Documentation ¶
Index ¶
- Constants
- func AdminListener(port int) *envoy_listener_v3.Listener
- func CORSVirtualHost(hostname string, corspolicy *envoy_route_v3.CorsPolicy, ...) *envoy_route_v3.VirtualHost
- func Cluster(c *dag.Cluster) *envoy_cluster_v3.Cluster
- func ClusterCommonLBConfig() *envoy_cluster_v3.Cluster_CommonLbConfig
- func ClusterDiscoveryType(t envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster_Type
- func ClusterDiscoveryTypeForAddress(address string, t envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster_Type
- func ClusterLoadAssignment(name string, addrs ...*envoy_core_v3.Address) *envoy_endpoint_v3.ClusterLoadAssignment
- func ConfigSource(cluster string) *envoy_core_v3.ConfigSource
- func ContainsFallbackFilterChain(filterchains []*envoy_listener_v3.FilterChain) bool
- func DNSNameCluster(c *dag.DNSNameCluster) *envoy_cluster_v3.Cluster
- func DownstreamTLSContext(serverSecret *dag.Secret, ...) *envoy_v3_tls.DownstreamTlsContext
- func DownstreamTLSTransportSocket(tls *envoy_tls_v3.DownstreamTlsContext) *envoy_core_v3.TransportSocket
- func Endpoints(addrs ...*envoy_core_v3.Address) []*envoy_endpoint_v3.LocalityLbEndpoints
- func ExtensionCluster(ext *dag.ExtensionCluster) *envoy_cluster_v3.Cluster
- func ExternalNameClusterLoadAssignment(service *dag.Service) *envoy_endpoint_v3.ClusterLoadAssignment
- func FileAccessLogEnvoy(path string, format string, extensions []string, ...) []*envoy_accesslog_v3.AccessLog
- func FileAccessLogJSON(path string, fields contour_api_v1alpha1.AccessLogJSONFields, ...) []*envoy_accesslog_v3.AccessLog
- func FilterChain(filters ...*envoy_listener_v3.Filter) *envoy_listener_v3.FilterChain
- func FilterChainTLS(domain string, downstream *envoy_tls_v3.DownstreamTlsContext, ...) *envoy_listener_v3.FilterChain
- func FilterChainTLSFallback(downstream *envoy_tls_v3.DownstreamTlsContext, ...) *envoy_listener_v3.FilterChain
- func FilterChains(filters ...*envoy_listener_v3.Filter) []*envoy_listener_v3.FilterChain
- func FilterExternalAuthz(authzClusterName, sni string, failOpen bool, timeout timeout.Setting, ...) *http.HttpFilter
- func FilterJWTAuth(jwtProviders []dag.JWTProvider) *http.HttpFilter
- func FilterMisdirectedRequests(fqdn string) *http.HttpFilter
- func Filters(filters ...*envoy_listener_v3.Filter) []*envoy_listener_v3.Filter
- func GlobalRateLimitFilter(config *GlobalRateLimitConfig) *http.HttpFilter
- func GlobalRateLimits(descriptors []*dag.RateLimitDescriptor) []*envoy_route_v3.RateLimit
- func GrpcService(clusterName, sni string, timeout timeout.Setting) *envoy_core_v3.GrpcService
- func HTTPConnectionManager(routename string, accesslogger []*accesslog.AccessLog, ...) *envoy_listener_v3.Filter
- func HTTPConnectionManagerBuilder() *httpConnectionManagerBuilder
- func LBEndpoint(addr *envoy_core_v3.Address) *envoy_endpoint_v3.LbEndpoint
- func Listener(name, address string, port int, lf []*envoy_listener_v3.ListenerFilter, ...) *envoy_listener_v3.Listener
- func ListenerFilters(filters ...*envoy_listener_v3.ListenerFilter) []*envoy_listener_v3.ListenerFilter
- func LocalRateLimitConfig(config *dag.LocalRateLimitPolicy, statPrefix string) *any.Any
- func ParseTLSVersion(version string) envoy_tls_v3.TlsParameters_TlsProtocol
- func PathRouteMatch(pathMatchCondition dag.MatchCondition) *envoy_route_v3.RouteMatch
- func ProtoNamesForVersions(versions ...HTTPVersionType) []string
- func ProxyProtocol() *envoy_listener_v3.ListenerFilter
- func RouteConfiguration(name string, virtualhosts ...*envoy_route_v3.VirtualHost) *envoy_route_v3.RouteConfiguration
- func RouteMatch(route *dag.Route) *envoy_route_v3.RouteMatch
- func RuntimeLayers() []*envoy_service_runtime_v3.Runtime
