I would like to configure a MetricsService stats sink to export metrics from Envoy, but the TLS certificates will not be available at bootstrap time.
After reading docs/issues and running small tests it seems that:
- Stats sinks such as MetricsService must be defined statically at bootstrap.
- The cluster for a metrics service stats sink must also be defined statically at bootstrap.
- An open bug #19618 prevents configuring a static cluster with SDS via ADS.
- Clusters provided via ADS/CDS with the same name as a static cluster do not overwrite the static cluster.
Given these four points, are there any other options available for providing TLS materials for communication with a stats sink dynamically?
Also if any of those four points are inaccurate, let me know.
Thank you
I would like to configure a MetricsService stats sink to export metrics from Envoy, but the TLS certificates will not be available at bootstrap time.
After reading docs/issues and running small tests it seems that:
Given these four points, are there any other options available for providing TLS materials for communication with a stats sink dynamically?
Also if any of those four points are inaccurate, let me know.
Thank you