From daa7a353db1516306bde323b80523a2c5705003d Mon Sep 17 00:00:00 2001 From: Kuat Yessenov Date: Fri, 26 Jan 2018 15:55:52 -0800 Subject: [PATCH 1/2] move xds back Signed-off-by: Kuat Yessenov --- envoy/BUILD | 2 +- envoy/api/v2/BUILD | 93 ++++++++++++++++++ envoy/{service/discovery => api}/v2/cds.proto | 4 +- .../common.proto => api/v2/discovery.proto} | 5 +- envoy/{service/discovery => api}/v2/eds.proto | 4 +- envoy/{service/discovery => api}/v2/lds.proto | 4 +- envoy/{service/discovery => api}/v2/rds.proto | 4 +- envoy/service/discovery/BUILD | 13 --- envoy/service/discovery/v2/BUILD | 96 +------------------ envoy/service/discovery/v2/ads.proto | 6 +- envoy/service/discovery/v2/hds.proto | 5 - envoy/service/discovery/v2/sds.proto | 7 +- test/build/BUILD | 16 ++-- test/build/build_test.cc | 16 ++-- test/validate/BUILD | 8 +- test/validate/pgv_test.cc | 8 +- 16 files changed, 140 insertions(+), 151 deletions(-) rename envoy/{service/discovery => api}/v2/cds.proto (87%) rename envoy/{service/discovery/v2/common.proto => api/v2/discovery.proto} (97%) rename envoy/{service/discovery => api}/v2/eds.proto (96%) rename envoy/{service/discovery => api}/v2/lds.proto (90%) rename envoy/{service/discovery => api}/v2/rds.proto (90%) delete mode 100644 envoy/service/discovery/BUILD diff --git a/envoy/BUILD b/envoy/BUILD index 486701bc8..052e75afa 100644 --- a/envoy/BUILD +++ b/envoy/BUILD @@ -20,7 +20,7 @@ proto_library( "//envoy/config/metrics/v2:stats", "//envoy/config/ratelimit/v2:rls", "//envoy/config/trace/v2:trace", - "//envoy/service/discovery", + "//envoy/service/discovery/v2:ads", "//envoy/service/load_stats", "//envoy/service/metrics", ], diff --git a/envoy/api/v2/BUILD b/envoy/api/v2/BUILD index 381a3be17..4f17b2b3e 100644 --- a/envoy/api/v2/BUILD +++ b/envoy/api/v2/BUILD @@ -76,10 +76,103 @@ api_go_proto_library( proto = ":protocol", ) +api_proto_library( + name = "discovery", + srcs = ["discovery.proto"], + deps = ["//envoy/api/v2:base"], +) + +api_go_proto_library( + name = "discovery", + proto = ":discovery", + deps = ["//envoy/api/v2:base_go_proto"], +) + +api_proto_library( + name = "eds", + srcs = ["eds.proto"], + has_services = 1, + deps = [ + ":discovery", + "//envoy/api/v2:address", + "//envoy/api/v2:base", + "//envoy/api/v2:health_check", + "//envoy/api/v2/endpoint", + ], +) + +api_go_grpc_library( + name = "eds", + proto = ":eds", + deps = [ + ":discovery_go_proto", + "//envoy/api/v2:address_go_proto", + "//envoy/api/v2:base_go_proto", + "//envoy/api/v2:health_check_go_proto", + "//envoy/api/v2/endpoint:endpoint_go_proto", + ], +) + +api_proto_library( + name = "cds", + srcs = ["cds.proto"], + has_services = 1, + deps = [ + ":discovery", + ], +) + +api_go_grpc_library( + name = "cds", + proto = ":cds", + deps = [ + ":discovery_go_proto", + ], +) + +api_proto_library( + name = "lds", + srcs = ["lds.proto"], + has_services = 1, + deps = [ + ":discovery", + ], +) + +api_go_grpc_library( + name = "lds", + proto = ":lds", + deps = [ + ":discovery_go_proto", + ], +) + +api_proto_library( + name = "rds", + srcs = ["rds.proto"], + has_services = 1, + deps = [ + ":discovery", + ], +) + +api_go_grpc_library( + name = "rds", + proto = ":rds", + deps = [ + ":discovery_go_proto", + ], +) + proto_library( name = "v2", visibility = ["//envoy:__pkg__"], deps = [ + ":cds", + ":discovery", + ":eds", + ":lds", ":protocol", + ":rds", ], ) diff --git a/envoy/service/discovery/v2/cds.proto b/envoy/api/v2/cds.proto similarity index 87% rename from envoy/service/discovery/v2/cds.proto rename to envoy/api/v2/cds.proto index 9125d189b..8aa92b4ea 100644 --- a/envoy/service/discovery/v2/cds.proto +++ b/envoy/api/v2/cds.proto @@ -1,8 +1,8 @@ syntax = "proto3"; -package envoy.service.discovery.v2; +package envoy.api.v2; -import "envoy/service/discovery/v2/common.proto"; +import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; diff --git a/envoy/service/discovery/v2/common.proto b/envoy/api/v2/discovery.proto similarity index 97% rename from envoy/service/discovery/v2/common.proto rename to envoy/api/v2/discovery.proto index 9ab41e52b..13c40d350 100644 --- a/envoy/service/discovery/v2/common.proto +++ b/envoy/api/v2/discovery.proto @@ -1,7 +1,6 @@ syntax = "proto3"; -package envoy.service.discovery.v2; -option go_package = "discovery"; +package envoy.api.v2; import "envoy/api/v2/base.proto"; @@ -22,7 +21,7 @@ message DiscoveryRequest { string version_info = 1; // The node making the request. - envoy.api.v2.Node node = 2; + Node node = 2; // List of resources to subscribe to, e.g. list of cluster names or a route // configuration name. If this is empty, all resources for the API are diff --git a/envoy/service/discovery/v2/eds.proto b/envoy/api/v2/eds.proto similarity index 96% rename from envoy/service/discovery/v2/eds.proto rename to envoy/api/v2/eds.proto index 783036dc1..c9c51f404 100644 --- a/envoy/service/discovery/v2/eds.proto +++ b/envoy/api/v2/eds.proto @@ -1,8 +1,8 @@ syntax = "proto3"; -package envoy.service.discovery.v2; +package envoy.api.v2; -import "envoy/service/discovery/v2/common.proto"; +import "envoy/api/v2/discovery.proto"; import "envoy/api/v2/endpoint/endpoint.proto"; import "google/api/annotations.proto"; diff --git a/envoy/service/discovery/v2/lds.proto b/envoy/api/v2/lds.proto similarity index 90% rename from envoy/service/discovery/v2/lds.proto rename to envoy/api/v2/lds.proto index 78712bd32..fe3273878 100644 --- a/envoy/service/discovery/v2/lds.proto +++ b/envoy/api/v2/lds.proto @@ -1,8 +1,8 @@ syntax = "proto3"; -package envoy.service.discovery.v2; +package envoy.api.v2; -import "envoy/service/discovery/v2/common.proto"; +import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; diff --git a/envoy/service/discovery/v2/rds.proto b/envoy/api/v2/rds.proto similarity index 90% rename from envoy/service/discovery/v2/rds.proto rename to envoy/api/v2/rds.proto index 6bdb86637..b5949bcbf 100644 --- a/envoy/service/discovery/v2/rds.proto +++ b/envoy/api/v2/rds.proto @@ -1,8 +1,8 @@ syntax = "proto3"; -package envoy.service.discovery.v2; +package envoy.api.v2; -import "envoy/service/discovery/v2/common.proto"; +import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; diff --git a/envoy/service/discovery/BUILD b/envoy/service/discovery/BUILD deleted file mode 100644 index 606b2450c..000000000 --- a/envoy/service/discovery/BUILD +++ /dev/null @@ -1,13 +0,0 @@ -proto_library( - name = "discovery", - visibility = ["//envoy:__pkg__"], - deps = [ - "//envoy/service/discovery/v2:ads", - "//envoy/service/discovery/v2:cds", - "//envoy/service/discovery/v2:common", - "//envoy/service/discovery/v2:eds", - "//envoy/service/discovery/v2:lds", - "//envoy/service/discovery/v2:rds", - "//envoy/service/discovery/v2:sds", - ], -) diff --git a/envoy/service/discovery/v2/BUILD b/envoy/service/discovery/v2/BUILD index f911cc4bb..ccd508664 100644 --- a/envoy/service/discovery/v2/BUILD +++ b/envoy/service/discovery/v2/BUILD @@ -2,24 +2,12 @@ load("//bazel:api_build_system.bzl", "api_proto_library", "api_go_proto_library" licenses(["notice"]) # Apache 2 -api_proto_library( - name = "common", - srcs = ["common.proto"], - deps = ["//envoy/api/v2:base"], -) - -api_go_proto_library( - name = "common", - proto = ":common", - deps = ["//envoy/api/v2:base_go_proto"], -) - api_proto_library( name = "ads", srcs = ["ads.proto"], has_services = 1, deps = [ - ":common", + "//envoy/api/v2:discovery", ], ) @@ -27,66 +15,7 @@ api_go_grpc_library( name = "ads", proto = ":ads", deps = [ - ":common_go_proto", - ], -) - -api_proto_library( - name = "eds", - srcs = ["eds.proto"], - has_services = 1, - deps = [ - ":common", - "//envoy/api/v2:address", - "//envoy/api/v2:base", - "//envoy/api/v2:health_check", - "//envoy/api/v2/endpoint", - ], -) - -api_go_grpc_library( - name = "eds", - proto = ":eds", - deps = [ - ":common_go_proto", - "//envoy/api/v2:address_go_proto", - "//envoy/api/v2:base_go_proto", - "//envoy/api/v2:health_check_go_proto", - "//envoy/api/v2/endpoint:endpoint_go_proto", - ], -) - -api_proto_library( - name = "cds", - srcs = ["cds.proto"], - has_services = 1, - deps = [ - ":common", - ], -) - -api_go_grpc_library( - name = "cds", - proto = ":cds", - deps = [ - ":common_go_proto", - ], -) - -api_proto_library( - name = "lds", - srcs = ["lds.proto"], - has_services = 1, - deps = [ - ":common", - ], -) - -api_go_grpc_library( - name = "lds", - proto = ":lds", - deps = [ - ":common_go_proto", + "//envoy/api/v2:discovery_go_proto", ], ) @@ -111,29 +40,12 @@ api_go_grpc_library( ], ) -api_proto_library( - name = "rds", - srcs = ["rds.proto"], - has_services = 1, - deps = [ - ":common", - ], -) - -api_go_grpc_library( - name = "rds", - proto = ":rds", - deps = [ - ":common_go_proto", - ], -) - api_proto_library( name = "sds", srcs = ["sds.proto"], has_services = 1, deps = [ - ":common", + "//envoy/api/v2:discovery", ], ) @@ -141,6 +53,6 @@ api_go_grpc_library( name = "sds", proto = ":sds", deps = [ - ":common_go_proto", + "//envoy/api/v2:discovery_go_proto", ], ) diff --git a/envoy/service/discovery/v2/ads.proto b/envoy/service/discovery/v2/ads.proto index 7c71182b1..615dad0d3 100644 --- a/envoy/service/discovery/v2/ads.proto +++ b/envoy/service/discovery/v2/ads.proto @@ -1,8 +1,9 @@ syntax = "proto3"; package envoy.service.discovery.v2; +option go_package = "discovery"; -import "envoy/service/discovery/v2/common.proto"; +import "envoy/api/v2/discovery.proto"; // [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing // services: https://github.com/google/protobuf/issues/4221 @@ -17,6 +18,7 @@ message AdsDummy { // the multiplexed singleton APIs at the Envoy instance and management server. service AggregatedDiscoveryService { // This is a gRPC-only API. - rpc StreamAggregatedResources(stream DiscoveryRequest) returns (stream DiscoveryResponse) { + rpc StreamAggregatedResources(stream envoy.api.v2.DiscoveryRequest) + returns (stream envoy.api.v2.DiscoveryResponse) { } } diff --git a/envoy/service/discovery/v2/hds.proto b/envoy/service/discovery/v2/hds.proto index 957f8a47a..6e6c3d3b9 100644 --- a/envoy/service/discovery/v2/hds.proto +++ b/envoy/service/discovery/v2/hds.proto @@ -9,11 +9,6 @@ import "envoy/api/v2/endpoint/endpoint.proto"; import "google/api/annotations.proto"; import "google/protobuf/duration.proto"; -// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing -// services: https://github.com/google/protobuf/issues/4221 -message HdsDummy { -} - // [#proto-status: experimental] // HDS is Health Discovery Service. It compliments Envoy’s health checking // service by designating this Envoy to be a healthchecker for a subset of hosts diff --git a/envoy/service/discovery/v2/sds.proto b/envoy/service/discovery/v2/sds.proto index e0dd74316..4bea525fa 100644 --- a/envoy/service/discovery/v2/sds.proto +++ b/envoy/service/discovery/v2/sds.proto @@ -2,7 +2,7 @@ syntax = "proto3"; package envoy.service.discovery.v2; -import "envoy/service/discovery/v2/common.proto"; +import "envoy/api/v2/discovery.proto"; import "google/api/annotations.proto"; @@ -12,10 +12,11 @@ message SdsDummy { } service SecretDiscoveryService { - rpc StreamSecrets(stream DiscoveryRequest) returns (stream DiscoveryResponse) { + rpc StreamSecrets(stream envoy.api.v2.DiscoveryRequest) + returns (stream envoy.api.v2.DiscoveryResponse) { } - rpc FetchSecrets(DiscoveryRequest) returns (DiscoveryResponse) { + rpc FetchSecrets(envoy.api.v2.DiscoveryRequest) returns (envoy.api.v2.DiscoveryResponse) { option (google.api.http) = { post: "/v2/discovery:secrets" body: "*" diff --git a/test/build/BUILD b/test/build/BUILD index 987cd6e1e..2605b7c27 100644 --- a/test/build/BUILD +++ b/test/build/BUILD @@ -6,13 +6,13 @@ api_cc_test( name = "build_test", srcs = ["build_test.cc"], proto_deps = [ + "//envoy/api/v2:cds", + "//envoy/api/v2:eds", + "//envoy/api/v2:lds", + "//envoy/api/v2:rds", "//envoy/service/accesslog/v2:als", "//envoy/service/discovery/v2:ads", - "//envoy/service/discovery/v2:cds", - "//envoy/service/discovery/v2:eds", "//envoy/service/discovery/v2:hds", - "//envoy/service/discovery/v2:lds", - "//envoy/service/discovery/v2:rds", "//envoy/service/metrics/v2:metrics_service", "//envoy/service/ratelimit/v2:rls", ], @@ -24,14 +24,14 @@ api_go_test( srcs = ["go_build_test.go"], importpath = "go_build_test", deps = [ + "//envoy/api/v2:cds_go_grpc", + "//envoy/api/v2:eds_go_grpc", + "//envoy/api/v2:lds_go_grpc", + "//envoy/api/v2:rds_go_grpc", "//envoy/api/v2/auth:cert_go_proto", "//envoy/config/bootstrap/v2:bootstrap_go_proto", "//envoy/service/discovery/v2:ads_go_grpc", - "//envoy/service/discovery/v2:cds_go_grpc", - "//envoy/service/discovery/v2:eds_go_grpc", "//envoy/service/discovery/v2:hds_go_grpc", - "//envoy/service/discovery/v2:lds_go_grpc", - "//envoy/service/discovery/v2:rds_go_grpc", "//envoy/service/discovery/v2:sds_go_grpc", "//envoy/service/ratelimit/v2:rls_go_grpc", ], diff --git a/test/build/build_test.cc b/test/build/build_test.cc index 3e790a31a..bc2ced17a 100644 --- a/test/build/build_test.cc +++ b/test/build/build_test.cc @@ -7,16 +7,16 @@ int main(int argc, char* argv[]) { const auto methods = { "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources", - "envoy.service.discovery.v2.ClusterDiscoveryService.FetchClusters", - "envoy.service.discovery.v2.ClusterDiscoveryService.StreamClusters", - "envoy.service.discovery.v2.EndpointDiscoveryService.FetchEndpoints", - "envoy.service.discovery.v2.EndpointDiscoveryService.StreamEndpoints", "envoy.service.discovery.v2.HealthDiscoveryService.FetchHealthCheck", "envoy.service.discovery.v2.HealthDiscoveryService.StreamHealthCheck", - "envoy.service.discovery.v2.ListenerDiscoveryService.FetchListeners", - "envoy.service.discovery.v2.ListenerDiscoveryService.StreamListeners", - "envoy.service.discovery.v2.RouteDiscoveryService.FetchRoutes", - "envoy.service.discovery.v2.RouteDiscoveryService.StreamRoutes", + "envoy.api.v2.ClusterDiscoveryService.FetchClusters", + "envoy.api.v2.ClusterDiscoveryService.StreamClusters", + "envoy.api.v2.EndpointDiscoveryService.FetchEndpoints", + "envoy.api.v2.EndpointDiscoveryService.StreamEndpoints", + "envoy.api.v2.ListenerDiscoveryService.FetchListeners", + "envoy.api.v2.ListenerDiscoveryService.StreamListeners", + "envoy.api.v2.RouteDiscoveryService.FetchRoutes", + "envoy.api.v2.RouteDiscoveryService.StreamRoutes", "envoy.service.accesslog.v2.AccessLogService.StreamAccessLogs", "envoy.service.metrics.v2.MetricsService.StreamMetrics", "envoy.service.ratelimit.v2.RateLimitService.ShouldRateLimit", diff --git a/test/validate/BUILD b/test/validate/BUILD index aabe65672..beb78de10 100644 --- a/test/validate/BUILD +++ b/test/validate/BUILD @@ -6,7 +6,11 @@ api_cc_test( name = "pgv_test", srcs = ["pgv_test.cc"], proto_deps = [ + "//envoy/api/v2:cds", + "//envoy/api/v2:eds", + "//envoy/api/v2:lds", "//envoy/api/v2:protocol", + "//envoy/api/v2:rds", "//envoy/api/v2/filter/accesslog", "//envoy/api/v2/filter/http:buffer", "//envoy/api/v2/filter/http:fault", @@ -21,9 +25,5 @@ api_cc_test( "//envoy/api/v2/filter/network:redis_proxy", "//envoy/api/v2/filter/network:tcp_proxy", "//envoy/config/bootstrap/v2:bootstrap", - "//envoy/service/discovery/v2:cds", - "//envoy/service/discovery/v2:eds", - "//envoy/service/discovery/v2:lds", - "//envoy/service/discovery/v2:rds", ], ) diff --git a/test/validate/pgv_test.cc b/test/validate/pgv_test.cc index b7e383e69..9c31e004f 100644 --- a/test/validate/pgv_test.cc +++ b/test/validate/pgv_test.cc @@ -21,10 +21,10 @@ #include "envoy/api/v2/listener/listener.pb.validate.h" #include "envoy/api/v2/route/route.pb.validate.h" #include "envoy/config/bootstrap/v2/bootstrap.pb.validate.h" -#include "envoy/service/discovery/v2/cds.pb.validate.h" -#include "envoy/service/discovery/v2/eds.pb.validate.h" -#include "envoy/service/discovery/v2/lds.pb.validate.h" -#include "envoy/service/discovery/v2/rds.pb.validate.h" +#include "envoy/api/v2/cds.pb.validate.h" +#include "envoy/api/v2/eds.pb.validate.h" +#include "envoy/api/v2/lds.pb.validate.h" +#include "envoy/api/v2/rds.pb.validate.h" #include "google/protobuf/text_format.h" From 7870ecc189b85dfeccf3ac51c5d31d6f16a18927 Mon Sep 17 00:00:00 2001 From: Kuat Yessenov Date: Mon, 29 Jan 2018 11:16:57 -0800 Subject: [PATCH 2/2] move load assignment, clusters, routes, listeners to original package Signed-off-by: Kuat Yessenov --- docs/build.sh | 8 +- docs/root/api-v2/api.rst | 8 +- .../configuration/http_conn_man/headers.rst | 2 +- .../configuration/listeners/listeners.rst | 2 +- .../configuration/overview/v2_overview.rst | 20 +- .../arch_overview/dynamic_configuration.rst | 2 +- .../intro/arch_overview/load_balancing.rst | 2 +- docs/root/intro/version_history.rst | 4 +- envoy/BUILD | 2 +- envoy/api/v2/BUILD | 38 +- envoy/api/v2/cds.proto | 353 ++++++++++++++++- envoy/api/v2/cluster/BUILD | 30 -- envoy/api/v2/cluster/circuit_breaker.proto | 1 + envoy/api/v2/cluster/cluster.proto | 356 ------------------ envoy/api/v2/eds.proto | 11 +- envoy/api/v2/filter/network/BUILD | 2 +- .../network/http_connection_manager.proto | 4 +- envoy/api/v2/grpc_service.proto | 4 +- envoy/api/v2/lds.proto | 102 ++++- envoy/api/v2/listener/listener.proto | 91 ----- envoy/api/v2/rds.proto | 58 ++- envoy/api/v2/route/route.proto | 61 +-- envoy/config/bootstrap/v2/BUILD | 8 +- envoy/config/bootstrap/v2/bootstrap.proto | 14 +- envoy/service/discovery/v2/ads.proto | 5 + test/build/build_test.cc | 6 +- test/validate/pgv_test.cc | 2 +- tools/BUILD | 2 +- tools/generate_listeners.py | 4 +- 29 files changed, 598 insertions(+), 604 deletions(-) delete mode 100644 envoy/api/v2/cluster/cluster.proto diff --git a/docs/build.sh b/docs/build.sh index ea2c58daa..ad23422f6 100755 --- a/docs/build.sh +++ b/docs/build.sh @@ -29,11 +29,14 @@ PROTO_RST=" /envoy/api/v2/address/envoy/api/v2/address.proto.rst /envoy/api/v2/base/envoy/api/v2/base.proto.rst /envoy/api/v2/auth/cert/envoy/api/v2/auth/cert.proto.rst + /envoy/api/v2/eds/envoy/api/v2/eds.proto.rst /envoy/api/v2/endpoint/endpoint/envoy/api/v2/endpoint/endpoint.proto.rst - /envoy/api/v2/cluster/cluster/envoy/api/v2/cluster/cluster.proto.rst + /envoy/api/v2/cds/envoy/api/v2/cds.proto.rst /envoy/api/v2/cluster/outlier_detection/envoy/api/v2/cluster/outlier_detection.proto.rst /envoy/api/v2/cluster/circuit_breaker/envoy/api/v2/cluster/circuit_breaker.proto.rst + /envoy/api/v2/rds/envoy/api/v2/rds.proto.rst /envoy/api/v2/route/route/envoy/api/v2/route/route.proto.rst + /envoy/api/v2/lds/envoy/api/v2/lds.proto.rst /envoy/api/v2/listener/listener/envoy/api/v2/listener/listener.proto.rst /envoy/api/v2/config_source/envoy/api/v2/config_source.proto.rst /envoy/api/v2/grpc_service/envoy/api/v2/grpc_service.proto.rst @@ -41,8 +44,7 @@ PROTO_RST=" /envoy/api/v2/protocol/envoy/api/v2/protocol.proto.rst /envoy/api/v2/ratelimit/ratelimit/envoy/api/v2/ratelimit/ratelimit.proto.rst /envoy/config/bootstrap/v2/bootstrap/envoy/config/bootstrap/v2/bootstrap.proto.rst - /envoy/service/discovery/v2/common/envoy/service/discovery/v2/common.proto.rst - /envoy/service/discovery/v2/eds/envoy/service/discovery/v2/eds.proto.rst + /envoy/api/v2/discovery/envoy/api/v2/discovery.proto.rst /envoy/config/ratelimit/v2/rls/envoy/config/ratelimit/v2/rls.proto.rst /envoy/config/metrics/v2/metrics_service/envoy/config/metrics/v2/metrics_service.proto.rst /envoy/config/metrics/v2/stats/envoy/config/metrics/v2/stats.proto.rst diff --git a/docs/root/api-v2/api.rst b/docs/root/api-v2/api.rst index 98f1b5d3d..02dd76c23 100644 --- a/docs/root/api-v2/api.rst +++ b/docs/root/api-v2/api.rst @@ -10,14 +10,16 @@ v2 API reference config/bootstrap/v2/bootstrap.proto api/v2/config_source.proto api/v2/grpc_service.proto + api/v2/lds.proto api/v2/listener/listener.proto - api/v2/cluster/cluster.proto + api/v2/cds.proto api/v2/cluster/outlier_detection.proto api/v2/cluster/circuit_breaker.proto api/v2/endpoint/endpoint.proto - service/discovery/v2/eds.proto + api/v2/eds.proto api/v2/health_check.proto