models

package
v1.86.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 25, 2024 License: Apache-2.0 Imports: 31 Imported by: 124

Documentation

Index

Constants

View Source
const AmbientAnnotation = "ambient.istio.io/redirection"
View Source
const AmbientAnnotationEnabled = "enabled"
View Source
const (
	IstioClusterTag string = "istio.cluster_id"
)
View Source
const IstioProxy = "istio-proxy"
View Source
const WaypointLabel = "gateway.istio.io/managed"
View Source
const WaypointLabelValue = "istio.io-mesh-controller"

Variables

View Source
var IstioConfigHelpMessages = map[string][]IstioConfigHelp{
	"authorizationpolicies": {
		{ObjectField: "spec.selector", Message: "Optional. The selector decides where to apply the authorization policy. The selector will match with workloads in the same namespace as the authorization policy. If the authorization policy is in the root namespace, the selector will additionally match with workloads in all namespaces."},
		{ObjectField: "spec.selector.matchLabels", Message: "One or more labels that indicate a specific set of pods/VMs on which a policy should be applied."},
		{ObjectField: "spec.rules", Message: "Optional. A list of rules to match the request. A match occurs when at least one rule matches the request."},
		{ObjectField: "spec.rules.from", Message: "Optional. from specifies the source of a request. If not set, any source is allowed."},
		{ObjectField: "spec.rules.from.source.principals", Message: "Optional. A list of peer identities derived from the peer certificate. If not set, any principal is allowed."},
		{ObjectField: "spec.rules.to", Message: "Optional. to specifies the operation of a request. If not set, any operation is allowed."},
		{ObjectField: "spec.rules.when", Message: "Optional. when specifies a list of additional conditions of a request. If not set, any condition is allowed."},
		{ObjectField: "spec.action", Message: "Optional. The action to take if the request is matched with the rules. Default is ALLOW if not specified."},
	},
	"destinationrules": {
		{ObjectField: "spec.host", Message: "The name of a service from the service registry. Rules defined for services that do not exist in the service registry will be ignored."},
		{ObjectField: "spec.trafficPolicy", Message: "Traffic policies to apply (load balancing policy, connection pool sizes, outlier detection)."},
		{ObjectField: "spec.subsets", Message: "One or more named sets that represent individual versions of a service. Traffic policies can be overridden at subset level."},
		{ObjectField: "spec.exportTo", Message: "A list of namespaces to which this destination rule is exported. The resolution of a destination rule to apply to a service occurs in the context of a hierarchy of namespaces. This feature provides a mechanism for service owners and mesh administrators to control the visibility of destination rules across namespace boundaries. If no namespaces are specified then the destination rule is exported to all namespaces by default."},
	},
	"envoyfilters": {
		{ObjectField: "spec.workloadSelector", Message: "Criteria used to select the specific set of pods/VMs on which this patch configuration should be applied. If omitted, the set of patches in this configuration will be applied to all workload instances in the same namespace."},
		{ObjectField: "spec.configPatches", Message: "One or more patches with match conditions."},
		{ObjectField: "spec.configPatches.applyTo", Message: "Specifies where in the Envoy configuration, the patch should be applied."},
		{ObjectField: "spec.configPatches.match", Message: "Match on listener/route configuration/cluster."},
		{ObjectField: "spec.configPatches.patch", Message: "The patch to apply along with the operation."},
		{ObjectField: "spec.priority", Message: "riority defines the order in which patch sets are applied within a context. When one patch depends on another patch, the order of patch application is significant."},
	},
	"gateways": {
		{ObjectField: "spec.servers", Message: "A list of server specifications."},
		{ObjectField: "spec.selector", Message: "One or more labels that indicate a specific set of pods/VMs on which this gateway configuration should be applied. By default workloads are searched across all namespaces based on label selectors."},
		{ObjectField: "spec.servers.port", Message: "The port on which the proxy should listen for incoming connections."},
		{ObjectField: "spec.servers.hosts", Message: "One or more hosts exposed by this gateway. While typically applicable to HTTP services, it can also be used for TCP services using TLS with SNI."},
		{ObjectField: "spec.servers.tls", Message: "Set of TLS related options that govern the server’s behavior. Use these options to control if all http requests should be redirected to https, and the TLS modes to use."},
	},
	"sidecars": {
		{ObjectField: "spec.workloadSelector", Message: "Criteria used to select the specific set of pods/VMs on which this Sidecar configuration should be applied. If omitted, the Sidecar configuration will be applied to all workload instances in the same namespace."},
		{ObjectField: "spec.ingress", Message: "Ingress specifies the configuration of the sidecar for processing inbound traffic to the attached workload instance."},
		{ObjectField: "spec.egress", Message: "Egress specifies the configuration of the sidecar for processing outbound traffic from the attached workload instance to other services in the mesh"},
	},
	"peerauthentications": {
		{ObjectField: "spec.selector", Message: "The selector determines the workloads to apply the ChannelAuthentication on. If not set, the policy will be applied to all workloads in the same namespace as the policy."},
		{ObjectField: "spec.selector.matchLabels", Message: "One or more labels that indicate a specific set of pods/VMs on which a policy should be applied."},
		{ObjectField: "spec.mtls", Message: "Mutual TLS settings for workload. If not defined, inherit from parent."},
	},
	"requestauthentications": {
		{ObjectField: "spec.selector", Message: "Optional. The selector decides where to apply the request authentication policy. The selector will match with workloads in the same namespace as the request authentication policy. If the request authentication policy is in the root namespace, the selector will additionally match with workloads in all namespaces."},
		{ObjectField: "spec.selector.matchLabels", Message: "One or more labels that indicate a specific set of pods/VMs on which a policy should be applied."},
		{ObjectField: "spec.jwtRules", Message: "Define the list of JWTs that can be validated at the selected workloads’ proxy. A valid token will be used to extract the authenticated identity."},
	},
	"serviceentries": {
		{ObjectField: "spec.hosts", Message: "The hosts associated with the ServiceEntry. Could be a DNS name with wildcard prefix."},
		{ObjectField: "spec.addresses", Message: "The virtual IP addresses associated with the service. Could be CIDR prefix."},
		{ObjectField: "spec.ports", Message: "The ports associated with the external service. If the Endpoints are Unix domain socket addresses, there must be exactly one port."},
		{ObjectField: "spec.location", Message: "Specify whether the service should be considered external to the mesh or part of the mesh."},
		{ObjectField: "spec.resolution", Message: "Service discovery mode for the hosts."},
		{ObjectField: "spec.endpoints", Message: "One or more endpoints associated with the service. Only one of endpoints or workloadSelector can be specified."},
		{ObjectField: "spec.workloadSelector", Message: "Applicable only for MESH_INTERNAL services. Only one of endpoints or workloadSelector can be specified."},
		{ObjectField: "spec.exportTo", Message: "A list of namespaces to which this service is exported. Exporting a service allows it to be used by sidecars, gateways and virtual services defined in other namespaces. This feature provides a mechanism for service owners and mesh administrators to control the visibility of services across namespace boundaries."},
	},
	"virtualservices": {
		{ObjectField: "spec.hosts", Message: "The destination hosts to which traffic is being sent. Could be a DNS name with wildcard prefix or an IP address. Depending on the platform, short-names can also be used instead of a FQDN (i.e. has no dots in the name)."},
		{ObjectField: "spec.gateways", Message: "The names of gateways and sidecars that should apply these routes. Gateways in other namespaces may be referred to by <gateway namespace>/<gateway name>; specifying a gateway with no namespace qualifier is the same as specifying the VirtualService’s namespace. To apply the rules to both gateways and sidecars, specify mesh as one of the gateway names."},
		{ObjectField: "spec.http", Message: "An ordered list of route rules for HTTP traffic."},
		{ObjectField: "spec.exportTo", Message: "A list of namespaces to which this virtual service is exported. Exporting a virtual service allows it to be used by sidecars and gateways defined in other namespaces."},
		{ObjectField: "spec.http.match", Message: "Match conditions to be satisfied for the rule to be activated."},
		{ObjectField: "spec.http.route", Message: "A HTTP rule can either redirect or forward (default) traffic. The forwarding target can be one of several versions of a service. Weights associated with the service version determine the proportion of traffic it receives."},
		{ObjectField: "spec.http.route.destination.host", Message: "The name of a service from the service registry. Service names are looked up from the platform’s service registry (e.g., Kubernetes services, Consul services, etc.) and from the hosts declared by ServiceEntry."},
		{ObjectField: "spec.http.route.destination.subset", Message: "The name of a subset within the service. Applicable only to services within the mesh. The subset must be defined in a corresponding DestinationRule."},
	},
	"workloadentries": {
		{ObjectField: "spec.address", Message: "Address associated with the network endpoint without the port."},
		{ObjectField: "spec.ports", Message: "Set of ports associated with the endpoint."},
		{ObjectField: "spec.labels", Message: "One or more labels associated with the endpoint."},
		{ObjectField: "spec.network", Message: "Network enables Istio to group endpoints resident in the same L3 domain/network. All endpoints in the same network are assumed to be directly reachable from one another."},
		{ObjectField: "spec.locality", Message: "The locality associated with the endpoint. A locality corresponds to a failure domain (e.g., country/region/zone). Arbitrary failure domain hierarchies can be represented by separating each encapsulating failure domain by /."},
		{ObjectField: "spec.weight", Message: "The load balancing weight associated with the endpoint. Endpoints with higher weights will receive proportionally higher traffic."},
		{ObjectField: "spec.serviceAccount", Message: "The service account associated with the workload if a sidecar is present in the workload."},
	},
	"workloadgroups": {
		{ObjectField: "spec.metadata", Message: "Metadata that will be used for all corresponding WorkloadEntries. User labels for a workload group should be set here in metadata rather than in template."},
		{ObjectField: "spec.template", Message: "Template to be used for the generation of WorkloadEntry resources that belong to this WorkloadGroup."},
		{ObjectField: "spec.probe", Message: "ReadinessProbe describes the configuration the user must provide for healthchecking on their workload."},
	},
	"wasmplugins": {
		{},
	},
	"telemetries": {
		{},
	},
	"k8sgateways": {
		{ObjectField: "spec", Message: "Kubernetes Gateway API Configuration Object. A Gateway describes how traffic can be translated to Services within the cluster."},
		{ObjectField: "spec.gatewayClassName", Message: "Defines the name of a GatewayClass object used by this Gateway."},
		{ObjectField: "spec.listeners", Message: "Define the hostnames, ports, protocol, termination, TLS settings and which routes can be attached to a listener."},
		{ObjectField: "spec.addresses", Message: "Define the network addresses requested for this gateway."},
	},
	"k8sgrpcroutes": {
		{ObjectField: "", Message: "Kubernetes Gateway API Configuration Object. GRPCRoute provides a way to route gRPC requests"},
	},
	"k8shttproutes": {
		{ObjectField: "", Message: "Kubernetes Gateway API Configuration Object. HTTPRoute is for multiplexing HTTP or terminated HTTPS connections."},
	},
	"k8sreferencegrants": {
		{ObjectField: "spec", Message: "Kubernetes Gateway API Configuration Object. ReferenceGrant is for enabling cross namespace references within Gateway API."},
		{ObjectField: "spec.from", Message: "Define the group, kind, and namespace of resources that may reference items described in the to list."},
		{ObjectField: "spec.to", Message: "Define the group and kind of resources that may be referenced by items described in the from list."},
	},
	"k8stcproutes": {
		{ObjectField: "", Message: "Kubernetes Gateway API Configuration Object. TCPRoute provides a way to route TCP requests"},
	},
	"k8stlsroutes": {
		{ObjectField: "", Message: "Kubernetes Gateway API Configuration Object. TLSRoute provides a way to route TLS requests"},
	},
	"internal": {
		{ObjectField: "", Message: "Internal resources are not editable"},
	},
}

