envoy

package
v1.27.0-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 24, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package envoy contains APIs for translating between Contour objects and Envoy configuration APIs and types.

Index

Constants

View Source
const (
	HCTimeout            = 2 * time.Second
	HCInterval           = 10 * time.Second
	HCUnhealthyThreshold = 3
	HCHealthyThreshold   = 2
	HCHost               = "contour-envoy-healthcheck"
)

Default healthcheck / lb algorithm values

View Source
const (
	// We only support Envoy on Linux so always configure Linux TCP keep-alive
	// socket options regardless of the platform that Contour is running on (e.g. Contour on macOS + Envoy on Linux).
	TCP_KEEPIDLE  = 0x4 // Linux syscall.TCP_KEEPIDLE
	TCP_KEEPINTVL = 0x5 // Linux syscall.TCP_KEEPINTVL
	TCP_KEEPCNT   = 0x6 // Linux syscall.TCP_KEEPCNT

	// The following are for setting DSCP values on Linux.
	IP_TOS      = 0x1  // Linux syscall.IP_TOS
	IPV6_TCLASS = 0x43 // Linux syscall.IPV6_TCLASS

	// The following are Linux syscall constants for all
	// architectures except MIPS.
	SOL_SOCKET   = 0x1
	SO_KEEPALIVE = 0x9

	// IPPROTO_* has the same value across Go platforms, but
	// is defined here for consistency.
	IPPROTO_IP   = syscall.IPPROTO_IP
	IPPROTO_IPV6 = syscall.IPPROTO_IPV6
	IPPROTO_TCP  = syscall.IPPROTO_TCP
)

nolint:revive

View Source
const SDSResourcesSubdirectory = "sds"

SDSResourcesSubdirectory stores the subdirectory name where SDS path resources are stored to.

View Source
const SDSTLSCertificateFile = "xds-tls-certificate.json"

SDSTLSCertificateFile stores the path to the SDS resource with Envoy's client certificate and key for XDS gRPC connection.

View Source
const SDSValidationContextFile = "xds-validation-context.json"

SDSValidationContextFile stores the path to the SDS resource with CA certificates for Envoy to use for the XDS gRPC connection.

Variables

This section is empty.

Functions

func AltStatName added in v1.9.0

func AltStatName(service *dag.Service) string

AltStatName generates an alternative stat name for the service using format ns_name_port

func AnyPositive added in v1.9.0

func AnyPositive(first uint32, rest ...uint32) bool

AnyPositive indicates if any of the values provided are greater than zero.

func Clustername added in v0.7.0

func Clustername(cluster *dag.Cluster) string

Clustername returns the name of the CDS cluster for this service.

Note: Cluster name is used to deduplicate clusters. When for example two HTTPProxies result in Clusters with equal name, only single cluster will be configured to Envoy. Therefore the generated name must contain all relevant fields that make the cluster unique.

func DNSNameClusterName added in v1.23.0

func DNSNameClusterName(cluster *dag.DNSNameCluster) string

func Hashname added in v1.9.0

func Hashname(l int, s ...string) string

Hashname takes a length l and a varargs of strings s and returns a string whose length which does not exceed l. Internally s is joined with strings.Join(s, "/"). If the combined length exceeds l then hashname truncates each element in s, starting from the end using a hash derived from the contents of s (not the current element). This process continues until the length of s does not exceed l, or all elements have been truncated. In which case, the entire string is replaced with a hash not exceeding the length of l.

func HostRewriteHeader added in v1.27.0

func HostRewriteHeader(hp *dag.HeadersPolicy) string

func HostRewriteLiteral added in v1.27.0

func HostRewriteLiteral(hp *dag.HeadersPolicy) string

func Secretname added in v1.0.0

func Secretname(s *dag.Secret) string

Secretname returns the name of the SDS secret for this secret.

func SingleSimpleCluster added in v1.9.0

func SingleSimpleCluster(route *dag.Route) bool

SingleSimpleCluster determines whether we can use a RouteAction_Cluster or must use a RouteAction_WeighedCluster to encode additional routing data.

