Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Client Traffic Policy: Support Connection Limiting #2685

Closed
guydc opened this issue Feb 23, 2024 · 0 comments · Fixed by #2952
Closed

Client Traffic Policy: Support Connection Limiting #2685

guydc opened this issue Feb 23, 2024 · 0 comments · Fixed by #2952
Assignees
@guydc
Labels
kind/enhancement New feature or request
Milestone
Backlog

Comments

@guydc
Copy link
Contributor

guydc commented Feb 23, 2024
edited
Loading

Description:
Limiting active connections for an edge proxy is a security and resilience best practice, as described in the Envoy edge best practices document.

When a single Envoy deployment is proxying multiple backends, it could be beneficial to apply granular downstream connection limits, e.g. per Gateway or Listener. This creates a degree of resource isolation between different backends exposed by the proxy and allows Envoy Gateway administrators to allocate resources based on the expected volume of traffic, SLAs, etc.

Envoy can limit L4 connections in various levels:

EG's Client Traffic Policy can be extended to support connection limits. The best candidate for implementation is the Envoy Network Connection Limit Filter.
@guydc guydc added the triage label Feb 23, 2024
@arkodg arkodg added kind/enhancement New feature or request and removed triage labels Feb 23, 2024
@arkodg arkodg added this to the Backlog milestone Feb 23, 2024
@arkodg arkodg added the help wanted Extra attention is needed label Feb 23, 2024
@guydc guydc self-assigned this Feb 26, 2024
@guydc guydc mentioned this issue Feb 26, 2024
Merged
@shawnh2 shawnh2 removed the help wanted Extra attention is needed label Mar 14, 2024
@guydc guydc mentioned this issue Mar 17, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@guydc guydc

Labels
kind/enhancement New feature or request
Projects
None yet
Milestone
Backlog
Development

Successfully merging a pull request may close this issue.

feat(translator): implement connection limit guydc/gateway
3 participants
@arkodg @guydc @shawnh2