IstioConfigHelpMessages represents the help messages for a given Istio object type

View Source
var ObjectTypeSingular = map[string]string{
	"gateways":               "gateway",
	"virtualservices":        "virtualservice",
	"destinationrules":       "destinationrule",
	"serviceentries":         "serviceentry",
	"rules":                  "rule",
	"quotaspecs":             "quotaspec",
	"quotaspecbindings":      "quotaspecbinding",
	"policies":               "policy",
	"serviceroles":           "servicerole",
	"servicerolebindings":    "servicerolebinding",
	"clusterrbacconfigs":     "clusterrbacconfig",
	"authorizationpolicies":  "authorizationpolicy",
	"sidecars":               "sidecar",
	"peerauthentications":    "peerauthentication",
	"requestauthentications": "requestauthentication",
	"workloads":              "workload",
	"wasmplugins":            "wasmpluin",
	"telemetries":            "telemetry",
	"k8sgateways":            "k8sgateway",
	"k8sgrpcroutes":          "k8sgrpcroute",
	"k8shttproutes":          "k8shttproute",
	"k8sreferencegrants":     "k8sreferencegrant",
	"k8stcproutes":           "k8stcproute",
	"k8stlsroutes":           "k8stlsroute",
}

Functions

func CheckMessage added in v0.14.0

func CheckMessage(checkId string) string

func GetDashboardAnnotation added in v1.36.2

func GetDashboardAnnotation(annotations map[string]string) map[string]string

func GetHealthAnnotation added in v1.30.0

func GetHealthAnnotation(annotations map[string]string, filters []AnnotationKey) map[string]string

func HasDRCircuitBreaker added in v1.42.0

func HasDRCircuitBreaker(dr *networking_v1.DestinationRule, namespace, serviceName, version string) bool

func HasVSFaultInjection added in v1.42.0

func HasVSFaultInjection(vs *networking_v1.VirtualService) bool

HasFaultInjection determines if the spec has http fault injection set.

func HasVSMirroring added in v1.42.0

func HasVSMirroring(vs *networking_v1.VirtualService) bool

HasMirroring determines if the spec has a mirror set.

func HasVSRequestRouting added in v1.42.0

func HasVSRequestRouting(vs *networking_v1.VirtualService) bool

IsValidHost returns true if VirtualService hosts applies to the service

func HasVSRequestTimeout added in v1.42.0

func HasVSRequestTimeout(vs *networking_v1.VirtualService) bool

HasVSRequestTimeout determines if the spec has an http timeout set.

func HasVSTCPTrafficShifting added in v1.42.0

func HasVSTCPTrafficShifting(vs *networking_v1.VirtualService) bool

HasTCPTrafficShifting determines if the spec has tcp traffic shifting set. If there are routes with multiple destinations then it is assumed that the spec has traffic shifting regardless of weights.

func HasVSTrafficShifting added in v1.42.0

func HasVSTrafficShifting(vs *networking_v1.VirtualService) bool

HasTrafficShifting determines if the spec has http traffic shifting set. If there are routes with multiple destinations then it is assumed that the spec has traffic shifting regardless of weights.

func IsVSValidHost added in v1.42.0

func IsVSValidHost(vs *networking_v1.VirtualService, namespace string, serviceName string) bool

IsValidHost returns true if VirtualService hosts applies to the service

Types

type AdditionalItem added in v1.10.0

type AdditionalItem struct {
	Title string `json:"title"`
	Value string `json:"value"`
	Icon  string `json:"icon"`
}

func GetAdditionalDetails added in v1.10.0

func GetAdditionalDetails(conf *config.Config, annotations map[string]string) []AdditionalItem

func GetFirstAdditionalIcon added in v1.15.0

func GetFirstAdditionalIcon(conf *config.Config, annotations map[string]string) *AdditionalItem

type Address

type Address struct {
	Kind string `json:"kind"`
	Name string `json:"name"`
	IP   string `json:"ip"`
	Port uint32 `json:"port"`
}

func (*Address) Parse

func (address *Address) Parse(a core_v1.EndpointAddress)

type Addresses

type Addresses []Address

func (*Addresses) Parse

func (addresses *Addresses) Parse(as []core_v1.EndpointAddress)

type Aggregation added in v0.12.0

type Aggregation = config.Aggregation

Aggregation is the model representing label's allowed aggregation, transformed from aggregation in MonitoringDashboard config resource

func ConvertAggregations added in v0.12.0

func ConvertAggregations(from dashboards.MonitoringDashboard) []Aggregation

ConvertAggregations converts a config aggregations (from MonitoringDashboard config resource) into this models aggregations Results are sorted by DisplayName

type AnnotationKey added in v1.30.0

type AnnotationKey string

Annotationkey is a mnemonic type name for string

const (
	AllHealthAnnotation  AnnotationKey = ".*"
	RateHealthAnnotation AnnotationKey = "health.kiali.io/rate"
)

func GetHealthConfigAnnotation added in v1.30.0

func GetHealthConfigAnnotation() []AnnotationKey

type App

type App struct {
	// Namespace where the app lives in
	// required: true
	// example: bookinfo
	Namespace Namespace `json:"namespace"`

	// Name of the application
	// required: true
	// example: reviews
	Name string `json:"name"`

	// Cluster of the application
	// required: false
	// example: east
	Cluster string `json:"cluster"`

	// Workloads for a given application
	// required: true
	Workloads []WorkloadItem `json:"workloads"`

	// List of service names linked with an application
	// required: true
	ServiceNames []string `json:"serviceNames"`

	// Runtimes and associated dashboards
	Runtimes []Runtime `json:"runtimes"`

	// Health
	Health AppHealth `json:"health"`
}

type AppHealth

type AppHealth struct {
	WorkloadStatuses []*WorkloadStatus `json:"workloadStatuses"`
	Requests         RequestHealth     `json:"requests"`
}

AppHealth contains aggregated health from various sources, for a given app

func EmptyAppHealth

func EmptyAppHealth() AppHealth

EmptyAppHealth create an empty AppHealth

type AppList

type AppList struct {
	// Namespace where the apps live in
	// required: true
	// example: bookinfo
	Namespace Namespace `json:"namespace"`

	// Cluster where the apps live in
	// required: true
	// example: east
	Cluster string `json:"cluster"`

	// Applications for a given namespace
	// required: true
	Apps []AppListItem `json:"applications"`
}

type AppListItem

type AppListItem struct {
	// Name of the application
	// required: true
	// example: reviews
	Name string `json:"name"`

	// Namespace of the application
	Namespace string `json:"namespace"`

	// The kube cluster where this application is located.
	Cluster string `json:"cluster"`

	// Define if all Pods related to the Workloads of this app has an IstioSidecar deployed
	// required: true
	// example: true
	IstioSidecar bool `json:"istioSidecar"`

	// Define if any pod has the Ambient annotation
	// required: true
	// example: true
	IstioAmbient bool `json:"istioAmbient"`

	// Labels for App
	Labels map[string]string `json:"labels"`

	// Istio References
	IstioReferences []*IstioValidationKey `json:"istioReferences"`

	// Health
	Health AppHealth `json:"health,omitempty"`
}

AppListItem has the necessary information to display the console app list

type Bootstrap added in v1.28.0

type Bootstrap struct {
	Bootstrap map[string]interface{} `json:"bootstrap,inline"`
}

func (*Bootstrap) Parse added in v1.28.0

func (bd *Bootstrap) Parse(dump *kubernetes.ConfigDump) error

type BuildInfo added in v1.86.0

type BuildInfo struct {
	CommitHash       string `json:"commitHash"`
	ContainerVersion string `json:"containerVersion"`
	GoVersion        string `json:"goVersion"`
	Version          string `json:"version"`
}

BuildInfo contains information about the kiali build.

type CanaryUpgradeStatus added in v1.60.0

type CanaryUpgradeStatus struct {
	CurrentVersion     string   `json:"currentVersion"`
	UpgradeVersion     string   `json:"upgradeVersion"`
	MigratedNamespaces []string `json:"migratedNamespaces"`
	PendingNamespaces  []string `json:"pendingNamespaces"`
}

CanaryUpgradeStatus contains the namespaces that are part of the canary and the namespaces that are still using the current revision

type CertInfo added in v1.40.0

type CertInfo struct {
	SecretName      string    `json:"secretName"`
	SecretNamespace string    `json:"secretNamespace"`
	DNSNames        []string  `json:"dnsNames"`
	Issuer          string    `json:"issuer"`
	NotBefore       time.Time `json:"notBefore"`
	NotAfter        time.Time `json:"notAfter"`
	Error           string    `json:"error"`
	Accessible      bool      `json:"accessible"`
}

CertInfo contains the information for a given certificate

func (*CertInfo) Parse added in v1.40.0

func (ci *CertInfo) Parse(certificate []byte)

type Chart added in v0.12.0

type Chart struct {
	Name           string   `json:"name"`
	Unit           string   `json:"unit"`
	Spans          int      `json:"spans"`
	StartCollapsed bool     `json:"startCollapsed"`
	ChartType      *string  `json:"chartType,omitempty"`
	Min            *int     `json:"min,omitempty"`
	Max            *int     `json:"max,omitempty"`
	Metrics        []Metric `json:"metrics"`
	XAxis          *string  `json:"xAxis"`
	Error          string   `json:"error"`
}

Chart is the model representing a custom chart, transformed from charts in MonitoringDashboard config resource

func ConvertChart added in v0.12.0

func ConvertChart(from dashboards.MonitoringDashboardChart) Chart

ConvertChart converts a config chart (from MonitoringDashboard config resource) into this models chart

type Cluster added in v1.28.0

type Cluster struct {
	ServiceFQDN     kubernetes.Host `json:"service_fqdn"`
	Port            int             `json:"port"`
	Subset          string          `json:"subset"`
	Direction       string          `json:"direction"`
	Type            string          `json:"type"`
	DestinationRule string          `json:"destination_rule"`
}

func (*Cluster) Parse added in v1.28.0

func (cs *Cluster) Parse(cluster kubernetes.EnvoyCluster)

type ClusterApps added in v1.82.1

type ClusterApps struct {
	// Applications list for namespaces of a single cluster
	// required: true
	Apps []AppListItem `json:"applications"`

	// Cluster where the apps live in
	// required: true
	// example: east
	Cluster string `json:"cluster"`
}

type ClusterServices added in v1.83.0

type ClusterServices struct {
	// Cluster where the services live in
	// required: true
	// example: east
	Cluster string `json:"cluster"`
	// Services list for namespaces of a single cluster
	// required: true
	Services    []ServiceOverview `json:"services"`
	Validations IstioValidations  `json:"validations"`
}

type ClusterWorkloads added in v1.83.0

type ClusterWorkloads struct {
	// Cluster where the apps live in
	// required: true
	// example: east
	Cluster string `json:"cluster"`

	// Workloads list for namespaces of a single cluster
	// required: true
	Workloads []WorkloadListItem `json:"workloads"`

	Validations IstioValidations `json:"validations"`
}

type Clusters added in v1.28.0

type Clusters []*Cluster

func (*Clusters) Parse added in v1.28.0

func (css *Clusters) Parse(dump *kubernetes.ConfigDump) error

type ClustersNamespaceHealth added in v1.82.0

type ClustersNamespaceHealth struct {
	AppHealth      map[string]*NamespaceAppHealth      `json:"namespaceAppHealth,omitempty"`
	ServiceHealth  map[string]*NamespaceServiceHealth  `json:"namespaceServiceHealth,omitempty"`
	WorkloadHealth map[string]*NamespaceWorkloadHealth `json:"namespaceWorkloadHealth,omitempty"`
}

ClustersNamespaceHealth is a map NamespaceHealth for namespaces of given clusters

type ContainerInfo

type ContainerInfo struct {
	Name      string `json:"name"`
	Image     string `json:"image"`
	IsProxy   bool   `json:"isProxy"`
	IsReady   bool   `json:"isReady"`
	IsAmbient bool   `json:"isAmbient"`
}

ContainerInfo holds container name and image

type ControlPlane added in v1.86.0

type ControlPlane struct {
	// Cluster the kube cluster that the controlplane is running on.
	Cluster *kubernetes.Cluster

	// Config
	Config ControlPlaneConfiguration

	// ExternalControlPlane indicates if the controlplane is managing an external cluster.
	ExternalControlPlane bool

	// ID is the control plane ID as known by istiod.
	ID string

	// IstiodName is the control plane name
	IstiodName string

	// IstiodNamespace is the namespace name of the deployed control plane
	IstiodNamespace string

	// ManagedClusters are the clusters that this controlplane manages.
	// This could include the cluster that the controlplane is running on.
	ManagedClusters []*kubernetes.Cluster

	// ManagesExternal indicates if the controlplane manages an external cluster.
	// It could also manage the cluster that it is running on.
	ManagesExternal bool

	// Revision is the revision of the controlplane.
	// Can be empty when it's the default revision.
	Revision string

	// Version is the version of the controlplane.
	Version *ExternalServiceInfo
}

ControlPlane manages the dataPlane for one or more kube clusters. It's expected to manage the cluster that it is deployed in. It has configuration for all the clusters/namespaces associated with it.

type ControlPlaneConfiguration added in v1.86.0

type ControlPlaneConfiguration struct {
	// IsGatewayToNamespace specifies the PILOT_SCOPE_GATEWAY_TO_NAMESPACE environment variable in Control Plane
	// This is not currently used by the frontend so excluding it from the API response.
	IsGatewayToNamespace bool `json:"-"`

	// OutboundTrafficPolicy is the outbound traffic policy for the controlplane.
	OutboundTrafficPolicy OutboundPolicy

	// Network is the name of the network that the controlplane is using.
	Network string

	// IstioMeshConfig comes from the istio configmap.
	kubernetes.IstioMeshConfig
}

ControlPlaneConfiguration is the configuration for the controlPlane and any associated dataPlane.

type ControlPlaneMetricsQuery added in v1.57.0

type ControlPlaneMetricsQuery struct {
	prometheus.RangeQuery
}

ControlPlaneMetricsQuery holds query parameters for a control plane metrics query

func (*ControlPlaneMetricsQuery) FillDefaults added in v1.57.0

func (q *ControlPlaneMetricsQuery) FillDefaults()

FillDefaults fills the struct with default parameters

type ConversionParams added in v1.27.0

type ConversionParams struct {
	Scale            float64
	SortLabel        string
	SortLabelParseAs string
	RemoveSortLabel  bool
}

type CustomMetricsQuery added in v1.27.0

type CustomMetricsQuery struct {
	prometheus.RangeQuery
	Namespace         string
	App               string
	Version           string
	RawDataAggregator string
}

CustomMetricsQuery holds query parameters for a custom metrics query

func (*CustomMetricsQuery) FillDefaults added in v1.27.0

func (q *CustomMetricsQuery) FillDefaults()

FillDefaults fills the struct with default parameters

type DashboardQuery added in v1.27.0

type DashboardQuery struct {
	prometheus.RangeQuery
	Namespace         string
	LabelsFilters     map[string]string
	AdditionalLabels  []Aggregation
	RawDataAggregator string
	Workload          string
	WorkloadType      string
}

DashboardQuery holds query parameters for a dashboard query

func (*DashboardQuery) FillDefaults added in v1.27.0

func (q *DashboardQuery) FillDefaults()

FillDefaults fills the struct with default parameters

type DashboardRef added in v0.12.0

type DashboardRef struct {
	Template string `json:"template"`
	Title    string `json:"title"`
}

DashboardRef holds template name and title for a custom dashboard

type Datapoint added in v1.27.0

type Datapoint struct {
	Timestamp int64
	Value     float64
}

func (Datapoint) MarshalJSON added in v1.27.0

func (s Datapoint) MarshalJSON() ([]byte, error)

MarshalJSON implements json.Marshaler.

type Endpoint

type Endpoint struct {
	Addresses Addresses `json:"addresses"`
	Ports     Ports     `json:"ports"`
}

func (*Endpoint) Parse

func (endpoint *Endpoint) Parse(s core_v1.EndpointSubset)

type Endpoints

type Endpoints []Endpoint

func (*Endpoints) Parse

func (endpoints *Endpoints) Parse(es *core_v1.Endpoints)

type EnvoyProxyDump added in v1.28.0

type EnvoyProxyDump struct {
	ConfigDump *kubernetes.ConfigDump `json:"config_dump,omitempty"`
	Bootstrap  *Bootstrap             `json:"bootstrap,omitempty"`
	Clusters   *Clusters              `json:"clusters,omitempty"`
	Listeners  *Listeners             `json:"listeners,omitempty"`
	Routes     *Routes                `json:"routes,omitempty"`
}
type ExternalLink struct {
	URL       string                                              `json:"url"`
	Name      string                                              `json:"name"`
	Variables dashboards.MonitoringDashboardExternalLinkVariables `json:"variables"`
}

ExternalLink provides links to external dashboards (e.g. to Grafana)

type ExternalServiceInfo added in v1.86.0

type ExternalServiceInfo struct {
	// The name of the service
	//
	// required: true
	// example: Istio
	Name string `json:"name"`

	// The installed version of the service
	//
	// required: false
	// example: 0.8.0
	Version string `json:"version,omitempty"`

	// The service url
	//
	// required: false
	// example: jaeger-query-istio-system.127.0.0.1.nip.io
	Url string `json:"url,omitempty"`

	TempoConfig config.TempoConfig `json:"tempoConfig,omitempty"`
}

Status response model This is used for returning a response of Kiali Status swagger:model externalServiceInfo

type GrafanaInfo

type GrafanaInfo struct {
	ExternalLinks []ExternalLink `json:"externalLinks"`
}

GrafanaInfo provides information to access Grafana dashboards

type IstioCheck

type IstioCheck struct {
	// The check code used to identify a check
	// required: true
	// example: KIA0001
	Code string `json:"code"`

	// Description of the check
	// required: true
	// example: Weight sum should be 100
	Message string `json:"message"`

	// Indicates the level of importance: error or warning
	// required: true
	// example: error
	Severity SeverityLevel `json:"severity"`

	// String that describes where in the yaml file is the check located
	// example: spec/http[0]/route
	Path string `json:"path"`
}

IstioCheck represents an individual check. swagger:model

func Build added in v0.14.0

func Build(checkId string, path string) IstioCheck

func (IstioCheck) GetFullMessage added in v1.38.1

func (ic IstioCheck) GetFullMessage() string

type IstioConfigDetails

type IstioConfigDetails struct {
	Namespace  Namespace `json:"namespace"`
	ObjectType string    `json:"objectType"`

	AuthorizationPolicy   *security_v1.AuthorizationPolicy   `json:"authorizationPolicy"`
	DestinationRule       *networking_v1.DestinationRule     `json:"destinationRule"`
	EnvoyFilter           *networking_v1alpha3.EnvoyFilter   `json:"envoyFilter"`
	Gateway               *networking_v1.Gateway             `json:"gateway"`
	PeerAuthentication    *security_v1.PeerAuthentication    `json:"peerAuthentication"`
	RequestAuthentication *security_v1.RequestAuthentication `json:"requestAuthentication"`
	ServiceEntry          *networking_v1.ServiceEntry        `json:"serviceEntry"`
	Sidecar               *networking_v1.Sidecar             `json:"sidecar"`
	VirtualService        *networking_v1.VirtualService      `json:"virtualService"`
	WorkloadEntry         *networking_v1.WorkloadEntry       `json:"workloadEntry"`
	WorkloadGroup         *networking_v1.WorkloadGroup       `json:"workloadGroup"`
	WasmPlugin            *extentions_v1alpha1.WasmPlugin    `json:"wasmPlugin"`
	Telemetry             *telemetry_v1.Telemetry            `json:"telemetry"`

	K8sGateway        *k8s_networking_v1.Gateway             `json:"k8sGateway"`
	K8sGRPCRoute      *k8s_networking_v1.GRPCRoute           `json:"k8sGRPCRoute"`
	K8sHTTPRoute      *k8s_networking_v1.HTTPRoute           `json:"k8sHTTPRoute"`
	K8sReferenceGrant *k8s_networking_v1beta1.ReferenceGrant `json:"k8sReferenceGrant"`
	K8sTCPRoute       *k8s_networking_v1alpha2.TCPRoute      `json:"k8sTCPRoute"`
	K8sTLSRoute       *k8s_networking_v1alpha2.TLSRoute      `json:"k8sTLSRoute"`

	Permissions           ResourcePermissions `json:"permissions"`
	IstioValidation       *IstioValidation    `json:"validation"`
	IstioReferences       *IstioReferences    `json:"references"`
	IstioConfigHelpFields []IstioConfigHelp   `json:"help"`
}

type IstioConfigHelp added in v1.48.0

type IstioConfigHelp struct {
	ObjectField string `json:"objectField"`
	Message     string `json:"message"`
}

IstioConfigHelp represents a help message for a given Istio object type and field

type IstioConfigList

type IstioConfigList struct {
	DestinationRules []*networking_v1.DestinationRule   `json:"destinationRules"`
	EnvoyFilters     []*networking_v1alpha3.EnvoyFilter `json:"envoyFilters"`
	Gateways         []*networking_v1.Gateway           `json:"gateways"`
	ServiceEntries   []*networking_v1.ServiceEntry      `json:"serviceEntries"`
	Sidecars         []*networking_v1.Sidecar           `json:"sidecars"`
	VirtualServices  []*networking_v1.VirtualService    `json:"virtualServices"`
	WorkloadEntries  []*networking_v1.WorkloadEntry     `json:"workloadEntries"`
	WorkloadGroups   []*networking_v1.WorkloadGroup     `json:"workloadGroups"`
	WasmPlugins      []*extentions_v1alpha1.WasmPlugin  `json:"wasmPlugins"`
	Telemetries      []*telemetry_v1.Telemetry          `json:"telemetries"`

	K8sGateways        []*k8s_networking_v1.Gateway             `json:"k8sGateways"`
	K8sGRPCRoutes      []*k8s_networking_v1.GRPCRoute           `json:"k8sGRPCRoutes"`
	K8sHTTPRoutes      []*k8s_networking_v1.HTTPRoute           `json:"k8sHTTPRoutes"`
	K8sReferenceGrants []*k8s_networking_v1beta1.ReferenceGrant `json:"k8sReferenceGrants"`
	K8sTCPRoutes       []*k8s_networking_v1alpha2.TCPRoute      `json:"k8sTCPRoutes"`
	K8sTLSRoutes       []*k8s_networking_v1alpha2.TLSRoute      `json:"k8sTLSRoutes"`

	AuthorizationPolicies  []*security_v1.AuthorizationPolicy   `json:"authorizationPolicies"`
	PeerAuthentications    []*security_v1.PeerAuthentication    `json:"peerAuthentications"`
	RequestAuthentications []*security_v1.RequestAuthentication `json:"requestAuthentications"`
	IstioValidations       IstioValidations                     `json:"validations"`
}

IstioConfigList istioConfigList This type is used for returning a response of IstioConfigList swagger:model IstioConfigList

func (*IstioConfigList) ConvertToResponse added in v1.82.0

func (i *IstioConfigList) ConvertToResponse()

func (IstioConfigList) FilterIstioConfigs added in v1.53.0

func (configList IstioConfigList) FilterIstioConfigs(nss []string) *IstioConfigs

FilterIstioConfigs Filters all Istio configs from Istio registry by given namespaces and return a map config list per namespace

func (IstioConfigList) MergeConfigs added in v1.69.0

func (configList IstioConfigList) MergeConfigs(ns IstioConfigList) IstioConfigList

Merge two config lists. To get configs from different namespaces

type IstioConfigMap added in v1.69.0

type IstioConfigMap map[string]IstioConfigList

IstioConfigMap holds a map of IstioConfigList per cluster

type IstioConfigPermissions added in v1.13.0

type IstioConfigPermissions map[string]*ResourcesPermissions

IstioConfigPermissions holds a map of ResourcesPermissions per namespace

type IstioConfigs added in v1.53.0

type IstioConfigs map[string]*IstioConfigList

IstioConfigs holds a map of IstioConfigList per namespace

type IstioMetricsQuery added in v1.27.0

type IstioMetricsQuery struct {
	prometheus.RangeQuery
	Aggregate       string
	AggregateValue  string
	App             string
	Cluster         string
	Direction       string // outbound | inbound
	IncludeAmbient  bool
	Filters         []string
	Namespace       string
	RequestProtocol string // e.g. http | grpc
	Reporter        string // source | destination | both, defaults to source if not provided
	Service         string
	Workload        string
}

