-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Envoy 1.13.0: Didn't find a registered implementation for name: 'envoy.ext_authz' #10525
Comments
cc @zuercher I think you are using a newer build with the older docs, but I'm not sure. |
If I start Envoy without a filter I can clearly see that's I'm using 1.13.0: {
"configs": [
{
"@type": "type.googleapis.com/envoy.admin.v3.BootstrapConfigDump",
"bootstrap": {
"node": {
"id": "9dc0633771a0",
"cluster": "s-envoy",
"metadata": {
"host": "9dc0633771a0",
"instance": "9dc0633771a0s-envoy",
"port": 10324,
"admin_port": 10327
},
"hidden_envoy_deprecated_build_version": "bb7ceff4c3c5bd4555dff28b6e56d27f2f8be0a7/1.13.0/Clean/RELEASE/BoringSSL",
"user_agent_name": "envoy",
"user_agent_build_version": {
"version": {
"major_number": 1,
"minor_number": 13
},
"metadata": {
"ssl.version": "BoringSSL",
"revision.status": "Clean",
"revision.sha": "bb7ceff4c3c5bd4555dff28b6e56d27f2f8be0a7",
"build.type": "RELEASE"
}
}, |
To clarify some more: There is no support for http filters on upstream clusters. As @dio mentioned only upstream network filters are supported and there aren't actually any shipped with Envoy (there's one defined for tests only). Issue #10455 tracks adding support for upstream http filters, at which point use the ext_authz filter becomes theoretically possible (depending on what limitations, if any, are placed on upstream http filters). |
One example of network filters that can be attached to that is |
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or other activity occurs. Thank you for your contributions. |
Hi, I'm having a similar issue. Except i try to configure RBAC filter
@zuercher please, correct me if i'm wrong - does this mean that there needs to be a separate upstream filter with similar functionality to Edit: based on #11015 the answer seems to be - yes. |
It looks UpstreamNetworkFilters implement the same interface as a regular network filter, but have a separate registration. Someone would have to evaluate whether the RBAC filter operates correctly in the upstream context and, if so, add a registration for it. @kyessenov could you confirm that? |
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or other activity occurs. Thank you for your contributions. |
This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted". Thank you for your contributions. |
Title: Envoy 1.13.0: Didn't find a registered implementation for name: 'envoy.ext_authz'
Description:
I'm following envoy Envoy 1.13.0 documentation to build dynamic forward proxy that is using ExtAuthz cluster to verify requests (see relevant links).
It is saying that: This filter should be configured with the name envoy.ext_authz
However I'm hitting: Didn't find a registered implementation for name: 'envoy.ext_authz' error and Envoy exits with code 1.
If I remove filter block from my cluster, it starts and works fine.
[optional Relevant Links:]
https://www.envoyproxy.io/docs/envoy/v1.13.0/configuration/http/http_filters/ext_authz_filter
Config:
Call Stack:
The text was updated successfully, but these errors were encountered: