diff options
author | Stephen Wong <stephen.kf.wong@gmail.com> | 2018-08-31 07:21:35 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@opnfv.org> | 2018-08-31 07:21:35 +0000 |
commit | 5ee5c6ad39d27a18e2abb7adceecb656c2dde81e (patch) | |
tree | 075ca27eba59e2c03dbef570f3deb1cf6bf2ea67 /samples | |
parent | 907d2d1b0ab1c82552b9805df8bf39c1a55b5281 (diff) | |
parent | 32714b39cdb85d6076ded8af6fa266d567df4992 (diff) |
Merge "Add envoy.ext_authz filter"
Diffstat (limited to 'samples')
-rw-r--r-- | samples/scenarios/istio_ingressgateway_envoyfilter.yaml | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/samples/scenarios/istio_ingressgateway_envoyfilter.yaml b/samples/scenarios/istio_ingressgateway_envoyfilter.yaml new file mode 100644 index 0000000..46f730c --- /dev/null +++ b/samples/scenarios/istio_ingressgateway_envoyfilter.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.istio.io/v1alpha3 +kind: EnvoyFilter +metadata: + name: ext-authz + namespace: istio-system +spec: + workloadLabels: + app: istio-ingressgateway + filters: + - insertPosition: + index: FIRST + listenerMatch: + portNumber: 80 + listenerType: GATEWAY + listenerProtocol: HTTP + filterType: HTTP + filterName: "envoy.ext_authz" + filterConfig: + http_service: + server_uri: + uri: "http://modsecurity-crs.istio-system.svc.cluster.local" + cluster: "outbound|80||modsecurity-crs.istio-system.svc.cluster.local" + timeout: 0.5s + failure_mode_allow: false |