IstioMetricsQuery holds query parameters for a typical metrics query

func (*IstioMetricsQuery) FillDefaults added in v1.27.0

func (q *IstioMetricsQuery) FillDefaults()

FillDefaults fills the struct with default parameters

type IstioReference added in v1.47.0

type IstioReference struct {
	ObjectType string `json:"objectType"`
	Name       string `json:"name"`
	Namespace  string `json:"namespace"`
}

IstioReference is the key value composed of an Istio ObjectType and Name.

type IstioReferenceKey added in v1.47.0

type IstioReferenceKey struct {
	ObjectType string `json:"objectType"`
	Name       string `json:"name"`
	Namespace  string `json:"namespace"`
}

IstioReferenceKey is the key value composed of an Istio ObjectType, Namespace and Name.

type IstioReferences added in v1.47.0

type IstioReferences struct {
	// Related Istio objects
	ObjectReferences []IstioReference `json:"objectReferences"`

	// Related Istio objects
	ServiceReferences []ServiceReference `json:"serviceReferences"`

	// Related Istio objects
	WorkloadReferences []WorkloadReference `json:"workloadReferences"`
}

IstioReferences represents a sets of different references

func (IstioReferences) MergeReferences added in v1.47.0

func (ir IstioReferences) MergeReferences(references IstioReferences) IstioReferences

type IstioReferencesMap added in v1.47.0

type IstioReferencesMap map[IstioReferenceKey]*IstioReferences

IstioReferencesMap represents a set of IstioValidation grouped by IstioReferenceKey.

func (IstioReferencesMap) MergeReferencesMap added in v1.47.0

func (ir IstioReferencesMap) MergeReferencesMap(references IstioReferencesMap) IstioReferencesMap

type IstioValidation

type IstioValidation struct {
	// Name of the object itself
	// required: true
	// example: reviews
	Name string `json:"name"`

	// Namespace of the object
	// required: true
	// example: bookinfo
	Namespace string `json:"namespace"`

	// Cluster of the object
	// required: true
	// example: east
	Cluster string `json:"cluster"`

	// Type of the object
	// required: true
	// example: virtualservice
	ObjectType string `json:"objectType"`

	// Represents validity of the object: in case of warning, validity remains as true
	// required: true
	// example: false
	Valid bool `json:"valid"`

	// Array of checks. It might be empty.
	Checks []*IstioCheck `json:"checks"`

	// Related objects (only validation errors)
	References []IstioValidationKey `json:"references"`
}

IstioValidation represents a list of checks associated to an Istio object. swagger:model

type IstioValidationKey

type IstioValidationKey struct {
	ObjectType string `json:"objectType"`
	Name       string `json:"name"`
	Namespace  string `json:"namespace"`
	Cluster    string `json:"cluster"`
}

IstioValidationKey is the key value composed of an Istio ObjectType and Name.

func BuildKey added in v0.15.0

func BuildKey(objectType, name, namespace string) IstioValidationKey

type IstioValidationSummary added in v1.10.0

type IstioValidationSummary struct {
	// Number of validations with error severity
	// required: true
	// example: 2
	Errors int `json:"errors"`
	// Number of Istio Objects analyzed
	// required: true
	// example: 6
	ObjectCount int `json:"objectCount"`
	// Number of validations with warning severity
	// required: true
	// example: 4
	Warnings int `json:"warnings"`
	// Namespace of the Istio Objects.
	// required: true
	// example: bookinfo
	Namespace string `json:"namespace"`
	// Cluster of the Istio Objects.
	// required: true
	// example: east
	Cluster string `json:"cluster"`
}

IstioValidationSummary represents the number of errors/warnings of a set of Istio Validations.

type IstioValidations

type IstioValidations map[IstioValidationKey]*IstioValidation

IstioValidations represents a set of IstioValidation grouped by IstioValidationKey.

func (IstioValidations) FilterByKey

func (iv IstioValidations) FilterByKey(objectType, name string) IstioValidations

func (IstioValidations) FilterBySingleType added in v0.20.0

func (iv IstioValidations) FilterBySingleType(objectType, name string) IstioValidations

func (IstioValidations) FilterByTypes added in v0.14.0

func (iv IstioValidations) FilterByTypes(objectTypes []string) IstioValidations

FilterByTypes takes an input as ObjectTypes, transforms to singular types and filters the validations

func (IstioValidations) MarshalJSON

func (iv IstioValidations) MarshalJSON() ([]byte, error)

MarshalJSON implements the json.Marshaler interface.

func (IstioValidations) MergeReferences added in v1.7.0

func (iv IstioValidations) MergeReferences(validations IstioValidations) IstioValidations

func (IstioValidations) MergeValidations

func (iv IstioValidations) MergeValidations(validations IstioValidations) IstioValidations

func (*IstioValidations) StripIgnoredChecks added in v1.38.1

func (iv *IstioValidations) StripIgnoredChecks()

func (IstioValidations) SummarizeValidation added in v1.10.0

func (iv IstioValidations) SummarizeValidation(ns string, cluster string) *IstioValidationSummary

type IstiodThresholds added in v1.57.0

type IstiodThresholds struct {
	Memory float64 `json:"memory"`
	CPU    float64 `json:"cpu"`
}

IstiodThresholds contains the resource limits configured in Istiod

type Listener added in v1.28.0

type Listener struct {
	Address     string  `json:"address"`
	Port        float64 `json:"port"`
	Match       string  `json:"match"`
	Destination string  `json:"destination"`
}

type Listeners added in v1.28.0

type Listeners []*Listener

func (*Listeners) Parse added in v1.28.0

func (ls *Listeners) Parse(dump *kubernetes.ConfigDump) error

type LogType added in v1.84.0

type LogType string
const (
	LogTypeApp      LogType = "app"
	LogTypeProxy    LogType = "proxy"
	LogTypeWaypoint LogType = "waypoint"
	LogTypeZtunnel  LogType = "ztunnel"
)

type MTLSStatus added in v0.16.0

type MTLSStatus struct {
	AutoMTLSEnabled bool   `json:"autoMTLSEnabled"`
	Cluster         string `json:"cluster,omitempty"`
	MinTLS          string `json:"minTLS"`
	Namespace       string `json:"namespace,omitempty"`
	// mTLS status: MTLS_ENABLED, MTLS_PARTIALLY_ENABLED, MTLS_NOT_ENABLED
	// required: true
	// example: MTLS_ENABLED
	Status string `json:"status"`
}

MTLSStatus describes the current mTLS status of a mesh entity

type Mesh added in v1.86.0

type Mesh struct {
	// ControlPlanes that share the same mesh ID.
	ControlPlanes []ControlPlane
}

Mesh is one or more controlplanes (primaries) managing a dataPlane across one or more clusters. There can be multiple primaries on a single cluster when istio revisions are used. A single primary can also manage multiple clusters (primary-remote deployment).

type Metric added in v1.27.0

type Metric struct {
	Labels     map[string]string `json:"labels"`
	Datapoints []Datapoint       `json:"datapoints"`
	Stat       string            `json:"stat,omitempty"`
	Name       string            `json:"name"`
}

func ConvertHistogram added in v1.1.0

func ConvertHistogram(name string, from prometheus.Histogram, conversionParams ConversionParams) ([]Metric, error)

func ConvertMetric added in v1.27.0

func ConvertMetric(name string, from prometheus.Metric, conversionParams ConversionParams) ([]Metric, error)

type MetricsMap added in v1.27.0

type MetricsMap = map[string][]Metric

MetricsMap contains all simple metrics and histograms data for standard timeseries queries

type MetricsPerNamespace added in v1.81.0

type MetricsPerNamespace = map[string]MetricsMap

MetricsPerNamespace map for MetricsMap per namespace

type MetricsStats added in v1.27.0

type MetricsStats struct {
	ResponseTimes []Stat `json:"responseTimes"`
}

MetricsStats contains opinionated statistics on metrics on a single target. Currently limited to response times (avg/percentiles over interval)

type MetricsStatsQueries added in v1.27.0

type MetricsStatsQueries struct {
	Queries []MetricsStatsQuery
}

type MetricsStatsQuery added in v1.27.0

type MetricsStatsQuery struct {
	Target       Target
	PeerTarget   *Target
	RawQueryTime int64     `json:"queryTime"`
	QueryTime    time.Time `json:"-"`
	RawInterval  string    `json:"interval"`
	Interval     string    `json:"-"`
	Direction    string    // outbound | inbound
	Avg          bool
	Quantiles    []string
}

func (*MetricsStatsQuery) GenKey added in v1.27.0

func (q *MetricsStatsQuery) GenKey() string

GenKey !! HAS to mirror frontend's genStatsKey in SpanTable.tsx

func (*MetricsStatsQuery) Validate added in v1.27.0

func (q *MetricsStatsQuery) Validate() *util.Errors

type MetricsStatsResult added in v1.27.0

type MetricsStatsResult struct {
	Stats    map[string]MetricsStats `json:"stats"` // Key is built from query params, see "GenKey" above. The same key needs to be generated client-side for matching.
	Warnings []string                `json:"warnings"`
}