api/v2/route/route.proto + api/v2/rds.proto api/v2/auth/cert.proto config/metrics/v2/stats.proto config/metrics/v2/metrics_service.proto @@ -25,7 +27,7 @@ v2 API reference api/v2/base.proto api/v2/address.proto api/v2/protocol.proto - service/discovery/v2/common.proto + api/v2/discovery.proto api/v2/ratelimit/ratelimit.proto config/ratelimit/v2/rls.proto api/v2/filter/filter diff --git a/docs/root/configuration/http_conn_man/headers.rst b/docs/root/configuration/http_conn_man/headers.rst index a4f4c3bb4..ed61f3533 100644 --- a/docs/root/configuration/http_conn_man/headers.rst +++ b/docs/root/configuration/http_conn_man/headers.rst @@ -283,7 +283,7 @@ Custom request/response headers Custom request/response headers can be added to a request/response that matches a specific route at the route, virtual host, and global route configuration level. See the relevant :ref:`v1 -` and :ref:`v2 ` API +` and :ref:`v2 ` API documentation. Headers are appended to requests/responses in the following order: route level headers, diff --git a/docs/root/configuration/listeners/listeners.rst b/docs/root/configuration/listeners/listeners.rst index 920328301..947c7a8b1 100644 --- a/docs/root/configuration/listeners/listeners.rst +++ b/docs/root/configuration/listeners/listeners.rst @@ -7,7 +7,7 @@ The top level Envoy configuration contains a list of :ref:`listeners ` -* :ref:`v2 API reference ` +* :ref:`v2 API reference ` .. toctree:: :hidden: diff --git a/docs/root/configuration/overview/v2_overview.rst b/docs/root/configuration/overview/v2_overview.rst index 92fcce510..7e31c5343 100644 --- a/docs/root/configuration/overview/v2_overview.rst +++ b/docs/root/configuration/overview/v2_overview.rst @@ -47,8 +47,8 @@ debug experience when configuration parsing fails. The :ref:`Bootstrap ` message is the root of the configuration. A key concept in the :ref:`Bootstrap ` message is the distinction between static and dynamic resouces. Resources such -as a :ref:`Listener ` or :ref:`Cluster -` may be supplied either statically in +as a :ref:`Listener ` or :ref:`Cluster +` may be supplied either statically in :ref:`static_resources ` or have an xDS service such as :ref:`LDS ` or :ref:`CDS ` configured in @@ -105,7 +105,7 @@ Mostly static with dynamic EDS A bootstrap config that continues from the above example with :ref:`dynamic endpoint discovery ` via an -:ref:`EDS` gRPC management server listening +:ref:`EDS` gRPC management server listening on 127.0.0.3:5678 is provided below: .. code-block:: yaml @@ -158,7 +158,7 @@ an otherwise completely dynamic configurations, some static resources need to be defined to point Envoy at its xDS management server(s). In the above example, the EDS management server could then return a proto encoding of a -:ref:`DiscoveryResponse `: +:ref:`DiscoveryResponse `: .. code-block:: yaml @@ -293,8 +293,8 @@ Management server A v2 xDS management server will implement the below endpoints as required for gRPC and/or REST serving. In both streaming gRPC and -REST-JSON cases, a :ref:`DiscoveryRequest ` is sent and a -:ref:`DiscoveryResponse ` received following the +REST-JSON cases, a :ref:`DiscoveryRequest ` is sent and a +:ref:`DiscoveryResponse ` received following the `xDS protocol `_. .. _v2_grpc_streaming_endpoints: @@ -333,8 +333,8 @@ for the service definition. This is used by Envoy as a client when cluster_names: [some_xds_cluster] is set in the :ref:`eds_cluster_config -` field of the :ref:`Cluster -` config. +` field of the :ref:`Cluster +` config. .. http:post:: /envoy.api.v2.ListenerDiscoveryService/StreamListeners @@ -405,8 +405,8 @@ for the service definition. This is used by Envoy as a client when cluster_names: [some_xds_cluster] is set in the :ref:`eds_cluster_config -` field of the :ref:`Cluster -` config. +` field of the :ref:`Cluster +` config. .. http:post:: /v2/discovery:listeners diff --git a/docs/root/intro/arch_overview/dynamic_configuration.rst b/docs/root/intro/arch_overview/dynamic_configuration.rst index ccd2d03d5..9ff98d255 100644 --- a/docs/root/intro/arch_overview/dynamic_configuration.rst +++ b/docs/root/intro/arch_overview/dynamic_configuration.rst @@ -34,7 +34,7 @@ SDS/EDS only The :ref:`service discovery service (SDS) API ` provides a more advanced mechanism by which Envoy can discover members of an upstream cluster. SDS has been renamed to :ref:`Endpoint -Discovery Service (EDS)` in the +Discovery Service (EDS)` in the :ref:`v2 API `. Layered on top of a static configuration, SDS allows an Envoy deployment to circumvent the limitations of DNS (maximum records in a response, etc.) as well as consume more information used in load balancing and routing (e.g., diff --git a/docs/root/intro/arch_overview/load_balancing.rst b/docs/root/intro/arch_overview/load_balancing.rst index 9a5933412..271419c50 100644 --- a/docs/root/intro/arch_overview/load_balancing.rst +++ b/docs/root/intro/arch_overview/load_balancing.rst @@ -240,7 +240,7 @@ not be used with subsets because the upstream hosts are not known in advance. Su with zone aware routing, but be aware that the use of subsets may easily violate the minimum hosts condition described above. -If subsets are :ref:`configured ` and a route +If subsets are :ref:`configured ` and a route specifies no metadata or no subset matching the metadata exists, the subset load balancer initiates its fallback policy. The default policy is ``NO_ENDPOINT``, in which case the request fails as if the cluster had no hosts. Conversely, the ``ANY_ENDPOINT`` fallback policy load balances across all diff --git a/docs/root/intro/version_history.rst b/docs/root/intro/version_history.rst index 8881ed2fc..c88b5eb0b 100644 --- a/docs/root/intro/version_history.rst +++ b/docs/root/intro/version_history.rst @@ -20,11 +20,11 @@ Version history * http: end-to-end HTTP flow control is now complete across both connections, streams, and filters. * load balancer: added :ref:`subset load balancer `. * load balancer: added ring size and hash :ref:`configuration options - `. This used to be configurable via runtime. The runtime + `. This used to be configurable via runtime. The runtime configuration was deleted without deprecation as we are fairly certain no one is using it. * log: added the ability to optionally log to a file instead of stderr via the :option:`--log-path` option. -* listeners: added :ref:`drain_type ` option. +* listeners: added :ref:`drain_type ` option. * lua: added experimental :ref:`Lua filter `. * mongo filter: added :ref:`fault injection `. * mongo filter: added :ref:`"drain close" ` support. diff --git a/envoy/BUILD b/envoy/BUILD index 052e75afa..38bd65c2c 100644 --- a/envoy/BUILD +++ b/envoy/BUILD @@ -6,7 +6,7 @@ proto_library( name = "envoy", deps = [ "//envoy/api/v2", - "//envoy/api/v2/cluster", + "//envoy/api/v2:cds", "//envoy/api/v2/cluster:circuit_breaker", "//envoy/api/v2/cluster:outlier_detection", "//envoy/api/v2/filter/accesslog", diff --git a/envoy/api/v2/BUILD b/envoy/api/v2/BUILD index 4f17b2b3e..fce6a3617 100644 --- a/envoy/api/v2/BUILD +++ b/envoy/api/v2/BUILD @@ -93,10 +93,10 @@ api_proto_library( srcs = ["eds.proto"], has_services = 1, deps = [ + ":address", + ":base", ":discovery", - "//envoy/api/v2:address", - "//envoy/api/v2:base", - "//envoy/api/v2:health_check", + ":health_check", "//envoy/api/v2/endpoint", ], ) @@ -105,10 +105,10 @@ api_go_grpc_library( name = "eds", proto = ":eds", deps = [ + ":address_go_proto", + ":base_go_proto", ":discovery_go_proto", - "//envoy/api/v2:address_go_proto", - "//envoy/api/v2:base_go_proto", - "//envoy/api/v2:health_check_go_proto", + ":health_check_go_proto", "//envoy/api/v2/endpoint:endpoint_go_proto", ], ) @@ -118,7 +118,15 @@ api_proto_library( srcs = ["cds.proto"], has_services = 1, deps = [ + ":address", + ":base", + ":config_source", ":discovery", + ":health_check", + ":protocol", + "//envoy/api/v2/auth:cert", + "//envoy/api/v2/cluster:circuit_breaker", + "//envoy/api/v2/cluster:outlier_detection", ], ) @@ -126,7 +134,15 @@ api_go_grpc_library( name = "cds", proto = ":cds", deps = [ + ":base_go_proto", + ":config_source_go_proto", ":discovery_go_proto", + ":health_check_go_proto", + ":protocol_go_proto", + "//envoy/api/v2:address_go_proto", + "//envoy/api/v2/auth:cert_go_proto", + "//envoy/api/v2/cluster:circuit_breaker_go_proto", + "//envoy/api/v2/cluster:outlier_detection_go_proto", ], ) @@ -135,7 +151,10 @@ api_proto_library( srcs = ["lds.proto"], has_services = 1, deps = [ + ":address", + ":base", ":discovery", + "//envoy/api/v2/listener", ], ) @@ -143,7 +162,10 @@ api_go_grpc_library( name = "lds", proto = ":lds", deps = [ + ":address_go_proto", + ":base_go_proto", ":discovery_go_proto", + "//envoy/api/v2/listener:listener_go_proto", ], ) @@ -152,7 +174,9 @@ api_proto_library( srcs = ["rds.proto"], has_services = 1, deps = [ + ":base", ":discovery", + "//envoy/api/v2/route", ], ) @@ -160,7 +184,9 @@ api_go_grpc_library( name = "rds", proto = ":rds", deps = [ + ":base_go_proto", ":discovery_go_proto", + "//envoy/api/v2/route:route_go_proto", ], ) diff --git a/envoy/api/v2/cds.proto b/envoy/api/v2/cds.proto index 8aa92b4ea..cf4471c9b 100644 --- a/envoy/api/v2/cds.proto +++ b/envoy/api/v2/cds.proto @@ -2,14 +2,23 @@ syntax = "proto3"; package envoy.api.v2; +import "envoy/api/v2/address.proto"; +import "envoy/api/v2/auth/cert.proto"; +import "envoy/api/v2/base.proto"; +import "envoy/api/v2/config_source.proto"; import "envoy/api/v2/discovery.proto"; +import "envoy/api/v2/health_check.proto"; +import "envoy/api/v2/protocol.proto"; +import "envoy/api/v2/cluster/circuit_breaker.proto"; +import "envoy/api/v2/cluster/outlier_detection.proto"; import "google/api/annotations.proto"; +import "google/protobuf/duration.proto"; +import "google/protobuf/struct.proto"; +import "google/protobuf/wrappers.proto"; -// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing -// services: https://github.com/google/protobuf/issues/4221 -message CdsDummy { -} +import "validate/validate.proto"; +import "gogoproto/gogo.proto"; // Return list of all clusters this proxy will load balance to. service ClusterDiscoveryService { @@ -23,3 +32,339 @@ service ClusterDiscoveryService { }; } } + +// [#protodoc-title: Clusters] + +message Cluster { + // Supplies the name of the cluster which must be unique across all clusters. + // The cluster name is used when emitting + // :ref:`statistics `. + // Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics. + // By default, the maximum length of a cluster name is limited to 60 + // characters. This limit can be increased by setting the + // :option:`--max-obj-name-len` command line argument to the desired value. + string name = 1 [(validate.rules).string.min_bytes = 1]; + + // Refer to :ref:`service discovery type ` + // for an explanation on each type. + enum DiscoveryType { + // Refer to the :ref:`static discovery type` + // for an explanation. + STATIC = 0; + + // Refer to the :ref:`strict DNS discovery + // type` + // for an explanation. + STRICT_DNS = 1; + + // Refer to the :ref:`logical DNS discovery + // type` + // for an explanation. + LOGICAL_DNS = 2; + + // Refer to the :ref:`service discovery type` + // for an explanation. + EDS = 3; + + // Refer to the :ref:`original destination discovery + // type` + // for an explanation. + ORIGINAL_DST = 4; + } + // The :ref:`service discovery type ` + // to use for resolving the cluster. + DiscoveryType type = 2 [(validate.rules).enum.defined_only = true]; + + // Only valid when discovery type is EDS. + message EdsClusterConfig { + // Configuration for the source of EDS updates for this Cluster. + ConfigSource eds_config = 1; + + // Optional alternative to cluster name to present to EDS. This does not + // have the same restrictions as cluster name, i.e. it may be arbitrary + // length. + string service_name = 2; + } + // Configuration to use for EDS updates for the Cluster. + EdsClusterConfig eds_cluster_config = 3; + + // The timeout for new network connections to hosts in the cluster. + google.protobuf.Duration connect_timeout = 4 [ + (validate.rules).duration.gt = {}, + (gogoproto.stdduration) = true, + (gogoproto.nullable) = false + ]; + + // Soft limit on size of the cluster’s connections read and write buffers. If + // unspecified, an implementation defined default is applied (1MiB). + google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; + + // Refer to :ref:`load balancer type ` architecture + // overview section for information on each type. + enum LbPolicy { + + // Refer to the :ref:`round robin load balancing + // policy` + // for an explanation. + ROUND_ROBIN = 0; + + // Refer to the :ref:`least request load balancing + // policy` + // for an explanation. + LEAST_REQUEST = 1; + + // Refer to the :ref:`ring hash load balancing + // policy` + // for an explanation. + RING_HASH = 2; + + // Refer to the :ref:`random load balancing + // policy` + // for an explanation. + RANDOM = 3; + + // Refer to the :ref:`original destination load balancing + // policy` + // for an explanation. + ORIGINAL_DST_LB = 4; + } + // The :ref:`load balancer type ` to use + // when picking a host in the cluster. + LbPolicy lb_policy = 6 [(validate.rules).enum.defined_only = true]; + + // If the service discovery type is + // :ref:`STATIC`, + // :ref:`STRICT_DNS` + // or :ref:`LOGICAL_DNS`, + // then hosts is required. + repeated Address hosts = 7; + + // Optional :ref:`active health checking ` + // configuration for the cluster. If no + // configuration is specified no health checking will be done and all cluster + // members will be considered healthy at all times. + repeated HealthCheck health_checks = 8; + + // Optional maximum requests for a single upstream connection. This parameter + // is respected by both the HTTP/1.1 and HTTP/2 connection pool + // implementations. If not specified, there is no limit. Setting this + // parameter to 1 will effectively disable keep alive. + google.protobuf.UInt32Value max_requests_per_connection = 9; + + // Optional :ref:`circuit breaking ` for the cluster. + envoy.api.v2.cluster.CircuitBreakers circuit_breakers = 10; + + // The TLS configuration for connections to the upstream cluster. If no TLS + // configuration is specified, TLS will not be used for new connections. + // + // .. attention:: + // + // Server certificate verification is not enabled by default. Configure + // :ref:`trusted_ca` to enable + // verification. + auth.UpstreamTlsContext tls_context = 11; + + reserved 12; + + // Additional options when handling HTTP1 requests. + Http1ProtocolOptions http_protocol_options = 13; + + // Even if default HTTP2 protocol options are desired, this field must be + // set so that Envoy will assume that the upstream supports HTTP/2 when + // making new HTTP connection pool connections. Currently, Envoy only + // supports prior knowledge for upstream connections. Even if TLS is used + // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 + // connections to happen over plain text. + Http2ProtocolOptions http2_protocol_options = 14; + + reserved 15; + + // If the DNS refresh rate is specified and the cluster type is either + // :ref:`STRICT_DNS`, + // or :ref:`LOGICAL_DNS`, + // this value is used as the cluster’s DNS refresh + // rate. If this setting is not specified, the value defaults to 5000. For + // cluster types other than + // :ref:`STRICT_DNS` + // and :ref:`LOGICAL_DNS` + // this setting is ignored. + google.protobuf.Duration dns_refresh_rate = 16 + [(validate.rules).duration.gt = {}, (gogoproto.stdduration) = true]; + + // When V4_ONLY is selected, the DNS resolver will only perform a lookup for + // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will + // only perform a lookup for addresses in the IPv6 family. If AUTO is + // specified, the DNS resolver will first perform a lookup for addresses in + // the IPv6 family and fallback to a lookup for addresses in the IPv4 family. + // For cluster types other than + // :ref:`STRICT_DNS` and + // :ref:`LOGICAL_DNS`, + // this setting is + // ignored. + enum DnsLookupFamily { + AUTO = 0; + V4_ONLY = 1; + V6_ONLY = 2; + } + + // The DNS IP address resolution policy. If this setting is not specified, the + // value defaults to + // :ref:`AUTO`. + DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum.defined_only = true]; + + // If DNS resolvers are specified and the cluster type is either + // :ref:`STRICT_DNS`, + // or :ref:`LOGICAL_DNS`, + // this value is used to specify the cluster’s dns resolvers. + // If this setting is not specified, the value defaults to the default + // resolver, which uses /etc/resolv.conf for configuration. For cluster types + // other than + // :ref:`STRICT_DNS` + // and :ref:`LOGICAL_DNS` + // this setting is ignored. + repeated Address dns_resolvers = 18; + + // If specified, outlier detection will be enabled for this upstream cluster. + // Each of the configuration values can be overridden via + // :ref:`runtime values `. + envoy.api.v2.cluster.OutlierDetection outlier_detection = 19; + + // The interval for removing stale hosts from a cluster type + // :ref:`ORIGINAL_DST`. + // Hosts are considered stale if they have not been used + // as upstream destinations during this interval. New hosts are added + // to original destination clusters on demand as new connections are + // redirected to Envoy, causing the number of hosts in the cluster to + // grow over time. Hosts that are not stale (they are actively used as + // destinations) are kept in the cluster, which allows connections to + // them remain open, saving the latency that would otherwise be spent + // on opening new connections. If this setting is not specified, the + // value defaults to 5000ms. For cluster types other than + // :ref:`ORIGINAL_DST` + // this setting is ignored. + google.protobuf.Duration cleanup_interval = 20 + [(validate.rules).duration.gt = {}, (gogoproto.stdduration) = true]; + + // Optional configuration used to bind newly established upstream connections. + // This overrides any bind_config specified in the bootstrap proto. + // If the addres and port are empty, no bind will be performed. + BindConfig upstream_bind_config = 21; + + // Optionally divide the endpoints in this cluster into subsets defined by + // endpoint metadata and selected by route and weighted cluster metadata. + message LbSubsetConfig { + + // If NO_FALLBACK is selected, a result + // equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected, + // any cluster endpoint may be returned (subject to policy, health checks, + // etc). If DEFAULT_SUBSET is selected, load balancing is performed over the + // endpoints matching the values from the default_subset field. + enum LbSubsetFallbackPolicy { + NO_FALLBACK = 0; + ANY_ENDPOINT = 1; + DEFAULT_SUBSET = 2; + } + + // The behavior used when no endpoint subset matches the selected route's + // metadata. The value defaults to + // :ref:`NO_FALLBACK`. + LbSubsetFallbackPolicy fallback_policy = 1 [(validate.rules).enum.defined_only = true]; + + // Specifies the default subset of endpoints used during fallback if + // fallback_policy is + // :ref:`DEFAULT_SUBSET`. + // Each field in default_subset is + // compared to the matching LbEndpoint.Metadata under the *envoy.lb* + // namespace. It is valid for no hosts to match, in which case the behavior + // is the same as a fallback_policy of + // :ref:`NO_FALLBACK`. + google.protobuf.Struct default_subset = 2; + + // Specifications for subsets. + message LbSubsetSelector { + // List of keys to match with the weighted cluster metadata. + repeated string keys = 1; + } + + // For each entry, LbEndpoint.Metadata's + // *envoy.lb* namespace is traversed and a subset is created for each unique + // combination of key and value. For example: + // + // .. code-block:: json + // + // { "subset_selectors": [ + // { "keys": [ "version" ] }, + // { "keys": [ "stage", "hardware_type" ] } + // ]} + // + // A