- func SafeRegexMatch(regex string) *matcher.RegexMatcher
- func Secret(s *dag.Secret) *envoy_tls_v3.Secret
- func SocketAddress(address string, port int) *envoy_core_v3.Address
- func StatsListeners(metrics contour_api_v1alpha1.MetricsConfig, ...) []*envoy_listener_v3.Listener
- func StatsSecrets(metricsTLS *contour_api_v1alpha1.MetricsTLS) []*envoy_tls_v3.Secret
- func TCPKeepaliveSocketOptions() []*envoy_core_v3.SocketOption
- func TCPProxy(statPrefix string, proxy *dag.TCPProxy, accesslogger []*accesslog.AccessLog) *envoy_listener_v3.Filter
- func TLSInspector() *envoy_listener_v3.ListenerFilter
- func UnixSocketAddress(address string, port int) *envoy_core_v3.Address
- func UpgradeHTTPS() *envoy_route_v3.Route_Redirect
- func UpstreamTLSContext(peerValidationContext *dag.PeerValidationContext, sni string, ...) *envoy_v3_tls.UpstreamTlsContext
- func UpstreamTLSTransportSocket(tls *envoy_tls_v3.UpstreamTlsContext) *envoy_core_v3.TransportSocket
- func VirtualHost(hostname string, routes ...*envoy_route_v3.Route) *envoy_route_v3.VirtualHost
- func VirtualHostAndRoutes(vh *dag.VirtualHost, dagRoutes []*dag.Route, secure bool, ...) *envoy_route_v3.VirtualHost
- func WeightedEndpoints(weight uint32, addrs ...*envoy_core_v3.Address) []*envoy_endpoint_v3.LocalityLbEndpoints
- func WriteBootstrap(c *envoy.BootstrapConfig) error
- type GlobalRateLimitConfig
- type HTTPVersionType
Constants ¶
const (
DynamicRuntimeLayerName = "dynamic"
)
Variables ¶
This section is empty.
Functions ¶
func AdminListener ¶ added in v1.14.2
func AdminListener(port int) *envoy_listener_v3.Listener
AdminListener returns a *envoy_listener_v3.Listener configured to serve Envoy debug routes from the admin webpage.
func CORSVirtualHost ¶ added in v1.11.0
func CORSVirtualHost(hostname string, corspolicy *envoy_route_v3.CorsPolicy, routes ...*envoy_route_v3.Route) *envoy_route_v3.VirtualHost
CORSVirtualHost creates a new route.VirtualHost with a CORS policy.
func Cluster ¶ added in v1.11.0
func Cluster(c *dag.Cluster) *envoy_cluster_v3.Cluster
Cluster creates new envoy_cluster_v3.Cluster from dag.Cluster.
func ClusterCommonLBConfig ¶ added in v1.11.0
func ClusterCommonLBConfig() *envoy_cluster_v3.Cluster_CommonLbConfig
ClusterCommonLBConfig creates a *envoy_cluster_v3.Cluster_CommonLbConfig with HealthyPanicThreshold disabled.
func ClusterDiscoveryType ¶
func ClusterDiscoveryType(t envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster_Type
ClusterDiscoveryType returns the type of a ClusterDiscovery as a Cluster_type.
func ClusterDiscoveryTypeForAddress ¶ added in v1.15.0
func ClusterDiscoveryTypeForAddress(address string, t envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster_Type
ClusterDiscoveryTypeForAddress returns the type of a ClusterDiscovery as a Cluster_type. If the provided address is an IP, overrides the type to STATIC, otherwise uses the passed in type.
func ClusterLoadAssignment ¶ added in v1.11.0
func ClusterLoadAssignment(name string, addrs ...*envoy_core_v3.Address) *envoy_endpoint_v3.ClusterLoadAssignment
ClusterLoadAssignment returns a *envoy_endpoint_v3.ClusterLoadAssignment with a single LocalityLbEndpoints of the supplied addresses.
func ConfigSource ¶
func ConfigSource(cluster string) *envoy_core_v3.ConfigSource
ConfigSource returns a *envoy_core_v3.ConfigSource for cluster.
func ContainsFallbackFilterChain ¶ added in v1.11.0
func ContainsFallbackFilterChain(filterchains []*envoy_listener_v3.FilterChain) bool
func DNSNameCluster ¶ added in v1.23.0
func DNSNameCluster(c *dag.DNSNameCluster) *envoy_cluster_v3.Cluster
DNSNameCluster builds a envoy_cluster_v3.Cluster for the given *dag.DNSNameCluster.
func DownstreamTLSContext ¶ added in v1.11.0
func DownstreamTLSContext(serverSecret *dag.Secret, tlsMinProtoVersion envoy_v3_tls.TlsParameters_TlsProtocol, cipherSuites []string, peerValidationContext *dag.PeerValidationContext, alpnProtos ...string) *envoy_v3_tls.DownstreamTlsContext
DownstreamTLSContext creates a new DownstreamTlsContext.
func DownstreamTLSTransportSocket ¶
func DownstreamTLSTransportSocket(tls *envoy_tls_v3.DownstreamTlsContext) *envoy_core_v3.TransportSocket
DownstreamTLSTransportSocket returns a custom transport socket using the DownstreamTlsContext provided.
func Endpoints ¶
func Endpoints(addrs ...*envoy_core_v3.Address) []*envoy_endpoint_v3.LocalityLbEndpoints
Endpoints returns a slice of LocalityLbEndpoints. The slice contains one entry, with one LbEndpoint per *envoy_core_v3.Address supplied.
func ExtensionCluster ¶ added in v1.11.0
func ExtensionCluster(ext *dag.ExtensionCluster) *envoy_cluster_v3.Cluster
ExtensionCluster builds a envoy_cluster_v3.Cluster struct for the given extension service.
func ExternalNameClusterLoadAssignment ¶ added in v1.23.0
func ExternalNameClusterLoadAssignment(service *dag.Service) *envoy_endpoint_v3.ClusterLoadAssignment
ExternalNameClusterLoadAssignment creates a *envoy_endpoint_v3.ClusterLoadAssignment pointing to service's ExternalName DNS address.
func FileAccessLogEnvoy ¶ added in v1.11.0
func FileAccessLogEnvoy(path string, format string, extensions []string, level contour_api_v1alpha1.AccessLogLevel) []*envoy_accesslog_v3.AccessLog
FileAccessLogEnvoy returns a new file based access log filter
func FileAccessLogJSON ¶ added in v1.11.0
func FileAccessLogJSON(path string, fields contour_api_v1alpha1.AccessLogJSONFields, extensions []string, level contour_api_v1alpha1.AccessLogLevel) []*envoy_accesslog_v3.AccessLog
FileAccessLogJSON returns a new file based access log filter that will log in JSON format
func FilterChain ¶ added in v1.11.0
func FilterChain(filters ...*envoy_listener_v3.Filter) *envoy_listener_v3.FilterChain
FilterChain returns a *envoy_listener_v3.FilterChain for the supplied filters.
func FilterChainTLS ¶ added in v1.11.0
func FilterChainTLS(domain string, downstream *envoy_tls_v3.DownstreamTlsContext, filters []*envoy_listener_v3.Filter) *envoy_listener_v3.FilterChain
FilterChainTLS returns a TLS enabled envoy_listener_v3.FilterChain.
func FilterChainTLSFallback ¶ added in v1.11.0
func FilterChainTLSFallback(downstream *envoy_tls_v3.DownstreamTlsContext, filters []*envoy_listener_v3.Filter) *envoy_listener_v3.FilterChain
FilterChainTLSFallback returns a TLS enabled envoy_listener_v3.FilterChain conifgured for FallbackCertificate.
func FilterChains ¶ added in v1.11.0
func FilterChains(filters ...*envoy_listener_v3.Filter) []*envoy_listener_v3.FilterChain
FilterChains returns a []*envoy_listener_v3.FilterChain for the supplied filters.
func FilterExternalAuthz ¶ added in v1.11.0
func FilterExternalAuthz(authzClusterName, sni string, failOpen bool, timeout timeout.Setting, bufferSettings *dag.AuthorizationServerBufferSettings) *http.HttpFilter
FilterExternalAuthz returns an `ext_authz` filter configured with the requested parameters.
func FilterJWTAuth ¶ added in v1.23.0
func FilterJWTAuth(jwtProviders []dag.JWTProvider) *http.HttpFilter
FilterJWTAuth returns a `jwt_authn` filter configured with the requested parameters.
func FilterMisdirectedRequests ¶ added in v1.11.0
func FilterMisdirectedRequests(fqdn string) *http.HttpFilter
func Filters ¶ added in v1.11.0
func Filters(filters ...*envoy_listener_v3.Filter) []*envoy_listener_v3.Filter
Filters returns a []*envoy_listener_v3.Filter for the supplied filters.
