Does anyone know if there's a way to configure Envoy as a caching forward proxy? I've been trying to come to a config that would do that by following the samples and documentation for: dynamic_forward_proxy_filter cache_filter, connectmatcher
My current config is this but it doesn't seems to be doing the caching and I'm not sure if caching is possible with HTTP CONNECT / tunnel .
admin:
address:
socket_address:
protocol: TCP
address: 127.0.0.1
port_value: 9901
layered_runtime:
layers:
- name: static-layer
static_layer:
envoy.reloadable_features.allow_multiple_dns_addresses: true
envoy.reloadable_features.conn_pool_new_stream_with_early_data_and_http3: true
envoy.reloadable_features.http1_use_balsa_parser: true
envoy.reloadable_features.http2_use_oghttp2: true
envoy.reloadable_features.http3_sends_early_data: true
envoy.reloadable_features.postpone_h3_client_connect_to_next_loop: true
envoy.resource_limits.listener.proxy.connection_limit: 1000
overload.global_downstream_max_connections: 1000
static_resources:
clusters:
- name: dynamic_forward_proxy_cluster
connect_timeout: 2s
dns_lookup_family: ALL
lb_policy: CLUSTER_PROVIDED
cluster_type:
name: envoy.clusters.dynamic_forward_proxy
typed_config:
'@type': type.googleapis.com/envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig
allow_coalesced_connections: true
dns_cache_config:
name: dynamic_forward_proxy_cache_config
dns_lookup_family: ALL
listeners:
- name: dynamic_forward_proxy_upgrade
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
codec_type: AUTO
http_filters:
- name: envoy.filters.http.cache
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.cache.v3.CacheConfig
typed_config:
"@type": type.googleapis.com/envoy.extensions.http.cache.simple_http_cache.v3.SimpleHttpCacheConfig
- name: envoy.filters.http.dynamic_forward_proxy
typed_config:
'@type': type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig
dns_cache_config:
name: dynamic_forward_proxy_cache_config
dns_lookup_family: ALL
- name: envoy.filters.http.router
typed_config:
'@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
access_log:
- name: envoy.access_loggers.file
typed_config:
'@type': type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
path: "/var/log/envoy/access.log"
http2_protocol_options:
allow_connect: true
http3_protocol_options:
allow_extended_connect: true
route_config:
name: local_route
virtual_hosts:
- name: local_service
domains:
- '*'
routes:
- match:
prefix: /
route:
cluster: dynamic_forward_proxy_cluster
- match:
connect_matcher: {}
route:
cluster: dynamic_forward_proxy_cluster
upgrade_configs:
- upgrade_type: CONNECT
connect_config: {}
stat_prefix: dynamic_forward_proxy_upgrade
address:
socket_address:
address: 0.0.0.0
port_value: 3128
traffic_direction: OUTBOUND