subset is matched when the metadata from the selected route and + // weighted cluster contains the same keys and values as the subset's + // metadata. The same host may appear in multiple subsets. + repeated LbSubsetSelector subset_selectors = 3; + } + + // Configuration for load balancing subsetting. + LbSubsetConfig lb_subset_config = 22; + + // Specific configuration for the :ref:`RingHash` + // load balancing policy. + message RingHashLbConfig { + // Minimum hash ring size, i.e. total virtual nodes. A larger size + // will provide better request distribution since each host in the + // cluster will have more virtual nodes. Defaults to 1024. In the case + // that total number of hosts is greater than the minimum, each host will + // be allocated a single virtual node. + google.protobuf.UInt64Value minimum_ring_size = 1; + + message DeprecatedV1 { + // Defaults to true, meaning that std::hash is used to hash hosts onto + // the ketama ring. std::hash can vary by platform. For this reason, + // Envoy will eventually use `xxHash `_ + // by default. This field exists for + // migration purposes and will eventually be deprecated. Set it to false + // to use `xxHash `_ now. + google.protobuf.BoolValue use_std_hash = 1; + } + // Deprecated settings from v1 config. + DeprecatedV1 deprecated_v1 = 2 [deprecated = true]; + } + + // Optional configuration for the load balancing algorithm selected by + // LbPolicy. Currently only + // :ref:`RING_HASH` + // has additional configuration options. + // Specifying ring_hash_lb_config without setting the LbPolicy to + // :ref:`RING_HASH` + // will generate an error at runtime. + oneof lb_config { + // Optional configuration for the Ring Hash load balancing policy. + RingHashLbConfig ring_hash_lb_config = 23; + } + + // See :ref:`base.TransportSocket` description. + TransportSocket transport_socket = 24; + + // The Metadata field can be used to provide additional information about the + // cluster. It can be used for stats, logging, and varying filter behavior. + // Fields should use reverse DNS notation to denote which entity within Envoy + // will need the information. For instance, if the metadata is intended for + // the Router filter, the filter name should be specified as *envoy.router*. + Metadata metadata = 25; + + enum ClusterProtocolSelection { + // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). + // If :ref:`http2_protocol_options ` are + // present, HTTP2 will be used, otherwise HTTP1.1 will be used. + USE_CONFIGURED_PROTOCOL = 0; + // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. + USE_DOWNSTREAM_PROTOCOL = 1; + } + ClusterProtocolSelection protocol_selection = 26; +} + +// An extensible structure containing the address Envoy should bind to when +// establishing upstream connections. +message UpstreamBindConfig { + // The address Envoy should bind to when establishing upstream connections. + Address source_address = 1; +} diff --git a/envoy/api/v2/cluster/BUILD b/envoy/api/v2/cluster/BUILD index a02109915..91edbbb0f 100644 --- a/envoy/api/v2/cluster/BUILD +++ b/envoy/api/v2/cluster/BUILD @@ -27,33 +27,3 @@ api_go_proto_library( name = "outlier_detection", proto = ":outlier_detection", ) - -api_proto_library( - name = "cluster", - srcs = ["cluster.proto"], - deps = [ - ":circuit_breaker", - ":outlier_detection", - "//envoy/api/v2:address", - "//envoy/api/v2:base", - "//envoy/api/v2:config_source", - "//envoy/api/v2:health_check", - "//envoy/api/v2:protocol", - "//envoy/api/v2/auth:cert", - ], -) - -api_go_proto_library( - name = "cluster", - proto = ":cluster", - deps = [ - ":circuit_breaker_go_proto", - ":outlier_detection_go_proto", - "//envoy/api/v2:address_go_proto", - "//envoy/api/v2:base_go_proto", - "//envoy/api/v2:config_source_go_proto", - "//envoy/api/v2:health_check_go_proto", - "//envoy/api/v2:protocol_go_proto", - "//envoy/api/v2/auth:cert_go_proto", - ], -) diff --git a/envoy/api/v2/cluster/circuit_breaker.proto b/envoy/api/v2/cluster/circuit_breaker.proto index 06c19abd1..0f6964a05 100644 --- a/envoy/api/v2/cluster/circuit_breaker.proto +++ b/envoy/api/v2/cluster/circuit_breaker.proto @@ -1,6 +1,7 @@ syntax = "proto3"; package envoy.api.v2.cluster; +option go_package = "cluster"; import "envoy/api/v2/base.proto"; diff --git a/envoy/api/v2/cluster/cluster.proto b/envoy/api/v2/cluster/cluster.proto deleted file mode 100644 index d40ce0df1..000000000 --- a/envoy/api/v2/cluster/cluster.proto +++ /dev/null @@ -1,356 +0,0 @@ -syntax = "proto3"; - -package envoy.api.v2.cluster; -option go_package = "cluster"; - -import "envoy/api/v2/address.proto"; -import "envoy/api/v2/auth/cert.proto"; -import "envoy/api/v2/base.proto"; -import "envoy/api/v2/config_source.proto"; -import "envoy/api/v2/health_check.proto"; -import "envoy/api/v2/protocol.proto"; -import "envoy/api/v2/cluster/circuit_breaker.proto"; -import "envoy/api/v2/cluster/outlier_detection.proto"; - -import "google/protobuf/duration.proto"; -import "google/protobuf/struct.proto"; -import "google/protobuf/wrappers.proto"; - -import "validate/validate.proto"; -import "gogoproto/gogo.proto"; - -// [#protodoc-title: Clusters] - -message Cluster { - // Supplies the name of the cluster which must be unique across all clusters. - // The cluster name is used when emitting - // :ref:`statistics `. - // Any ``:`` in the cluster name will be converted to ``_`` when emitting statistics. - // By default, the maximum length of a cluster name is limited to 60 - // characters. This limit can be increased by setting the - // :option:`--max-obj-name-len` command line argument to the desired value. - string name = 1 [(validate.rules).string.min_bytes = 1]; - - // Refer to :ref:`service discovery type ` - // for an explanation on each type. - enum DiscoveryType { - // Refer to the :ref:`static discovery type` - // for an explanation. - STATIC = 0; - - // Refer to the :ref:`strict DNS discovery - // type` - // for an explanation. - STRICT_DNS = 1; - - // Refer to the :ref:`logical DNS discovery - // type` - // for an explanation. - LOGICAL_DNS = 2; - - // Refer to the :ref:`service discovery type` - // for an explanation. - EDS = 3; - - // Refer to the :ref:`original destination discovery - // type` - // for an explanation. - ORIGINAL_DST = 4; - } - // The :ref:`service discovery type ` - // to use for resolving the cluster. - DiscoveryType type = 2 [(validate.rules).enum.defined_only = true]; - - // Only valid when discovery type is EDS. - message EdsClusterConfig { - // Configuration for the source of EDS updates for this Cluster. - ConfigSource eds_config = 1; - - // Optional alternative to cluster name to present to EDS. This does not - // have the same restrictions as cluster name, i.e. it may be arbitrary - // length. - string service_name = 2; - } - // Configuration to use for EDS updates for the Cluster. - EdsClusterConfig eds_cluster_config = 3; - - // The timeout for new network connections to hosts in the cluster. - google.protobuf.Duration connect_timeout = 4 [ - (validate.rules).duration.gt = {}, - (gogoproto.stdduration) = true, - (gogoproto.nullable) = false - ]; - - // Soft limit on size of the cluster’s connections read and write buffers. If - // unspecified, an implementation defined default is applied (1MiB). - google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; - - // Refer to :ref:`load balancer type ` architecture - // overview section for information on each type. - enum LbPolicy { - - // Refer to the :ref:`round robin load balancing - // policy` - // for an explanation. - ROUND_ROBIN = 0; - - // Refer to the :ref:`least request load balancing - // policy` - // for an explanation. - LEAST_REQUEST = 1; - - // Refer to the :ref:`ring hash load balancing - // policy` - // for an explanation. - RING_HASH = 2; - - // Refer to the :ref:`random load balancing - // policy` - // for an explanation. - RANDOM = 3; - - // Refer to the :ref:`original destination load balancing - // policy` - // for an explanation. - ORIGINAL_DST_LB = 4; - } - // The :ref:`load balancer type ` to use - // when picking a host in the cluster. - LbPolicy lb_policy = 6 [(validate.rules).enum.defined_only = true]; - - // If the service discovery type is - // :ref:`STATIC`, - // :ref:`STRICT_DNS` - // or :ref:`LOGICAL_DNS`, - // then hosts is required. - repeated Address hosts = 7; - - // Optional :ref:`active health checking ` - // configuration for the cluster. If no - // configuration is specified no health checking will be done and all cluster - // members will be considered healthy at all times. - repeated HealthCheck health_checks = 8; - - // Optional maximum requests for a single upstream connection. This parameter - // is respected by both the HTTP/1.1 and HTTP/2 connection pool - // implementations. If not specified, there is no limit. Setting this - // parameter to 1 will effectively disable keep alive. - google.protobuf.UInt32Value max_requests_per_connection = 9; - - // Optional :ref:`circuit breaking ` for the cluster. - CircuitBreakers circuit_breakers = 10; - - // The TLS configuration for connections to the upstream cluster. If no TLS - // configuration is specified, TLS will not be used for new connections. - // - // .. attention:: - // - // Server certificate verification is not enabled by default. Configure - // :ref:`trusted_ca` to enable - // verification. - auth.UpstreamTlsContext tls_context = 11; - - reserved 12; - - // Additional options when handling HTTP1 requests. - Http1ProtocolOptions http_protocol_options = 13; - - // Even if default HTTP2 protocol options are desired, this field must be - // set so that Envoy will assume that the upstream supports HTTP/2 when - // making new HTTP connection pool connections. Currently, Envoy only - // supports prior knowledge for upstream connections. Even if TLS is used - // with ALPN, `http2_protocol_options` must be specified. As an aside this allows HTTP/2 - // connections to happen over plain