envoy

package

v0.0.0-...-a1fe31f Latest Latest Go to latest Published: Dec 28, 2021 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/projectsesame/sesame

Links

Open Source Insights

Documentation ¶

Overview ¶

Package envoy contains APIs for translating between Sesame objects and Envoy configuration APIs and types.

Index ¶

Constants
func AltStatName(service *dag.Service) string
func AnyPositive(first uint32, rest ...uint32) bool
func Clustername(cluster *dag.Cluster) string
func Hashname(l int, s ...string) string
func HostReplaceHeader(hp *dag.HeadersPolicy) string
func Secretname(s *dag.Secret) string
func SingleSimpleCluster(route *dag.Route) bool
func Timeout(d timeout.Setting) *duration.Duration
func ValidAdminAddress(address string) error
func WriteConfig(filename string, config proto.Message) (err error)
type BootstrapConfig

Constants ¶

View Source

const (
	HCTimeout            = 2 * time.Second
	HCInterval           = 10 * time.Second
	HCUnhealthyThreshold = 3
	HCHealthyThreshold   = 2
	HCHost               = "sesame-envoy-healthcheck"
)

Default healthcheck / lb algorithm values

View Source

const (
	TCP_KEEPIDLE  = 0x4 // Linux syscall.TCP_KEEPIDLE
	TCP_KEEPINTVL = 0x5 // Linux syscall.TCP_KEEPINTVL
	TCP_KEEPCNT   = 0x6 // Linux syscall.TCP_KEEPCNT

	// The following are Linux syscall constants for all
	// architectures except MIPS.
	SOL_SOCKET   = 0x1
	SO_KEEPALIVE = 0x9

	// IPPROTO_TCP has the same value across Go platforms, but
	// is defined here for consistency.
	IPPROTO_TCP = syscall.IPPROTO_TCP
)

We only support Envoy on Linux so always configure Linux TCP keep-alive socket options regardless of the platform that Sesame is running on. nolint:revive

View Source

const SDSResourcesSubdirectory = "sds"

SDSResourcesSubdirectory stores the subdirectory name where SDS path resources are stored to.

View Source

const SDSTLSCertificateFile = "xds-tls-certificate.json"

SDSTLSCertificateFile stores the path to the SDS resource with Envoy's client certificate and key for XDS gRPC connection.

View Source

const SDSValidationContextFile = "xds-validation-context.json"

SDSValidationContextFile stores the path to the SDS resource with CA certificates for Envoy to use for the XDS gRPC connection.

Variables ¶

This section is empty.

Functions ¶

func AltStatName ¶

func AltStatName(service *dag.Service) string

AltStatName generates an alternative stat name for the service using format ns_name_port

func AnyPositive ¶

func AnyPositive(first uint32, rest ...uint32) bool

AnyPositive indicates if any of the values provided are greater than zero.

func Clustername ¶

func Clustername(cluster *dag.Cluster) string

Clustername returns the name of the CDS cluster for this service.

func Hashname ¶

func Hashname(l int, s ...string) string

Hashname takes a length l and a varargs of strings s and returns a string whose length which does not exceed l. Internally s is joined with strings.Join(s, "/"). If the combined length exceeds l then hashname truncates each element in s, starting from the end using a hash derived from the contents of s (not the current element). This process continues until the length of s does not exceed l, or all elements have been truncated. In which case, the entire string is replaced with a hash not exceeding the length of l.

func HostReplaceHeader ¶

func HostReplaceHeader(hp *dag.HeadersPolicy) string

func Secretname ¶

func Secretname(s *dag.Secret) string

Secretname returns the name of the SDS secret for this secret.

func SingleSimpleCluster ¶

func SingleSimpleCluster(route *dag.Route) bool

SingleSimpleCluster determines whether we can use a RouteAction_Cluster or must use a RouteAction_WeighedCluster to encode additional routing data.

func Timeout ¶

func Timeout(d timeout.Setting) *duration.Duration

Timeout converts a timeout.Setting to a protobuf.Duration that's appropriate for Envoy. In general (though there are exceptions), Envoy uses the following semantics:

not passing a value means "use Envoy default"
explicitly passing a 0 means "disable this timeout"
passing a positive value uses that value

func ValidAdminAddress ¶

func ValidAdminAddress(address string) error

ValidAdminAddress checks if the address supplied is "localhost" or an IP address. Only a Unix Socket is supported for this address to mitigate security.

func WriteConfig ¶

func WriteConfig(filename string, config proto.Message) (err error)

Types ¶

type BootstrapConfig ¶

type BootstrapConfig struct {
	// AdminAccessLogPath is the path to write the access log for the administration server.
	// Defaults to /dev/null.
	AdminAccessLogPath string

	// AdminAddress is the Unix Socket address that the administration server will listen on.
	// Defaults to /admin/admin.sock.
	AdminAddress string

	// Deprecated
	// AdminPort is the port that the administration server will listen on.
	AdminPort int

	// XDSAddress is the TCP address of the gRPC XDS management server.
	// Defaults to 127.0.0.1.
	XDSAddress string

	// XDSGRPCPort is the management server port that provides the v3 gRPC API.
	// Defaults to 8001.
	XDSGRPCPort int

	// XDSResourceVersion defines the XDS Server Version to use.
	// Defaults to "v3"
	XDSResourceVersion config.ResourceVersion

	// Namespace is the namespace where Sesame is running
	Namespace string

	// GrpcCABundle is the filename that contains a CA certificate chain that can
	// verify the client cert.
	GrpcCABundle string

	// GrpcClientCert is the filename that contains a client certificate. May contain a full bundle if you
	// don't want to pass a CA Bundle.
	GrpcClientCert string

	// GrpcClientKey is the filename that contains a client key for secure gRPC with TLS.
	GrpcClientKey string

	// Path is the filename for the bootstrap configuration file to be created.
	Path string

	// ResourcesDir is the directory where out of line Envoy resources can be placed.
	ResourcesDir string

	// SkipFilePathCheck specifies whether to skip checking whether files
	// referenced in the configuration actually exist. This option is for
	// testing only.
	SkipFilePathCheck bool

	// DNSLookupFamily specifies DNS Resolution Policy to use for Envoy -> Sesame cluster name lookup.
	// Either v4, v6 or auto.
	DNSLookupFamily string
}

BootstrapConfig holds configuration values for a Bootstrap configuration.

func (*BootstrapConfig) GetAdminAccessLogPath ¶

func (c *BootstrapConfig) GetAdminAccessLogPath() string

GetAdminAccessLogPath returns the configured access log path or defaults to "/dev/null"

func (*BootstrapConfig) GetAdminAddress ¶

func (c *BootstrapConfig) GetAdminAddress() string

GetAdminAddress returns the admin socket path configured or defaults to "/admin/admin.sock"

func (*BootstrapConfig) GetAdminPort ¶

func (c *BootstrapConfig) GetAdminPort() int

func (*BootstrapConfig) GetDNSLookupFamily ¶

func (c *BootstrapConfig) GetDNSLookupFamily() string

GetDNSLookupFamily returns the configured dns lookup family or defaults to "auto"

func (*BootstrapConfig) GetXdsAddress ¶

func (c *BootstrapConfig) GetXdsAddress() string

GetXdsAddress returns the address configured or defaults to "127.0.0.1"

func (*BootstrapConfig) GetXdsGRPCPort ¶

func (c *BootstrapConfig) GetXdsGRPCPort() int

GetXdsGRPCPort returns the port configured or defaults to "8001"

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
v3

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL