istio: Index | Files | Directories

package v1alpha3

import ""


Package Files

cluster.go cluster_builder.go configgen.go gateway.go httproute.go listener.go listener_builder.go networkfilter.go thriftroute.go tls.go


const (
    // DefaultLbType set to round robin
    DefaultLbType = networking.LoadBalancerSettings_ROUND_ROBIN

    // ManagementClusterHostname indicates the hostname used for building inbound clusters for management ports
    ManagementClusterHostname = "mgmtCluster"
const (
    NoConflict = iota
    // Incoming HTTP existing HTTP
    // Incoming HTTP existing TCP
    // Incoming HTTP existing AUTO
    // Incoming TCP existing HTTP
    // Incoming TCP existing TCP
    // Incoming TCP existing AUTO
    // Incoming AUTO existing HTTP
    // Incoming AUTO existing TCP
    // Incoming AUTO existing AUTO
const (
    // RDSHttpProxy is the special name for HTTP PROXY route
    RDSHttpProxy = "http_proxy"

    // VirtualOutboundListenerName is the name for traffic capture listener
    VirtualOutboundListenerName = "virtualOutbound"

    // VirtualOutboundCatchAllTCPFilterChainName is the name of the catch all tcp filter chain
    VirtualOutboundCatchAllTCPFilterChainName = "virtualOutbound-catchall-tcp"

    // VirtualOutboundTrafficLoopFilterChainName is the name of the filter chain that handles
    // pod IP traffic loops
    VirtualOutboundTrafficLoopFilterChainName = "virtualOutbound-trafficloop"

    // VirtualInboundListenerName is the name for traffic capture listener
    VirtualInboundListenerName = "virtualInbound"

    // WildcardAddress binds to all IP addresses
    WildcardAddress = ""

    // WildcardIPv6Address binds to all IPv6 addresses
    WildcardIPv6Address = "::"

    // LocalhostAddress for local binding
    LocalhostAddress = ""

    // LocalhostIPv6Address for local binding
    LocalhostIPv6Address = "::1"

    // EnvoyTextLogFormat format for envoy text based access logs for Istio 1.3 onwards
    EnvoyTextLogFormat = "[%START_TIME%] \"%REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% " +
        "%PROTOCOL%\" %RESPONSE_CODE% %RESPONSE_FLAGS% \"%DYNAMIC_METADATA(istio.mixer:status)%\" " +
        "\"%REQ(USER-AGENT)%\" \"%REQ(X-REQUEST-ID)%\" \"%REQ(:AUTHORITY)%\" \"%UPSTREAM_HOST%\" " +

    // EnvoyServerName for istio's envoy
    EnvoyServerName = "istio-envoy"

    // EnvoyAccessLogCluster is the cluster name that has details for server implementing Envoy ALS.
    // This cluster is created in bootstrap.
    EnvoyAccessLogCluster = "envoy_accesslog_service"

    // ProxyInboundListenPort is the port on which all inbound traffic to the pod/vm will be captured to
    // TODO: allow configuration through mesh config
    ProxyInboundListenPort = 15006

    // Used in xds config. Metavalue bind to this key is used by pilot as xds server but not by envoy.
    // So the meta data can be erased when pushing to envoy.
    PilotMetaKey = "pilot_meta"

    // CanonicalHTTPSPort defines the standard port for HTTPS traffic. To avoid conflicts, http services
    // are not allowed on this port.
    CanonicalHTTPSPort = 443

    // Alpn HTTP filter name which will override the ALPN for upstream TLS connection.
    AlpnFilterName = "istio.alpn"

    ThriftRLSDefaultTimeoutMS = 50


var (

    // EnvoyJSONLogFormat13 map of values for envoy json based access logs for Istio 1.3 onwards
    EnvoyJSONLogFormat = &structpb.Struct{
        Fields: map[string]*structpb.Value{
            "start_time":                        {Kind: &structpb.Value_StringValue{StringValue: "%START_TIME%"}},
            "route_name":                        {Kind: &structpb.Value_StringValue{StringValue: "%ROUTE_NAME%"}},
            "method":                            {Kind: &structpb.Value_StringValue{StringValue: "%REQ(:METHOD)%"}},
            "path":                              {Kind: &structpb.Value_StringValue{StringValue: "%REQ(X-ENVOY-ORIGINAL-PATH?:PATH)%"}},
            "protocol":                          {Kind: &structpb.Value_StringValue{StringValue: "%PROTOCOL%"}},
            "response_code":                     {Kind: &structpb.Value_StringValue{StringValue: "%RESPONSE_CODE%"}},
            "response_flags":                    {Kind: &structpb.Value_StringValue{StringValue: "%RESPONSE_FLAGS%"}},
            "bytes_received":                    {Kind: &structpb.Value_StringValue{StringValue: "%BYTES_RECEIVED%"}},
            "bytes_sent":                        {Kind: &structpb.Value_StringValue{StringValue: "%BYTES_SENT%"}},
            "duration":                          {Kind: &structpb.Value_StringValue{StringValue: "%DURATION%"}},
            "upstream_service_time":             {Kind: &structpb.Value_StringValue{StringValue: "%RESP(X-ENVOY-UPSTREAM-SERVICE-TIME)%"}},
            "x_forwarded_for":                   {Kind: &structpb.Value_StringValue{StringValue: "%REQ(X-FORWARDED-FOR)%"}},
            "user_agent":                        {Kind: &structpb.Value_StringValue{StringValue: "%REQ(USER-AGENT)%"}},
            "request_id":                        {Kind: &structpb.Value_StringValue{StringValue: "%REQ(X-REQUEST-ID)%"}},
            "authority":                         {Kind: &structpb.Value_StringValue{StringValue: "%REQ(:AUTHORITY)%"}},
            "upstream_host":                     {Kind: &structpb.Value_StringValue{StringValue: "%UPSTREAM_HOST%"}},
            "upstream_cluster":                  {Kind: &structpb.Value_StringValue{StringValue: "%UPSTREAM_CLUSTER%"}},
            "upstream_local_address":            {Kind: &structpb.Value_StringValue{StringValue: "%UPSTREAM_LOCAL_ADDRESS%"}},
            "downstream_local_address":          {Kind: &structpb.Value_StringValue{StringValue: "%DOWNSTREAM_LOCAL_ADDRESS%"}},
            "downstream_remote_address":         {Kind: &structpb.Value_StringValue{StringValue: "%DOWNSTREAM_REMOTE_ADDRESS%"}},
            "requested_server_name":             {Kind: &structpb.Value_StringValue{StringValue: "%REQUESTED_SERVER_NAME%"}},
            "istio_policy_status":               {Kind: &structpb.Value_StringValue{StringValue: "%DYNAMIC_METADATA(istio.mixer:status)%"}},
            "upstream_transport_failure_reason": {Kind: &structpb.Value_StringValue{StringValue: "%UPSTREAM_TRANSPORT_FAILURE_REASON%"}},

