envoyproxy · arkodg · Jan 9, 2025 · Jan 6, 2025 · Jan 6, 2025 · Jan 6, 2025
@@ -53,7 +53,7 @@ An example configuration:
 apiVersion: gateway.envoyproxy.io/v1alpha1
 kind: EnvoyGateway
 extensionManager:
-  poliyResources:
+  policyResources:
   - group: example.myextension.io
     version: v1alpha1
     kind: ListenerPolicyKind
@@ -69,7 +69,7 @@ extensionManager:
       - HTTPListener
       - Translation
   service:
-    fqdn: 
+    fqdn:
       hostname: my-extension.example
       port: 443
     tls:
@@ -309,7 +309,7 @@ service EnvoyGatewayExtension {
 ## Design Decisions
 
 - Envoy Gateway watches new custom resources introduced by a loaded extension and passes the resources back to the extension when they are used.
-  - This decision was made to solve the problem about how resources introduced by an extension get watched. If an extension server watches its own resources then it would need some way to trigger an Envoy Gateway reconfigure when a resource that Envoy Gateway is not watching gets updated. Having Envoy Gateway watch all resources removes any concern about creating race confitions or reconcile loops that would result from Envoy Gateway and the extension server both having so much separate state that needs to be synchronized.
+  - This decision was made to solve the problem about how resources introduced by an extension get watched. If an extension server watches its own resources then it would need some way to trigger an Envoy Gateway reconfigure when a resource that Envoy Gateway is not watching gets updated. Having Envoy Gateway watch all resources removes any concern about creating race conditions or reconcile loops that would result from Envoy Gateway and the extension server both having so much separate state that needs to be synchronized.
 - The Extension Server takes ownership of producing the correct xDS configuration in the hook responses
 - The Extension Server will be responsible for ensuring the performance of the hook processing time
 - The Post xDS level gRPC hooks all currently send a context field even though it contains nothing for several hooks. These fields exist so that they can be updated in the future to pass

@@ -99,29 +99,44 @@ image name and tag.
 
 * Configure Envoy Gateway to use the Extension Server
 
-  Add the following fragment to Envoy Gateway's [configuration][] file:
-
-  ```yaml
-  extensionManager:
-    # Envoy Gateway will watch these resource kinds and use them as extension policies
-    # which can be attached to Gateway resources.
-    policyResources:
-    - group: example.extensions.io
-      version: v1alpha1
-      kind: ListenerContextExample
-    hooks:
-      # The type of hooks that should be invoked
-      xdsTranslator:
-        post:
-        - HTTPListener
-    service:
-      # The service that is hosting the extension server
-      fqdn: 
-        hostname: extension-server.envoy-gateway-system.svc.cluster.local
-        port: 5005
+  Add the following fragment to Envoy Gateway's configmap:
+
+  ```shell
+  cat <<EOF | kubectl apply -f -
+  apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: envoy-gateway-config
+    namespace: envoy-gateway-system
+  data:
+    envoy-gateway.yaml: |
+      apiVersion: gateway.envoyproxy.io/v1alpha1
+      kind: EnvoyGateway
+      provider:
+        type: Kubernetes
+      gateway:
+        controllerName: gateway.envoyproxy.io/gatewayclass-controller
+      extensionManager:
+        # Envoy Gateway will watch these resource kinds and use them as extension policies
+        # which can be attached to Gateway resources.
+        policyResources:
+        - group: example.extensions.io
+          version: v1alpha1
+          kind: ListenerContextExample
+        hooks:
+          # The type of hooks that should be invoked
+          xdsTranslator:
+            post:
+            - HTTPListener
+        service:
+          # The service that is hosting the extension server
+          fqdn:
+            hostname: extension-server.envoy-gateway-system.svc.cluster.local
+            port: 5005
+  EOF
   ```
 
-  After updating Envoy Gateway's configuration file, restart Envoy Gateway.
+  After updating Envoy Gateway's configmap, restart Envoy Gateway.
 
 ## Testing
 
@@ -206,4 +221,3 @@ $ curl -v http://${GATEWAY_HOST}/example  -H "Host: www.example.com"   --user 'u
 [xDS]: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/operations/dynamic_configuration
 [design documentation]: /contributions/design/extending-envoy-gateway
 [SecurityPolicy]: /latest/api/extension_types/#securitypolicy
-[configuration]: /latest/api/extension_types/#extensionmanager
@@ -107,29 +107,44 @@ image name and tag.
 
 * Configure Envoy Gateway to use the Extension Server
 
-  Add the following fragment to Envoy Gateway's [configuration][] file:
-
-  ```yaml
-  extensionManager:
-    # Envoy Gateway will watch these resource kinds and use them as extension policies
-    # which can be attached to Gateway resources.
-    policyResources:
-    - group: example.extensions.io
-      version: v1alpha1
-      kind: ListenerContextExample
-    hooks:
-      # The type of hooks that should be invoked
-      xdsTranslator:
-        post:
-        - HTTPListener
-    service:
-      # The service that is hosting the extension server
-      fqdn: 
-        hostname: extension-server.envoy-gateway-system.svc.cluster.local
-        port: 5005
+  Add the following fragment to Envoy Gateway's configmap:
+
+  ```shell
+  cat <<EOF | kubectl apply -f -
+  apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: envoy-gateway-config
+    namespace: envoy-gateway-system
+  data:
+    envoy-gateway.yaml: |
+      apiVersion: gateway.envoyproxy.io/v1alpha1
+      kind: EnvoyGateway
+      provider:
+        type: Kubernetes
+      gateway:
+        controllerName: gateway.envoyproxy.io/gatewayclass-controller
+      extensionManager:
+        # Envoy Gateway will watch these resource kinds and use them as extension policies
+        # which can be attached to Gateway resources.
+        policyResources:
+        - group: example.extensions.io
+          version: v1alpha1
+          kind: ListenerContextExample
+        hooks:
+          # The type of hooks that should be invoked
+          xdsTranslator:
+            post:
+            - HTTPListener
+        service:
+          # The service that is hosting the extension server
+          fqdn:
+            hostname: extension-server.envoy-gateway-system.svc.cluster.local
+            port: 5005
+  EOF
   ```
 
