util

package
v0.0.0-...-af55a85 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 26, 2024 License: Apache-2.0 Imports: 38 Imported by: 91

Documentation

Index

Constants

View Source 
const (
	// BlackHoleCluster to catch traffic from routes with unresolved clusters. Traffic arriving here goes nowhere.
	BlackHoleCluster = "BlackHoleCluster"
	// BlackHole is the name of the virtual host and route name used to block all traffic
	BlackHole = "block_all"
	// PassthroughCluster to forward traffic to the original destination requested. This cluster is used when
	// traffic does not match any listener in envoy.
	PassthroughCluster = "PassthroughCluster"
	// Passthrough is the name of the virtual host used to forward traffic to the
	// PassthroughCluster
	Passthrough = "allow_any"

	// PassthroughFilterChain to catch traffic that doesn't match other filter chains.
	PassthroughFilterChain = "PassthroughFilterChain"

	// Inbound pass through cluster need to the bind the loopback ip address for the security and loop avoidance.
	InboundPassthroughCluster = "InboundPassthroughCluster"

	// IstioMetadataKey is the key under which metadata is added to a route or cluster
	// regarding the virtual service or destination rule used for each
	IstioMetadataKey = "istio"

	// EnvoyTransportSocketMetadataKey is the key under which metadata is added to an endpoint
	// which determines the endpoint level transport socket configuration.
	EnvoyTransportSocketMetadataKey = "envoy.transport_socket_match"

	// Well-known header names
	AltSvcHeader = "alt-svc"

	// Envoy Stateful Session Filter
	// TODO: Move to well known.
	StatefulSessionFilter = "envoy.filters.http.stateful_session"

	// AlpnOverrideMetadataKey is the key under which metadata is added
	// to indicate whether Istio rewrite the ALPN headers
	AlpnOverrideMetadataKey = "alpn_override"
)
View Source 
const OriginalDstMetadataKey = "envoy.filters.listener.original_dst"

Variables

View Source 
var ALPNDownstream = []string{"h2", "http/1.1"}

ALPNDownstream advertises that Proxy is going to talk either http2 or http 1.1.

View Source 
var ALPNDownstreamWithMxc = []string{"istio-peer-exchange", "h2", "http/1.1"}

ALPNDownstreamWithMxc advertises that Proxy is going to talk either tcp(for metadata exchange), http2 or http 1.1.

View Source 
var ALPNH2Only = pm.ALPNH2Only

ALPNH2Only advertises that Proxy is going to use HTTP/2 when talking to the cluster.

View Source 
var ALPNHttp = []string{"h2", "http/1.1"}

ALPNHttp advertises that Proxy is going to talking either http2 or http 1.1.

View Source 
var ALPNHttp3OverQUIC = []string{"h3"}

ALPNHttp3OverQUIC advertises that Proxy is going to talk HTTP/3 over QUIC

View Source 
var ALPNInMesh = []string{"istio"}

ALPNInMesh advertises that Proxy is going to talk to the in-mesh cluster. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions.

View Source 
var ALPNInMeshH2 = pm.ALPNInMeshH2

ALPNInMeshH2 advertises that Proxy is going to use HTTP/2 when talking to the in-mesh cluster. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions. Once Envoy supports client-side ALPN negotiation, this should be {"istio", "h2", "http/1.1"}.

View Source 
var ALPNInMeshH2WithMxc = []string{"istio-peer-exchange", "istio", "h2"}

ALPNInMeshH2WithMxc advertises that Proxy is going to use HTTP/2 when talking to the in-mesh cluster. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions. The custom "istio-peer-exchange" value indicates, metadata exchange is enabled for TCP.

View Source 
var ALPNInMeshWithMxc = []string{"istio-peer-exchange", "istio"}

ALPNInMeshWithMxc advertises that Proxy is going to talk to the in-mesh cluster and has metadata exchange enabled for TCP. The custom "istio-peer-exchange" value indicates, metadata exchange is enabled for TCP. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions.

View Source 
var DefaultInternalUpstreamTransportSocket = &core.TransportSocket{
	Name: "internal_upstream",
	ConfigType: &core.TransportSocket_TypedConfig{TypedConfig: protoconv.MessageToAny(&internalupstream.InternalUpstreamTransport{
		TransportSocket: RawBufferTransport(),
	})},
}
View Source 
var TunnelHostMetadata = []*internalupstream.InternalUpstreamTransport_MetadataValueSource{
	{
		Kind: &metadata.MetadataKind{Kind: &metadata.MetadataKind_Host_{Host: &metadata.MetadataKind_Host{}}},
		Name: OriginalDstMetadataKey,
	},
}

Functions

func AddALPNOverrideToMetadata 

func AddALPNOverrideToMetadata(metadata *core.Metadata, tlsMode networking.ClientTLSSettings_TLSmode) *core.Metadata

AddALPNOverrideToMetadata sets filter metadata `istio.alpn_override: "false"` in the given core.Metadata struct, when TLS mode is SIMPLE or MUTUAL. If metadata is not initialized, builds a new metadata.

func AddConfigInfoMetadata 

func AddConfigInfoMetadata(metadata *core.Metadata, config config.Meta) *core.Metadata

AddConfigInfoMetadata adds name.namespace of the config, the type, etc to the given core.Metadata struct, if metadata is not initialized, build a new metadata.

func AddSubsetToMetadata 

func AddSubsetToMetadata(md *core.Metadata, subset string)

AddSubsetToMetadata will insert the subset name supplied. This should be called after the initial "istio" metadata has been created for the cluster. If the "istio" metadata field is not already defined, the subset information will not be added (to prevent adding this information where not needed). This is used for telemetry reporting.

func AddrStrToCidrRange 

func AddrStrToCidrRange(addr string) (*core.CidrRange, error)

AddrStrToCidrRange converts from string to CIDR proto

func AddrStrToPrefix 

func AddrStrToPrefix(addr string) (netip.Prefix, error)

AddrStrToCidrRange converts from string to CIDR prefix

func AppendLbEndpointMetadata 

func AppendLbEndpointMetadata(istioMetadata *model.EndpointMetadata, envoyMetadata *core.Metadata,
)

AppendLbEndpointMetadata adds metadata values to a lb endpoint using the passed in metadata as base.

func BuildAdditionalAddresses 

func BuildAdditionalAddresses(extrAddresses []string, listenPort uint32) []*listener.AdditionalAddress

BuildAdditionalAddresses can add extra addresses to additional addresses for a listener

func BuildAddress 

func BuildAddress(bind string, port uint32) *core.Address

BuildAddress returns a SocketAddress with the given ip and port or uds.

func BuildConfigInfoMetadata 

func BuildConfigInfoMetadata(config config.Meta) *core.Metadata

BuildConfigInfoMetadata builds core.Metadata struct containing the name.namespace of the config, the type, etc.

func BuildInternalAddressWithIdentifier 

func BuildInternalAddressWithIdentifier(name, identifier string) *core.Address

func BuildInternalEndpoint 

func BuildInternalEndpoint(dest string, meta *core.Metadata) []*endpoint.LocalityLbEndpoints

BuildInternalEndpoint builds an lb endpoint pointing to the internal listener named dest. If the metadata contains "tunnel.destination" that will become the "endpointId" to prevent deduplication.

func BuildInternalLbEndpoint 

func BuildInternalLbEndpoint(dest string, meta *core.Metadata) *endpoint.LbEndpoint

BuildInternalLbEndpoint builds an lb endpoint pointing to the internal listener named dest. If the metadata contains ORIGINAL_DST destination that will become the "endpointId" to prevent deduplication.

func BuildNetworkAddress 

func BuildNetworkAddress(bind string, port uint32, transport istionetworking.TransportProtocol) *core.Address

func BuildStatefulSessionFilter 

func BuildStatefulSessionFilter(svc *model.Service) *hcm.HttpFilter

func BuildTunnelMetadataStruct 

func BuildTunnelMetadataStruct(address string, port int, waypoint string) *structpb.Struct

func ByteCount 

func ByteCount(b int) string

ByteCount returns a human readable byte format Inspired by https://yourbasic.org/golang/formatting-byte-size-to-human-readable-format/

func CidrRangeSliceEqual 

func CidrRangeSliceEqual(a, b []*core.CidrRange) bool

func CloneClusterLoadAssignment 

func CloneClusterLoadAssignment(original *endpoint.ClusterLoadAssignment) *endpoint.ClusterLoadAssignment

return a shallow copy ClusterLoadAssignment

func CloneLocalityLbEndpoint 

func CloneLocalityLbEndpoint(ep *endpoint.LocalityLbEndpoints) *endpoint.LocalityLbEndpoints

return a shallow copy of LocalityLbEndpoints

func ConvertAddressToCidr 

func ConvertAddressToCidr(addr string) *core.CidrRange

ConvertAddressToCidr converts from string to CIDR proto

func ConvertLocality 

func ConvertLocality(locality string) *core.Locality

ConvertLocality converts '/' separated locality string to Locality struct.

func ConvertToEnvoyMatch 

func ConvertToEnvoyMatch(in *networking.StringMatch) *matcher.StringMatcher

func ConvertToEnvoyMatches 

func ConvertToEnvoyMatches(in []*networking.StringMatch) []*matcher.StringMatcher

func DelimitedStatsPrefix 

func DelimitedStatsPrefix(statPrefix string) string

func DomainName 

func DomainName(host string, port int) string

DomainName builds the domain name for a given host and port

func GetEndpointHost 

func GetEndpointHost(e *endpoint.LbEndpoint) string

func GetFailoverPriorityLabels 

func GetFailoverPriorityLabels(proxyLabels map[string]string, priorities []string) []byte

GetFailoverPriorityLabels returns a byte array which contains failover priorities of the proxy.

func GetPortLevelTrafficPolicy 

func GetPortLevelTrafficPolicy(policy *networking.TrafficPolicy, port *model.Port) (*networking.TrafficPolicy, bool)

GetPortLevelTrafficPolicy return the port level traffic policy and true if it exists. Otherwise returns the original policy that applies to all destination ports.

func IPv6Compliant 

func IPv6Compliant(host string) string

IPv6Compliant encloses ipv6 addresses in square brackets followed by port number in Host header/URIs

func IsAllowAnyOutbound 

func IsAllowAnyOutbound(node *model.Proxy) bool

IsAllowAnyOutbound checks if allow_any is enabled for outbound traffic

func IsHTTPFilterChain 

func IsHTTPFilterChain(filterChain *listener.FilterChain) bool

IsHTTPFilterChain returns true if the filter chain contains a HTTP connection manager filter

func IsLocalityEmpty 

func IsLocalityEmpty(locality *core.Locality) bool

IsLocalityEmpty checks if a locality is empty (checking region is good enough, based on how its initialized)

func LbPriority 

func LbPriority(proxyLocality, endpointsLocality *core.Locality) int

func LocalityMatch 

func LocalityMatch(proxyLocality *core.Locality, ruleLocality string) bool

func LocalityToString 

func LocalityToString(l *core.Locality) string

LocalityToString converts Locality struct to '/' separated locality string.

func MaybeBuildStatefulSessionFilterConfig 

func MaybeBuildStatefulSessionFilterConfig(svc *model.Service) *statefulsession.StatefulSession

func MergeAnyWithAny 

func MergeAnyWithAny(dst *anypb.Any, src *anypb.Any) (*anypb.Any, error)

MergeAnyWithAny merges a given any typed message into the given Any typed message by dynamically inferring the type of Any

func MergeSubsetTrafficPolicy 

func MergeSubsetTrafficPolicy(original, subsetPolicy *networking.TrafficPolicy, port *model.Port) *networking.TrafficPolicy

MergeSubsetTrafficPolicy merges the destination and subset level traffic policy for the given port.

func MeshConfigToEnvoyForwardClientCertDetails 

func MeshConfigToEnvoyForwardClientCertDetails(c meshconfig.ForwardClientCertDetails) hcm.HttpConnectionManager_ForwardClientCertDetails

meshconfig ForwardClientCertDetails and the Envoy config enum are off by 1 due to the UNDEFINED in the meshconfig ForwardClientCertDetails

func MeshNetworksToEnvoyInternalAddressConfig 

func MeshNetworksToEnvoyInternalAddressConfig(nets *meshconfig.MeshNetworks) *hcm.HttpConnectionManager_InternalAddressConfig

MeshNetworksToEnvoyInternalAddressConfig converts all of the FromCidr Endpoints into Envy internal networks. Because the input is an unordered map, the output is sorted to ensure config stability.

func PrefixToCidrRange 

func PrefixToCidrRange(prefix netip.Prefix) *core.CidrRange

PrefixToCidrRange converts from CIDR prefix to CIDR proto

func RawBufferTransport 

func RawBufferTransport() *core.TransportSocket

func ShallowCopyTrafficPolicy 

func ShallowCopyTrafficPolicy(original *networking.TrafficPolicy) *networking.TrafficPolicy

ShallowCopyTrafficPolicy shallow copy a traffic policy, portLevelSettings are ignored.

func SortVirtualHosts 

func SortVirtualHosts(hosts []*route.VirtualHost)

SortVirtualHosts sorts a slice of virtual hosts by name.

Envoy computes a hash of RDS to see if things have changed - hash is affected by order of elements in the filter. Therefore we sort virtual hosts by name before handing them back so the ordering is stable across HTTP Route Configs.

func StringToExactMatch 

func StringToExactMatch(in []string) []*matcher.StringMatcher

func StringToPrefixMatch 

func StringToPrefixMatch(in []string) []*matcher.StringMatcher

func TunnelHostInternalUpstreamTransportSocket 

func TunnelHostInternalUpstreamTransportSocket(inner *core.TransportSocket) *core.TransportSocket

func VersionGreaterOrEqual124 

func VersionGreaterOrEqual124(proxy *model.Proxy) bool

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.