func getRuntimeConfigLayer0()

in agent/envoy_bootstrap/envoy_bootstrap.go [114:175]

• 27 lines of code
• 6 McCabe index (conditional complexity)

func getRuntimeConfigLayer0() (map[string]interface{}, error) {

	setTracingDecision, err := env.TruthyOrElse("APPMESH_SET_TRACING_DECISION", true)
	if err != nil {
		return nil, err
	}

	setNoExtensionLookupByName, err := env.TruthyOrElse("ENVOY_NO_EXTENSION_LOOKUP_BY_NAME", true)
	if err != nil {
		return nil, err
	}

	setUseHttpClientToFetchAwsCredentials, err := env.TruthyOrElse("ENVOY_USE_HTTP_CLIENT_TO_FETCH_AWS_CREDENTIALS", config.ENVOY_USE_HTTP_CLIENT_TO_FETCH_AWS_CREDENTIALS_DEFAULT)
	if err != nil {
		return nil, err
	}

	// ====== Runtime config with defaults set ======
	result := map[string]interface{}{
		// Allow all deprecated features to be enabled by Envoy. This prevents warnings or hard errors when
		// it is sent config that is being deprecated.
		"envoy.features.enable_all_deprecated_features": true,

		// Allow RE2 regexes of effectively any complexity
		"re2.max_program_size.error_level": 1000,

		// This is a temporary hack flag to tell Envoy not to mutate
		// tracing headers that it did not originate.
		"envoy.reloadable_features.http_set_tracing_decision_in_request_id": setTracingDecision,

		// Default is set to true.
		// Envoy will create NACK if this env variable is set to true AND there is extension missing url for it
		// If set to false Envoy will still lookup extension by name.
		// Refer to https://www.envoyproxy.io/docs/envoy/latest/version_history/v1.22.0#minor-behavior-changes
		"envoy.reloadable_features.no_extension_lookup_by_name": setNoExtensionLookupByName,

		// Default is set to false.
		// Envoy introduced an option to use http async client to fetch aws metadata credentials instead of using libcurl.
		// This effort was to deprecated the usage of libcurl in Envoy.
		// See:
		// https://github.com/envoyproxy/envoy/pull/29880
		// https://github.com/envoyproxy/envoy/pull/30626
		// https://github.com/envoyproxy/envoy/pull/30731
		// https://github.com/envoyproxy/envoy/pull/31135
		"envoy.reloadable_features.use_http_client_to_fetch_aws_credentials": setUseHttpClientToFetchAwsCredentials,
	}

	// ====== Runtime config with no defaults set ======
	// Not set by Default
	// http: Add runtime flag http.max_requests_per_io_cycle for setting the limit on the number of HTTP requests processed
	// from a single connection in a single I/O cycle. Requests over this limit are processed in subsequent I/O cycles.
	// This mitigates CPU starvation by connections that simultaneously send high number of requests by allowing requests
	// from other connections to make progress. This runtime value can be set to 1 in the presence of abusive HTTP/2 or HTTP/3
	// connections. By default this limit is disabled.
	if maxRequestsPerIoCycle, err := env.OrInt("MAX_REQUESTS_PER_IO_CYCLE", -1); err != nil {
		return nil, err
	} else if maxRequestsPerIoCycle > 0 {
		result["http.max_requests_per_io_cycle"] = maxRequestsPerIoCycle
	}

	return result, nil
}