Update Envoy to 1.21.1

[rectified95]

Description:
Updates Envoy version to 1.20 and validated
that there are no warnings with the existing config.

Should also fix #4141

Signed-off-by: Igor Klemenski [email protected]
As originally contributed by @davinci26 in #4214 - instead bump version to 1.21.1

Testing done:

Affected area:

Functional Area
New Functionality	[ ]
CI System	[ ]
CLI Tool	[ ]
Certificate Management	[ ]
Control Plane	[ ]
Demo	[ ]
Documentation	[ ]
Egress	[ ]
Ingress	[ ]
Install	[ ]
Networking	[ ]
Observability	[ ]
Performance	[ ]
SMI Policy	[ ]
Security	[ ]
Sidecar Injection	[ ]
Tests	[ ]
Upgrade	[X]
Other	[ ]

Please answer the following questions with yes/no.

1. Does this change contain code from or inspired by another project?

   • Did you notify the maintainers and provide attribution?

2. Is this a breaking change?

3. Has documentation corresponding to this change been updated in the osm-docs repo (if applicable)?

[shashankram]

Hey @rectified95, I tried updating Envoy to v1.21.1 in #4556 but observed a blocker: envoyproxy/envoy#20113. We should avoid updating the Envoy version till we resolve the bug in Envoy. Only a few hours ago I updated Envoy to 1.19.3 which includes the latest security fix.

[rectified95]

@shashankram Thanks for letting me know. I was wondering if this was a blocker.
Which security fix are you referring to - is it perhaps this one envoyproxy/envoy#18686?

Since you already have a PR out for the upgrade, shall I close this one? If so, then #4214 can be closed as well.

[shashankram]

@shashankram Thanks for letting me know. I was wondering if this was a blocker. Which security fix are you referring to - is it perhaps this one envoyproxy/envoy#18686?

Since you already have a PR out for the upgrade, shall I close this one? If so, then #4214 can be closed as well.

The security patch was available as a part of v1.19.3, for which I merged a change yesterday.
Yes you can close this PR. When the blocker for v1.21.1 gets resolved, we can revisit this.