Test Endpoint Setup - Part One
Testing of a customer sidecar is facilitated by connecting to a Hopr-operated test endpoint (the other end of a point-to-point communication tunnel)
Configuration - Part One
We provide a hopr-test.yaml configuration file as an artifact to support customer testing. This single file has all of the Kubernetes resources required for basic, one-sided functionality testing of XTRA in your environment. The file is fairly long, so we'll break each section (delimited by ---) down one by one.
Namespace
This resource defines the namespace that will be used to "hold" all of the other resources in the document. Note that the namespace metadata field will need to be updated on all other resources if the namespace name is changed.
Envoy Configuration
The XTRA router utilizes Envoy in order handle traffic to/from the endpoint you wish to use with XTRA. This allows us to use standard Envoy Proxy configuration syntax to configure listeners to handle traffic from sources and also the destinations to which the traffic will be sent after processing. This particular example showcases a simple static configuration which points a specific listener on a port to a specific destination, a "cluster" in Envoy parlance, while sending the traffic through a WebAssembly filter which encrypts/decrypts the TCP data as required.
- listeners: We have defined two listeners, ingress and egress, which instruct Envoy to listen on the designated port, filter the TCP data through the XTRA Wasm plugin, and then proxy the communication to the specific destination cluster afterward. These ports and destinations can be changed as you like, but all traffic must be sent through the XTRA Wasm filter to be encrypted/decrypted.
- clusters: The clusters defined in the configuration are essentially destinations for traffic. The local_service and remote_service clusters can be modified as necessary, especially the address and port_value keys which dictate the endpoints. The xtra cluster definition should not be modified unless XTRA is being run in a special configuration.
- admin: Envoy exposes a local administration interface which can be used to query and modify different aspects of the server. For more information, consult the Envoy documentation.