func GlobalRateLimitFilter ¶ added in v1.13.0
func GlobalRateLimitFilter(config *GlobalRateLimitConfig) *http.HttpFilter
GlobalRateLimitFilter returns a configured HTTP global rate limit filter, or nil if config is nil.
func GlobalRateLimits ¶ added in v1.13.0
func GlobalRateLimits(descriptors []*dag.RateLimitDescriptor) []*envoy_route_v3.RateLimit
GlobalRateLimits converts DAG RateLimitDescriptors to Envoy RateLimits.
func GrpcService ¶ added in v1.22.0
func GrpcService(clusterName, sni string, timeout timeout.Setting) *envoy_core_v3.GrpcService
GRPCService returns a envoy_core_v3.GrpcService for the given parameters.
func HTTPConnectionManager ¶ added in v1.11.0
func HTTPConnectionManager(routename string, accesslogger []*accesslog.AccessLog, requestTimeout time.Duration) *envoy_listener_v3.Filter
HTTPConnectionManager creates a new HTTP Connection Manager filter for the supplied route, access log, and client request timeout.
func HTTPConnectionManagerBuilder ¶ added in v1.11.0
func HTTPConnectionManagerBuilder() *httpConnectionManagerBuilder
HTTPConnectionManagerBuilder creates a new HTTP connection manager builder. nolint:revive
func LBEndpoint ¶
func LBEndpoint(addr *envoy_core_v3.Address) *envoy_endpoint_v3.LbEndpoint
LBEndpoint creates a new LbEndpoint.
func Listener ¶ added in v1.11.0
func Listener(name, address string, port int, lf []*envoy_listener_v3.ListenerFilter, filters ...*envoy_listener_v3.Filter) *envoy_listener_v3.Listener
Listener returns a new envoy_listener_v3.Listener for the supplied address, port, and filters.
func ListenerFilters ¶ added in v1.11.0
func ListenerFilters(filters ...*envoy_listener_v3.ListenerFilter) []*envoy_listener_v3.ListenerFilter
ListenerFilters returns a []*envoy_listener_v3.ListenerFilter for the supplied listener filters.
func LocalRateLimitConfig ¶ added in v1.12.0
func LocalRateLimitConfig(config *dag.LocalRateLimitPolicy, statPrefix string) *any.Any
LocalRateLimitConfig returns a config for the HTTP local rate limit filter.
func ParseTLSVersion ¶ added in v1.11.0
func ParseTLSVersion(version string) envoy_tls_v3.TlsParameters_TlsProtocol
func PathRouteMatch ¶ added in v1.23.0
func PathRouteMatch(pathMatchCondition dag.MatchCondition) *envoy_route_v3.RouteMatch
PathRouteMatch creates a *envoy_route_v3.RouteMatch with *only* a PathSpecifier populated.
func ProtoNamesForVersions ¶ added in v1.11.0
func ProtoNamesForVersions(versions ...HTTPVersionType) []string
ProtoNamesForVersions returns the slice of ALPN protocol names for the give HTTP versions.
func ProxyProtocol ¶ added in v1.11.0
func ProxyProtocol() *envoy_listener_v3.ListenerFilter
ProxyProtocol returns a new Proxy Protocol listener filter.
func RouteConfiguration ¶ added in v1.11.0
func RouteConfiguration(name string, virtualhosts ...*envoy_route_v3.VirtualHost) *envoy_route_v3.RouteConfiguration
RouteConfiguration returns a *envoy_route_v3.RouteConfiguration.
func RouteMatch ¶ added in v1.11.0
func RouteMatch(route *dag.Route) *envoy_route_v3.RouteMatch
RouteMatch creates a *envoy_route_v3.RouteMatch for the supplied *dag.Route.
func RuntimeLayers ¶ added in v1.22.0
func RuntimeLayers() []*envoy_service_runtime_v3.Runtime
func SafeRegexMatch ¶ added in v1.11.0
func SafeRegexMatch(regex string) *matcher.RegexMatcher
SafeRegexMatch returns a matcher.RegexMatcher for the supplied regex. SafeRegexMatch does not escape regex meta characters.
func Secret ¶ added in v1.11.0
func Secret(s *dag.Secret) *envoy_tls_v3.Secret
Secret creates new envoy_tls_v3.Secret from secret.
func SocketAddress ¶
func SocketAddress(address string, port int) *envoy_core_v3.Address
SocketAddress creates a new TCP envoy_core_v3.Address.
func StatsListeners ¶ added in v1.20.0
func StatsListeners(metrics contour_api_v1alpha1.MetricsConfig, health contour_api_v1alpha1.HealthConfig) []*envoy_listener_v3.Listener
StatsListeners returns an array of *envoy_listener_v3.Listeners, either single HTTP listener or HTTP and HTTPS listeners depending on config. The listeners are configured to serve:
- prometheus metrics on /stats (either over HTTP or HTTPS)
- readiness probe on /ready (always over HTTP)
func StatsSecrets ¶ added in v1.20.0
func StatsSecrets(metricsTLS *contour_api_v1alpha1.MetricsTLS) []*envoy_tls_v3.Secret
StatsSecrets returns SDS secrets that refer to local file paths in Envoy container.
func TCPKeepaliveSocketOptions ¶ added in v1.11.0
func TCPKeepaliveSocketOptions() []*envoy_core_v3.SocketOption
func TCPProxy ¶ added in v1.11.0
func TCPProxy(statPrefix string, proxy *dag.TCPProxy, accesslogger []*accesslog.AccessLog) *envoy_listener_v3.Filter
TCPProxy creates a new TCPProxy filter.
func TLSInspector ¶ added in v1.11.0
func TLSInspector() *envoy_listener_v3.ListenerFilter
TLSInspector returns a new TLS inspector listener filter.
func UnixSocketAddress ¶ added in v1.14.2
func UnixSocketAddress(address string, port int) *envoy_core_v3.Address
UnixSocketAddress creates a new Unix Socket envoy_core_v3.Address.
func UpgradeHTTPS ¶ added in v1.11.0
func UpgradeHTTPS() *envoy_route_v3.Route_Redirect
UpgradeHTTPS returns a route Action that redirects the request to HTTPS.
func UpstreamTLSContext ¶ added in v1.11.0
func UpstreamTLSContext(peerValidationContext *dag.PeerValidationContext, sni string, clientSecret *dag.Secret, alpnProtocols ...string) *envoy_v3_tls.UpstreamTlsContext
UpstreamTLSContext creates an envoy_v3_tls.UpstreamTlsContext. By default UpstreamTLSContext returns a HTTP/1.1 TLS enabled context. A list of additional ALPN protocols can be provided.
func UpstreamTLSTransportSocket ¶
func UpstreamTLSTransportSocket(tls *envoy_tls_v3.UpstreamTlsContext) *envoy_core_v3.TransportSocket
UpstreamTLSTransportSocket returns a custom transport socket using the UpstreamTlsContext provided.
func VirtualHost ¶ added in v1.11.0
func VirtualHost(hostname string, routes ...*envoy_route_v3.Route) *envoy_route_v3.VirtualHost
VirtualHost creates a new route.VirtualHost.
func VirtualHostAndRoutes ¶ added in v1.20.0
func VirtualHostAndRoutes(vh *dag.VirtualHost, dagRoutes []*dag.Route, secure bool, authService *dag.ExtensionCluster) *envoy_route_v3.VirtualHost
VirtualHostAndRoutes converts a DAG virtual host and routes to an Envoy virtual host.
func WeightedEndpoints ¶ added in v1.11.0
func WeightedEndpoints(weight uint32, addrs ...*envoy_core_v3.Address) []*envoy_endpoint_v3.LocalityLbEndpoints
func WriteBootstrap ¶
func WriteBootstrap(c *envoy.BootstrapConfig) error
WriteBootstrap writes bootstrap configuration to files.
Types ¶
type GlobalRateLimitConfig ¶ added in v1.13.0
type GlobalRateLimitConfig struct { ExtensionService types.NamespacedName SNI string FailOpen bool Timeout timeout.Setting Domain string EnableXRateLimitHeaders bool }
GlobalRateLimitConfig stores configuration for an HTTP global rate limiting filter.
type HTTPVersionType ¶ added in v1.11.0
type HTTPVersionType = http.HttpConnectionManager_CodecType
const ( HTTPVersionAuto HTTPVersionType = http.HttpConnectionManager_AUTO HTTPVersion1 HTTPVersionType = http.HttpConnectionManager_HTTP1 HTTPVersion2 HTTPVersionType = http.HttpConnectionManager_HTTP2 HTTPVersion3 HTTPVersionType = http.HttpConnectionManager_HTTP3 )
func CodecForVersions ¶ added in v1.11.0
func CodecForVersions(versions ...HTTPVersionType) HTTPVersionType
CodecForVersions determines a single Envoy HTTP codec constant that support all the given HTTP protocol versions.