util

package
v0.0.0-...-47d93ea Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 4, 2025 License: Apache-2.0 Imports: 38 Imported by: 91

Documentation

Index

Constants

View Source
const (
	// BlackHoleCluster to catch traffic from routes with unresolved clusters. Traffic arriving here goes nowhere.
	BlackHoleCluster = "BlackHoleCluster"
	// BlackHole is the name of the virtual host and route name used to block all traffic
	BlackHole = "block_all"
	// PassthroughCluster to forward traffic to the original destination requested. This cluster is used when
	// traffic does not match any listener in envoy.
	PassthroughCluster = "PassthroughCluster"
	// Passthrough is the name of the virtual host used to forward traffic to the
	// PassthroughCluster
	Passthrough = "allow_any"

	// PassthroughFilterChain to catch traffic that doesn't match other filter chains.
	PassthroughFilterChain = "PassthroughFilterChain"

	// Inbound pass through cluster need to the bind the loopback ip address for the security and loop avoidance.
	InboundPassthroughCluster = "InboundPassthroughCluster"

	// IstioMetadataKey is the key under which metadata is added to a route or cluster
	// regarding the virtual service or destination rule used for each
	IstioMetadataKey = "istio"

	// EnvoyTransportSocketMetadataKey is the key under which metadata is added to an endpoint
	// which determines the endpoint level transport socket configuration.
	EnvoyTransportSocketMetadataKey = "envoy.transport_socket_match"

	// Well-known header names
	AltSvcHeader = "alt-svc"

	// Envoy Stateful Session Filter
	// TODO: Move to well known.
	StatefulSessionFilter = "envoy.filters.http.stateful_session"

	// AlpnOverrideMetadataKey is the key under which metadata is added
	// to indicate whether Istio rewrite the ALPN headers
	AlpnOverrideMetadataKey = "alpn_override"
)
View Source
const OriginalDstMetadataKey = "envoy.filters.listener.original_dst"

Variables

View Source
var ALPNDownstream = []string{"h2", "http/1.1"}

ALPNDownstream advertises that Proxy is going to talk either http2 or http 1.1.

View Source
var ALPNDownstreamWithMxc = []string{"istio-peer-exchange", "h2", "http/1.1"}

ALPNDownstreamWithMxc advertises that Proxy is going to talk either tcp(for metadata exchange), http2 or http 1.1.

View Source
var ALPNH2Only = pm.ALPNH2Only

ALPNH2Only advertises that Proxy is going to use HTTP/2 when talking to the cluster.

View Source
var ALPNHttp = []string{"h2", "http/1.1"}

ALPNHttp advertises that Proxy is going to talking either http2 or http 1.1.

View Source
var ALPNHttp3OverQUIC = []string{"h3"}

ALPNHttp3OverQUIC advertises that Proxy is going to talk HTTP/3 over QUIC

View Source
var ALPNInMesh = []string{"istio"}

ALPNInMesh advertises that Proxy is going to talk to the in-mesh cluster. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions.

View Source
var ALPNInMeshH2 = pm.ALPNInMeshH2

ALPNInMeshH2 advertises that Proxy is going to use HTTP/2 when talking to the in-mesh cluster. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions. Once Envoy supports client-side ALPN negotiation, this should be {"istio", "h2", "http/1.1"}.

View Source
var ALPNInMeshH2WithMxc = []string{"istio-peer-exchange", "istio", "h2"}

ALPNInMeshH2WithMxc advertises that Proxy is going to use HTTP/2 when talking to the in-mesh cluster. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions. The custom "istio-peer-exchange" value indicates, metadata exchange is enabled for TCP.

View Source
var ALPNInMeshWithMxc = []string{"istio-peer-exchange", "istio"}

ALPNInMeshWithMxc advertises that Proxy is going to talk to the in-mesh cluster and has metadata exchange enabled for TCP. The custom "istio-peer-exchange" value indicates, metadata exchange is enabled for TCP. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions.

