istio: Index | Files

package v2

import ""

Copyright 2019 Istio Authors

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.


Package Files

ads.go ads_common.go cds.go debug.go discovery.go eds.go ep_filters.go lds.go mem.go monitoring.go pushqueue.go rds.go


const (

    // ClusterType is used for cluster discovery. Typically first request received
    ClusterType = typePrefix + "Cluster"
    // EndpointType is used for EDS and ADS endpoint discovery. Typically second request.
    EndpointType = typePrefix + "ClusterLoadAssignment"
    // ListenerType is sent after clusters and endpoints.
    ListenerType = typePrefix + "Listener"
    // RouteType is sent after listeners.
    RouteType = typePrefix + "RouteConfiguration"
const VersionLen = 12

The Config Version is only used as the nonce prefix, but we can reconstruct it because is is a b64 encoding of a 64 bit array, which will always be 12 chars in length. len = ceil(bitlength/(2^6))+1


var (

    // SendTimeout is the max time to wait for a ADS send to complete. This helps detect
    // clients in a bad state (not reading). In future it may include checking for ACK
    SendTimeout = 5 * time.Second

func AdsPushAll Uses

func AdsPushAll(s *DiscoveryServer)

AdsPushAll will send updates to all nodes, for a full config or incremental EDS.

func EndpointsByNetworkFilter Uses

func EndpointsByNetworkFilter(push *model.PushContext, proxyNetwork string, endpoints []*endpoint.LocalityLbEndpoints) []*endpoint.LocalityLbEndpoints

EndpointsByNetworkFilter is a network filter function to support Split Horizon EDS - filter the endpoints based on the network of the connected sidecar. The filter will filter out all endpoints which are not present within the sidecar network and add a gateway endpoint to remote networks that have endpoints (if gateway exists). Information for the mesh networks is provided as a MeshNetwork config map.

func ProxyNeedsPush Uses

func ProxyNeedsPush(proxy *model.Proxy, pushEv *XdsEvent) bool

func PushTypeFor Uses

func PushTypeFor(proxy *model.Proxy, pushEv *XdsEvent) map[XdsType]bool

TODO: merge with ProxyNeedsPush

type AuthorizationDebug Uses

type AuthorizationDebug struct {
    AuthorizationPolicies *model.AuthorizationPolicies `json:"authorization_policies"`

AuthorizationDebug holds debug information for authorization policy.

type DiscoveryServer Uses

type DiscoveryServer struct {
    // Env is the model environment.
    Env *model.Environment

    // MemRegistry is used for debug and load testing, allow adding services. Visible for testing.
    MemRegistry *MemServiceDiscovery

    // ConfigGenerator is responsible for generating data plane configuration using Istio networking
    // APIs and service registry info
    ConfigGenerator core.ConfigGenerator

    // DebugConfigs controls saving snapshots of configs for /debug/adsz.
    // Defaults to false, can be enabled with PILOT_DEBUG_ADSZ_CONFIG=1
    DebugConfigs bool

    // EndpointShards for a service. This is a global (per-server) list, built from
    // incremental updates. This is keyed by service and namespace
    EndpointShardsByService map[string]map[string]*EndpointShards
    // contains filtered or unexported fields

DiscoveryServer is Pilot's gRPC implementation for Envoy's v2 xds APIs

func NewDiscoveryServer Uses

func NewDiscoveryServer(env *model.Environment, plugins []string) *DiscoveryServer

NewDiscoveryServer creates DiscoveryServer that sources data from Pilot's internal mesh data structures

func (*DiscoveryServer) AdsPushAll Uses

func (s *DiscoveryServer) AdsPushAll(version string, req *model.PushRequest)

AdsPushAll implements old style invalidation, generated when any rule or endpoint changes. Primary code path is from v1 discoveryService.clearCache(), which is added as a handler to the model ConfigStorageCache and Controller.

func (*DiscoveryServer) Authorizationz Uses

func (s *DiscoveryServer) Authorizationz(w http.ResponseWriter, req *http.Request)

Authorizationz dumps the internal authorization policies.

func (*DiscoveryServer) ConfigDump Uses

func (s *DiscoveryServer) ConfigDump(w http.ResponseWriter, req *http.Request)

ConfigDump returns information in the form of the Envoy admin API config dump for the specified proxy The dump will only contain dynamic listeners/clusters/routes and can be used to compare what an Envoy instance should look like according to Pilot vs what it currently does look like.

func (*DiscoveryServer) ConfigUpdate Uses

func (s *DiscoveryServer) ConfigUpdate(req *model.PushRequest)

ConfigUpdate implements ConfigUpdater interface, used to request pushes. It replaces the 'clear cache' from v1.

func (*DiscoveryServer) Debug Uses

func (s *DiscoveryServer) Debug(w http.ResponseWriter, req *http.Request)

lists all the supported debug endpoints.

func (*DiscoveryServer) DeltaAggregatedResources Uses

func (s *DiscoveryServer) DeltaAggregatedResources(stream ads.AggregatedDiscoveryService_DeltaAggregatedResourcesServer) error

DeltaAggregatedResources is not implemented.

func (*DiscoveryServer) EDSUpdate Uses

func (s *DiscoveryServer) EDSUpdate(clusterID, serviceName string, namespace string,
    istioEndpoints []*model.IstioEndpoint) error

EDSUpdate computes destination address membership across all clusters and networks. This is the main method implementing EDS. It replaces InstancesByPort in model - instead of iterating over all endpoints it uses the hostname-keyed map. And it avoids the conversion from Endpoint to ServiceEntry to envoy on each step: instead the conversion happens once, when an endpoint is first discovered.

func (*DiscoveryServer) InitDebug Uses

func (s *DiscoveryServer) InitDebug(mux *http.ServeMux, sctl *aggregate.Controller, enableProfiling bool, webhook *inject.Webhook)

InitDebug initializes the debug handlers and adds a debug in-memory registry.

func (*DiscoveryServer) InjectTemplateHandler Uses

func (s *DiscoveryServer) InjectTemplateHandler(webhook *inject.Webhook) func(http.ResponseWriter, *http.Request)

InjectTemplateHandler dumps the injection template Replaces dumping the template at startup.

func (*DiscoveryServer) ProxyUpdate Uses

func (s *DiscoveryServer) ProxyUpdate(clusterID, ip string)

func (*DiscoveryServer) Push Uses

func (s *DiscoveryServer) Push(req *model.PushRequest)

Push is called to push changes on config updates using ADS. This is set in DiscoveryService.Push, to avoid direct dependencies.

func (*DiscoveryServer) PushStatusHandler Uses

func (s *DiscoveryServer) PushStatusHandler(w http.ResponseWriter, req *http.Request)

PushStatusHandler dumps the last PushContext

func (*DiscoveryServer) Register Uses

func (s *DiscoveryServer) Register(rpcs *grpc.Server)

Register adds the ADS and EDS handles to the grpc server

func (*DiscoveryServer) Start Uses

func (s *DiscoveryServer) Start(stopCh <-chan struct{})

func (*DiscoveryServer) StreamAggregatedResources Uses

func (s *DiscoveryServer) StreamAggregatedResources(stream ads.AggregatedDiscoveryService_StreamAggregatedResourcesServer) error

StreamAggregatedResources implements the ADS interface.

func (*DiscoveryServer) SvcUpdate Uses

func (s *DiscoveryServer) SvcUpdate(cluster, hostname string, namespace string, event model.Event)

SvcUpdate is a callback from service discovery when service info changes.

func (*DiscoveryServer) Syncz Uses

func (s *DiscoveryServer) Syncz(w http.ResponseWriter, _ *http.Request)

Syncz dumps the synchronization status of all Envoys connected to this Pilot instance

type DiscoveryStream Uses

type DiscoveryStream interface {
    Send(*xdsapi.DiscoveryResponse) error
    Recv() (*xdsapi.DiscoveryRequest, error)

DiscoveryStream is a common interface for EDS and ADS. It also has a shorter name.

type EndpointShards Uses

type EndpointShards struct {

    // Shards is used to track the shards. EDS updates are grouped by shard.
    // Current implementation uses the registry name as key - in multicluster this is the
    // name of the k8s cluster, derived from the config (secret).
    Shards map[string][]*model.IstioEndpoint

    // ServiceAccounts has the concatenation of all service accounts seen so far in endpoints.
    // This is updated on push, based on shards. If the previous list is different than
    // current list, a full push will be forced, to trigger a secure naming update.
    // Due to the larger time, it is still possible that connection errors will occur while
    // CDS is updated.
    ServiceAccounts map[string]bool
    // contains filtered or unexported fields

EndpointShards holds the set of endpoint shards of a service. Registries update individual shards incrementally. The shards are aggregated and split into clusters when a push for the specific cluster is needed.

type MemServiceController Uses

type MemServiceController struct {
    // contains filtered or unexported fields

MemServiceController is a mock service controller

func (*MemServiceController) AppendInstanceHandler Uses

func (c *MemServiceController) AppendInstanceHandler(f func(*model.ServiceInstance, model.Event)) error

AppendInstanceHandler appends a service instance handler to the controller

func (*MemServiceController) AppendServiceHandler Uses

func (c *MemServiceController) AppendServiceHandler(f func(*model.Service, model.Event)) error

AppendServiceHandler appends a service handler to the controller

func (*MemServiceController) Run Uses

func (c *MemServiceController) Run(<-chan struct{})

Run will run the controller

type MemServiceDiscovery Uses

type MemServiceDiscovery struct {
    WantGetProxyServiceInstances  []*model.ServiceInstance
    ServicesError                 error
    GetServiceError               error
    InstancesError                error
    GetProxyServiceInstancesError error

    ClusterID string

    // XDSUpdater will push EDS changes to the ADS model.
    EDSUpdater model.XDSUpdater
    // contains filtered or unexported fields

MemServiceDiscovery is a mock discovery interface

func NewMemServiceDiscovery Uses

func NewMemServiceDiscovery(services map[host.Name]*model.Service, versions int) *MemServiceDiscovery

NewMemServiceDiscovery builds an in-memory MemServiceDiscovery

func (*MemServiceDiscovery) AddEndpoint Uses

func (sd *MemServiceDiscovery) AddEndpoint(service host.Name, servicePortName string, servicePort int, address string, port int) *model.ServiceInstance

AddEndpoint adds an endpoint to a service.

func (*MemServiceDiscovery) AddHTTPService Uses

func (sd *MemServiceDiscovery) AddHTTPService(name, vip string, port int)

AddHTTPService is a helper to add a service of type http, named 'http-main', with the specified vip and port.

func (*MemServiceDiscovery) AddInstance Uses

func (sd *MemServiceDiscovery) AddInstance(service host.Name, instance *model.ServiceInstance)

AddInstance adds an in-memory instance.

func (*MemServiceDiscovery) AddService Uses

func (sd *MemServiceDiscovery) AddService(name host.Name, svc *model.Service)

AddService adds an in-memory service.

func (*MemServiceDiscovery) AddWorkload Uses

func (sd *MemServiceDiscovery) AddWorkload(ip string, labels labels.Instance)

func (*MemServiceDiscovery) ClearErrors Uses

func (sd *MemServiceDiscovery) ClearErrors()

ClearErrors clear errors used for mocking failures during model.MemServiceDiscovery interface methods

func (*MemServiceDiscovery) GetIstioServiceAccounts Uses

func (sd *MemServiceDiscovery) GetIstioServiceAccounts(svc *model.Service, ports []int) []string

GetIstioServiceAccounts gets the Istio service accounts for a service hostname.

func (*MemServiceDiscovery) GetProxyServiceInstances Uses

func (sd *MemServiceDiscovery) GetProxyServiceInstances(node *model.Proxy) ([]*model.ServiceInstance, error)

GetProxyServiceInstances returns service instances associated with a node, resulting in 'in' services.

func (*MemServiceDiscovery) GetProxyWorkloadLabels Uses

func (sd *MemServiceDiscovery) GetProxyWorkloadLabels(proxy *model.Proxy) (labels.Collection, error)

func (*MemServiceDiscovery) GetService Uses

func (sd *MemServiceDiscovery) GetService(hostname host.Name) (*model.Service, error)

GetService implements discovery interface Each call to GetService() should return a new *model.Service

func (*MemServiceDiscovery) Instances Uses

func (sd *MemServiceDiscovery) Instances(hostname host.Name, ports []string,
    labels labels.Collection) ([]*model.ServiceInstance, error)

Instances filters the service instances by labels. This assumes single port, as is used by EDS/ADS.

func (*MemServiceDiscovery) InstancesByPort Uses

func (sd *MemServiceDiscovery) InstancesByPort(svc *model.Service, port int,
    labels labels.Collection) ([]*model.ServiceInstance, error)

InstancesByPort filters the service instances by labels. This assumes single port, as is used by EDS/ADS.

func (*MemServiceDiscovery) ManagementPorts Uses

func (sd *MemServiceDiscovery) ManagementPorts(addr string) model.PortList

ManagementPorts implements discovery interface

func (*MemServiceDiscovery) RemoveService Uses

func (sd *MemServiceDiscovery) RemoveService(name host.Name)

RemoveService removes an in-memory service.

func (*MemServiceDiscovery) Services Uses

func (sd *MemServiceDiscovery) Services() ([]*model.Service, error)

Services implements discovery interface Each call to Services() should return a list of new *model.Service

func (*MemServiceDiscovery) SetEndpoints Uses

func (sd *MemServiceDiscovery) SetEndpoints(service string, namespace string, endpoints []*model.IstioEndpoint)

SetEndpoints update the list of endpoints for a service, similar with K8S controller.

func (*MemServiceDiscovery) UpdateWorkloadLabels Uses

func (sd *MemServiceDiscovery) UpdateWorkloadLabels(ip string, labels labels.Instance)

UpdateWorkloadLabels updates the workload labels, similar with K8S controller.

func (*MemServiceDiscovery) WorkloadHealthCheckInfo Uses

func (sd *MemServiceDiscovery) WorkloadHealthCheckInfo(addr string) model.ProbeList

WorkloadHealthCheckInfo implements discovery interface

type PushQueue Uses

type PushQueue struct {
    // contains filtered or unexported fields

func NewPushQueue Uses

func NewPushQueue() *PushQueue

func (*PushQueue) Dequeue Uses

func (p *PushQueue) Dequeue() (*XdsConnection, *model.PushRequest)

Remove a proxy from the queue. If there are no proxies ready to be removed, this will block

func (*PushQueue) Enqueue Uses

func (p *PushQueue) Enqueue(proxy *XdsConnection, pushInfo *model.PushRequest)

Enqueue will mark a proxy as pending a push. If it is already pending, pushInfo will be merged. ServiceEntry updates will be added together, and full will be set if either were full

func (*PushQueue) MarkDone Uses

func (p *PushQueue) MarkDone(con *XdsConnection)

func (*PushQueue) Pending Uses

func (p *PushQueue) Pending() int

Get number of pending proxies

type SyncStatus Uses

type SyncStatus struct {
    ProxyID       string `json:"proxy,omitempty"`
    ProxyVersion  string `json:"proxy_version,omitempty"`
    IstioVersion  string `json:"istio_version,omitempty"`
    ClusterSent   string `json:"cluster_sent,omitempty"`
    ClusterAcked  string `json:"cluster_acked,omitempty"`
    ListenerSent  string `json:"listener_sent,omitempty"`
    ListenerAcked string `json:"listener_acked,omitempty"`
    RouteSent     string `json:"route_sent,omitempty"`
    RouteAcked    string `json:"route_acked,omitempty"`
    EndpointSent  string `json:"endpoint_sent,omitempty"`
    EndpointAcked string `json:"endpoint_acked,omitempty"`

SyncStatus is the synchronization status between Pilot and a given Envoy

type SyncedVersions Uses

type SyncedVersions struct {
    ProxyID         string `json:"proxy,omitempty"`
    ClusterVersion  string `json:"cluster_acked,omitempty"`
    ListenerVersion string `json:"listener_acked,omitempty"`
    RouteVersion    string `json:"route_acked,omitempty"`

SyncedVersions shows what resourceVersion of a given resource has been acked by Envoy.

type XdsConnection Uses

type XdsConnection struct {

    // PeerAddr is the address of the client envoy, from network layer
    PeerAddr string

    // Time of connection, for debugging
    Connect time.Time

    // ConID is the connection identifier, used as a key in the connection table.
    // Currently based on the node name and a counter.
    ConID string

    LDSListeners []*xdsapi.Listener                    `json:"-"`
    RouteConfigs map[string]*xdsapi.RouteConfiguration `json:"-"`
    CDSClusters  []*xdsapi.Cluster

    // Last nonce sent and ack'd (timestamps) used for debugging
    ClusterNonceSent, ClusterNonceAcked   string
    ListenerNonceSent, ListenerNonceAcked string
    RouteNonceSent, RouteNonceAcked       string
    RouteVersionInfoSent                  string
    EndpointNonceSent, EndpointNonceAcked string

    // current list of clusters monitored by the client
    Clusters []string

    // Routes is the list of watched Routes.
    Routes []string

    // LDSWatch is set if the remote server is watching Listeners
    LDSWatch bool
    // CDSWatch is set if the remote server is watching Clusters
    CDSWatch bool
    // contains filtered or unexported fields

XdsConnection is a listener connection type.

type XdsEvent Uses

type XdsEvent struct {
    // contains filtered or unexported fields

XdsEvent represents a config or registry event that results in a push.

type XdsType Uses

type XdsType int
const (
    CDS XdsType = iota

Package v2 imports 51 packages (graph). Updated 2020-04-07. Refresh now. Tools for package owners.