translator

package
v1.13.23 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 26, 2023 License: Apache-2.0 Imports: 56 Imported by: 13

README

Translator

The Gloo Translator is responsible for converting a Gloo Proxy into an xDS Snapshot. It does this in the following order:

  1. Compute Cluster subsystem resources (Clusters, ClusterLoadAssignments)
  2. Compute Listener subsystem resources (RouteConfigurations, Listeners)
  3. Generate an xDS Snapshot
  4. Return the xDS Snapshot, ResourceReports and ProxyReport

Inputs

ApiSnapshot

The ApiSnapshot represents the state of the world, according to the Gloo controller.

It is a generated file, constructed from a template that aggregates all resources for a given project.

Proxy

The Proxy is a container for the entire set of configuration that will to be applied to one or more Envoy Proxy instances.

Cluster Subsystem Translation

The Cluster subsystem is responsible for selecting and configuring the upstream connection to an endpoint.

It is composed of:

  1. Clusters
  2. ClusterLoadAssignments (Endpoints)

Listener Subsystem Translation

The Listener subsystem handles downstream request processing.

It is composed of:

  1. RouteConfigurations
  2. Listeners

Outputs

xDS Snapshot

Context around the xDS Snapshot and other xDS concepts can be found in the xDS package

ResourceReports

ResourceReports are an aggregated set of errors and warnings that are accumulated during translation. These allow translation to complete before flagging resources as having an errored or warning state

ProxyReport

ProxyReport is an aggregated set of reports for all sub-resources of a Proxy.

Documentation

Index

Constants

View Source
const (
	DefaultHttpStatPrefix = "http"
)
View Source
const EnvoyLb = "envoy.lb"
View Source
const SoloAnnotations = "io.solo.annotations"

Variables

View Source
var (
	DefaultHealthCheckTimeout  = &duration.Duration{Seconds: 5}
	DefaultHealthCheckInterval = prototime.DurationToProto(time.Millisecond * 100)
	DefaultThreshold           = &wrappers.UInt32Value{
		Value: 5,
	}

	NilFieldError = func(fieldName string) error {
		return eris.Errorf("The field %s cannot be nil", fieldName)
	}
)
View Source
var (
	NoDestinationSpecifiedError       = errors.New("must specify at least one weighted destination for multi destination routes")
	SubsetsMisconfiguredErr           = errors.New("route has a subset config, but the upstream does not")
	CompilingRoutePathRegexError      = errors.Errorf("error compiling route path regex: %s", validPathRegexCharacters)
	ValidRoutePatternError            = errors.Errorf("must only contain valid characters matching pattern %s", validPathRegexCharacters)
	PathContainsInvalidCharacterError = func(s, invalid string) error {
		return errors.Errorf("path [%s] cannot contain [%s]", s, invalid)
	}
	PathEndsWithInvalidCharactersError = func(s, invalid string) error {
		return errors.Errorf("path [%s] cannot end with [%s]", s, invalid)
	}
)
View Source
var (
	ClusterConnectionTimeout = time.Second * 5
)

Functions

func CheckForDuplicateFilterChainMatches added in v1.4.13

func CheckForDuplicateFilterChainMatches(filterChains []*envoy_config_listener_v3.FilterChain, listenerReport *validationapi.ListenerReport)

Check for identical FilterChains to avoid the envoy error that occurs here: https://github.com/envoyproxy/envoy/blob/v1.15.0/source/server/filter_chain_manager_impl.cc#L162-L166 Note: this is NOT address non-equal but overlapping FilterChainMatches, which is a separate check here: https://github.com/envoyproxy/envoy/blob/50ef0945fa2c5da4bff7627c3abf41fdd3b7cffd/source/server/filter_chain_manager_impl.cc#L218-L354 Given the complexity of the overlap detection implementation, we don't want to duplicate that behavior here. We may want to consider invoking envoy from a library to detect overlapping and other issues, which would build off this discussion: https://github.com/solo-io/gloo/issues/2114 Visible for testing

func ClusterToUpstreamRef added in v1.6.10

func ClusterToUpstreamRef(cluster string) (*core.ResourceRef, error)

returns the ref of the upstream for a given cluster

func ConsolidateSslConfigurations added in v1.9.25

func ConsolidateSslConfigurations(sslConfigurations []*ssl.SslConfig) []*ssl.SslConfig

func DataSourceFromString

func DataSourceFromString(str string) *envoy_config_core_v3.DataSource

func EnvoyCacheResourcesListToFnvHash added in v1.6.3

func EnvoyCacheResourcesListToFnvHash(resources []envoycache.Resource) (uint64, error)

func GlooMatcherToEnvoyMatcher added in v1.0.0

func GlooMatcherToEnvoyMatcher(ctx context.Context, matcher *matchers.Matcher) envoy_config_route_v3.RouteMatch

utility function to transform gloo matcher to envoy route matcher

func IsIpv4Address added in v1.9.25

func IsIpv4Address(bindAddress string) (validIpv4, strictIPv4 bool, err error)

IsIpv4Address returns whether the provided address is valid IPv4, is pure(unmapped) IPv4, and if there was an error in the bindaddr This is used to distinguish between IPv4 and IPv6 addresses

func MakeRdsResources added in v1.0.0

func MakeRdsResources(routeConfigs []*envoy_config_route_v3.RouteConfiguration) envoycache.Resources

func MergeSslConfig added in v1.9.25

func MergeSslConfig(dst, src *ssl.SslConfig) *ssl.SslConfig

Merges the fields of src into dst. The fields in dst that have non-zero values will not be overwritten.

func MustEnvoyCacheResourcesListToFnvHash added in v1.9.25

func MustEnvoyCacheResourcesListToFnvHash(resources []envoycache.Resource) uint64

deprecated, use EnvoyCacheResourcesListToFnvHash

func MustEnvoyCacheResourcesListToHash added in v1.9.25

func MustEnvoyCacheResourcesListToHash(resources []envoycache.Resource) uint64

deprecated, slower than MustEnvoyCacheResourcesListToFnvHash

func NewAccessLogWithConfig added in v0.18.1

func NewAccessLogWithConfig(name string, config proto.Message) (envoyal.AccessLog, error)

func NewDefaultTranslator added in v1.13.0

func NewDefaultTranslator(settings *v1.Settings, pluginRegistry plugins.PluginRegistry) *translatorInstance

func NewFilterWithTypedConfig added in v1.5.0

func NewFilterWithTypedConfig(name string, config proto.Message) (*envoy_config_listener_v3.Filter, error)

func NewHttpListenerNetworkFilterTranslator added in v1.9.25

func NewHttpListenerNetworkFilterTranslator(
	parentListener *v1.Listener,
	listener *v1.HttpListener,
	report *validationapi.HttpListenerReport,
	plugins []plugins.HttpFilterPlugin,
	hcmPlugins []plugins.HttpConnectionManagerPlugin,
	routeConfigName string,
) *httpNetworkFilterTranslator

func NewTranslatorWithHasher added in v1.6.3

func NewTranslatorWithHasher(
	sslConfigTranslator utils.SslConfigTranslator,
	settings *v1.Settings,
	pluginRegistry plugins.PluginRegistry,
	hasher func(resources []envoycache.Resource) (uint64, error),
) *translatorInstance

func ParseTypedConfig added in v1.5.0

func ParseTypedConfig(c typedConfigObject, config proto.Message) error

func UpstreamToClusterName

func UpstreamToClusterName(upstream *core.ResourceRef) string

returns the name of the cluster created for a given upstream

func ValidatePrefixRewrite added in v1.10.44

func ValidatePrefixRewrite(s string) error

ValidatePrefixRewrite will validate the rewrite using url.Parse. Then it will evaluate the Path of the rewrite.

func ValidateRouteDestinations added in v0.18.0

func ValidateRouteDestinations(snap *v1snap.ApiSnapshot, action *v1.RouteAction) error

func ValidateRoutePath added in v1.10.42

func ValidateRoutePath(s string) error

ValidateRoutePath will validate a string for all characters according to RFC 3986 "pchar" characters = unreserved / pct-encoded / sub-delims / ":" / "@" https://www.rfc-editor.org/rfc/rfc3986/

func ValidateTcpRouteDestinations added in v1.4.2

func ValidateTcpRouteDestinations(snap *v1snap.ApiSnapshot, action *v1.TcpHost_TcpAction) error

func ValidateVirtualHostDomains added in v1.2.5

func ValidateVirtualHostDomains(virtualHosts []*v1.VirtualHost, httpListenerReport *validationapi.HttpListenerReport)

returns an error if any of the virtualhost domains overlap Visible for testing

Types

type FilterChainTranslator added in v1.9.25

type FilterChainTranslator interface {
	ComputeFilterChains(params plugins.Params) []*envoy_config_listener_v3.FilterChain
}

type ListenerSubsystemTranslatorFactory added in v1.9.25

type ListenerSubsystemTranslatorFactory struct {
	// contains filtered or unexported fields
}

The Listener subsystem handles downstream request processing. https://www.envoyproxy.io/docs/envoy/latest/intro/life_of_a_request.html?#high-level-architecture Gloo sends resources to Envoy via xDS. The components of the Listener subsystem that Gloo configures are: 1. Listeners 2. RouteConfiguration Given that Gloo exposes a variety of ListenerTypes (HttpListener, TcpListener, HybridListener, AggregateListener), and each of these types affect how resources are generated, we abstract those implementation details behind abstract translators. The ListenerSubsystemTranslatorFactory returns a ListenerTranslator and RouteConfigurationTranslator for a given Gloo Listener

func NewListenerSubsystemTranslatorFactory added in v1.9.25

func NewListenerSubsystemTranslatorFactory(
	pluginRegistry plugins.PluginRegistry,
	sslConfigTranslator utils.SslConfigTranslator,
) *ListenerSubsystemTranslatorFactory

func (*ListenerSubsystemTranslatorFactory) GetAggregateListenerTranslators added in v1.9.25

func (l *ListenerSubsystemTranslatorFactory) GetAggregateListenerTranslators(ctx context.Context, proxy *v1.Proxy, listener *v1.Listener, listenerReport *validationapi.ListenerReport) (
	ListenerTranslator,
	RouteConfigurationTranslator,
)

func (*ListenerSubsystemTranslatorFactory) GetHttpListenerTranslators added in v1.9.25

func (l *ListenerSubsystemTranslatorFactory) GetHttpListenerTranslators(ctx context.Context, proxy *v1.Proxy, listener *v1.Listener, listenerReport *validationapi.ListenerReport) (
	ListenerTranslator,
	RouteConfigurationTranslator,
)

func (*ListenerSubsystemTranslatorFactory) GetHybridListenerTranslators added in v1.9.25

func (l *ListenerSubsystemTranslatorFactory) GetHybridListenerTranslators(ctx context.Context, proxy *v1.Proxy, listener *v1.Listener, listenerReport *validationapi.ListenerReport) (
	ListenerTranslator,
	RouteConfigurationTranslator,
)

func (*ListenerSubsystemTranslatorFactory) GetTcpListenerTranslators added in v1.9.25

func (*ListenerSubsystemTranslatorFactory) GetTranslators added in v1.9.25

type ListenerTranslator added in v1.9.25

type ListenerTranslator interface {
	// A single Gloo Listener produces a single Envoy listener
	// https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/listeners/listeners#arch-overview-listeners
	ComputeListener(params plugins.Params) *envoy_config_listener_v3.Listener
}

type NetworkFilterTranslator added in v1.9.25

type NetworkFilterTranslator interface {
	ComputeNetworkFilters(params plugins.Params) ([]*envoy_config_listener_v3.Filter, error)
}

type RouteConfigurationTranslator added in v1.9.25

type RouteConfigurationTranslator interface {
	// A Gloo listener may produce multiple filter chains. Each one may contain its own route configuration
	// https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/http_routing#arch-overview-http-routing
	ComputeRouteConfiguration(params plugins.Params) []*envoy_config_route_v3.RouteConfiguration
}

type Translator

type Translator interface {
	// Translate converts a Proxy CR into an xDS Snapshot
	// Any errors that are encountered during translation are appended to the ResourceReports
	// It is invalid for us to return an error here, since translation of resources always needs
	// to results in an xDS Snapshot so we are resilient to pod restarts
	Translate(
		params plugins.Params,
		proxy *v1.Proxy,
	) (envoycache.Snapshot, reporter.ResourceReports, *validationapi.ProxyReport)
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL