envoyproxy · EshaanAgg · Jan 25, 2025 · Jan 25, 2025 · Jan 25, 2025 · Jan 25, 2025
@@ -298,6 +298,14 @@ type EnvoyGatewayCustomProvider struct {
 	// No infrastructure provider is available.
 	// +optional
 	Infrastructure *EnvoyGatewayInfrastructureProvider `json:"infrastructure,omitempty"`
+
+	// HealthzServerPort defines the port for the healthz probe server.
+	// By default, when this field is unset or empty, Envoy Gateway will use the port 8081 for the healthz server.
+	// +optional
+	// +kubebuilder:default=8081
+	// +kubebuilder:validation:Minimum=0
+	// +kubebuilder:validation:Maximum=65535
+	HealthzServerPort *int `json:"healthzServerPort,omitempty"`
 }
 
 // ResourceProviderType defines the types of custom resource providers supported by Envoy Gateway.

@@ -17,8 +17,9 @@ import (
 )
 
 var (
-	TLSSecretKind       = gwapiv1.Kind("Secret")
-	TLSUnrecognizedKind = gwapiv1.Kind("Unrecognized")
+	TLSSecretKind         = gwapiv1.Kind("Secret")
+	TLSUnrecognizedKind   = gwapiv1.Kind("Unrecognized")
+	MockHealthzServerPort = 1234
 )
 
 func TestValidateEnvoyGateway(t *testing.T) {
@@ -93,6 +94,27 @@ func TestValidateEnvoyGateway(t *testing.T) {
 			},
 			expect: false,
 		},
+		{
+			name: "custom provider with file provider with custom healthz probe port",
+			eg: &egv1a1.EnvoyGateway{
+				EnvoyGatewaySpec: egv1a1.EnvoyGatewaySpec{
+					Gateway: egv1a1.DefaultGateway(),
+					Provider: &egv1a1.EnvoyGatewayProvider{
+						Type: egv1a1.ProviderTypeCustom,
+						Custom: &egv1a1.EnvoyGatewayCustomProvider{
+							Resource: egv1a1.EnvoyGatewayResourceProvider{
+								Type: egv1a1.ResourceProviderTypeFile,
+								File: &egv1a1.EnvoyGatewayFileResourceProvider{
+									Paths: []string{"foo", "bar"},
+								},
+							},
+							HealthzServerPort: &MockHealthzServerPort,
+						},
+					},
+				},
+			},
+			expect: true,
+		},
 		{
 			name: "custom provider with file resource provider and host infra provider",
 			eg: &egv1a1.EnvoyGateway{

@@ -28,10 +28,11 @@ import (
 )
 
 type Provider struct {
-	paths          []string
-	logger         logr.Logger
-	watcher        filewatcher.FileWatcher
-	resourcesStore *resourcesStore
+	paths             []string
+	logger            logr.Logger
+	watcher           filewatcher.FileWatcher
+	resourcesStore    *resourcesStore
+	healthzServerPort int
 
 	// ready indicates whether the provider can start watching filesystem events.
 	ready atomic.Bool
@@ -44,11 +45,17 @@ func New(svr *config.Server, resources *message.ProviderResources) (*Provider, e
 		paths.Insert(svr.EnvoyGateway.Provider.Custom.Resource.File.Paths...)
 	}
 
+	healthzServerPort := 8081 // Default healthz server port.
+	if svr.EnvoyGateway.Provider.Custom.HealthzServerPort != nil {
+		healthzServerPort = *svr.EnvoyGateway.Provider.Custom.HealthzServerPort
+	}
+
 	return &Provider{
-		paths:          paths.UnsortedList(),
-		logger:         logger,
-		watcher:        filewatcher.NewWatcher(),
-		resourcesStore: newResourcesStore(svr.EnvoyGateway.Gateway.ControllerName, resources, logger),
+		paths:             paths.UnsortedList(),
+		logger:            logger,
+		watcher:           filewatcher.NewWatcher(),
+		resourcesStore:    newResourcesStore(svr.EnvoyGateway.Gateway.ControllerName, resources, logger),
+		healthzServerPort: healthzServerPort,
 	}, nil
 }
 
@@ -168,7 +175,7 @@ func (p *Provider) startHealthProbeServer(ctx context.Context, readyzChecker hea
 
 	mux := http.NewServeMux()
 	srv := &http.Server{
-		Addr:              ":8081",
+		Addr:              fmt.Sprintf(":%d", p.healthzServerPort),
 		Handler:           mux,
 		MaxHeaderBytes:    1 << 20,
 		IdleTimeout:       90 * time.Second, // matches http.DefaultTransport keep-alive timeout

@@ -7,6 +7,7 @@ package file
 
 import (
 	"context"
+	"fmt"
 	"html/template"
 	"io"
 	"net/http"
@@ -31,6 +32,8 @@ const (
 	resourcesUpdateTick    = 1 * time.Second
 )
 
+var healthzServerPort = 8082
+
 type resourcesParam struct {
 	GatewayClassName    string
 	GatewayName         string
@@ -64,6 +67,7 @@ func newFileProviderConfig(paths []string) (*config.Server, error) {
 					Paths: paths,
 				},
 			},
+			HealthzServerPort: &healthzServerPort,
 		},
 	}
 	return cfg, nil
@@ -195,7 +199,7 @@ func writeResourcesFile(t *testing.T, tmpl, dst string, params *resourcesParam)
 
 func waitFileProviderReady(t *testing.T) {
 	require.Eventually(t, func() bool {
-		resp, err := http.Get("http://localhost:8081/readyz")
+		resp, err := http.Get(fmt.Sprintf("http://localhost:%d/readyz", healthzServerPort))
 		if err != nil {
 			t.Logf("failed to get from heathlz server")
 			return false

@@ -8,6 +8,7 @@ security updates: |
 
 # New features or capabilities added in this release.
 new features: |
+  Added support to configure custom port for healthz server for EnvoyGatewayCustomProvider.
 
 bug fixes: |
 

@@ -1118,6 +1118,7 @@ _Appears in:_
 | ---   | ---  | ---      | ---     | ---         |
 | `resource` | _[EnvoyGatewayResourceProvider](#envoygatewayresourceprovider)_ |  true  |  | Resource defines the desired resource provider.<br />This provider is used to specify the provider to be used<br />to retrieve the resource configurations such as Gateway API<br />resources |
 | `infrastructure` | _[EnvoyGatewayInfrastructureProvider](#envoygatewayinfrastructureprovider)_ |  false  |  | Infrastructure defines the desired infrastructure provider.<br />This provider is used to specify the provider to be used<br />to provide an environment to deploy the out resources like<br />the Envoy Proxy data plane.<br /><br />Infrastructure is optional, if provider is not specified,<br />No infrastructure provider is available. |
+| `healthzServerPort` | _integer_ |  false  | 8081 | HealthzServerPort defines the port for the healthz probe server.<br />By default, when this field is unset or empty, Envoy Gateway will use the port 8081 for the healthz server. |
 
 
 #### EnvoyGatewayFileResourceProvider

@@ -1118,6 +1118,7 @@ _Appears in:_
 | ---   | ---  | ---      | ---     | ---         |
 | `resource` | _[EnvoyGatewayResourceProvider](#envoygatewayresourceprovider)_ |  true  |  | Resource defines the desired resource provider.<br />This provider is used to specify the provider to be used<br />to retrieve the resource configurations such as Gateway API<br />resources |
 | `infrastructure` | _[EnvoyGatewayInfrastructureProvider](#envoygatewayinfrastructureprovider)_ |  false  |  | Infrastructure defines the desired infrastructure provider.<br />This provider is used to specify the provider to be used<br />to provide an environment to deploy the out resources like<br />the Envoy Proxy data plane.<br /><br />Infrastructure is optional, if provider is not specified,<br />No infrastructure provider is available. |
+| `healthzServerPort` | _integer_ |  false  | 8081 | HealthzServerPort defines the port for the healthz probe server.<br />By default, when this field is unset or empty, Envoy Gateway will use the port 8081 for the healthz server. |
 
 
 #### EnvoyGatewayFileResourceProvider