0

Does anyone know if there's a way to configure Envoy as a caching forward proxy? I've been trying to come to a config that would do that by following the samples and documentation for: dynamic_forward_proxy_filter cache_filter, connectmatcher

My current config is this but it doesn't seems to be doing the caching and I'm not sure if caching is possible with HTTP CONNECT / tunnel .

admin:
  address:
    socket_address:
      protocol: TCP
      address: 127.0.0.1
      port_value: 9901
layered_runtime:
  layers:
    - name: static-layer
      static_layer:
        envoy.reloadable_features.allow_multiple_dns_addresses: true
        envoy.reloadable_features.conn_pool_new_stream_with_early_data_and_http3: true
        envoy.reloadable_features.http1_use_balsa_parser: true
        envoy.reloadable_features.http2_use_oghttp2: true
        envoy.reloadable_features.http3_sends_early_data: true
        envoy.reloadable_features.postpone_h3_client_connect_to_next_loop: true
        envoy.resource_limits.listener.proxy.connection_limit: 1000
        overload.global_downstream_max_connections: 1000
static_resources:
  clusters:
    - name: dynamic_forward_proxy_cluster
      connect_timeout: 2s
      dns_lookup_family: ALL
      lb_policy: CLUSTER_PROVIDED
      cluster_type:
        name: envoy.clusters.dynamic_forward_proxy
        typed_config:
          '@type': type.googleapis.com/envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig
          allow_coalesced_connections: true
          dns_cache_config:
            name: dynamic_forward_proxy_cache_config
            dns_lookup_family: ALL
  listeners:
    - name: dynamic_forward_proxy_upgrade
      filter_chains:
        - filters:
            - name: envoy.filters.network.http_connection_manager
              typed_config:
                '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
                codec_type: AUTO
                http_filters:
                  - name: envoy.filters.http.cache
                    typed_config:
                      "@type": type.googleapis.com/envoy.extensions.filters.http.cache.v3.CacheConfig
                      typed_config:
                        "@type": type.googleapis.com/envoy.extensions.http.cache.simple_http_cache.v3.SimpleHttpCacheConfig
                  - name: envoy.filters.http.dynamic_forward_proxy
                    typed_config:
                      '@type': type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig
                      dns_cache_config:
                        name: dynamic_forward_proxy_cache_config
                        dns_lookup_family: ALL
                  - name: envoy.filters.http.router
                    typed_config:
                      '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
                access_log:
                  - name: envoy.access_loggers.file
                    typed_config:
                      '@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
                      path: "/var/log/envoy/access.log"              
                http2_protocol_options:
                  allow_connect: true
                http3_protocol_options:
                  allow_extended_connect: true
                route_config:
                  name: local_route
                  virtual_hosts:
                    - name: local_service
                      domains:
                        - '*'
                      routes:
                        - match:
                            prefix: /
                          route:
                            cluster: dynamic_forward_proxy_cluster
                        - match:
                            connect_matcher: {}
                          route:
                            cluster: dynamic_forward_proxy_cluster
                            upgrade_configs:
                              - upgrade_type: CONNECT
                                connect_config: {}
                stat_prefix: dynamic_forward_proxy_upgrade
      address:
        socket_address:
          address: 0.0.0.0
          port_value: 3128
      traffic_direction: OUTBOUND

0

You must log in to answer this question.

Browse other questions tagged .