Documentation
¶
Index ¶
- Constants
- Variables
- func InferServiceProtocol(endpoints []core_xds.Endpoint) core_mesh.Protocol
- func NewDefaultProxyProfile() core.ResourceGenerator
- func NewEgressProxyProfile() core.ResourceGenerator
- func RegisterProfile(profileName string, generator core.ResourceGenerator)
- type AdminProxyGenerator
- type DNSGenerator
- type DirectAccessProxyGenerator
- type Endpoint
- type Endpoints
- type InboundProxyGenerator
- type IngressGenerator
- type OutboundProxyGenerator
- type ProbeProxyGenerator
- type PrometheusEndpointGenerator
- type ProxyTemplateGenerator
- type ProxyTemplateProfileSource
- type ProxyTemplateRawSource
- type TracingProxyGenerator
- type TransparentProxyGenerator
Constants ¶
const ( IngressProxy = "ingress-proxy" // OriginIngress is a marker to indicate by which ProxyGenerator resources were generated. OriginIngress = "ingress" )
const OriginAdmin = "admin"
OriginAdmin is a marker to indicate by which ProxyGenerator resources were generated.
const OriginDNS = "dns"
OriginDNS is a marker to indicate by which ProxyGenerator resources were generated.
const OriginDirectAccess = "direct-access"
OriginDirectAccess is a marker to indicate by which ProxyGenerator resources were generated.
const OriginInbound = "inbound"
OriginInbound is a marker to indicate by which ProxyGenerator resources were generated.
const OriginOutbound = "outbound"
OriginOutbound is a marker to indicate by which ProxyGenerator resources were generated.
const (
// OriginProbes is a marker to indicate by which ProxyGenerator resources were generated.
OriginProbe = "probe"
)
const OriginPrometheus = "prometheus"
OriginPrometheus is a marker to indicate by which ProxyGenerator resources were generated.
const OriginProxyTemplateRaw = "proxy-template-raw"
OriginProxyTemplateRaw is a marker to indicate by which ProxyGenerator resources were generated.
const OriginTracing = "tracing"
OriginTracing is a marker to indicate by which ProxyGenerator resources were generated.
const (
OriginTransparent = "transparent"
)
OriginTransparent is a marker to indicate by which ProxyGenerator resources were generated.
Variables ¶
var DefaultTemplateResolver template.ProxyTemplateResolver = &template.StaticProxyTemplateResolver{ Template: &mesh_proto.ProxyTemplate{ Conf: &mesh_proto.ProxyTemplate_Conf{ Imports: []string{core_mesh.ProfileDefaultProxy}, }, }, }
DefaultTemplateResolver is the default template resolver that xDS generators fall back to if they are otherwise unable to determine which ProxyTemplate resource to apply. Plugins may modify this variable.
Functions ¶
func InferServiceProtocol ¶
InferServiceProtocol returns a common protocol for a given group of endpoints.
func NewDefaultProxyProfile ¶
func NewDefaultProxyProfile() core.ResourceGenerator
func NewEgressProxyProfile ¶ added in v1.8.1
func NewEgressProxyProfile() core.ResourceGenerator
func RegisterProfile ¶
func RegisterProfile(profileName string, generator core.ResourceGenerator)
Types ¶
type AdminProxyGenerator ¶
type AdminProxyGenerator struct {
}
AdminProxyGenerator generates resources to expose some endpoints of Admin API on public interface. By default, Admin API is exposed only on loopback interface because of security reasons.
func (AdminProxyGenerator) Generate ¶
func (g AdminProxyGenerator) Generate(ctx xds_context.Context, proxy *core_xds.Proxy) (*core_xds.ResourceSet, error)
type DNSGenerator ¶
type DNSGenerator struct {
}
func (DNSGenerator) Generate ¶
func (g DNSGenerator) Generate(ctx xds_context.Context, proxy *core_xds.Proxy) (*core_xds.ResourceSet, error)
type DirectAccessProxyGenerator ¶
type DirectAccessProxyGenerator struct {
}
Transparent Proxy is based on having 1 IP for cluster (ex. ClusterIP of Service on K8S), so consuming apps by their IP is unknown destination from Envoy perspective. Therefore such request will go trough pass_trough cluster and won't be encrypted by mTLS. This generates listener for every IP and redirect traffic trough "direct_access" cluster which is configured to encrypt connections. Generating listener for every endpoint will cause XDS snapshot to be large therefore it should be used only if really needed.
Second approach to consider was to use FilterChainMatch on catch_all listener with list of all direct access endpoints instead of generating outbound listener, but it seemed to not work with Listener#UseOriginalDst
func (DirectAccessProxyGenerator) Generate ¶
func (_ DirectAccessProxyGenerator) Generate(ctx xds_context.Context, proxy *core_xds.Proxy) (*core_xds.ResourceSet, error)
type InboundProxyGenerator ¶
type InboundProxyGenerator struct {
}
func (InboundProxyGenerator) Generate ¶
func (g InboundProxyGenerator) Generate(ctx xds_context.Context, proxy *core_xds.Proxy) (*core_xds.ResourceSet, error)
type IngressGenerator ¶
type IngressGenerator struct {
}
func (IngressGenerator) Generate ¶
func (i IngressGenerator) Generate(ctx xds_context.Context, proxy *core_xds.Proxy) (*core_xds.ResourceSet, error)
type OutboundProxyGenerator ¶
type OutboundProxyGenerator struct {
}
func (OutboundProxyGenerator) Generate ¶
func (g OutboundProxyGenerator) Generate(ctx xds_context.Context, proxy *model.Proxy) (*model.ResourceSet, error)
type ProbeProxyGenerator ¶
type ProbeProxyGenerator struct {
}
func (ProbeProxyGenerator) Generate ¶
func (g ProbeProxyGenerator) Generate(ctx xds_context.Context, proxy *model.Proxy) (*model.ResourceSet, error)
type PrometheusEndpointGenerator ¶
type PrometheusEndpointGenerator struct {
}
PrometheusEndpointGenerator generates an inbound Envoy listener that forwards HTTP requests into the `/stats/prometheus` endpoint of the Envoy Admin API.
When generating such a listener, it's important not to overshadow a port that is already in use by the application or other Envoy listeners. In the latter case we prefer not generate Prometheus endpoint at all rather than introduce undeterministic behavior.
func (PrometheusEndpointGenerator) Generate ¶
func (g PrometheusEndpointGenerator) Generate(ctx xds_context.Context, proxy *core_xds.Proxy) (*core_xds.ResourceSet, error)
type ProxyTemplateGenerator ¶
type ProxyTemplateGenerator struct {
ProxyTemplate *mesh_proto.ProxyTemplate
}
func (*ProxyTemplateGenerator) Generate ¶
func (g *ProxyTemplateGenerator) Generate(ctx xds_context.Context, proxy *model.Proxy) (*model.ResourceSet, error)
type ProxyTemplateProfileSource ¶
type ProxyTemplateProfileSource struct {
ProfileName string
}
func (*ProxyTemplateProfileSource) Generate ¶
func (s *ProxyTemplateProfileSource) Generate(ctx xds_context.Context, proxy *model.Proxy) (*model.ResourceSet, error)
type ProxyTemplateRawSource ¶
type ProxyTemplateRawSource struct {
Resources []*mesh_proto.ProxyTemplateRawResource
}
func (*ProxyTemplateRawSource) Generate ¶
func (s *ProxyTemplateRawSource) Generate(_ xds_context.Context, proxy *model.Proxy) (*model.ResourceSet, error)
type TracingProxyGenerator ¶
type TracingProxyGenerator struct {
}
func (TracingProxyGenerator) Generate ¶
func (t TracingProxyGenerator) Generate(ctx xds_context.Context, proxy *core_xds.Proxy) (resources *core_xds.ResourceSet, err error)
type TransparentProxyGenerator ¶
type TransparentProxyGenerator struct {
}
func (TransparentProxyGenerator) Generate ¶
func (tpg TransparentProxyGenerator) Generate(ctx xds_context.Context, proxy *model.Proxy) (*model.ResourceSet, error)
Source Files
Directories