This section describes how to configure cAPI in envoy.yaml file.

Path for envoy.yaml:

envoy.yaml: : <cAPI installation path>/config/envoy.yaml

To change log file location for admin access :

admin- access_log_path:
/tmp/admin_access.log # log file location for admin access

To change listener port:

static_resources:
  listeners:
  - name: listener_0
    address:
      socket_address: { address: 0.0.0.0, port_value: <LISTENER_0_PORT> } # listener port

To change listener log file path:

static_resources:
  listeners:
  - name: listener_0
    filter_chains:
    - filters:
      - name: envoy.http_connection_manager
        config:
          access_log:
            name: envoy.file_access_log 
            config:
              path: /tmp/envoy.log # listener log file

To change Elastic Search Username/Password:

"esdb_cluster",
                        {
                         ["Authorization"] = "<ES_Authorization_Header>" // add Base 64 encoded                               username:password
                        },

To change Elastic Search database, URL needs to be changed:

clusters:
 - name: esdb_cluster
    hosts: [{ socket_address: { address: <ESDB_IP>, port_value: <ESDB_PORT> }}] 

To change EPS URL:

clusters:
 - name: eps_cluster
   hosts: [{ socket_address: { address: <EPS_IP>, port_value: <EPS_PORT> }}]

To change VIDM IP or PORT:

clusters:
  - name: jwks_cluster
    hosts: [{ socket_address: { address: <VIDM_IP>, port_value: <VIDM_PORT> }}]

To change VIDM Host Name, change the host name below:

  1. listeners: - filter_chains: - filters: - config: - route_config : virtual_hosts: routes: route: { host_rewrite: "<VIDM_HOST_NAME>", prefix_rewrite: "/SAAS/auth/oauthtoken",cluster: jwks_cluster }
  2. listeners:  - filter_chains:    - filters: - http_filters: - config:
                  providers:
                    eventstore_auth:
                      issuer: https://<VIDM_HOST_NAME>/SAAS/auth
                      remote_jwks:
                        http_uri:
                          uri: https://<VIDM_HOST_NAME>/SAAS/API/1.0/REST/auth/token?attribute=publicKey&format=jwks
    
  3. clusters: - name: tls_context: { sni: www.<VIDM_HOST_NAME> }

To add new route:

static_resources:
  listeners:
  - name: listener_0
   filter_chains:
    - filters:
	route_config:
	 routes:
 - match: { prefix: "/esdb/audit" }
                route: 
                  prefix_rewrite: "/audit"
                  cluster: esdb_cluster
                  retry_policy:
                    retry_on: 5xx
                    num_retries: 3
                    per_try_timeout: 0.300s
                request_headers_to_add:
                  - header:
                      key: "Authorization"
                      value: "<ES_Authorization_Header>"
                    append: true