func Timeout added in v1.9.0

func Timeout(d timeout.Setting) *durationpb.Duration

Timeout converts a timeout.Setting to a protobuf.Duration that's appropriate for Envoy. In general (though there are exceptions), Envoy uses the following semantics:

  • not passing a value means "use Envoy default"
  • explicitly passing a 0 means "disable this timeout"
  • passing a positive value uses that value

func ValidAdminAddress added in v1.14.2

func ValidAdminAddress(address string) error

ValidAdminAddress checks if the address supplied is "localhost" or an IP address. Only a Unix Socket is supported for this address to mitigate security.

func WriteConfig added in v1.9.0

func WriteConfig(filename string, config proto.Message) (err error)

Types

type BootstrapConfig added in v0.10.0

type BootstrapConfig struct {
	// AdminAccessLogPath is the path to write the access log for the administration server.
	// Defaults to /dev/null.
	AdminAccessLogPath string

	// AdminAddress is the Unix Socket address that the administration server will listen on.
	// Defaults to /admin/admin.sock.
	AdminAddress string

	// Deprecated
	// AdminPort is the port that the administration server will listen on.
	AdminPort int

	// XDSAddress is the TCP address of the gRPC XDS management server.
	// Defaults to 127.0.0.1.
	XDSAddress string

	// XDSGRPCPort is the management server port that provides the v3 gRPC API.
	// Defaults to 8001.
	XDSGRPCPort int

	// XDSResourceVersion defines the XDS Server Version to use.
	// Defaults to "v3"
	XDSResourceVersion config.ResourceVersion

	// Namespace is the namespace where Contour is running
	Namespace string

	// GrpcCABundle is the filename that contains a CA certificate chain that can
	// verify the client cert.
	GrpcCABundle string

	// GrpcClientCert is the filename that contains a client certificate. May contain a full bundle if you
	// don't want to pass a CA Bundle.
	GrpcClientCert string

	// GrpcClientKey is the filename that contains a client key for secure gRPC with TLS.
	GrpcClientKey string

	// Path is the filename for the bootstrap configuration file to be created.
	Path string

	// ResourcesDir is the directory where out of line Envoy resources can be placed.
	ResourcesDir string

	// SkipFilePathCheck specifies whether to skip checking whether files
	// referenced in the configuration actually exist. This option is for
	// testing only.
	SkipFilePathCheck bool

	// DNSLookupFamily specifies DNS Resolution Policy to use for Envoy -> Contour cluster name lookup.
	// Either v4, v6, all or auto.
	DNSLookupFamily string

	// MaximumHeapSizeBytes specifies the number of bytes that overload manager allows heap to grow to.
	// When reaching the set threshold, new connections are denied.
	MaximumHeapSizeBytes uint64
}

BootstrapConfig holds configuration values for a Bootstrap configuration.

func (*BootstrapConfig) GetAdminAccessLogPath added in v1.9.0

func (c *BootstrapConfig) GetAdminAccessLogPath() string

GetAdminAccessLogPath returns the configured access log path or defaults to "/dev/null"

func (*BootstrapConfig) GetAdminAddress added in v1.9.0

func (c *BootstrapConfig) GetAdminAddress() string

GetAdminAddress returns the admin socket path configured or defaults to "/admin/admin.sock"

func (*BootstrapConfig) GetAdminPort added in v1.9.0

func (c *BootstrapConfig) GetAdminPort() int

func (*BootstrapConfig) GetDNSLookupFamily added in v1.13.0

func (c *BootstrapConfig) GetDNSLookupFamily() string

GetDNSLookupFamily returns the configured dns lookup family or defaults to "auto"

func (*BootstrapConfig) GetXdsAddress added in v1.9.0

func (c *BootstrapConfig) GetXdsAddress() string

GetXdsAddress returns the address configured or defaults to "127.0.0.1"

func (*BootstrapConfig) GetXdsGRPCPort added in v1.9.0

func (c *BootstrapConfig) GetXdsGRPCPort() int

GetXdsGRPCPort returns the port configured or defaults to "8001"

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL