Dynamic Resolver: Support Host Header Rewriting for DNS resolution

[guydc]

Description:
Currently, Dynamic Resolver can only forward dynamically to the hostname specified in the HTTP host header.

In some cases, e.g. when an explicit forward proxy is used, the dynamic target may be provided in a different header.

Envoy supports this through the DFP filter's per-route configuration host_rewrite_header option, allowing users to overwrite the host header prior to DNS lookup and Routing (as opposed to other host rewrites, see here: envoyproxy/envoy#8607).

XDS changes

To support this:

• The DFP HTTP Filter must be added
• If specified, the DFP filter's dns cache config must match that of the DFP cluster:

dns_cache_config
(extensions.common.dynamic_forward_proxy.v3.DnsCacheConfig) The DNS cache configuration that the filter will attach to. Note this configuration must match that of associated dynamic forward proxy cluster configuration.

• Some DFP filter behavior in envoy is coupled with the well-known cluster_type name envoy.clusters.dynamic_forward_proxy, see here: https://github.com/envoyproxy/envoy/blob/main/source/extensions/filters/http/dynamic_forward_proxy/proxy_filter.cc#L208-L219. EG is currently using generated names for cluster_type: breaking this functionality. This should be changed:

  gateway/internal/xds/translator/cluster.go

  Lines 442 to 445 in 146e7f4

  	cluster.ClusterDiscoveryType = &clusterv3.Cluster_ClusterType{ClusterType: &clusterv3.Cluster_CustomClusterType{
  	Name: args.name,
  	TypedConfig: dfpAny,
  	}}

API Options

Ideally, we should reuse existing HTTPRouteFilter Host Rewrite API:

gateway/api/v1alpha1/httproutefilter_types.go

Lines 147 to 155 in 146e7f4

	type HTTPHostnameModifier struct {
	// +kubebuilder:validation:Enum=Header;Backend
	// +kubebuilder:validation:Required
	Type HTTPHostnameModifierType `json:"type"`
	// Header is the name of the header whose value would be used to rewrite the Host header
	// +optional
	Header *string `json:"header,omitempty"`
	}

There are several reuse options:

1. Infer: When existing Host Rewrite Header option is selected and all BackendRefs are dynamic resolvers: add DFP Filter + Per Route config.
   2.1. The main downsides are: complexity of inferring filters and routes from backend and possibly blocking users that only want to rewrite host for DFP without affecting resolution.
2. Opt-in: New explicit option, e.g. in BTP DNS section, resolveModifiedHost to enable this functionality
3. Opt-in: New flag in HTTPURLRewriteFilter, e.g. applyRewriteToDNS

[optional Relevant Links:]

Any extra documentation required to understand the issue.