ExtensionChain

A single extension chain wrapper that contains the match conditions and extensions to execute.

JSON representation
{
  "name": string,
  "matchCondition": {
    object (MatchCondition)
  },
  "extensions": [
    {
      object (Extension)
    }
  ]
}
Fields
name

string

Required. The name for this extension chain. The name is logged as part of the HTTP request logs. The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, and can have a maximum length of 63 characters. Additionally, the first character must be a letter and the last a letter or a number.

matchCondition

object (MatchCondition)

Required. Conditions under which this chain is invoked for a request.

extensions[]

object (Extension)

Required. A set of extensions to execute for the matching request. At least one extension is required. Up to 3 extensions can be defined for each extension chain for LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain.

MatchCondition

Conditions under which this chain is invoked for a request.

JSON representation
{
  "celExpression": string
}
Fields
celExpression

string

Required. A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed.

For more information, see CEL matcher language reference.

Extension

A single extension in the chain to execute for the matching request.

JSON representation
{
  "name": string,
  "authority": string,
  "service": string,
  "supportedEvents": [
    enum (EventType)
  ],
  "timeout": string,
  "failOpen": boolean,
  "forwardHeaders": [
    string
  ],
  "metadata": {
    object
  },
  "allowDynamicForwarding": boolean,
  "requestBodySendMode": enum (BodySendMode),
  "responseBodySendMode": enum (BodySendMode)
}
Fields
name

string

Required. The name for this extension. The name is logged as part of the HTTP request logs. The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, and can have a maximum length of 63 characters. Additionally, the first character must be a letter and the last a letter or a number.

authority

string

Optional. The :authority header in the gRPC request sent from Envoy to the extension service. Required for Callout extensions.

This field is not supported for plugin extensions. Setting it results in a validation error.

service

string

Required. The reference to the service that runs the extension.

To configure a callout extension, service must be a fully-qualified reference to a backend service in the format: https://www.googleapis.com/compute/v1/projects/{project}/regions/{region}/backendServices/{backendService} or https://www.googleapis.com/compute/v1/projects/{project}/global/backendServices/{backendService}.

To configure a plugin extension, service must be a reference to a WasmPlugin resource in the format: projects/{project}/locations/{location}/wasmPlugins/{plugin} or //networkservices.googleapis.com/projects/{project}/locations/{location}/wasmPlugins/{wasmPlugin}.

Plugin extensions are currently supported for the LbTrafficExtension and the LbRouteExtension resources.

supportedEvents[]

enum (EventType)

Optional. A set of events during request or response processing for which this extension is called.

This field is required for the LbTrafficExtension resource. It is optional for the LbRouteExtension resource. If unspecified REQUEST_HEADERS event is assumed as supported.

timeout

string (Duration format)

Optional. Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. Required for callout extensions.

This field is not supported for plugin extensions. Setting it results in a validation error.

failOpen

boolean

Optional. Determines how the proxy behaves if the call to the extension fails or times out.

When set to TRUE, request or response processing continues without error. Any subsequent extensions in the extension chain are also executed. When set to FALSE or the default setting of FALSE is used, one of the following happens:

  • If response headers have not been delivered to the downstream client, a generic 500 error is returned to the client. The error response can be tailored by configuring a custom error response in the load balancer.

  • If response headers have been delivered, then the HTTP stream to the downstream client is reset.

forwardHeaders[]

string

Optional. List of the HTTP headers to forward to the extension (from the client or backend). If omitted, all headers are sent. Each element is a string indicating the header name.

metadata

object (Struct format)

Optional. The metadata provided here is included as part of the metadata_context (of type google.protobuf.Struct) in the ProcessingRequest message sent to the extension server.

The metadata is available under the namespace com.google.<extension_type>.<resourceName>.<extension_chain_name>.<extension_name>. For example: com.google.lb_traffic_extension.lbtrafficextension1.chain1.ext1.

The following variables are supported in the metadata:

{forwarding_rule_id} - substituted with the forwarding rule's fully qualified resource name.

This field must not be set for plugin extensions. Setting it results in a validation error.

You can set metadata at either the resource level or the extension level. The extension level metadata is recommended because you can pass a different set of metadata through each extension to the backend.

This field is subject to following limitations:

  • The total size of the metadata must be less than 1KiB.
  • The total number of keys in the metadata must be less than 16.
  • The length of each key must be less than 64 characters.
  • The length of each value must be less than 1024 characters.
  • All values must be strings.
allowDynamicForwarding

boolean

Optional. When set to TRUE, the response from an extension service is allowed to set the com.google.envoy.dynamic_forwarding namespace in the dynamic metadata.

This field is not supported for plugin extensions. Setting it results in a validation error.

requestBodySendMode

enum (BodySendMode)

Optional. Configures the send mode for request body processing.

The field can only be set if supportedEvents includes REQUEST_BODY. If supportedEvents includes REQUEST_BODY, but requestBodySendMode is unset, the default value STREAMED is used.

When this field is set to FULL_DUPLEX_STREAMED, supportedEvents must include both REQUEST_BODY and REQUEST_TRAILERS.

This field can be set only for LbTrafficExtension and LbRouteExtension resources, and only when the service field of the extension points to a BackendService. Only FULL_DUPLEX_STREAMED mode is supported for LbRouteExtension resources.

responseBodySendMode

enum (BodySendMode)

Optional. Configures the send mode for response processing. If unspecified, the default value STREAMED is used.

When this field is set to FULL_DUPLEX_STREAMED, supportedEvents must include both RESPONSE_BODY and RESPONSE_TRAILERS.

This field can be set only for LbTrafficExtension resources, and only when the service field of the extension points to a BackendService.

EventType

The part of the request or response for which the extension is called.

Enums
EVENT_TYPE_UNSPECIFIED Unspecified value. Do not use.
REQUEST_HEADERS If included in supportedEvents, the extension is called when the HTTP request headers arrive.
REQUEST_BODY If included in supportedEvents, the extension is called when the HTTP request body arrives.
RESPONSE_HEADERS If included in supportedEvents, the extension is called when the HTTP response headers arrive.
RESPONSE_BODY If included in supportedEvents, the extension is called when the HTTP response body arrives.
REQUEST_TRAILERS If included in supportedEvents, the extension is called when the HTTP request trailers arrives.
RESPONSE_TRAILERS If included in supportedEvents, the extension is called when the HTTP response trailers arrives.

BodySendMode

The send mode for body processing.

Enums
BODY_SEND_MODE_UNSPECIFIED Default value. Do not use.
BODY_SEND_MODE_STREAMED

Calls to the extension are executed in the streamed mode. Subsequent chunks will be sent only after the previous chunks have been processed.

The content of the body chunks is sent one way to the extension. Extension may send modified chunks back.

This is the default value if the processing mode is not specified.

BODY_SEND_MODE_FULL_DUPLEX_STREAMED

Calls are executed in the full duplex mode. Subsequent chunks will be sent for processing without waiting for the response for the previous chunk or for the response for REQUEST_HEADERS event.

Extension can freely modify or chunk the body contents. If the extension doesn't send the body contents back, the next extension in the chain or the upstream will receive an empty body.