Documentation ¶
Index ¶
- Constants
- Variables
- func AddStandardNodeAttributes(attr map[string]*mpb.Attributes_AttributeValue, prefix string, ...)
- func ApplyClusterPolicy(cluster *Cluster, proxyInstances []*model.ServiceInstance, ...)
- func BuildMixerConfig(source model.Proxy, destName string, dest *model.Service, ...) map[string]string
- func BuildMixerOpaqueConfig(check, forward bool, destinationService model.Hostname) map[string]string
- func GetMixerSAN(domain, ns string) []string
- func GetPilotSAN(domain, ns string) []string
- func NewProxy(config meshconfig.ProxyConfig, node string, logLevel string) proxy.Proxy
- func NewV2Proxy(config meshconfig.ProxyConfig, node string, logLevel string, pilotSAN []string) proxy.Proxy
- func NewV2ProxyCustom(config meshconfig.ProxyConfig, node string, logLevel string, pilotSAN []string, ...) proxy.Proxy
- func ServiceConfig(serviceName string, dest *model.ServiceInstance, config model.IstioConfigStore, ...) *mccpb.ServiceConfig
- func StandardNodeAttributes(prefix string, IPAddress string, ID string, labels map[string]string) map[string]*mpb.Attributes_AttributeValue
- func TruncateClusterName(name string) string
- type AbortFilter
- type AccessLog
- type Admin
- type AppendedHeader
- type BuildClusterFunc
- type CORSFilterConfig
- type CORSPolicy
- type CertSource
- type CircuitBreaker
- type Cluster
- func BuildInboundCluster(port int, protocol model.Protocol, timeout *duration.Duration) *Cluster
- func BuildMixerClusters(mesh *meshconfig.MeshConfig, role model.Proxy, mixerSAN []string) []*Cluster
- func BuildOriginalDSTCluster(name string, timeout *duration.Duration) *Cluster
- func BuildOutboundCluster(hostname model.Hostname, port *model.Port, labels model.Labels, ...) *Cluster
- type ClusterManager
- type Clusters
- type Config
- type Decorator
- type DefaultCBPriority
- type DelayFilter
- type DiscoveryCluster
- type DiscoveryService
- func (ds *DiscoveryService) AvailabilityZone(request *restful.Request, response *restful.Response)
- func (ds *DiscoveryService) ClearCache()
- func (ds *DiscoveryService) ClearCacheStats(_ *restful.Request, _ *restful.Response)
- func (ds *DiscoveryService) GetCacheStats(_ *restful.Request, response *restful.Response)
- func (ds *DiscoveryService) ListAllEndpoints(_ *restful.Request, response *restful.Response)
- func (ds *DiscoveryService) ListClusters(request *restful.Request, response *restful.Response)
- func (ds *DiscoveryService) ListEndpoints(request *restful.Request, response *restful.Response)
- func (ds *DiscoveryService) ListListeners(request *restful.Request, response *restful.Response)
- func (ds *DiscoveryService) ListRoutes(request *restful.Request, response *restful.Response)
- func (ds *DiscoveryService) Register(container *restful.Container)
- type DiscoveryServiceOptions
- type FilterFaultConfig
- type FilterMixerConfig
- type FilterRouterConfig
- type HTTP2Settings
- type HTTPFilter
- type HTTPFilterConfig
- type HTTPFilterTraceConfig
- type HTTPRoute
- type HTTPRouteConfig
- type HTTPRouteConfigs
- type HTTPTraceDriver
- type HTTPTraceDriverConfig
- type HTTPTracer
- type Header
- type Headers
- type Host
- type LDSCluster
- type Listener
- type Listeners
- type MongoProxyFilterConfig
- type NetworkFilter
- type NetworkFilterConfig
- type OutlierDetection
- type RDS
- type RedisConnPool
- type RedisProxyFilterConfig
- type RetryPolicy
- type RootRuntime
- type RoutesByPath
- type Runtime
- type SSLContext
- type SSLContextExternal
- type SSLContextWithSAN
- type ShadowCluster
- type TCPProxyFilterConfig
- type TCPRoute
- type TCPRouteByRoute
- type TCPRouteConfig
- type Tracing
- type VirtualHost
- type Watcher
- type WeightedCluster
- type WeightedClusterEntry
Constants ¶
const ( ServiceKey = "service-key" ServiceCluster = "service-cluster" ServiceNode = "service-node" RouteConfigName = "route-config-name" )
Request parameters for discovery services
const ( // MixerCheckClusterName is the name of the mixer cluster used for policy checks MixerCheckClusterName = "mixer_check_server" // MixerReportClusterName is the name of the mixer cluster used for telemetry MixerReportClusterName = "mixer_report_server" // MixerFilter name and its attributes MixerFilter = "mixer" // AttrSourcePrefix all source attributes start with this prefix AttrSourcePrefix = "source" // AttrSourceIP is client source IP AttrSourceIP = "source.ip" // AttrSourceUID is platform-specific unique identifier for the client instance of the source service AttrSourceUID = "source.uid" // AttrDestinationPrefix all destination attributes start with this prefix AttrDestinationPrefix = "destination" // AttrDestinationIP is the server source IP AttrDestinationIP = "destination.ip" // AttrDestinationUID is platform-specific unique identifier for the server instance of the target service AttrDestinationUID = "destination.uid" // AttrDestinationLabels is Labels associated with the destination AttrDestinationLabels = "destination.labels" // AttrDestinationService is name of the target service AttrDestinationService = "destination.service" // AttrIPSuffix represents IP address suffix. AttrIPSuffix = "ip" // AttrUIDSuffix is the uid suffix of with source or destination. AttrUIDSuffix = "uid" // AttrLabelsSuffix is the suffix for labels associated with source or destination. AttrLabelsSuffix = "labels" // MixerRequestCount is the quota bucket name MixerRequestCount = "RequestCount" // MixerCheck switches Check call on and off MixerCheck = "mixer_check" // MixerReport switches Report call on and off MixerReport = "mixer_report" // MixerForward switches attribute forwarding on and off MixerForward = "mixer_forward" )
const ( // DefaultAccessLog is the name of the log channel (stdout in docker environment) DefaultAccessLog = "/dev/stdout" // DefaultLbType defines the default load balancer policy DefaultLbType = LbTypeRoundRobin // LDSName is the name of listener-discovery-service (LDS) cluster LDSName = "lds" // RDSName is the name of route-discovery-service (RDS) cluster RDSName = "rds" // SDSName is the name of service-discovery-service (SDS) cluster SDSName = "sds" // CDSName is the name of cluster-discovery-service (CDS) cluster CDSName = "cds" // RDSAll is the special name for HTTP PROXY route RDSAll = "http_proxy" // VirtualListenerName is the name for traffic capture listener VirtualListenerName = "virtual" // ClusterTypeStrictDNS name for clusters of type 'strict_dns' ClusterTypeStrictDNS = "strict_dns" // ClusterTypeStatic name for clusters of type 'static' ClusterTypeStatic = "static" // ClusterTypeOriginalDST name for clusters of type 'original_dst' ClusterTypeOriginalDST = "original_dst" // ClusterTypeSDS name for clusters of type 'sds' ClusterTypeSDS = "sds" // LbTypeRoundRobin is the name for round-robin LB LbTypeRoundRobin = "round_robin" // LbTypeLeastRequest is the name for least request LB LbTypeLeastRequest = "least_request" // LbTypeRingHash is the name for ring hash LB LbTypeRingHash = "ring_hash" // LbTypeRandom is the name for random LB LbTypeRandom = "random" // LbTypeOriginalDST is the name for LB of original_dst LbTypeOriginalDST = "original_dst_lb" // ClusterFeatureHTTP2 is the feature to use HTTP/2 for a cluster ClusterFeatureHTTP2 = "http2" // HTTPConnectionManager is the name of HTTP filter. HTTPConnectionManager = "http_connection_manager" // TCPProxyFilter is the name of the TCP Proxy network filter. TCPProxyFilter = "tcp_proxy" // CORSFilter is the name of the CORS network filter CORSFilter = "cors" // MongoProxyFilter is the name of the Mongo Proxy network filter. MongoProxyFilter = "mongo_proxy" // RedisProxyFilter is the name of the Redis Proxy network filter. RedisProxyFilter = "redis_proxy" // RedisDefaultOpTimeout is the op timeout used for Redis Proxy filter // Currently it is set to 30s (conversion happens in the filter) // TODO - Allow this to be configured. RedisDefaultOpTimeout = 30 * time.Second // WildcardAddress binds to all IP addresses WildcardAddress = "0.0.0.0" // LocalhostAddress for local binding LocalhostAddress = "127.0.0.1" // EgressTraceOperation denotes the name of trace operation for Envoy EgressTraceOperation = "egress" // IngressTraceOperation denotes the name of trace operation for Envoy IngressTraceOperation = "ingress" // ZipkinTraceDriverType denotes the Zipkin HTTP trace driver ZipkinTraceDriverType = "zipkin" // ZipkinCollectorCluster denotes the cluster where zipkin server is running ZipkinCollectorCluster = "zipkin" // ZipkinCollectorEndpoint denotes the REST endpoint where Envoy posts Zipkin spans ZipkinCollectorEndpoint = "/api/v1/spans" // MaxClusterNameLength is the maximum cluster name length MaxClusterNameLength = 189 // TODO: use MeshConfig.StatNameLength instead // HeaderMethod is the method header. HeaderMethod = ":method" // HeaderAuthority is the authority header. HeaderAuthority = ":authority" // HeaderScheme is the scheme header. HeaderScheme = ":scheme" )
const ( // InboundClusterPrefix is the prefix for service clusters co-hosted on the proxy instance InboundClusterPrefix = "in." // OutboundClusterPrefix is the prefix for service clusters external to the proxy instance OutboundClusterPrefix = "out." )
const (
// EpochFileTemplate is a template for the root config JSON
EpochFileTemplate = "envoy-rev%d.json"
)
Variables ¶
var ListenersALPNProtocols = []string{"h2", "http/1.1"}
ListenersALPNProtocols denotes the the list of ALPN protocols that the listener should expose
var NetworkFilterTypes = map[string]reflect.Type{ RedisProxyFilter: reflect.TypeOf(RedisProxyFilterConfig{}), CORSFilter: reflect.TypeOf(CORSFilterConfig{}), MongoProxyFilter: reflect.TypeOf(MongoProxyFilterConfig{}), TCPProxyFilter: reflect.TypeOf(TCPProxyFilterConfig{}), HTTPConnectionManager: reflect.TypeOf(HTTPFilterConfig{}), MixerFilter: reflect.TypeOf(FilterMixerConfig{}), }
NetworkFilterTypes maps filter names to types of structs that implement them. It is used when unmarshaling JSON data. To add your own NetworkFilter types, add additional entries to this map prior to calling json.Unmarshal.
var ( // V2ClearCache is a function to be called when the v1 cache is cleared. This is used to // avoid adding a circular dependency from v1 to v2. V2ClearCache func() )
var ( // ValidateClusters is an environment variable that can be set to false to disable // cluster validation in RDS, in case problems are discovered. ValidateClusters = true )
Functions ¶
func AddStandardNodeAttributes ¶
func AddStandardNodeAttributes(attr map[string]*mpb.Attributes_AttributeValue, prefix string, IPAddress string, ID string, labels map[string]string)
AddStandardNodeAttributes add standard node attributes with the given prefix
func ApplyClusterPolicy ¶
func ApplyClusterPolicy(cluster *Cluster, proxyInstances []*model.ServiceInstance, config model.IstioConfigStore, mesh *meshconfig.MeshConfig, accounts model.ServiceAccounts)
ApplyClusterPolicy assumes an outbound cluster and inserts custom configuration for the cluster
func BuildMixerConfig ¶
func BuildMixerConfig(source model.Proxy, destName string, dest *model.Service, instances []*model.ServiceInstance, config model.IstioConfigStore, disableCheck bool, disableReport bool) map[string]string
BuildMixerConfig build per route mixer config to be deployed at the `model.Proxy` workload with destination of Service `dest` and `destName` as the service name
func BuildMixerOpaqueConfig ¶
func BuildMixerOpaqueConfig(check, forward bool, destinationService model.Hostname) map[string]string
BuildMixerOpaqueConfig builds a mixer opaque config.
func GetMixerSAN ¶
GetMixerSAN returns the SAN used for mixer mTLS
func GetPilotSAN ¶
GetPilotSAN returns the SAN used for pilot mTLS
func NewProxy ¶
func NewProxy(config meshconfig.ProxyConfig, node string, logLevel string) proxy.Proxy
NewProxy creates an instance of the proxy control commands
func NewV2Proxy ¶
func NewV2Proxy(config meshconfig.ProxyConfig, node string, logLevel string, pilotSAN []string) proxy.Proxy
NewV2Proxy creates an instance of the proxy using v2 bootstrap
func NewV2ProxyCustom ¶
func NewV2ProxyCustom(config meshconfig.ProxyConfig, node string, logLevel string, pilotSAN []string, opts map[string]interface{}, errChan chan error) proxy.Proxy
NewV2ProxyCustom creates a proxy runner with custom options that can be injected in template
func ServiceConfig ¶
func ServiceConfig(serviceName string, dest *model.ServiceInstance, config model.IstioConfigStore, disableCheck, disableReport bool) *mccpb.ServiceConfig
ServiceConfig generates a ServiceConfig for a given instance
func StandardNodeAttributes ¶
func StandardNodeAttributes(prefix string, IPAddress string, ID string, labels map[string]string) map[string]*mpb.Attributes_AttributeValue
StandardNodeAttributes populates and returns a map of attributes with the provided parameters.
func TruncateClusterName ¶
TruncateClusterName to a fixed size string using SHA if necessary
Types ¶
type AbortFilter ¶
type AbortFilter struct { Percent int `json:"abort_percent,omitempty"` HTTPStatus int `json:"http_status,omitempty"` }
AbortFilter definition
type AccessLog ¶
type AccessLog struct { Path string `json:"path"` Format string `json:"format,omitempty"` Filter string `json:"filter,omitempty"` }
AccessLog definition.
type AppendedHeader ¶
AppendedHeader definition
type BuildClusterFunc ¶
type BuildClusterFunc func(hostname string, port *model.Port, labels model.Labels, isExternal bool) *Cluster
BuildClusterFunc is a function that builds a Cluster.
type CORSFilterConfig ¶
type CORSFilterConfig struct{}
CORSFilterConfig definition See: https://www.envoyproxy.io/envoy/configuration/http_filters/cors_filter.html#config-http-filters-cors
func (*CORSFilterConfig) IsNetworkFilterConfig ¶
func (*CORSFilterConfig) IsNetworkFilterConfig()
IsNetworkFilterConfig marks CORSFilterConfig as an implementation of NetworkFilterConfig
type CORSPolicy ¶
type CORSPolicy struct { Enabled bool `json:"enabled,omitempty"` AllowCredentials bool `json:"allow_credentials,omitempty"` AllowMethods string `json:"allow_methods,omitempty"` AllowHeaders string `json:"allow_headers,omitempty"` ExposeHeaders string `json:"expose_headers,omitempty"` MaxAge int `json:"max_age,string,omitempty"` AllowOrigin []string `json:"allow_origin,omitempty"` }
CORSPolicy definition See: https://www.envoyproxy.io/envoy/configuration/http_filters/cors_filter.html#config-http-filters-cors
type CertSource ¶
type CertSource struct { // Directory containing certificates Directory string // Files for certificates Files []string }
CertSource is file source for certificates
type CircuitBreaker ¶
type CircuitBreaker struct {
Default DefaultCBPriority `json:"default"`
}
CircuitBreaker definition See: https://lyft.github.io/envoy/docs/configuration/cluster_manager/cluster_circuit_breakers.html#circuit-breakers
type Cluster ¶
type Cluster struct { Name string `json:"name"` ServiceName string `json:"service_name,omitempty"` ConnectTimeoutMs int64 `json:"connect_timeout_ms"` Type string `json:"type"` LbType string `json:"lb_type"` MaxRequestsPerConnection int `json:"max_requests_per_connection,omitempty"` Hosts []Host `json:"hosts,omitempty"` SSLContext interface{} `json:"ssl_context,omitempty"` HTTP2Settings *HTTP2Settings `json:"http2_settings,omitempty"` CircuitBreaker *CircuitBreaker `json:"circuit_breakers,omitempty"` OutlierDetection *OutlierDetection `json:"outlier_detection,omitempty"` Hostname string `json:"-"` Port *model.Port `json:"-"` // contains filtered or unexported fields }
Cluster definition
func BuildInboundCluster ¶
BuildInboundCluster builds an inbound cluster.
func BuildMixerClusters ¶
func BuildMixerClusters(mesh *meshconfig.MeshConfig, role model.Proxy, mixerSAN []string) []*Cluster
BuildMixerClusters builds an outbound mixer cluster with configured check/report clusters
func BuildOriginalDSTCluster ¶
BuildOriginalDSTCluster builds a DST cluster.
type ClusterManager ¶
type ClusterManager struct { Clusters Clusters `json:"clusters"` SDS *DiscoveryCluster `json:"sds,omitempty"` CDS *DiscoveryCluster `json:"cds,omitempty"` LocalClusterName string `json:"local_cluster_name,omitempty"` }
ClusterManager definition
type Config ¶
type Config struct { RootRuntime *RootRuntime `json:"runtime,omitempty"` Listeners Listeners `json:"listeners"` LDS *LDSCluster `json:"lds,omitempty"` Admin Admin `json:"admin"` ClusterManager ClusterManager `json:"cluster_manager"` StatsdUDPIPAddress string `json:"statsd_udp_ip_address,omitempty"` Tracing *Tracing `json:"tracing,omitempty"` // Special value used to hash all referenced values (e.g. TLS secrets) Hash []byte `json:"-"` }
Config defines the schema for Envoy JSON configuration format
func BuildConfig ¶
func BuildConfig(config meshconfig.ProxyConfig, pilotSAN []string) *Config
BuildConfig creates a proxy config with discovery services and admin port it creates config for Ingress, Egress and Sidecar proxies TODO: remove after new agent package is done
type DefaultCBPriority ¶
type DefaultCBPriority struct { MaxConnections int `json:"max_connections,omitempty"` MaxPendingRequests int `json:"max_pending_requests,omitempty"` MaxRequests int `json:"max_requests,omitempty"` MaxRetries int `json:"max_retries,omitempty"` }
DefaultCBPriority defines the circuit breaker for default cluster priority
type DelayFilter ¶
type DelayFilter struct { Type string `json:"type,omitempty"` Percent int `json:"fixed_delay_percent,omitempty"` Duration int64 `json:"fixed_duration_ms,omitempty"` }
DelayFilter definition
type DiscoveryCluster ¶
type DiscoveryCluster struct { Cluster *Cluster `json:"cluster"` RefreshDelayMs int64 `json:"refresh_delay_ms"` }
DiscoveryCluster is a service discovery service definition
type DiscoveryService ¶
type DiscoveryService struct { model.Environment RestContainer *restful.Container // contains filtered or unexported fields }
DiscoveryService publishes services, clusters, and routes for all proxies
func NewDiscoveryService ¶
func NewDiscoveryService(ctl model.Controller, configCache model.ConfigStoreCache, environment model.Environment, o DiscoveryServiceOptions) (*DiscoveryService, error)
NewDiscoveryService creates an Envoy discovery service on a given port
func (*DiscoveryService) AvailabilityZone ¶
func (ds *DiscoveryService) AvailabilityZone(request *restful.Request, response *restful.Response)
AvailabilityZone responds to requests for an AZ for the given cluster node
func (*DiscoveryService) ClearCache ¶
func (ds *DiscoveryService) ClearCache()
ClearCache is wrapper for clearCache method, used when new controller gets instantiated dynamically
func (*DiscoveryService) ClearCacheStats ¶
func (ds *DiscoveryService) ClearCacheStats(_ *restful.Request, _ *restful.Response)
ClearCacheStats clear the statistics for cached discovery responses.
func (*DiscoveryService) GetCacheStats ¶
func (ds *DiscoveryService) GetCacheStats(_ *restful.Request, response *restful.Response)
GetCacheStats returns the statistics for cached discovery responses.
func (*DiscoveryService) ListAllEndpoints ¶
func (ds *DiscoveryService) ListAllEndpoints(_ *restful.Request, response *restful.Response)
ListAllEndpoints responds with all Services and is not restricted to a single service-key
func (*DiscoveryService) ListClusters ¶
func (ds *DiscoveryService) ListClusters(request *restful.Request, response *restful.Response)
ListClusters responds to CDS requests for all outbound clusters
func (*DiscoveryService) ListEndpoints ¶
func (ds *DiscoveryService) ListEndpoints(request *restful.Request, response *restful.Response)
ListEndpoints responds to EDS requests
func (*DiscoveryService) ListListeners ¶
func (ds *DiscoveryService) ListListeners(request *restful.Request, response *restful.Response)
ListListeners responds to LDS requests
func (*DiscoveryService) ListRoutes ¶
func (ds *DiscoveryService) ListRoutes(request *restful.Request, response *restful.Response)
ListRoutes responds to RDS requests, used by HTTP routes Routes correspond to HTTP routes and use the listener port as the route name to identify HTTP filters in the config. Service node value holds the local proxy identity.
func (*DiscoveryService) Register ¶
func (ds *DiscoveryService) Register(container *restful.Container)
Register adds routes a web service container. This is visible for testing purposes only.
type DiscoveryServiceOptions ¶
type DiscoveryServiceOptions struct { Port int GrpcAddr string SecureGrpcAddr string MonitoringPort int EnableProfiling bool EnableCaching bool WebhookEndpoint string }
DiscoveryServiceOptions contains options for create a new discovery service instance.
type FilterFaultConfig ¶
type FilterFaultConfig struct { Abort *AbortFilter `json:"abort,omitempty"` Delay *DelayFilter `json:"delay,omitempty"` Headers Headers `json:"headers,omitempty"` UpstreamCluster string `json:"upstream_cluster,omitempty"` }
FilterFaultConfig definition
type FilterMixerConfig ¶
type FilterMixerConfig struct { // DEPRECATED: MixerAttributes specifies the static list of attributes that are sent with // each request to Mixer. MixerAttributes map[string]string `json:"mixer_attributes,omitempty"` // DEPRECATED: ForwardAttributes specifies the list of attribute keys and values that // are forwarded as an HTTP header to the server side proxy ForwardAttributes map[string]string `json:"forward_attributes,omitempty"` // DEPRECATED: QuotaName specifies the name of the quota bucket to withdraw tokens from; // an empty name means no quota will be charged. QuotaName string `json:"quota_name,omitempty"` // DEPRECATED: If set to true, disables mixer check calls for TCP connections DisableTCPCheckCalls bool `json:"disable_tcp_check_calls,omitempty"` // istio.io/api/mixer/v1/config/client configuration protobuf // encoded as a generic map using canonical JSON encoding. // // If `V2` field is not empty, the DEPRECATED fields above should // be discarded. V2 map[string]interface{} `json:"v2,omitempty"` }
FilterMixerConfig definition.
NOTE: all fields marked as DEPRECATED are part of the original v1 mixerclient configuration. They are deprecated and will be eventually removed once proxies are updated.
Going forwards all mixerclient configuration should represeted by istio.io/api/mixer/v1/config/client/mixer_filter_config.proto and encoded in the `V2` field below.
func BuildHTTPMixerFilterConfig ¶
func BuildHTTPMixerFilterConfig(mesh *meshconfig.MeshConfig, role model.Proxy, nodeInstances []*model.ServiceInstance, outboundRoute bool, config model.IstioConfigStore) *FilterMixerConfig
BuildHTTPMixerFilterConfig builds a mixer HTTP filter config. Mixer filter uses outbound configuration by default (forward attributes, but not invoke check calls) ServiceInstances belong to the Node.
func BuildTCPMixerFilterConfig ¶
func BuildTCPMixerFilterConfig(mesh *meshconfig.MeshConfig, role model.Proxy, instance *model.ServiceInstance) *FilterMixerConfig
BuildTCPMixerFilterConfig builds a TCP filter config for inbound requests.
func (*FilterMixerConfig) IsNetworkFilterConfig ¶
func (*FilterMixerConfig) IsNetworkFilterConfig()
IsNetworkFilterConfig marks FilterMixerConfig as an implementation of NetworkFilterConfig
type FilterRouterConfig ¶
type FilterRouterConfig struct { // DynamicStats defaults to true DynamicStats bool `json:"dynamic_stats,omitempty"` }
FilterRouterConfig definition
type HTTP2Settings ¶
type HTTP2Settings struct {
MaxConcurrentStreams int `json:"max_concurrent_streams,omitempty"`
}
HTTP2Settings is used to denote a cluster as http2
type HTTPFilter ¶
type HTTPFilter struct { Type string `json:"type"` Name string `json:"name"` Config interface{} `json:"config"` }
HTTPFilter definition
type HTTPFilterConfig ¶
type HTTPFilterConfig struct { CodecType string `json:"codec_type"` StatPrefix string `json:"stat_prefix"` GenerateRequestID bool `json:"generate_request_id,omitempty"` UseRemoteAddress bool `json:"use_remote_address,omitempty"` Tracing *HTTPFilterTraceConfig `json:"tracing,omitempty"` RouteConfig *HTTPRouteConfig `json:"route_config,omitempty"` RDS *RDS `json:"rds,omitempty"` Filters []HTTPFilter `json:"filters"` AccessLog []AccessLog `json:"access_log"` }
HTTPFilterConfig definition
func (*HTTPFilterConfig) IsNetworkFilterConfig ¶
func (*HTTPFilterConfig) IsNetworkFilterConfig()
IsNetworkFilterConfig marks HTTPFilterConfig as an implementation of NetworkFilterConfig
type HTTPFilterTraceConfig ¶
type HTTPFilterTraceConfig struct {
OperationName string `json:"operation_name"`
}
HTTPFilterTraceConfig definition
type HTTPRoute ¶
type HTTPRoute struct { Runtime *Runtime `json:"runtime,omitempty"` Path string `json:"path,omitempty"` Prefix string `json:"prefix,omitempty"` Regex string `json:"regex,omitempty"` PrefixRewrite string `json:"prefix_rewrite,omitempty"` HostRewrite string `json:"host_rewrite,omitempty"` PathRedirect string `json:"path_redirect,omitempty"` HostRedirect string `json:"host_redirect,omitempty"` Cluster string `json:"cluster,omitempty"` WeightedClusters *WeightedCluster `json:"weighted_clusters,omitempty"` Headers Headers `json:"headers,omitempty"` TimeoutMS int64 `json:"timeout_ms"` RetryPolicy *RetryPolicy `json:"retry_policy,omitempty"` OpaqueConfig map[string]string `json:"opaque_config,omitempty"` AutoHostRewrite bool `json:"auto_host_rewrite,omitempty"` WebsocketUpgrade bool `json:"use_websocket,omitempty"` ShadowCluster *ShadowCluster `json:"shadow,omitempty"` HeadersToAdd []AppendedHeader `json:"request_headers_to_add,omitempty"` CORSPolicy *CORSPolicy `json:"cors,omitempty"` Decorator *Decorator `json:"decorator,omitempty"` // clusters contains the set of referenced clusters in the route; the field is special // and used only to aggregate cluster information after composing routes Clusters Clusters `json:"-"` // contains filtered or unexported fields }
HTTPRoute definition
func BuildDefaultRoute ¶
BuildDefaultRoute builds a default route.
func BuildHTTPRoute ¶
func BuildHTTPRoute(config model.Config, service *model.Service, port *model.Port, envoyv2 bool) *HTTPRoute
BuildHTTPRoute translates a route rule to an Envoy route
func BuildInboundRoute ¶
BuildInboundRoute builds an inbound route.
func (*HTTPRoute) CombinePathPrefix ¶
CombinePathPrefix checks that the route applies for a given path and prefix match and updates the path and the prefix in the route. If the route is incompatible with the path or the prefix, returns nil. Either path or prefix must be set but not both. The resulting route must match exactly the requests that match both the original route and the supplied path and prefix.
type HTTPRouteConfig ¶
type HTTPRouteConfig struct { ValidateClusters bool `json:"validate_clusters"` VirtualHosts []*VirtualHost `json:"virtual_hosts"` }
HTTPRouteConfig definition
func BuildRDSRoute ¶
func BuildRDSRoute(mesh *meshconfig.MeshConfig, node model.Proxy, routeName string, discovery model.ServiceDiscovery, config model.IstioConfigStore, envoyV2 bool) (*HTTPRouteConfig, error)
BuildRDSRoute supplies RDS-enabled HTTP routes The route name is assumed to be the port number used by the route in the listener, or the special value for _all routes_. TODO: this can be optimized by querying for a specific HTTP port in the table
func (*HTTPRouteConfig) Clusters ¶
func (rc *HTTPRouteConfig) Clusters() Clusters
Clusters returns the clusters for the given route config.
func (*HTTPRouteConfig) Normalize ¶
func (rc *HTTPRouteConfig) Normalize() *HTTPRouteConfig
Normalize normalizes the route config.
type HTTPRouteConfigs ¶
type HTTPRouteConfigs map[int]*HTTPRouteConfig
HTTPRouteConfigs is a map from the port number to the route config
func BuildEgressHTTPRoutes ¶
func BuildEgressHTTPRoutes(mesh *meshconfig.MeshConfig, node model.Proxy, proxyInstances []*model.ServiceInstance, config model.IstioConfigStore, httpConfigs HTTPRouteConfigs) HTTPRouteConfigs
BuildEgressHTTPRoutes builds egress HTTP routes.
func BuildIngressRoutes ¶
func BuildIngressRoutes(mesh *meshconfig.MeshConfig, proxyInstances []*model.ServiceInstance, discovery model.ServiceDiscovery, config model.IstioConfigStore) (HTTPRouteConfigs, string)
BuildIngressRoutes builds ingress routes.
func (HTTPRouteConfigs) Clusters ¶
func (routes HTTPRouteConfigs) Clusters() Clusters
Clusters returns the clusters corresponding to the given routes.
func (HTTPRouteConfigs) Combine ¶
func (routes HTTPRouteConfigs) Combine() *HTTPRouteConfig
Combine creates a new route config that is the union of all HTTP routes. note that the virtual hosts without an explicit port suffix (IP:PORT) are stripped for all routes except the route for port 80.
func (HTTPRouteConfigs) EnsurePort ¶
func (routes HTTPRouteConfigs) EnsurePort(port int) *HTTPRouteConfig
EnsurePort creates a route config if necessary
func (HTTPRouteConfigs) Normalize ¶
func (routes HTTPRouteConfigs) Normalize() HTTPRouteConfigs
Normalize normalizes the route configs.
type HTTPTraceDriver ¶
type HTTPTraceDriver struct { HTTPTraceDriverType string `json:"type"` HTTPTraceDriverConfig HTTPTraceDriverConfig `json:"config"` }
HTTPTraceDriver definition
type HTTPTraceDriverConfig ¶
type HTTPTraceDriverConfig struct { CollectorCluster string `json:"collector_cluster"` CollectorEndpoint string `json:"collector_endpoint"` }
HTTPTraceDriverConfig definition
type HTTPTracer ¶
type HTTPTracer struct {
HTTPTraceDriver HTTPTraceDriver `json:"driver"`
}
HTTPTracer definition
type Header ¶
type Header struct { Name string `json:"name"` Value string `json:"value"` Regex bool `json:"regex,omitempty"` }
Header definition
type LDSCluster ¶
type LDSCluster struct { Cluster string `json:"cluster"` RefreshDelayMs int64 `json:"refresh_delay_ms"` }
LDSCluster is a reference to LDS cluster by name
type Listener ¶
type Listener struct { Address string `json:"address"` Name string `json:"name,omitempty"` Filters []*NetworkFilter `json:"filters"` SSLContext *SSLContext `json:"ssl_context,omitempty"` BindToPort bool `json:"bind_to_port"` UseOriginalDst bool `json:"use_original_dst,omitempty"` }
Listener definition
type Listeners ¶
type Listeners []*Listener
Listeners is a collection of listeners
func (Listeners) GetByAddress ¶
GetByAddress returns a listener by its address
type MongoProxyFilterConfig ¶
type MongoProxyFilterConfig struct {
StatPrefix string `json:"stat_prefix"`
}
MongoProxyFilterConfig definition
func (*MongoProxyFilterConfig) IsNetworkFilterConfig ¶
func (*MongoProxyFilterConfig) IsNetworkFilterConfig()
IsNetworkFilterConfig marks MongoProxyFilterConfig as an implementation of NetworkFilterConfig
type NetworkFilter ¶
type NetworkFilter struct { Type string `json:"type"` Name string `json:"name"` Config NetworkFilterConfig `json:"config"` }
NetworkFilter definition
func (*NetworkFilter) UnmarshalJSON ¶
func (nf *NetworkFilter) UnmarshalJSON(b []byte) error
UnmarshalJSON handles custom unmarshal logic for the NetworkFilter struct. This is needed because the config field depends on the filter name.
type NetworkFilterConfig ¶
type NetworkFilterConfig interface {
IsNetworkFilterConfig()
}
NetworkFilterConfig is a marker interface
type OutlierDetection ¶
type OutlierDetection struct { ConsecutiveErrors int `json:"consecutive_5xx,omitempty"` IntervalMS int64 `json:"interval_ms,omitempty"` BaseEjectionTimeMS int64 `json:"base_ejection_time_ms,omitempty"` MaxEjectionPercent int `json:"max_ejection_percent,omitempty"` }
OutlierDetection definition See: https://lyft.github.io/envoy/docs/configuration/cluster_manager/cluster_runtime.html#outlier-detection
type RDS ¶
type RDS struct { Cluster string `json:"cluster"` RouteConfigName string `json:"route_config_name"` RefreshDelayMs int64 `json:"refresh_delay_ms"` }
RDS definition
type RedisConnPool ¶
type RedisConnPool struct {
OperationTimeoutMS int64 `json:"op_timeout_ms"`
}
RedisConnPool definition
type RedisProxyFilterConfig ¶
type RedisProxyFilterConfig struct { ClusterName string `json:"cluster_name"` ConnPool *RedisConnPool `json:"conn_pool"` StatPrefix string `json:"stat_prefix"` }
RedisProxyFilterConfig definition
func (*RedisProxyFilterConfig) IsNetworkFilterConfig ¶
func (*RedisProxyFilterConfig) IsNetworkFilterConfig()
IsNetworkFilterConfig marks RedisProxyFilterConfig as an implementation of NetworkFilterConfig
type RetryPolicy ¶
type RetryPolicy struct { Policy string `json:"retry_on"` //if unset, set to 5xx,connect-failure,refused-stream NumRetries int `json:"num_retries,omitempty"` PerTryTimeoutMS int64 `json:"per_try_timeout_ms,omitempty"` }
RetryPolicy definition See: https://lyft.github.io/envoy/docs/configuration/http_conn_man/route_config/route.html#retry-policy
type RootRuntime ¶
type RootRuntime struct { SymlinkRoot string `json:"symlink_root"` Subdirectory string `json:"subdirectory"` OverrideSubdirectory string `json:"override_subdirectory,omitempty"` }
RootRuntime definition. See https://envoyproxy.github.io/envoy/configuration/overview/overview.html
type RoutesByPath ¶
type RoutesByPath []*HTTPRoute
RoutesByPath sorts routes by their path and/or prefix, such that: - Exact path routes are "less than" than prefix path routes - Exact path routes are sorted lexicographically - Prefix path routes are sorted anti-lexicographically
This order ensures that prefix path routes do not shadow more specific routes which share the same prefix.
func (RoutesByPath) Len ¶
func (r RoutesByPath) Len() int
func (RoutesByPath) Less ¶
func (r RoutesByPath) Less(i, j int) bool
func (RoutesByPath) Swap ¶
func (r RoutesByPath) Swap(i, j int)
type SSLContext ¶
type SSLContext struct { CertChainFile string `json:"cert_chain_file"` PrivateKeyFile string `json:"private_key_file"` CaCertFile string `json:"ca_cert_file,omitempty"` RequireClientCertificate bool `json:"require_client_certificate"` ALPNProtocols string `json:"alpn_protocols,omitempty"` }
SSLContext definition
type SSLContextExternal ¶
type SSLContextExternal struct {
CaCertFile string `json:"ca_cert_file,omitempty"`
}
SSLContextExternal definition
type SSLContextWithSAN ¶
type SSLContextWithSAN struct { CertChainFile string `json:"cert_chain_file"` PrivateKeyFile string `json:"private_key_file"` CaCertFile string `json:"ca_cert_file,omitempty"` VerifySubjectAltName []string `json:"verify_subject_alt_name"` }
SSLContextWithSAN definition, VerifySubjectAltName cannot be nil.
type ShadowCluster ¶
type ShadowCluster struct {
Cluster string `json:"cluster"`
}
ShadowCluster definition See: https://www.envoyproxy.io/envoy/configuration/http_conn_man/route_config/route.html? highlight=shadow#config-http-conn-man-route-table-route-shadow
type TCPProxyFilterConfig ¶
type TCPProxyFilterConfig struct { StatPrefix string `json:"stat_prefix"` RouteConfig *TCPRouteConfig `json:"route_config"` }
TCPProxyFilterConfig definition
func (*TCPProxyFilterConfig) IsNetworkFilterConfig ¶
func (*TCPProxyFilterConfig) IsNetworkFilterConfig()
IsNetworkFilterConfig marks TCPProxyFilterConfig as an implementation of NetworkFilterConfig
type TCPRoute ¶
type TCPRoute struct { Cluster string `json:"cluster"` DestinationIPList []string `json:"destination_ip_list,omitempty"` DestinationPorts string `json:"destination_ports,omitempty"` SourceIPList []string `json:"source_ip_list,omitempty"` SourcePorts string `json:"source_ports,omitempty"` // contains filtered or unexported fields }
TCPRoute definition
func BuildTCPRoute ¶
BuildTCPRoute builds a TCP route.
type TCPRouteByRoute ¶
type TCPRouteByRoute []*TCPRoute
TCPRouteByRoute sorts TCP routes over all route sub fields.
func (TCPRouteByRoute) Len ¶
func (r TCPRouteByRoute) Len() int
func (TCPRouteByRoute) Less ¶
func (r TCPRouteByRoute) Less(i, j int) bool
func (TCPRouteByRoute) Swap ¶
func (r TCPRouteByRoute) Swap(i, j int)
type TCPRouteConfig ¶
type TCPRouteConfig struct {
Routes []*TCPRoute `json:"routes"`
}
TCPRouteConfig (or generalize as RouteConfig or L4RouteConfig for TCP/UDP?)
type VirtualHost ¶
type VirtualHost struct { Name string `json:"name"` Domains []string `json:"domains"` Routes []*HTTPRoute `json:"routes"` }
VirtualHost definition
func BuildVirtualHost ¶
func BuildVirtualHost(svc *model.Service, port *model.Port, suffix []string, routes []*HTTPRoute) *VirtualHost
BuildVirtualHost constructs an entry for VirtualHost for a destination service. The unique name for a virtual host is a combination of the destination service and the port, e.g. "svc.ns.svc.cluster.local:http". Suffix provides the proxy context information - it is the shared sub-domain between co-located service instances (e.g. "namespace", "svc", "cluster", "local")
type Watcher ¶
type Watcher interface { // Run the watcher loop (blocking call) Run(context.Context) // Reload the agent with the latest configuration Reload() }
Watcher triggers reloads on changes to the proxy config
func NewWatcher ¶
func NewWatcher(config meshconfig.ProxyConfig, agent proxy.Agent, role model.Proxy, certs []CertSource, pilotSAN []string) Watcher
NewWatcher creates a new watcher instance from a proxy agent and a set of monitored certificate paths (directories with files in them)
type WeightedCluster ¶
type WeightedCluster struct { Clusters []*WeightedClusterEntry `json:"clusters"` RuntimeKeyPrefix string `json:"runtime_key_prefix,omitempty"` }
WeightedCluster definition See https://envoyproxy.github.io/envoy/configuration/http_conn_man/route_config/route.html
type WeightedClusterEntry ¶
WeightedClusterEntry definition. Describes the format of each entry in the WeightedCluster