import "istio.io/istio/pilot/pkg/networking/util"
const (
// BlackHoleCluster to catch traffic from routes with unresolved clusters. Traffic arriving here goes nowhere.
BlackHoleCluster = "BlackHoleCluster"
// BlackHoleRouteName is the name of the route that blocks all traffic.
BlackHoleRouteName = "block_all"
// PassthroughCluster to forward traffic to the original destination requested. This cluster is used when
// traffic does not match any listener in envoy.
PassthroughCluster = "PassthroughCluster"
// PassthroughRouteName is the name of the route that forwards traffic to the
// PassthroughCluster
PassthroughRouteName = "allow_any"
// Inbound pass through cluster need to the bind the loopback ip address for the security and loop avoidance.
InboundPassthroughClusterIpv4 = "InboundPassthroughClusterIpv4"
InboundPassthroughClusterIpv6 = "InboundPassthroughClusterIpv6"
// 6 is the magical number for inbound: 15006, 127.0.0.6, ::6
InboundPassthroughBindIpv4 = "127.0.0.6"
InboundPassthroughBindIpv6 = "::6"
// SniClusterFilter is the name of the sni_cluster envoy filter
SniClusterFilter = "envoy.filters.network.sni_cluster"
// ForwardDownstreamSniFilter forwards the sni from downstream connections to upstream
// Used only in the fallthrough filter stack for TLS connections
ForwardDownstreamSniFilter = "forward_downstream_sni"
// IstioMetadataKey is the key under which metadata is added to a route or cluster
// regarding the virtual service or destination rule used for each
IstioMetadataKey = "istio"
// EnvoyTransportSocketMetadataKey is the key under which metadata is added to an endpoint
// which determines the endpoint level transport socket configuration.
EnvoyTransportSocketMetadataKey = "envoy.transport_socket_match"
// EnvoyRawBufferSocketName matched with hardcoded built-in Envoy transport name which determines
// endpoint level plantext transport socket configuration
EnvoyRawBufferSocketName = "envoy.transport_sockets.raw_buffer"
// EnvoyTLSSocketName matched with hardcoded built-in Envoy transport name which determines endpoint
// level tls transport socket configuration
EnvoyTLSSocketName = "envoy.transport_sockets.tls"
)ALPNDownstream advertises that Proxy is going to talking either tcp(for metadata exchange), http2 or http 1.1.
ALPNH2Only advertises that Proxy is going to use HTTP/2 when talking to the cluster.
ALPNHttp advertises that Proxy is going to talking either http2 or http 1.1.
ALPNInMesh advertises that Proxy is going to talk to the in-mesh cluster. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions.
ALPNInMeshH2 advertises that Proxy is going to use HTTP/2 when talking to the in-mesh cluster. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions. Once Envoy supports client-side ALPN negotiation, this should be {"istio", "h2", "http/1.1"}.
ALPNInMeshWithMxc advertises that Proxy is going to talk to the in-mesh cluster and has metadata exchange enabled for TCP. The custom "istio-peer-exchange" value indicates, metadata exchange is enabled for TCP. The custom "istio" value indicates in-mesh traffic and it's going to be used for routing decisions.
var FallThroughFilterChainBlackHoleService = &model.Service{ Hostname: host.Name(BlackHoleCluster), Attributes: model.ServiceAttributes{ Name: BlackHoleCluster, }, }
FallThroughFilterChainBlackHoleService is the blackhole service used for fall though filter chain
var FallThroughFilterChainPassthroughService = &model.Service{ Hostname: host.Name(PassthroughCluster), Attributes: model.ServiceAttributes{ Name: PassthroughCluster, }, }
FallThroughFilterChainPassthroughService is the passthrough service used for fall though
func ApplyCustomSDSToCommonTLSContext(tlsContext *envoyauth.CommonTlsContext, tlsOpts *networking.Server_TLSOptions, sdsUdsPath string)
ApplyCustomSDSToCommonTLSContext applies the customized sds to CommonTlsContext Used for building both gateway/sidecar TLS context
func ApplyToCommonTLSContext(tlsContext *envoyauth.CommonTlsContext, metadata *model.NodeMetadata, sdsPath string, subjectAltNames []string)
ApplyToCommonTLSContext completes the commonTlsContext for `ISTIO_MUTUAL` TLS mode
BuildAddress returns a SocketAddress with the given ip and port or uds.
func BuildConfigInfoMetadata(config model.ConfigMeta) *core.Metadata
BuildConfigInfoMetadata builds core.Metadata struct containing the name.namespace of the config, the type, etc. Used by Mixer client to generate attributes for policy and telemetry.
func BuildLbEndpointMetadata(uid string, network string, tlsMode string, push *model.PushContext) *core.Metadata
BuildLbEndpointMetadata adds metadata values to a lb endpoint
func BuildStatPrefix(statPattern string, host string, subset string, port *model.Port, attributes model.ServiceAttributes) string
BuildStatPrefix builds a stat prefix based on the stat pattern.
return a shallow copy cluster
func CloneClusterLoadAssignment(original *xdsapi.ClusterLoadAssignment) xdsapi.ClusterLoadAssignment
return a shallow copy ClusterLoadAssignment
ConvertAddressToCidr converts from string to CIDR proto
ConvertLocality converts '/' separated locality string to Locality struct.
GogoDurationToDuration converts from gogo proto duration to time.duration
IsAllowAnyOutbound checks if allow_any is enabled for outbound traffic
func IsHTTPFilterChain(filterChain *listener.FilterChain) bool
IsHTTPFilterChain returns true if the filter chain contains a HTTP connection manager filter
IsIstioVersionGE13 checks whether the given Istio version is greater than or equals 1.3.
IsIstioVersionGE14 checks whether the given Istio version is greater than or equals 1.4.
IsIstioVersionGE15 checks whether the given Istio version is greater than or equals 1.5.
IsLocalityEmpty checks if a locality is empty (checking region is good enough, based on how its initialized)
IsProtocolSniffingEnabled checks whether protocol sniffing is enabled.
IsTCPMetadataExchangeEnabled checks whether Metadata Exchanged enabled for TCP using ALPN.
ConvertLocality converts '/' separated locality string to Locality struct.
MergeAnyWithAny merges a given any typed message into the given Any typed message by dynamically inferring the type of Any
MergeAnyWithStruct merges a given struct into the given Any typed message by dynamically inferring the type of Any, converting the struct into the inferred type, merging the two messages, and then marshaling the merged message back into Any.
MessageToAny converts from proto message to proto Any
MessageToAnyWithError converts from proto message to proto Any
MessageToStruct converts from proto message to proto Struct
func SortVirtualHosts(hosts []*route.VirtualHost)
SortVirtualHosts sorts a slice of virtual hosts by name.
Envoy computes a hash of RDS to see if things have changed - hash is affected by order of elements in the filter. Therefore we sort virtual hosts by name before handing them back so the ordering is stable across HTTP Route Configs.
Package util imports 29 packages (graph) and is imported by 37 packages. Updated 2020-02-27. Refresh now. Tools for package owners.