I am trying to intercept all outbound http/s traffic from a pod and add a custom header to the request. After reading some documentation I came to the understanding that an envoy filter on SIDECAR_OUTBOUND with some custom lua code would do the trick. So this is the configuration that I did:
---
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: outbound-filter
spec:
configPatches:
- applyTo: HTTP_FILTER
match:
context: SIDECAR_OUTBOUND
listener:
filterChain:
filter:
name: envoy.http_connection_manager
subFilter:
name: envoy.router
patch:
operation: INSERT_BEFORE
value:
name: envoy.lua
typed_config:
'@type': type.googleapis.com/envoy.config.filter.http.lua.v2.Lua
inlineCode: |
function envoy_on_request(request_handle)
request_handle:logWarn("Hello World")
request_handle:headers():add("origin", os.getenv("ISTIO_META_WORKLOAD_NAME"))
end
And it works perfectly fine for http requests. However, it seems that the filter does not run at all when the request is over https and I don't understand what is the reason for that. Is there any way to apply the filter for https requests as well?
