istio 1.9.0 Networking	0	512	February 25, 2021

IP Tagging Configuration

Related Topics