envoy | Cloud-native high-performance edge/middle/service proxy | Microservice library

I'm not sure what you're going to use OPA for here; if you're trying to constrain the types of resources which can be created, OPA + gatekeeper should work fine, though kourier only implements an internal-to-Knative interface, so you might not get as much mileage out of the integration.

If you're trying to use OPA to govern or restrict actual HTTP requests to the workload, kourier doesn't have that capability out of the box (on purpose). You could fork it and add the functionality, but at that point it might be easier just to run Istio in non-mesh mode.

You're setting the Select value to form.natureOfTheRequest, so you need to update that specific field on its onChange callback, rather than simply passing setForm.

The callback could look like the following.

Though it seems a bit fragile, it looks like you can slightly adjust the indentation then use the re package to strip out the unwanted spacing between the leading and closing curly braces.

The only solution I found until now is to reduce the rank of each envoy: train_idx = train_splitter.split(self.y, self.worldsize)[self.rank-1]

You need to specify that it's a digest:

The problem is your todo #TODO: Understand name compose logic. You need to set this name value to the name of the route of the VirtualService. Also you need to use a typed_per_filter_config with a type LuaPerRoute.

If your VirtualService looks something like that:

AFAIK istio collects only ingress HTTP logs by default.

In the istio documentation there is an old article (from 2018) describing how to enable egress traffic HTTP logs.

Please keep in mind that some of the information may be outdated, however I believe this is the part that you are missing.

This is quite easy. Grab a copy of delimitedSplit8k. It returns the item and it's ordinal position in the string. And it's fast.

I'm not sure I understand the question. Envoy doesn't have to validate anything as it is generating those logs. Envoy is HTTP proxy who receives the request and does some routing/rewriting/auth/drop/.. actions based on the configuration (configured by virtualservice / destinationrule / envoyfilter if we're talking about istio). After the action it generates the log entry and fills the fields with details about original request and actions taken.

Also there is nothing like 'real' http method. HTTP method is just a string and it can hold any value. Envoy is just the proxy who sits between client and application and passes the requests (unless you explicitly configure it i.e. drop some method).

It depends on application who receives the method how it's treated. GET/POST/HEAD are commonly associated with standard HTTP and static pages. PUT/DELETE/PATCH are used in REST APIs. But nothing prevents you to develop application who will accept 'FOOBAR' method and runs some code over it.