A set of pre-allocated variables related to protocol sniffing logic for propagating the ALPN to upstreams

func SelectTrafficPolicyComponents Uses

func SelectTrafficPolicyComponents(policy *networking.TrafficPolicy, port *model.Port) (
    *networking.ConnectionPoolSettings, *networking.OutlierDetection, *networking.LoadBalancerSettings, *networking.TLSSettings)

SelectTrafficPolicyComponents returns the components of TrafficPolicy that should be used for given port.

type ClusterBuilder Uses

type ClusterBuilder struct {
    // contains filtered or unexported fields

ClusterBuilder interface provides an abstraction for building Envoy Clusters.

func NewClusterBuilder Uses

func NewClusterBuilder(proxy *model.Proxy, push *model.PushContext) *ClusterBuilder

NewClusterBuilder builds an instance of ClusterBuilder.

type ClusterMode Uses

type ClusterMode string

ClusterMode defines whether the cluster is being built for SNI-DNATing (sni passthrough) or not

const (
    // SniDnatClusterMode indicates cluster is being built for SNI dnat mode
    SniDnatClusterMode ClusterMode = "sni-dnat"
    // DefaultClusterMode indicates usual cluster with mTLS et al
    DefaultClusterMode ClusterMode = "outbound"

type ConfigGeneratorImpl Uses

type ConfigGeneratorImpl struct {
    // List of plugins that modify code generated by this config generator
    Plugins []plugin.Plugin

func NewConfigGenerator Uses

func NewConfigGenerator(plugins []plugin.Plugin) *ConfigGeneratorImpl

func (*ConfigGeneratorImpl) BuildClusters Uses

func (configgen *ConfigGeneratorImpl) BuildClusters(proxy *model.Proxy, push *model.PushContext) []*apiv2.Cluster

BuildClusters returns the list of clusters for the given proxy. This is the CDS output For outbound: Cluster for each service/subset hostname or cidr with SNI set to service hostname Cluster type based on resolution For inbound (sidecar only): Cluster for each inbound endpoint port and for each service port

func (*ConfigGeneratorImpl) BuildHTTPRoutes Uses

func (configgen *ConfigGeneratorImpl) BuildHTTPRoutes(node *model.Proxy, push *model.PushContext,
    routeNames []string) []*xdsapi.RouteConfiguration

BuildHTTPRoutes produces a list of routes for the proxy

func (*ConfigGeneratorImpl) BuildListeners Uses

func (configgen *ConfigGeneratorImpl) BuildListeners(node *model.Proxy,
    push *model.PushContext) []*xdsapi.Listener

BuildListeners produces a list of listeners and referenced clusters for all proxies

func (*ConfigGeneratorImpl) MeshConfigChanged Uses

func (configgen *ConfigGeneratorImpl) MeshConfigChanged(mesh *meshconfig.MeshConfig)

Called when mesh config is changed.

type FilterChainMatchOptions Uses

type FilterChainMatchOptions struct {
    // Application protocols of the filter chain match
    ApplicationProtocols []string
    // Transport protocol of the filter chain match. "tls" or empty
    TransportProtocol string
    // Filter chain protocol. HTTP for HTTP proxy and TCP for TCP proxy
    Protocol istionetworking.ListenerProtocol

type ListenerBuilder Uses

type ListenerBuilder struct {
    // contains filtered or unexported fields

A stateful listener builder Support the below intentions 1. Use separate inbound capture listener(:15006) and outbound capture listener(:15001) 2. The above listeners use bind_to_port sub listeners or filter chains.

func NewListenerBuilder Uses

func NewListenerBuilder(node *model.Proxy, push *model.PushContext) *ListenerBuilder


fakesCode generated by counterfeiter.
loadbalancerpackages used for load balancer setting

Package v1alpha3 imports 59 packages (graph) and is imported by 4 packages. Updated 2020-03-30. Refresh now. Tools for package owners.