-  After updating Envoy Gateway's configuration file, restart Envoy Gateway.
+  After updating Envoy Gateway's configmap, restart Envoy Gateway.
 
 ## Testing
 
@@ -214,4 +229,3 @@ $ curl -v http://${GATEWAY_HOST}/example  -H "Host: www.example.com"   --user 'u
 [xDS]: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/operations/dynamic_configuration
 [design documentation]: /contributions/design/extending-envoy-gateway
 [SecurityPolicy]: /latest/api/extension_types/#securitypolicy
-[configuration]: /latest/api/extension_types/#extensionmanager
@@ -117,7 +117,7 @@ image name and tag.
         - HTTPListener
     service:
       # The service that is hosting the extension server
-      fqdn: 
+      fqdn:
         hostname: extension-server.envoy-gateway-system.svc.cluster.local
         port: 5005
   ```

@@ -99,29 +99,44 @@ image name and tag.
 
 * Configure Envoy Gateway to use the Extension Server
 
-  Add the following fragment to Envoy Gateway's [configuration][] file:
-
-  ```yaml
-  extensionManager:
-    # Envoy Gateway will watch these resource kinds and use them as extension policies
-    # which can be attached to Gateway resources.
-    policyResources:
-    - group: example.extensions.io
-      version: v1alpha1
-      kind: ListenerContextExample
-    hooks:
-      # The type of hooks that should be invoked
-      xdsTranslator:
-        post:
-        - HTTPListener
-    service:
-      # The service that is hosting the extension server
-      fqdn: 
-        hostname: extension-server.envoy-gateway-system.svc.cluster.local
-        port: 5005
+  Add the following fragment to Envoy Gateway's configmap:
+
+  ```shell
+  cat <<EOF | kubectl apply -f -
+  apiVersion: v1
+  kind: ConfigMap
+  metadata:
+    name: envoy-gateway-config
+    namespace: envoy-gateway-system
+  data:
+    envoy-gateway.yaml: |
+      apiVersion: gateway.envoyproxy.io/v1alpha1
+      kind: EnvoyGateway
+      provider:
+        type: Kubernetes
+      gateway:
+        controllerName: gateway.envoyproxy.io/gatewayclass-controller
+      extensionManager:
+        # Envoy Gateway will watch these resource kinds and use them as extension policies
+        # which can be attached to Gateway resources.
+        policyResources:
+        - group: example.extensions.io
+          version: v1alpha1
+          kind: ListenerContextExample
+        hooks:
+          # The type of hooks that should be invoked
+          xdsTranslator:
+            post:
+            - HTTPListener
+        service:
+          # The service that is hosting the extension server
+          fqdn:
+            hostname: extension-server.envoy-gateway-system.svc.cluster.local
+            port: 5005
+  EOF
   ```
 
-  After updating Envoy Gateway's configuration file, restart Envoy Gateway.
+  After updating Envoy Gateway's configmap, restart Envoy Gateway.
 
 ## Testing
 
@@ -206,4 +221,3 @@ $ curl -v http://${GATEWAY_HOST}/example  -H "Host: www.example.com"   --user 'u
 [xDS]: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/operations/dynamic_configuration
 [design documentation]: /contributions/design/extending-envoy-gateway
 [SecurityPolicy]: /latest/api/extension_types/#securitypolicy
-[configuration]: /latest/api/extension_types/#extensionmanager