View Source
var DefaultInternalUpstreamTransportSocket = &core.TransportSocket{
	Name: "internal_upstream",
	ConfigType: &core.TransportSocket_TypedConfig{TypedConfig: protoconv.MessageToAny(&internalupstream.InternalUpstreamTransport{
		TransportSocket: RawBufferTransport(),
	})},
}

Functions

func AddALPNOverrideToMetadata

func AddALPNOverrideToMetadata(metadata *core.Metadata, tlsMode networking.ClientTLSSettings_TLSmode) *core.Metadata

AddALPNOverrideToMetadata sets filter metadata `istio.alpn_override: "false"` in the given core.Metadata struct, when TLS mode is SIMPLE or MUTUAL. If metadata is not initialized, builds a new metadata.

func AddConfigInfoMetadata

func AddConfigInfoMetadata(metadata *core.Metadata, config config.Meta) *core.Metadata

AddConfigInfoMetadata adds name.namespace of the config, the type, etc to the given core.Metadata struct, if metadata is not initialized, build a new metadata.

func AddSubsetToMetadata

func AddSubsetToMetadata(md *core.Metadata, subset string)

AddSubsetToMetadata will insert the subset name supplied. This should be called after the initial "istio" metadata has been created for the cluster. If the "istio" metadata field is not already defined, the subset information will not be added (to prevent adding this information where not needed). This is used for telemetry reporting.

func AddrStrToCidrRange

func AddrStrToCidrRange(addr string) (*core.CidrRange, error)

AddrStrToCidrRange converts from string to CIDR proto

func AddrStrToPrefix

func AddrStrToPrefix(addr string) (netip.Prefix, error)

AddrStrToCidrRange converts from string to CIDR prefix

func AppendLbEndpointMetadata

func AppendLbEndpointMetadata(istioMetadata *model.EndpointMetadata, envoyMetadata *core.Metadata,
)

AppendLbEndpointMetadata adds metadata values to a lb endpoint using the passed in metadata as base.

func BuildAdditionalAddresses

func BuildAdditionalAddresses(extrAddresses []string, listenPort uint32) []*listener.AdditionalAddress

BuildAdditionalAddresses can add extra addresses to additional addresses for a listener

func BuildAddress

func BuildAddress(bind string, port uint32) *core.Address

BuildAddress returns a SocketAddress with the given ip and port or uds.

func BuildConfigInfoMetadata

func BuildConfigInfoMetadata(config config.Meta) *core.Metadata

BuildConfigInfoMetadata builds core.Metadata struct containing the name.namespace of the config, the type, etc.

func BuildInternalAddressWithIdentifier

func BuildInternalAddressWithIdentifier(name, identifier string) *core.Address

func BuildInternalEndpoint

func BuildInternalEndpoint(dest string, meta *core.Metadata) []*endpoint.LocalityLbEndpoints

BuildInternalEndpoint builds an lb endpoint pointing to the internal listener named dest. If the metadata contains "tunnel.destination" that will become the "endpointId" to prevent deduplication.

func BuildInternalLbEndpoint

func BuildInternalLbEndpoint(dest string, meta *core.Metadata) *endpoint.LbEndpoint

BuildInternalLbEndpoint builds an lb endpoint pointing to the internal listener named dest. If the metadata contains ORIGINAL_DST destination that will become the "endpointId" to prevent deduplication.

func BuildNetworkAddress

func BuildNetworkAddress(bind string, port uint32, transport istionetworking.TransportProtocol) *core.Address

func BuildStatefulSessionFilter

func BuildStatefulSessionFilter(svc *model.Service) *hcm.HttpFilter

func BuildTunnelMetadataStruct

func BuildTunnelMetadataStruct(address string, port int, waypoint string) *structpb.Struct

func ByteCount

func ByteCount(b int) string

ByteCount returns a human readable byte format Inspired by https://yourbasic.org/golang/formatting-byte-size-to-human-readable-format/

func CidrRangeSliceEqual

func CidrRangeSliceEqual(a, b []*core.CidrRange) bool

func CloneClusterLoadAssignment

func CloneClusterLoadAssignment(original *endpoint.ClusterLoadAssignment) *endpoint.ClusterLoadAssignment

return a shallow copy ClusterLoadAssignment

func CloneLocalityLbEndpoint

func CloneLocalityLbEndpoint(ep *endpoint.LocalityLbEndpoints) *endpoint.LocalityLbEndpoints

return a shallow copy of LocalityLbEndpoints

func ConvertAddressToCidr

func ConvertAddressToCidr(addr string) *core.CidrRange

ConvertAddressToCidr converts from string to CIDR proto

func ConvertLocality

func ConvertLocality(locality string) *core.Locality

ConvertLocality converts '/' separated locality string to Locality struct.

func ConvertToEnvoyMatch

func ConvertToEnvoyMatch(in *networking.StringMatch) *matcher.StringMatcher

func ConvertToEnvoyMatches

func ConvertToEnvoyMatches(in []*networking.StringMatch) []*matcher.StringMatcher

func DelimitedStatsPrefix

func DelimitedStatsPrefix(statPrefix string) string

func DomainName

func DomainName(host string, port int) string

DomainName builds the domain name for a given host and port

func GetEndpointHost

func GetEndpointHost(e *endpoint.LbEndpoint) string

func GetFailoverPriorityLabels

func GetFailoverPriorityLabels(proxyLabels map[string]string, priorities []string) []byte

GetFailoverPriorityLabels returns a byte array which contains failover priorities of the proxy.

func GetPortLevelTrafficPolicy

func GetPortLevelTrafficPolicy(policy *networking.TrafficPolicy, port *model.Port) (*networking.TrafficPolicy, bool)

GetPortLevelTrafficPolicy return the port level traffic policy and true if it exists. Otherwise returns the original policy that applies to all destination ports.

func IPv6Compliant

func IPv6Compliant(host string) string

IPv6Compliant encloses ipv6 addresses in square brackets followed by port number in Host header/URIs

func IsAllowAnyOutbound

func IsAllowAnyOutbound(node *model.Proxy) bool

IsAllowAnyOutbound checks if allow_any is enabled for outbound traffic

func IsHTTPFilterChain

func IsHTTPFilterChain(filterChain *listener.FilterChain) bool

IsHTTPFilterChain returns true if the filter chain contains a HTTP connection manager filter

func IsLocalityEmpty

func IsLocalityEmpty(locality *core.Locality) bool

IsLocalityEmpty checks if a locality is empty (checking region is good enough, based on how its initialized)

func LbPriority

func LbPriority(proxyLocality, endpointsLocality *core.Locality) int

func LocalityMatch

func LocalityMatch(proxyLocality *core.Locality, ruleLocality string) bool

func LocalityToString

func LocalityToString(l *core.Locality) string

LocalityToString converts Locality struct to '/' separated locality string.

func MaybeBuildStatefulSessionFilterConfig

func MaybeBuildStatefulSessionFilterConfig(svc *model.Service) *statefulsession.StatefulSession

func MergeAnyWithAny

func MergeAnyWithAny(dst *anypb.Any, src *anypb.Any) (*anypb.Any, error)

MergeAnyWithAny merges a given any typed message into the given Any typed message by dynamically inferring the type of Any

func MergeSubsetTrafficPolicy

func MergeSubsetTrafficPolicy(original, subsetPolicy *networking.TrafficPolicy, port *model.Port) *networking.TrafficPolicy

MergeSubsetTrafficPolicy merges the destination and subset level traffic policy for the given port.

func MeshConfigToEnvoyForwardClientCertDetails

meshconfig ForwardClientCertDetails and the Envoy config enum are off by 1 due to the UNDEFINED in the meshconfig ForwardClientCertDetails

func MeshNetworksToEnvoyInternalAddressConfig

func MeshNetworksToEnvoyInternalAddressConfig(nets *meshconfig.MeshNetworks) *hcm.HttpConnectionManager_InternalAddressConfig

MeshNetworksToEnvoyInternalAddressConfig converts all of the FromCidr Endpoints into Envy internal networks. Because the input is an unordered map, the output is sorted to ensure config stability.

func PrefixToCidrRange

func PrefixToCidrRange(prefix netip.Prefix) *core.CidrRange

PrefixToCidrRange converts from CIDR prefix to CIDR proto

func RawBufferTransport

func RawBufferTransport() *core.TransportSocket

func ShallowCopyTrafficPolicy

func ShallowCopyTrafficPolicy(original *networking.TrafficPolicy) *networking.TrafficPolicy

ShallowCopyTrafficPolicy shallow copy a traffic policy, portLevelSettings are ignored.

func SortVirtualHosts

func SortVirtualHosts(hosts []*route.VirtualHost)

SortVirtualHosts sorts a slice of virtual hosts by name.

Envoy computes a hash of RDS to see if things have changed - hash is affected by order of elements in the filter. Therefore we sort virtual hosts by name before handing them back so the ordering is stable across HTTP Route Configs.

func StringToExactMatch

func StringToExactMatch(in []string) []*matcher.StringMatcher

func StringToPrefixMatch

func StringToPrefixMatch(in []string) []*matcher.StringMatcher

func TunnelHostInternalUpstreamTransportSocket

func TunnelHostInternalUpstreamTransportSocket(inner *core.TransportSocket) *core.TransportSocket

func VersionGreaterOrEqual124

func VersionGreaterOrEqual124(proxy *model.Proxy) bool

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL