envoy.yaml example for http and https rewriting
This is an early example of working with envoy. I find the documentation to be difficult to get into, therefore I will try to track my progress by infrequent blog posts on the matter.
The following envoy.yaml works for me for http and https rewriting to google:
static_resources:
listeners:
– address:
socket_address:
address: 0.0.0.0
port_value: 80
filter_chains:
– filters:
– name: envoy.http_connection_manager
config:
codec_type: auto
stat_prefix: ingress_http
route_config:
name: local_route
virtual_hosts:
– name: local_service
domains: [“*”]
routes:
– match: { prefix: “/” }
route: { host_rewrite: www.google.com, cluster: service_google }
http_filters:
– name: envoy.router
– address:
socket_address:
address: 0.0.0.0
port_value: 443
filter_chains:
– tls_context:
common_tls_context:
tls_certificates:
– certificate_chain: { filename: “/etc/example-com.crt” }
private_key: { filename: “/etc/example-com.key” }
filters:
– name: envoy.http_connection_manager
config:
stat_prefix: ingress_https
route_config:
virtual_hosts:
– name: default
domains: [“*”]
routes:
– match: { prefix: “/” }
route: { host_rewrite: www.google.com, cluster: service_foo }
http_filters:
– name: envoy.router
clusters:
– name: service_google
connect_timeout: 0.25s
type: LOGICAL_DNS
dns_lookup_family: V4_ONLY
lb_policy: round_robin
hosts: [{ socket_address: { address: google.com, port_value: 443 }}]
tls_context: { sni: www.google.com }
– name: service_foo
connect_timeout: 0.25s
type: LOGICAL_DNS
dns_lookup_family: V4_ONLY
lb_policy: round_robin
hosts: [{ socket_address: { address: google.com, port_value: 443 }}]
tls_context: { sni: www.google.com }
admin:
access_log_path: “/tmp/envoy.log”
address:
socket_address:
address: 0.0.0.0
port_value: 9901
English 
Deutsch (Sie) 
Français 
Español 
Italiano 
Português 
Nederlands (Formeel) 
简体中文