MetricsStatsResult holds the MetricsStats per target, plus errors

type MonitoringDashboard added in v0.12.0

type MonitoringDashboard struct {
	Name          string         `json:"name"`
	Title         string         `json:"title"`
	Charts        []Chart        `json:"charts"`
	Aggregations  []Aggregation  `json:"aggregations"`
	ExternalLinks []ExternalLink `json:"externalLinks"`
	Rows          int            `json:"rows"`
}

MonitoringDashboard is the model representing custom monitoring dashboard, transformed from MonitoringDashboard config resource

func PrepareIstioDashboard added in v0.12.0

func PrepareIstioDashboard(direction string) MonitoringDashboard

PrepareIstioDashboard prepares the Istio dashboard title and aggregations dynamically for input values

type Namespace

type Namespace struct {
	// The id of the namespace.
	//
	// example:  istio-system
	// required: true
	Name string `json:"name"`

	// The name of the cluster
	//
	// example:  east
	// required: true
	Cluster string `json:"cluster"`

	// If has the Ambient annotations
	//
	// required: true
	IsAmbient bool `json:"isAmbient"`

	// Creation date of the namespace.
	// There is no need to export this through the API. So, this is
	// set to be ignored by JSON package.
	//
	// required: true
	CreationTimestamp time.Time `json:"-"`

	// Labels for Namespace
	Labels map[string]string `json:"labels"`

	// Specific annotations used in Kiali
	Annotations map[string]string `json:"annotations"`
}

A Namespace provide a scope for names This type is used to describe a set of objects.

swagger:model namespace

func CastNamespace

func CastNamespace(ns core_v1.Namespace, cluster string) Namespace

func CastNamespaceCollection

func CastNamespaceCollection(ns []core_v1.Namespace, cluster string) []Namespace

func CastProject

func CastProject(p osproject_v1.Project, cluster string) Namespace

func CastProjectCollection

func CastProjectCollection(ps []osproject_v1.Project, cluster string) []Namespace

type NamespaceAppHealth

type NamespaceAppHealth map[string]*AppHealth

NamespaceAppsHealth is a list of app name x health for a given namespace

type NamespaceNames added in v1.14.0

type NamespaceNames []string

func (NamespaceNames) Includes added in v1.14.0

func (nsn NamespaceNames) Includes(namespace string) bool

func (NamespaceNames) IsSubsetOf added in v1.14.0

func (a NamespaceNames) IsSubsetOf(b NamespaceNames) bool

type NamespaceServiceHealth

type NamespaceServiceHealth map[string]*ServiceHealth

NamespaceServicesHealth is a list of service name x health for a given namespace

type NamespaceValidations

type NamespaceValidations map[string]IstioValidations

NamespaceValidations represents a set of IstioValidations grouped by namespace

type NamespaceWorkloadHealth

type NamespaceWorkloadHealth map[string]*WorkloadHealth

NamespaceWorkloadsHealth is a list of workload name x health for a given namespace

type Namespaces added in v1.12.0

type Namespaces []Namespace

func (Namespaces) GetNames added in v1.12.0

func (nss Namespaces) GetNames() []string

func (Namespaces) Includes added in v1.12.0

func (nss Namespaces) Includes(namespace string) bool

func (Namespaces) IsNamespaceAmbient added in v1.80.0

func (nss Namespaces) IsNamespaceAmbient(namespace, cluster string) bool

type OutboundPolicy added in v1.57.0

type OutboundPolicy struct {
	Mode string `json:"mode"`
}

OutboundPolicy contains information egress traffic permissions

type Pod

type Pod struct {
	Name                string            `json:"name"`
	Labels              map[string]string `json:"labels"`
	CreatedAt           string            `json:"createdAt"`
	CreatedBy           []Reference       `json:"createdBy"`
	Containers          []*ContainerInfo  `json:"containers"`
	IstioContainers     []*ContainerInfo  `json:"istioContainers"`
	IstioInitContainers []*ContainerInfo  `json:"istioInitContainers"`
	Status              string            `json:"status"`
	StatusMessage       string            `json:"statusMessage"`
	StatusReason        string            `json:"statusReason"`
	AppLabel            bool              `json:"appLabel"`
	VersionLabel        bool              `json:"versionLabel"`
	Annotations         map[string]string `json:"annotations"`
	ProxyStatus         *ProxyStatus      `json:"proxyStatus"`
	ServiceAccountName  string            `json:"serviceAccountName"`
}

Pod holds a subset of v1.Pod data that is meaningful in Kiali

func (*Pod) AmbientEnabled added in v1.67.0

func (pod *Pod) AmbientEnabled() bool

AmbientEnabled returns true if the pod is labeled as ambient-type

func (Pod) HasIstioSidecar added in v0.20.0

func (pod Pod) HasIstioSidecar() bool

HasIstioSidecar returns true if the pod has an Istio proxy sidecar in containers or in init containers

func (*Pod) HasNativeSidecar added in v1.75.0

func (pod *Pod) HasNativeSidecar() bool

HasNativeSidecar returns true if the pod has istio-proxy init containers

func (*Pod) IsWaypoint added in v1.67.0

func (pod *Pod) IsWaypoint() bool

IsWaypoint returns true if the pod is a waypoint proxy

func (*Pod) Parse

func (pod *Pod) Parse(p *core_v1.Pod)

Parse extracts desired information from k8s Pod info

type Pods

type Pods []*Pod

Pods alias for list of Pod structs

func (Pods) HasAnyAmbient added in v1.67.0

func (pods Pods) HasAnyAmbient() bool

HasAnyAmbient check each pod individually and returns true if any of them is labeled with the Ambient annotation

func (Pods) HasAnyIstioSidecar added in v1.36.0

func (pods Pods) HasAnyIstioSidecar() bool

HasAnyIstioSidecar returns true if there are pods and any of pods have a sidecar

func (Pods) HasIstioSidecar added in v0.20.0

func (pods Pods) HasIstioSidecar() bool

HasIstioSidecar returns true if there are no pods or all pods have a sidecar

func (*Pods) Parse

func (pods *Pods) Parse(list []core_v1.Pod)

Parse extracts desired information from k8s []Pod info

func (Pods) ServiceAccounts added in v1.43.0

func (pods Pods) ServiceAccounts() []string

ServiceAccounts returns the names of each service account of the pod list

func (Pods) SyncedPodProxiesCount added in v1.25.0

func (pods Pods) SyncedPodProxiesCount() int32

SyncedPodsCount returns the number of Pods with its proxy synced If none of the pods have Istio Sidecar, then return -1

type Port

type Port struct {
	Name        string  `json:"name"`
	Protocol    string  `json:"protocol"`
	AppProtocol *string `json:"appProtocol,omitempty"`
	Port        int32   `json:"port"`
}

func (*Port) Parse

func (port *Port) Parse(p core_v1.ServicePort)

func (*Port) ParseEndpointPort

func (port *Port) ParseEndpointPort(p core_v1.EndpointPort)

type Ports

type Ports []Port

func (*Ports) Parse

func (ports *Ports) Parse(ps []core_v1.ServicePort)

func (*Ports) ParseEndpointPorts

func (ports *Ports) ParseEndpointPorts(ps []core_v1.EndpointPort)

func (*Ports) ParseServiceRegistryPorts added in v1.44.0

func (ports *Ports) ParseServiceRegistryPorts(rs *kubernetes.RegistryService)

type ProxyStatus added in v1.25.0

type ProxyStatus struct {
	CDS string `json:"CDS"`
	EDS string `json:"EDS"`
	LDS string `json:"LDS"`
	RDS string `json:"RDS"`
}

ProxyStatus gives the sync status of the sidecar proxy. In healthy scenarios all variables should be true. If at least one variable is false, then the proxy isn't fully sync'ed with pilot.

func (ProxyStatus) IsSynced added in v1.25.0

func (ps ProxyStatus) IsSynced() bool

IsSynced returns true when all the components are with SYNCED status

type Reference

type Reference struct {
	Name string `json:"name"`
	Kind string `json:"kind"`
}

Reference holds some information on the pod creator

type RequestHealth

type RequestHealth struct {
	Inbound           map[string]map[string]float64 `json:"inbound"`
	Outbound          map[string]map[string]float64 `json:"outbound"`
	HealthAnnotations map[string]string             `json:"healthAnnotations"`
	// contains filtered or unexported fields
}

RequestHealth holds several stats about recent request errors - Inbound//Outbound are the rates of requests by protocol and status_code. Example: Inbound: { "http": {"200": 1.5, "400": 2.3}, "grpc": {"1": 1.2} }

func NewEmptyRequestHealth added in v0.11.0

func NewEmptyRequestHealth() RequestHealth

func (*RequestHealth) AggregateInbound added in v0.11.0

func (in *RequestHealth) AggregateInbound(sample *model.Sample)

