Each Grey Matter Proxy connects to the Grey Matter Control server with a bi-directional gRPC stream. This connection is kept alive as long as both servers are up, and updates to configuration will flow every 30 seconds (default; but configurable) from
gm-control to each connected
To properly set up the connection, run
gm-proxy with the following two environment variables.
PROXY_DYNAMIC=true # To run in dynamic configuration mode XDS_HOST=<gm-control host> XDS_PORT=<gm-control port>
When connecting to the Envoy management server, proxies may also connect with TLS:
PROXY_DYNAMIC=true # To run in dynamic configuration mode XDS_SERVER_CA_PATH-<gm-control trust path> XDS_SERVER_CERT_PATH=<gm-control certificate path> XDS_SERVER_KEY_PATH=<gm-control certificate key path>
If you receive repeated proxy log messages in the form below, it means that the connection to
gm-control is failing. Usually this is because the address is incorrect or not addressable. If these logs do not appear, the connection is successful.
[2019-10-11 15:21:51.635][warning][config] [bazel-out/k8-fastbuild/bin/external/envoy/source/common/config/_virtual_includes/grpc_stream_lib/common/config/grpc_stream.h:102] gRPC config stream closed: 14, no healthy upstream [2019-10-11 15:21:51.635][warning][config] [bazel-out/k8-fastbuild/bin/external/envoy/source/common/config/_virtual_includes/grpc_stream_lib/common/config/grpc_stream.h:56] Unable to establish new stream