admin: address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 9901 static_resources: listeners: - name: listener_0 address: socket_address: protocol: TCP address: 0.0.0.0 port_value: 10000 filter_chains: - filters: - name: envoy.filters.network.http_connection_manager typed_config: "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager stat_prefix: ingress_http route_config: name: local_route virtual_hosts: - name: local_service domains: [ "*" ] routes: - match: prefix: "/" route: cluster: opa-server http_filters: - name: wasmdemo typed_config: "@type": type.googleapis.com/udpa.type.v1.TypedStruct type_url: type.googleapis.com/envoy.extensions.filters.http.wasm.v3.Wasm value: config: name: wasmdemo vm_config: runtime: envoy.wasm.runtime.v8 code: local: filename: /etc/envoy/plugin.wasm configuration: "@type": "type.googleapis.com/google.protobuf.StringValue" value: | { "serviceSource": "route", "host": "OPA_SERVER:OPA_PORT", "policy": "example1", "timeout": "5s" } - name: envoy.filters.http.router clusters: - name: opa-server connect_timeout: 0.5s type: STRICT_DNS lb_policy: ROUND_ROBIN dns_refresh_rate: 5s dns_lookup_family: V4_ONLY load_assignment: cluster_name: opa-server endpoints: - lb_endpoints: - endpoint: address: socket_address: address: OPA_SERVER # opa server Host IP port_value: OPA_PORT # opa server Host PORT