AggregateInbound adds the provided metric sample to internal inbound counters and updates error ratios

func (*RequestHealth) AggregateOutbound added in v0.11.0

func (in *RequestHealth) AggregateOutbound(sample *model.Sample)

AggregateOutbound adds the provided metric sample to internal outbound counters and updates error ratios

func (*RequestHealth) CombineReporters added in v1.29.1

func (in *RequestHealth) CombineReporters()

RequestHealth internally stores Inbound rate separated by reporter There were duplicated values that should exist in both reports but there may exist values that only are present in one or another reporter, those should be consolidated into a single result

type ResourcePermissions added in v0.9.1

type ResourcePermissions struct {
	Create bool `json:"create"`
	Update bool `json:"update"`
	Delete bool `json:"delete"`
}

ResourcePermissions holds permission flags for an object type True means allowed.

type ResourcesPermissions added in v1.13.0

type ResourcesPermissions map[string]*ResourcePermissions

ResourcesPermissions holds a map of permission flags per resource

type Route added in v1.28.0

type Route struct {
	Name           string          `json:"name"`
	Domains        kubernetes.Host `json:"domains"`
	Match          string          `json:"match"`
	VirtualService string          `json:"virtual_service"`
}

type Routes added in v1.28.0

type Routes []*Route

func (*Routes) Parse added in v1.28.0

func (rs *Routes) Parse(dump *kubernetes.ConfigDump, namespaces []string) error

type Runtime added in v0.14.0

type Runtime struct {
	Name          string         `json:"name"`
	DashboardRefs []DashboardRef `json:"dashboardRefs"`
}

Runtime holds the runtime title and associated dashboard template(s)

type Service

type Service struct {
	AdditionalDetails []AdditionalItem  `json:"additionalDetails"`
	Annotations       map[string]string `json:"annotations"`
	Cluster           string            `json:"cluster"`
	CreatedAt         string            `json:"createdAt"`
	ExternalName      string            `json:"externalName"`
	HealthAnnotations map[string]string `json:"healthAnnotations"`
	Ip                string            `json:"ip"`
	Labels            map[string]string `json:"labels"`
	Name              string            `json:"name"`
	Namespace         string            `json:"namespace"`
	Ports             Ports             `json:"ports"`
	ResourceVersion   string            `json:"resourceVersion"`
	Selectors         map[string]string `json:"selectors"`
	Type              string            `json:"type"`
}

func (*Service) Parse

func (s *Service) Parse(cluster string, service *core_v1.Service)

func (*Service) ParseRegistryService added in v1.44.0

func (s *Service) ParseRegistryService(cluster string, service *kubernetes.RegistryService)

type ServiceDefinitionList added in v1.5.0

type ServiceDefinitionList struct {
	Namespace          Namespace        `json:"namespace"`
	ServiceDefinitions []ServiceDetails `json:"serviceDefinitions"`
}

type ServiceDetails

type ServiceDetails struct {
	DestinationRules   []*networking_v1.DestinationRule         `json:"destinationRules"`
	Endpoints          Endpoints                                `json:"endpoints"`
	IstioPermissions   ResourcePermissions                      `json:"istioPermissions"`
	IstioSidecar       bool                                     `json:"istioSidecar"`
	K8sHTTPRoutes      []*k8s_networking_v1.HTTPRoute           `json:"k8sHTTPRoutes"`
	K8sReferenceGrants []*k8s_networking_v1beta1.ReferenceGrant `json:"k8sReferenceGrants"`
	Service            Service                                  `json:"service"`
	ServiceEntries     []*networking_v1.ServiceEntry            `json:"serviceEntries"`
	VirtualServices    []*networking_v1.VirtualService          `json:"virtualServices"`
	Workloads          WorkloadOverviews                        `json:"workloads"`
	// Services with same app labels (different versions or a single version)
	Health        ServiceHealth      `json:"health"`
	NamespaceMTLS MTLSStatus         `json:"namespaceMTLS"`
	SubServices   []*ServiceOverview `json:"subServices"`
	Validations   IstioValidations   `json:"validations"`
}

func (*ServiceDetails) SetEndpoints

func (s *ServiceDetails) SetEndpoints(eps *core_v1.Endpoints)

func (*ServiceDetails) SetIstioSidecar added in v1.36.0

func (s *ServiceDetails) SetIstioSidecar(workloads WorkloadOverviews)

func (*ServiceDetails) SetPods

func (s *ServiceDetails) SetPods(pods []core_v1.Pod)

func (*ServiceDetails) SetService

func (s *ServiceDetails) SetService(cluster string, svc *core_v1.Service)

type ServiceHealth

type ServiceHealth struct {
	Requests RequestHealth `json:"requests"`
}

ServiceHealth contains aggregated health from various sources, for a given service

func EmptyServiceHealth added in v0.11.0

func EmptyServiceHealth() ServiceHealth

EmptyServiceHealth create an empty ServiceHealth

type ServiceList

type ServiceList struct {
	Namespace   string            `json:"namespace"`
	Services    []ServiceOverview `json:"services"`
	Validations IstioValidations  `json:"validations"`
}

func (*ServiceList) FilterServicesForSelector added in v1.43.0

func (s *ServiceList) FilterServicesForSelector(selector labels.Selector) []ServiceOverview

func (*ServiceList) GetServiceNames added in v1.43.0

func (s *ServiceList) GetServiceNames() []string

func (*ServiceList) HasMatchingServices added in v1.43.0

func (s *ServiceList) HasMatchingServices(service string) bool

type ServiceOverview

type ServiceOverview struct {
	// Name of the Service
	// required: true
	// example: reviews-v1
	Name string `json:"name"`
	// Namespace of the Service
	Namespace string `json:"namespace"`
	// Define if Pods related to this Service has an IstioSidecar deployed
	// required: true
	// example: true
	IstioSidecar bool `json:"istioSidecar"`
	// The kube cluster where this service is located.
	Cluster string `json:"cluster"`
	// Check if it has Ambient enabled
	// required: true
	// example: true
	IstioAmbient bool `json:"istioAmbient"`
	// Has label app
	// required: true
	// example: true
	AppLabel bool `json:"appLabel"`
	// Additional detail sample, such as type of api being served (graphql, grpc, rest)
	// example: rest
	// required: false
	AdditionalDetailSample *AdditionalItem `json:"additionalDetailSample"`
	// Annotations of Deployment
	// required: false
	Annotations map[string]string `json:"annotations"`
	// Annotations of the service
	HealthAnnotations map[string]string `json:"healthAnnotations"`
	// Names and Ports of Service
	Ports map[string]int `json:"ports"`
	// Labels for Service
	Labels map[string]string `json:"labels"`
	// Selector for Service
	Selector map[string]string `json:"selector"`
	// Istio References
	IstioReferences []*IstioValidationKey `json:"istioReferences"`
	// Kiali Wizard scenario, if any
	KialiWizard string `json:"kialiWizard"`
	// ServiceRegistry values:
	// Kubernetes: 	is a service registry backed by k8s API server
	// External: 	is a service registry for externally provided ServiceEntries
	// Federation:  special case when registry is provided from a federated environment
	ServiceRegistry string `json:"serviceRegistry"`

	// Health
	Health ServiceHealth `json:"health,omitempty"`
}

func (*ServiceOverview) ParseToService added in v1.48.0

func (so *ServiceOverview) ParseToService() *Service

type ServiceReference added in v1.47.0

type ServiceReference struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

ServiceReference is the key value composed of a Name and Namespace.

type Services

type Services []*Service

func (*Services) Parse

func (ss *Services) Parse(cluster string, services []core_v1.Service)

type SeverityLevel added in v0.14.0

type SeverityLevel string
const (
	ErrorSeverity   SeverityLevel = "error"
	WarningSeverity SeverityLevel = "warning"
	Unknown         SeverityLevel = "unknown"
)

type Stat added in v1.27.0

type Stat struct {
	Name  string  `json:"name"` // E.g. avg, p99, etc.
	Value float64 `json:"value"`
}

Stat holds arbitrary stat name & value

type Target added in v1.27.0

type Target struct {
	Namespace string
	Name      string
	Kind      string // app | workload | service
	Cluster   string
}

func (*Target) GenKey added in v1.27.0

func (t *Target) GenKey() string

type TracingInfo added in v1.75.0

type TracingInfo struct {
	Enabled              bool               `json:"enabled"`
	Integration          bool               `json:"integration"`
	Provider             string             `json:"provider"`
	TempoConfig          config.TempoConfig `json:"tempoConfig"`
	URL                  string             `json:"url"`
	NamespaceSelector    bool               `json:"namespaceSelector"`
	WhiteListIstioSystem []string           `json:"whiteListIstioSystem"`
}

type TracingQuery added in v1.19.0

type TracingQuery struct {
	Start       time.Time
	End         time.Time
	Tags        map[string]string
	MinDuration time.Duration
	Limit       int
	Cluster     string
}

type ValidationSummaries added in v1.53.0

type ValidationSummaries map[string]map[string]*IstioValidationSummary

ValidationSummaries holds a map of IstioValidationSummary per cluster and namespace

type Workload

type Workload struct {
	WorkloadListItem

	// Number of desired replicas defined by the user in the controller Spec
	// required: true
	// example: 2
	DesiredReplicas int32 `json:"desiredReplicas"`

	// Number of current replicas pods that matches controller selector labels
	// required: true
	// example: 2
	CurrentReplicas int32 `json:"currentReplicas"`

	// Number of available replicas
	// required: true
	// example: 1
	AvailableReplicas int32 `json:"availableReplicas"`

	// Pods bound to the workload
	Pods Pods `json:"pods"`

	// Services that match workload selector
	Services []ServiceOverview `json:"services"`

	// Runtimes and associated dashboards
	Runtimes []Runtime `json:"runtimes"`

	// Additional details to display, such as configured annotations
	AdditionalDetails []AdditionalItem `json:"additionalDetails"`

	Validations IstioValidations `json:"validations"`

	// Ambient waypoint workloads
	WaypointWorkloads []Workload `json:"waypointWorkloads"`

	// Health
	Health WorkloadHealth `json:"health"`
}

Workload has the details of a workload

func (Workload) CastWorkloadStatus added in v1.25.0

func (w Workload) CastWorkloadStatus() *WorkloadStatus

CastWorkloadStatus returns a WorkloadStatus out of a given Workload

func (*Workload) HasIstioAmbient added in v1.67.0

func (workload *Workload) HasIstioAmbient() bool

HasIstioAmbient returns true if the workload has any pod with Ambient mesh annotations

func (*Workload) HasIstioSidecar added in v0.20.0

func (workload *Workload) HasIstioSidecar() bool

HasIstioSidecar return true if there is at least one pod and all pods have sidecars

func (*Workload) IsGateway added in v1.72.0

func (workload *Workload) IsGateway() bool

IsGateway return true if the workload is Ingress or Egress Gateway

func (*Workload) ParseCronJob

func (workload *Workload) ParseCronJob(cnjb *batch_v1.CronJob)

func (*Workload) ParseDaemonSet added in v1.33.0

func (workload *Workload) ParseDaemonSet(ds *apps_v1.DaemonSet)

func (*Workload) ParseDeployment

func (workload *Workload) ParseDeployment(d *apps_v1.Deployment)

func (*Workload) ParseDeploymentConfig

func (workload *Workload) ParseDeploymentConfig(dc *osapps_v1.DeploymentConfig)

func (*Workload) ParseJob

func (workload *Workload) ParseJob(job *batch_v1.Job)

func (*Workload) ParsePod

func (workload *Workload) ParsePod(pod *core_v1.Pod)

func (*Workload) ParsePods

func (workload *Workload) ParsePods(controllerName string, controllerType string, pods []core_v1.Pod)

func (*Workload) ParseReplicaSet

func (workload *Workload) ParseReplicaSet(r *apps_v1.ReplicaSet)

func (*Workload) ParseReplicaSetParent added in v1.29.0

func (workload *Workload) ParseReplicaSetParent(r *apps_v1.ReplicaSet, workloadName string, workloadType string)

func (*Workload) ParseReplicationController

func (workload *Workload) ParseReplicationController(r *core_v1.ReplicationController)

func (*Workload) ParseStatefulSet

func (workload *Workload) ParseStatefulSet(s *apps_v1.StatefulSet)

func (*Workload) SetPods

func (workload *Workload) SetPods(pods []core_v1.Pod)

func (*Workload) SetServices

func (workload *Workload) SetServices(svcs *ServiceList)

type WorkloadHealth

type WorkloadHealth struct {
	WorkloadStatus *WorkloadStatus `json:"workloadStatus"`
	Requests       RequestHealth   `json:"requests"`
}

WorkloadHealth contains aggregated health from various sources, for a given workload

func EmptyWorkloadHealth added in v1.24.0

func EmptyWorkloadHealth() *WorkloadHealth

EmptyWorkloadHealth create an empty WorkloadHealth

type WorkloadItem

type WorkloadItem struct {
	// Name of a workload member of an application
	// required: true
	// example: reviews-v1
	WorkloadName string `json:"workloadName"`

	// Define if all Pods related to the Workload has an IstioSidecar deployed
	// required: true
	// example: true
	IstioSidecar bool `json:"istioSidecar"`

	// Define if belongs to a namespace labeled as ambient
	// required: true
	// example: true
	IstioAmbient bool `json:"istioAmbient"`

	// Labels for Workload
	Labels map[string]string `json:"labels"`

	// List of service accounts involved in this application
	// required: true
	ServiceAccountNames []string `json:"serviceAccountNames"`
}

type WorkloadList

type WorkloadList struct {
	// Namespace where the workloads live in
	// required: true
	// example: bookinfo
	Namespace string `json:"namespace"`

	// Workloads for a given namespace
	// required: true
	Workloads []WorkloadListItem `json:"workloads"`

	Validations IstioValidations `json:"validations"`
}

func (WorkloadList) GetLabels added in v1.16.0

func (wl WorkloadList) GetLabels() []labels.Set

type WorkloadListItem

type WorkloadListItem struct {
	// Name of the workload
	// required: true
	// example: reviews-v1
	Name string `json:"name"`

	// Namespace of the workload
	Namespace string `json:"namespace"`

	// The kube cluster where this workload is located.
	Cluster string `json:"cluster"`

	// Type of the workload
	// required: true
	// example: deployment
	Type string `json:"type"`

	// Creation timestamp (in RFC3339 format)
	// required: true
	// example: 2018-07-31T12:24:17Z
	CreatedAt string `json:"createdAt"`

	// Kubernetes ResourceVersion
	// required: true
	// example: 192892127
	ResourceVersion string `json:"resourceVersion"`

	// Define if Workload has an explicit Istio policy annotation
	// Istio supports this as a label as well - this will be defined if the label is set, too.
	// If both annotation and label are set, if any is false, injection is disabled.
	// It's mapped as a pointer to show three values nil, true, false
	IstioInjectionAnnotation *bool `json:"istioInjectionAnnotation,omitempty"`

	// Define if Pods related to this Workload has an IstioSidecar deployed
	// required: true
	// example: true
	IstioSidecar bool `json:"istioSidecar"`

	// Define if Pods related to this Workload has an IstioAmbient deployed
	// required: true
	// example: true
	IstioAmbient bool `json:"istioAmbient"`

	// Additional item sample, such as type of api being served (graphql, grpc, rest)
	// example: rest
	// required: false
	AdditionalDetailSample *AdditionalItem `json:"additionalDetailSample"`

	// Workload labels
	Labels map[string]string `json:"labels"`

	// Define if Pods related to this Workload has the label App
	// required: true
	// example: true
	AppLabel bool `json:"appLabel"`

	// Define if Pods related to this Workload has the label Version
	// required: true
	// example: true
	VersionLabel bool `json:"versionLabel"`

	// Number of current workload pods
	// required: true
	// example: 1
	PodCount int `json:"podCount"`

	// Annotations of Deployment
	// required: false
	Annotations map[string]string `json:"annotations"`

	// HealthAnnotations
	// required: false
	HealthAnnotations map[string]string `json:"healthAnnotations"`

	// Istio References
	IstioReferences []*IstioValidationKey `json:"istioReferences"`

	// Dashboard annotations
	// required: false
	DashboardAnnotations map[string]string `json:"dashboardAnnotations"`

	// Names of the workload service accounts
	ServiceAccountNames []string `json:"serviceAccountNames"`

	// Health
	Health WorkloadHealth `json:"health,omitempty"`
}

WorkloadListItem has the necessary information to display the console workload list

func (*WorkloadListItem) ParseWorkload

func (workload *WorkloadListItem) ParseWorkload(w *Workload)

type WorkloadOverviews

type WorkloadOverviews []*WorkloadListItem

func (WorkloadOverviews) HasIstioSidecar added in v1.36.0

func (workloads WorkloadOverviews) HasIstioSidecar() bool

HasIstioSidecar returns true if there is at least one workload which has a sidecar

type WorkloadReference added in v1.47.0

type WorkloadReference struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

WorkloadReference is the key value composed of a Name and Namespace.

type WorkloadStatus

type WorkloadStatus struct {
	Name              string `json:"name"`
	DesiredReplicas   int32  `json:"desiredReplicas"`
	CurrentReplicas   int32  `json:"currentReplicas"`
	AvailableReplicas int32  `json:"availableReplicas"`
	SyncedProxies     int32  `json:"syncedProxies"`
}

WorkloadStatus gives - number of desired replicas defined in the Spec of a controller - number of current replicas that matches selector of a controller - number of available replicas for a given workload In healthy scenarios all variables should point same value. When something wrong happens the different values can indicate an unhealthy situation. i.e. - desired = 1, current = 10, available = 0 would means that a user scaled down a workload from 10 to 1 - but in the operaton 10 pods showed problems, so no pod is available/ready but user will see 10 pods under a workload

type Workloads

type Workloads []*Workload

func (Workloads) CastWorkloadStatuses added in v1.25.0

func (ws Workloads) CastWorkloadStatuses() []*WorkloadStatus

CastWorkloadStatuses returns a WorkloadStatus array out of a given set of Workloads

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL