Documentation
¶
Index ¶
- Constants
- Variables
- func GetADSConfigSource() *xds_core.ConfigSource
- func GetAccessLog() []*xds_accesslog_filter.AccessLog
- func GetAddress(address string, port uint32) *xds_core.Address
- func GetDownstreamTLSContext(upstreamSvc service.MeshService, mTLS bool) *xds_auth.DownstreamTlsContext
- func GetEnvoyServiceNodeID(nodeID string) string
- func GetLocalClusterNameForService(proxyService service.MeshService) string
- func GetLocalClusterNameForServiceCluster(clusterName string) string
- func GetTLSParams() *xds_auth.TlsParameters
- func GetUpstreamTLSContext(downstreamSvc, upstreamSvc service.MeshService) *xds_auth.UpstreamTlsContext
- type PodMetadata
- type Proxy
- func (p Proxy) GetAnnouncementsChannel() chan announcements.Announcement
- func (p Proxy) GetCertificateCommonName() certificate.CommonName
- func (p Proxy) GetCertificateSerialNumber() certificate.SerialNumber
- func (p Proxy) GetConnectedAt() time.Time
- func (p Proxy) GetIP() net.Addr
- func (p Proxy) GetLastAppliedVersion(typeURI TypeURI) uint64
- func (p *Proxy) GetLastSentNonce(typeURI TypeURI) string
- func (p Proxy) GetLastSentVersion(typeURI TypeURI) uint64
- func (p Proxy) GetPodUID() string
- func (p *Proxy) HasPodMetadata() bool
- func (p *Proxy) IncrementLastSentVersion(typeURI TypeURI) uint64
- func (p *Proxy) SetLastAppliedVersion(typeURI TypeURI, version uint64)
- func (p *Proxy) SetLastSentVersion(typeURI TypeURI, ver uint64)
- func (p *Proxy) SetNewNonce(typeURI TypeURI) string
- type SDSCert
- type SDSCertType
- type SDSDirection
- type TypeURI
Constants ¶
const ( // Separator is the separator between the prefix and the name of the certificate. Separator = ":" // TransportProtocolTLS is the TLS transport protocol used in Envoy configurations TransportProtocolTLS = "tls" // OutboundPassthroughCluster is the outbound passthrough cluster name OutboundPassthroughCluster = "passthrough-outbound" )
Variables ¶
var ALPNInMesh = []string{"osm"}
ALPNInMesh indicates that the proxy is connecting to an in-mesh destination. It is set as a part of configuring the UpstreamTLSContext.
var ValidURI = map[string]TypeURI{ string(TypeSDS): TypeSDS, string(TypeCDS): TypeCDS, string(TypeLDS): TypeLDS, string(TypeRDS): TypeRDS, string(TypeEDS): TypeEDS, string(TypeUpstreamTLSContext): TypeUpstreamTLSContext, string(TypeZipkinConfig): TypeZipkinConfig, }
ValidURI defines valid URIs
var ( // XDSResponseOrder is the order in which we send xDS responses: CDS, EDS, LDS, RDS // See: https://github.com/envoyproxy/go-control-plane/issues/59 XDSResponseOrder = []TypeURI{TypeCDS, TypeEDS, TypeLDS, TypeRDS, TypeSDS} )
var XDSShortURINames = map[TypeURI]string{
TypeSDS: "SDS",
TypeCDS: "CDS",
TypeLDS: "LDS",
TypeRDS: "RDS",
TypeEDS: "EDS",
}
XDSShortURINames are shortened versions of the URI types
Functions ¶
func GetADSConfigSource ¶
func GetADSConfigSource() *xds_core.ConfigSource
GetADSConfigSource creates an Envoy ConfigSource struct.
func GetAccessLog ¶
func GetAccessLog() []*xds_accesslog_filter.AccessLog
GetAccessLog creates an Envoy AccessLog struct.
func GetAddress ¶
GetAddress creates an Envoy Address struct.
func GetDownstreamTLSContext ¶
func GetDownstreamTLSContext(upstreamSvc service.MeshService, mTLS bool) *xds_auth.DownstreamTlsContext
GetDownstreamTLSContext creates a downstream Envoy TLS Context
func GetEnvoyServiceNodeID ¶ added in v0.6.0
GetEnvoyServiceNodeID creates the string for Envoy's "--service-node" CLI argument for the Kubernetes sidecar container Command/Args
func GetLocalClusterNameForService ¶ added in v0.6.0
func GetLocalClusterNameForService(proxyService service.MeshService) string
GetLocalClusterNameForService returns the name of the local cluster for the given service. The local cluster refers to the cluster corresponding to the service the proxy is fronting, accessible over localhost by the proxy.
func GetLocalClusterNameForServiceCluster ¶ added in v0.6.0
GetLocalClusterNameForServiceCluster returns the name of the local cluster for the given service cluster. The local cluster refers to the cluster corresponding to the service the proxy is fronting, accessible over localhost by the proxy.
func GetTLSParams ¶
func GetTLSParams() *xds_auth.TlsParameters
GetTLSParams creates Envoy TlsParameters struct.
func GetUpstreamTLSContext ¶
func GetUpstreamTLSContext(downstreamSvc, upstreamSvc service.MeshService) *xds_auth.UpstreamTlsContext
GetUpstreamTLSContext creates an upstream Envoy TLS Context for the given downstream and upstream service pair
Types ¶
type PodMetadata ¶ added in v0.6.0
type PodMetadata struct {
UID string
Namespace string
IP string
ServiceAccount string
Cluster string
EnvoyNodeID string
}
PodMetadata is a struct holding information on the Pod on which a given Envoy proxy is installed This struct is initialized *eventually*, when the metadata arrives via xDS.
func ParseEnvoyServiceNodeID ¶ added in v0.6.0
func ParseEnvoyServiceNodeID(serviceNodeID string) (*PodMetadata, error)
ParseEnvoyServiceNodeID parses the given Envoy service node ID and returns the encoded metadata
type Proxy ¶
type Proxy struct {
net.Addr
// Records metadata around the Kubernetes Pod on which this Envoy Proxy is installed.
// This could be nil if the Envoy is not operating in a Kubernetes cluster (VM for example)
// NOTE: This field may be not be set at the time Proxy struct is initialized. This would
// eventually be set when the metadata arrives via the xDS protocol.
PodMetadata *PodMetadata
// contains filtered or unexported fields
}
Proxy is a representation of an Envoy proxy connected to the xDS server. This should at some point have a 1:1 match to an Endpoint (which is a member of a meshed service).
func NewProxy ¶
func NewProxy(certCommonName certificate.CommonName, certSerialNumber certificate.SerialNumber, ip net.Addr) *Proxy
NewProxy creates a new instance of an Envoy proxy connected to the xDS servers.
func (Proxy) GetAnnouncementsChannel ¶
func (p Proxy) GetAnnouncementsChannel() chan announcements.Announcement
GetAnnouncementsChannel returns the announcement channel for the given Envoy proxy.
func (Proxy) GetCertificateCommonName ¶ added in v0.7.0
func (p Proxy) GetCertificateCommonName() certificate.CommonName
GetCertificateCommonName returns the Subject Common Name from the mTLS certificate of the Envoy proxy connected to xDS.
func (Proxy) GetCertificateSerialNumber ¶ added in v0.7.0
func (p Proxy) GetCertificateSerialNumber() certificate.SerialNumber
GetCertificateSerialNumber returns the Serial Number of the certificate for the connected Envoy proxy.
func (Proxy) GetConnectedAt ¶
GetConnectedAt returns the timestamp of when the given proxy connected to the control plane.
func (Proxy) GetLastAppliedVersion ¶
GetLastAppliedVersion returns the last version successfully applied to the given Envoy proxy.
func (*Proxy) GetLastSentNonce ¶
GetLastSentNonce returns last sent nonce.
func (Proxy) GetLastSentVersion ¶
GetLastSentVersion returns the last sent version.
func (Proxy) GetPodUID ¶ added in v0.7.0
GetPodUID returns the UID of the pod, which the connected Envoy proxy is fronting.
func (*Proxy) HasPodMetadata ¶ added in v0.6.0
HasPodMetadata answers the question - has the Pod metadata been recorded for the given Envoy proxy
func (*Proxy) IncrementLastSentVersion ¶
IncrementLastSentVersion increments last sent version.
func (*Proxy) SetLastAppliedVersion ¶
SetLastAppliedVersion records the version of the given Envoy proxy that was last acknowledged.
func (*Proxy) SetLastSentVersion ¶
SetLastSentVersion records the version of the given config last sent to the proxy.
func (*Proxy) SetNewNonce ¶
SetNewNonce sets and returns a new nonce.
type SDSCert ¶
type SDSCert struct {
// MeshService is a service within the mesh
MeshService service.MeshService
// CertType is the certificate type
CertType SDSCertType
}
SDSCert is only used to interface the naming and related functions to Marshal/Unmarshal a resource name, this avoids having sprintf/parsing logic all over the place
func UnmarshalSDSCert ¶
UnmarshalSDSCert parses and returns Certificate type and a service given a correctly formatted string, otherwise returns error
type SDSCertType ¶
type SDSCertType string
SDSCertType is a type of a certificate requested by an Envoy proxy via SDS.
const ( // ServiceCertType is the prefix for the service certificate resource name. Example: "service-cert:webservice" ServiceCertType SDSCertType = "service-cert" // RootCertTypeForMTLSOutbound is the prefix for the mTLS root certificate resource name for upstream connectivity. Example: "root-cert-for-mtls-outbound:webservice" RootCertTypeForMTLSOutbound SDSCertType = "root-cert-for-mtls-outbound" // RootCertTypeForMTLSInbound is the prefix for the mTLS root certificate resource name for downstream connectivity. Example: "root-cert-for-mtls-inbound:webservice" RootCertTypeForMTLSInbound SDSCertType = "root-cert-for-mtls-inbound" // RootCertTypeForHTTPS is the prefix for the HTTPS root certificate resource name. Example: "root-cert-https:webservice" RootCertTypeForHTTPS SDSCertType = "root-cert-https" )
SDSCertType enums
func (SDSCertType) String ¶
func (ct SDSCertType) String() string
type SDSDirection ¶
type SDSDirection bool
SDSDirection is a type to identify TLS certificate connectivity direction.
type TypeURI ¶
type TypeURI string
TypeURI is a string describing the Envoy xDS payload.
const ( // TypeSDS is the SDS type URI. TypeSDS TypeURI = "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret" // TypeCDS is the CDS type URI. TypeCDS TypeURI = "type.googleapis.com/envoy.config.cluster.v3.Cluster" // TypeLDS is the LDS type URI. TypeLDS TypeURI = "type.googleapis.com/envoy.config.listener.v3.Listener" // TypeRDS is the RDS type URI. TypeRDS TypeURI = "type.googleapis.com/envoy.config.route.v3.RouteConfiguration" // TypeEDS is the EDS type URI. TypeEDS TypeURI = "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment" // TypeUpstreamTLSContext is an Envoy type URI. TypeUpstreamTLSContext TypeURI = "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext" // TypeZipkinConfig is an Envoy type URI. TypeZipkinConfig TypeURI = "type.googleapis.com/envoy.config.trace.v3.ZipkinConfig" )
Source Files
Directories