text. - Http2ProtocolOptions http2_protocol_options = 14; - - reserved 15; - - // If the DNS refresh rate is specified and the cluster type is either - // :ref:`STRICT_DNS`, - // or :ref:`LOGICAL_DNS`, - // this value is used as the cluster’s DNS refresh - // rate. If this setting is not specified, the value defaults to 5000. For - // cluster types other than - // :ref:`STRICT_DNS` - // and :ref:`LOGICAL_DNS` - // this setting is ignored. - google.protobuf.Duration dns_refresh_rate = 16 - [(validate.rules).duration.gt = {}, (gogoproto.stdduration) = true]; - - // When V4_ONLY is selected, the DNS resolver will only perform a lookup for - // addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will - // only perform a lookup for addresses in the IPv6 family. If AUTO is - // specified, the DNS resolver will first perform a lookup for addresses in - // the IPv6 family and fallback to a lookup for addresses in the IPv4 family. - // For cluster types other than - // :ref:`STRICT_DNS` and - // :ref:`LOGICAL_DNS`, - // this setting is - // ignored. - enum DnsLookupFamily { - AUTO = 0; - V4_ONLY = 1; - V6_ONLY = 2; - } - - // The DNS IP address resolution policy. If this setting is not specified, the - // value defaults to - // :ref:`AUTO`. - DnsLookupFamily dns_lookup_family = 17 [(validate.rules).enum.defined_only = true]; - - // If DNS resolvers are specified and the cluster type is either - // :ref:`STRICT_DNS`, - // or :ref:`LOGICAL_DNS`, - // this value is used to specify the cluster’s dns resolvers. - // If this setting is not specified, the value defaults to the default - // resolver, which uses /etc/resolv.conf for configuration. For cluster types - // other than - // :ref:`STRICT_DNS` - // and :ref:`LOGICAL_DNS` - // this setting is ignored. - repeated Address dns_resolvers = 18; - - // If specified, outlier detection will be enabled for this upstream cluster. - // Each of the configuration values can be overridden via - // :ref:`runtime values `. - OutlierDetection outlier_detection = 19; - - // The interval for removing stale hosts from a cluster type - // :ref:`ORIGINAL_DST`. - // Hosts are considered stale if they have not been used - // as upstream destinations during this interval. New hosts are added - // to original destination clusters on demand as new connections are - // redirected to Envoy, causing the number of hosts in the cluster to - // grow over time. Hosts that are not stale (they are actively used as - // destinations) are kept in the cluster, which allows connections to - // them remain open, saving the latency that would otherwise be spent - // on opening new connections. If this setting is not specified, the - // value defaults to 5000ms. For cluster types other than - // :ref:`ORIGINAL_DST` - // this setting is ignored. - google.protobuf.Duration cleanup_interval = 20 - [(validate.rules).duration.gt = {}, (gogoproto.stdduration) = true]; - - // Optional configuration used to bind newly established upstream connections. - // This overrides any bind_config specified in the bootstrap proto. - // If the addres and port are empty, no bind will be performed. - BindConfig upstream_bind_config = 21; - - // Optionally divide the endpoints in this cluster into subsets defined by - // endpoint metadata and selected by route and weighted cluster metadata. - message LbSubsetConfig { - - // If NO_FALLBACK is selected, a result - // equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected, - // any cluster endpoint may be returned (subject to policy, health checks, - // etc). If DEFAULT_SUBSET is selected, load balancing is performed over the - // endpoints matching the values from the default_subset field. - enum LbSubsetFallbackPolicy { - NO_FALLBACK = 0; - ANY_ENDPOINT = 1; - DEFAULT_SUBSET = 2; - } - - // The behavior used when no endpoint subset matches the selected route's - // metadata. The value defaults to - // :ref:`NO_FALLBACK`. - LbSubsetFallbackPolicy fallback_policy = 1 [(validate.rules).enum.defined_only = true]; - - // Specifies the default subset of endpoints used during fallback if - // fallback_policy is - // :ref:`DEFAULT_SUBSET`. - // Each field in default_subset is - // compared to the matching LbEndpoint.Metadata under the *envoy.lb* - // namespace. It is valid for no hosts to match, in which case the behavior - // is the same as a fallback_policy of - // :ref:`NO_FALLBACK`. - google.protobuf.Struct default_subset = 2; - - // Specifications for subsets. - message LbSubsetSelector { - // List of keys to match with the weighted cluster metadata. - repeated string keys = 1; - } - - // For each entry, LbEndpoint.Metadata's - // *envoy.lb* namespace is traversed and a subset is created for each unique - // combination of key and value. For example: - // - // .. code-block:: json - // - // { "subset_selectors": [ - // { "keys": [ "version" ] }, - // { "keys": [ "stage", "hardware_type" ] } - // ]} - // - // A subset is matched when the metadata from the selected route and - // weighted cluster contains the same keys and values as the subset's - // metadata. The same host may appear in multiple subsets. - repeated LbSubsetSelector subset_selectors = 3; - } - - // Configuration for load balancing subsetting. - LbSubsetConfig lb_subset_config = 22; - - // Specific configuration for the :ref:`RingHash` - // load balancing policy. - message RingHashLbConfig { - // Minimum hash ring size, i.e. total virtual nodes. A larger size - // will provide better request distribution since each host in the - // cluster will have more virtual nodes. Defaults to 1024. In the case - // that total number of hosts is greater than the minimum, each host will - // be allocated a single virtual node. - google.protobuf.UInt64Value minimum_ring_size = 1; - - message DeprecatedV1 { - // Defaults to true, meaning that std::hash is used to hash hosts onto - // the ketama ring. std::hash can vary by platform. For this reason, - // Envoy will eventually use `xxHash `_ - // by default. This field exists for - // migration purposes and will eventually be deprecated. Set it to false - // to use `xxHash `_ now. - google.protobuf.BoolValue use_std_hash = 1; - } - // Deprecated settings from v1 config. - DeprecatedV1 deprecated_v1 = 2 [deprecated = true]; - } - - // Optional configuration for the load balancing algorithm selected by - // LbPolicy. Currently only - // :ref:`RING_HASH` - // has additional configuration options. - // Specifying ring_hash_lb_config without setting the LbPolicy to - // :ref:`RING_HASH` - // will generate an error at runtime. - oneof lb_config { - // Optional configuration for the Ring Hash load balancing policy. - RingHashLbConfig ring_hash_lb_config = 23; - } - - // See :ref:`base.TransportSocket` description. - TransportSocket transport_socket = 24; - - // The Metadata field can be used to provide additional information about the - // cluster. It can be used for stats, logging, and varying filter behavior. - // Fields should use reverse DNS notation to denote which entity within Envoy - // will need the information. For instance, if the metadata is intended for - // the Router filter, the filter name should be specified as *envoy.router*. - Metadata metadata = 25; - - enum ClusterProtocolSelection { - // Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2). - // If :ref:`http2_protocol_options ` are - // present, HTTP2 will be used, otherwise HTTP1.1 will be used. - USE_CONFIGURED_PROTOCOL = 0; - // Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection. - USE_DOWNSTREAM_PROTOCOL = 1; - } - ClusterProtocolSelection protocol_selection = 26; -} - -// An extensible structure containing the address Envoy should bind to when -// establishing upstream connections. -message UpstreamBindConfig { - // The address Envoy should bind to when establishing upstream connections. - Address source_address = 1; -} diff --git a/envoy/api/v2/eds.proto b/envoy/api/v2/eds.proto index c9c51f404..c69d1798a 100644 --- a/envoy/api/v2/eds.proto +++ b/envoy/api/v2/eds.proto @@ -11,11 +11,6 @@ import "validate/validate.proto"; // [#protodoc-title: EDS] -// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing -// services: https://github.com/google/protobuf/issues/4221 -message EdsDummy { -} - service EndpointDiscoveryService { // The resource_names field in DiscoveryRequest specifies a list of clusters // to subscribe to updates for. @@ -40,13 +35,13 @@ service EndpointDiscoveryService { // load_balancing_weight of its Locality. message ClusterLoadAssignment { // Name of the cluster. This will be the :ref:`service_name - // ` value if specified + // ` value if specified // in the cluster :ref:`EdsClusterConfig - // `. + // `. string cluster_name = 1 [(validate.rules).string.min_bytes = 1]; // List of endpoints to load balance to. - repeated envoy.api.v2.endpoint.LocalityLbEndpoints endpoints = 2; + repeated endpoint.LocalityLbEndpoints endpoints = 2; // Load balancing policy settings. message Policy { diff --git a/envoy/api/v2/filter/network/BUILD b/envoy/api/v2/filter/network/BUILD index 7530df952..0ca780905 100644 --- a/envoy/api/v2/filter/network/BUILD +++ b/envoy/api/v2/filter/network/BUILD @@ -9,8 +9,8 @@ api_proto_library( "//envoy/api/v2:base", "//envoy/api/v2:config_source", "//envoy/api/v2:protocol", + "//envoy/api/v2:rds", "//envoy/api/v2/filter/accesslog", - "//envoy/api/v2/route", ], ) diff --git a/envoy/api/v2/filter/network/http_connection_manager.proto b/envoy/api/v2/filter/network/http_connection_manager.proto index 118419ade..f7444a58d 100644 --- a/envoy/api/v2/filter/network/http_connection_manager.proto +++ b/envoy/api/v2/filter/network/http_connection_manager.proto @@ -6,7 +6,7 @@ option go_package = "network"; import "envoy/api/v2/config_source.proto"; import "envoy/api/v2/protocol.proto"; import "envoy/api/v2/filter/accesslog/accesslog.proto"; -import "envoy/api/v2/route/route.proto"; +import "envoy/api/v2/rds.proto"; import "google/protobuf/duration.proto"; import "google/protobuf/struct.proto"; @@ -51,7 +51,7 @@ message HttpConnectionManager { Rds rds = 3; // The route table for the connection manager is static and is specified in this property. - route.RouteConfiguration route_config = 4; + RouteConfiguration route_config = 4; } // A list of individual HTTP filters that make up the filter chain for diff --git a/envoy/api/v2/grpc_service.proto b/envoy/api/v2/grpc_service.proto index ab3e80673..e8434941b 100644 --- a/envoy/api/v2/grpc_service.proto +++ b/envoy/api/v2/grpc_service.proto @@ -16,8 +16,8 @@ import "validate/validate.proto"; message GrpcService { message EnvoyGrpc { // The name of the upstream gRPC cluster. SSL credentials will be supplied - // in the :ref:`Cluster ` :ref:`tls_context - // `. + // in the :ref:`Cluster ` :ref:`tls_context + // `. string cluster_name = 1 [(validate.rules).string.min_bytes = 1]; } diff --git a/envoy/api/v2/lds.proto b/envoy/api/v2/lds.proto index fe3273878..fa9ef38e5 100644 --- a/envoy/api/v2/lds.proto +++ b/envoy/api/v2/lds.proto @@ -2,14 +2,17 @@ syntax = "proto3"; package envoy.api.v2; +import "envoy/api/v2/address.proto"; +import "envoy/api/v2/base.proto"; import "envoy/api/v2/discovery.proto"; +import "envoy/api/v2/listener/listener.proto"; import "google/api/annotations.proto"; +import "google/protobuf/wrappers.proto"; -// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing -// services: https://github.com/google/protobuf/issues/4221 -message LdsDummy { -} +import "validate/validate.proto"; + +// [#protodoc-title: LDS] // The Envoy instance initiates an RPC at startup to discover a list of // listeners. Updates are delivered via streaming from the LDS server and @@ -26,3 +29,94 @@ service ListenerDiscoveryService { }; } } + +message Listener { + // The unique name by which this listener is known. If no name is provided, + // Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically + // updated or removed via :ref:`LDS ` a unique name must be provided. + // By default, the maximum length of a listener's name is limited to 60 characters. This limit can + // be increased by setting the :option:`--max-obj-name-len` command line argument to the desired + // value. + string name = 1; + + // The address that the listener should listen on. In general, the address must be unique, though + // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on + // Linux as the actual port will be allocated by the OS. + Address address = 2 [(validate.rules).message.required = true]; + + // A list of filter chains to consider for this listener. The + // :ref:`FilterChain ` with the most specific + // :ref:`FilterChainMatch ` criteria is used on a + // connection. + // + // .. attention:: + // + // In the current version, multiple filter chains are supported **only** so that SNI can be + // configured. See the :ref:`FAQ entry ` on how to configure SNI for more + // information. When multiple filter chains are configured, each filter chain must have an + // **identical** set of :ref:`filters `. If the + // filters differ, the configuration will fail to load. In the future, this limitation will be + // relaxed such that different filters can be used depending on which filter chain matches + // (based on SNI or some other parameter). + repeated listener.FilterChain filter_chains = 3 [(validate.rules).repeated .min_items = 1]; + + // If a connection is redirected using *iptables*, the port on which the proxy + // receives it might be different from the original destination address. When this flag is set to + // true, the listener hands off redirected connections to the listener associated with the + // original destination address. If there is no listener associated with the original destination + // address, the connection is handled by the listener that receives it. Defaults to false. + // + // .. attention:: + // + // This field is deprecated. Use :ref:`an original_dst ` + // :ref:`listener filter ` instead. + // + // Note that hand off to another listener is *NOT* performed without this flag. Once + // :ref:`FilterChainMatch ` is implemented this flag + // will be removed, as filter chain matching can be used to select a filter chain based on the + // restored destination address. + google.protobuf.BoolValue use_original_dst = 4 [deprecated = true]; + + // Soft limit on size of the listener’s new connection read and write buffers. + // If unspecified, an implementation defined default is applied (1MiB). + google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; + + // Listener metadata. + Metadata metadata = 6; + + // [#not-implemented-hide:] + message DeprecatedV1 { + // Whether the listener should bind to the port. A listener that doesn’t + // bind can only receive connections redirected from other listeners that + // set use_original_dst parameter to true. Default is true. + // + // [V2-API-DIFF] This is deprecated in v2, all Listeners will bind to their + // port. An additional filter chain must be created for every original + // destination port this listener may redirect to in v2, with the original + // port specified in the FilterChainMatch destination_port field. + google.protobuf.BoolValue bind_to_port = 1; + } + + // [#not-implemented-hide:] + DeprecatedV1 deprecated_v1 = 7; + + enum DrainType { + // Drain in response to calling /healthcheck/fail admin endpoint (along with the health check + // filter), listener removal/modification, and hot restart. + DEFAULT = 0; + // Drain in response to listener removal/modification and hot restart. This setting does not + // include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress + // and egress listeners. + MODIFY_ONLY = 1; + } + + // The type of draining to perform at a listener-wide level. + DrainType drain_type = 8; + + // Listener filters have the opportunity to manipulate and augment the connection metadata that + // is used in connection filter chain matching, for example. These filters are run before any in + // :ref:`filter_chains `. Order matters as the + // filters are processed sequentially right after a socket has been accepted by the listener, and + // before a connection is created. + repeated listener.ListenerFilter listener_filters = 9; +} diff --git a/envoy/api/v2/listener/listener.proto b/envoy/api/v2/listener/listener.proto index d328964e1..bc5a06203 100644 --- a/envoy/api/v2/listener/listener.proto +++ b/envoy/api/v2/listener/listener.proto @@ -15,97 +15,6 @@ import "validate/validate.proto"; // [#protodoc-title: Listeners] // Listener :ref:`configuration overview ` -message Listener { - // The unique name by which this listener is known. If no name is provided, - // Envoy will allocate an internal UUID for the listener. If the listener is to be dynamically - // updated or removed via :ref:`LDS ` a unique name must be provided. - // By default, the maximum length of a listener's name is limited to 60 characters. This limit can - // be increased by setting the :option:`--max-obj-name-len` command line argument to the desired - // value. - string name = 1; - - // The address that the listener should listen on. In general, the address must be unique, though - // that is governed by the bind rules of the OS. E.g., multiple listeners can listen on port 0 on - // Linux as the actual port will be allocated by the OS. - Address address = 2 [(validate.rules).message.required = true]; - - // A list of filter chains to consider for this listener. The - // :ref:`FilterChain ` with the most specific - // :ref:`FilterChainMatch ` criteria is used on a - // connection. - // - // .. attention:: - // - // In the current version, multiple filter chains are supported **only** so that SNI can be - // configured. See the :ref:`FAQ entry ` on how to configure SNI for more - // information. When multiple filter chains are configured, each filter chain must have an - // **identical** set of :ref:`filters `. If the - // filters differ, the configuration will fail to load. In the future, this limitation will be - // relaxed such that different filters can be used depending on which filter chain matches - // (based on SNI or some other parameter). - repeated FilterChain filter_chains = 3 [(validate.rules).repeated .min_items = 1]; - - // If a connection is redirected using *iptables*, the port on which the proxy - // receives it might be different from the original destination address. When this flag is set to - // true, the listener hands off redirected connections to the listener associated with the - // original destination address. If there is no listener associated with the original destination - // address, the connection is handled by the listener that receives it. Defaults to false. - // - // .. attention:: - // - // This field is deprecated. Use :ref:`an original_dst ` - // :ref:`listener filter ` instead. - // - // Note that hand off to another listener is *NOT* performed without this flag. Once - // :ref:`FilterChainMatch ` is implemented this flag - // will be removed, as filter chain matching can be used to select a filter chain based on the - // restored destination address. - google.protobuf.BoolValue use_original_dst = 4 [deprecated = true]; - - // Soft limit on size of the listener’s new connection read and write buffers. - // If unspecified, an implementation defined default is applied (1MiB). - google.protobuf.UInt32Value per_connection_buffer_limit_bytes = 5; - - // Listener metadata. - Metadata metadata = 6; - - // [#not-implemented-hide:] - message DeprecatedV1 { - // Whether the listener should bind to the port. A listener that doesn’t - // bind can only receive connections redirected from other listeners that - // set use_original_dst parameter to true. Default is true. - // - // [V2-API-DIFF] This is deprecated in v2, all Listeners will bind to their - // port. An additional filter chain must be created for every original - // destination port this listener may redirect to in v2, with the original - // port specified in the FilterChainMatch destination_port field. - google.protobuf.BoolValue bind_to_port = 1; - } - - // [#not-implemented-hide:] - DeprecatedV1 deprecated_v1 = 7; - - enum DrainType { - // Drain in response to calling /healthcheck/fail admin endpoint (along with the health check - // filter), listener removal/modification, and hot restart. - DEFAULT = 0; - // Drain in response to listener removal/modification and hot restart. This setting does not - // include /healthcheck/fail. This setting may be desirable if Envoy is hosting both ingress - // and egress listeners. - MODIFY_ONLY = 1; - } - - // The type of draining to perform at a listener-wide level. - DrainType drain_type = 8; - - // Listener filters have the opportunity to manipulate and augment the connection metadata that - // is used in connection filter chain matching, for example. These filters are run before any in - // :ref:`filter_chains `. Order matters as the - // filters are processed sequentially right after a socket has been accepted by the listener, and - // before a connection is created. - repeated ListenerFilter listener_filters = 9; -} - message Filter { // The name of the filter to instantiate. The name must match a supported // filter. The built-in filters are: diff --git a/envoy/api/v2/rds.proto b/envoy/api/v2/rds.proto index b5949bcbf..819717c5f 100644 --- a/envoy/api/v2/rds.proto +++ b/envoy/api/v2/rds.proto @@ -2,14 +2,14 @@ syntax = "proto3"; package envoy.api.v2; +import "envoy/api/v2/base.proto"; import "envoy/api/v2/discovery.proto"; +import "envoy/api/v2/route/route.proto"; import "google/api/annotations.proto"; +import "google/protobuf/wrappers.proto"; -// [#not-implemented-hide:] Not configuration. Workaround c++ protobuf issue with importing -// services: https://github.com/google/protobuf/issues/4221 -message RdsDummy { -} +// [#protodoc-title: RDS] // The resource_names field in DiscoveryRequest specifies a route configuration. // This allows an Envoy configuration with multiple HTTP listeners (and @@ -27,3 +27,53 @@ service RouteDiscoveryService { }; } } + +message RouteConfiguration { + // The name of the route configuration. For example, it might match + // :ref:`route_config_name ` in + // :ref:`envoy_api_msg_filter.network.Rds`. + string name = 1; + + // An array of virtual hosts that make up the route table. + repeated route.VirtualHost virtual_hosts = 2; + + // Optionally specifies a list of HTTP headers that the connection manager + // will consider to be internal only. If they are found on external requests they will be cleaned + // prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more + // information. + repeated string internal_only_headers = 3; + + // Specifies a list of HTTP headers that should be added to each response that + // the connection manager encodes. Headers specified at this level are applied + // after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or + // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on + // header value syntax, see the documentation on :ref:`custom request headers + // `. + repeated HeaderValueOption response_headers_to_add = 4; + + // Specifies a list of HTTP headers that should be removed from each response + // that the connection manager encodes. + repeated string response_headers_to_remove = 5; + + // Specifies a list of HTTP headers that should be added to each request + // routed by the HTTP connection manager. Headers specified at this level are + // applied after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or + // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on + // header value syntax, see the documentation on :ref:`custom request headers + // `. + repeated HeaderValueOption request_headers_to_add = 6; + + // An optional boolean that specifies whether the clusters that the route + // table refers to will be validated by the cluster manager. If set to true + // and a route refers to a non-existent cluster, the route table will not + // load. If set to false and a route refers to a non-existent cluster, the + // route table will load and the router filter will return a 404 if the route + // is selected at runtime. This setting defaults to true if the route table + // is statically defined via the :ref:`route_config + // ` option. This setting + // default to false if the route table is loaded dynamically via the :ref:`rds + // ` option. Users + // may which to override the default behavior in certain cases (for example + // when using CDS with a static route table). + google.protobuf.BoolValue validate_clusters = 7; +} diff --git a/envoy/api/v2/route/route.proto b/envoy/api/v2/route/route.proto index d9dafff27..0ef7b0382 100644 --- a/envoy/api/v2/route/route.proto +++ b/envoy/api/v2/route/route.proto @@ -16,55 +16,6 @@ import "gogoproto/gogo.proto"; // * Routing :ref:`architecture overview ` // * HTTP :ref:`router filter ` -message RouteConfiguration { - // The name of the route configuration. For example, it might match - // :ref:`route_config_name ` in - // :ref:`envoy_api_msg_filter.network.Rds`. - string name = 1; - - // An array of virtual hosts that make up the route table. - repeated VirtualHost virtual_hosts = 2; - - // Optionally specifies a list of HTTP headers that the connection manager - // will consider to be internal only. If they are found on external requests they will be cleaned - // prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more - // information. - repeated string internal_only_headers = 3; - - // Specifies a list of HTTP headers that should be added to each response that - // the connection manager encodes. Headers specified at this level are applied - // after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or - // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on - // header value syntax, see the documentation on :ref:`custom request headers - // `. - repeated HeaderValueOption response_headers_to_add = 4; - - // Specifies a list of HTTP headers that should be removed from each response - // that the connection manager encodes. - repeated string response_headers_to_remove = 5; - - // Specifies a list of HTTP headers that should be added to each request - // routed by the HTTP connection manager. Headers specified at this level are - // applied after headers from any enclosed :ref:`envoy_api_msg_route.VirtualHost` or - // :ref:`envoy_api_msg_route.RouteAction`. For more information, including details on - // header value syntax, see the documentation on :ref:`custom request headers - // `. - repeated HeaderValueOption request_headers_to_add = 6; - - // An optional boolean that specifies whether the clusters that the route - // table refers to will be validated by the cluster manager. If set to true - // and a route refers to a non-existent cluster, the route table will not - // load. If set to false and a route refers to a non-existent cluster, the - // route table will load and the router filter will return a 404 if the route - // is selected at runtime. This setting defaults to true if the route table - // is statically defined via the :ref:`route_config - // ` option. This setting - // default to false if the route table is loaded dynamically via the :ref:`rds - // ` option. Users - // may which to override the default behavior in certain cases (for example - // when using CDS with a static route table). - google.protobuf.BoolValue validate_clusters = 7; -} // The top level element in the routing configuration is a virtual host. Each virtual host has // a logical name as well as a set of domains that get routed to it based on the incoming request's @@ -122,7 +73,7 @@ message VirtualHost { // Specifies a list of HTTP headers that should be added to each request // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_route.RouteAction` and before headers from the - // enclosing :ref:`envoy_api_msg_route.RouteConfiguration`. For more information, including + // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated HeaderValueOption request_headers_to_add = 7; @@ -130,7 +81,7 @@ message VirtualHost { // Specifies a list of HTTP headers that should be added to each response // handled by this virtual host. Headers specified at this level are applied // after headers from enclosed :ref:`envoy_api_msg_route.RouteAction` and before headers from the - // enclosing :ref:`envoy_api_msg_route.RouteConfiguration`. For more information, including + // enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on :ref:`custom request headers // `. repeated HeaderValueOption response_headers_to_add = 10; @@ -442,7 +393,7 @@ message RouteAction { // Specifies a set of headers that will be added to requests matching this // route. Headers specified at this level are applied before headers from the // enclosing :ref:`envoy_api_msg_route.VirtualHost` and - // :ref:`envoy_api_msg_route.RouteConfiguration`. For more information, including details on + // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including details on // header value syntax, see the documentation on :ref:`custom request headers // `. repeated HeaderValueOption request_headers_to_add = 12; @@ -450,7 +401,7 @@ message RouteAction { // Specifies a set of headers that will be added to responses to requests // matching this route. Headers specified at this level are applied before // headers from the enclosing :ref:`envoy_api_msg_route.VirtualHost` and - // :ref:`envoy_api_msg_route.RouteConfiguration`. For more information, including + // :ref:`envoy_api_msg_RouteConfiguration`. For more information, including // details on header value syntax, see the documentation on // :ref:`custom request headers `. repeated HeaderValueOption response_headers_to_add = 18; @@ -598,7 +549,7 @@ message DirectResponseAction { // .. note:: // // Headers can be specified using *response_headers_to_add* in - // :ref:`envoy_api_msg_route.RouteConfiguration`. + // :ref:`envoy_api_msg_RouteConfiguration`. DataSource body = 2; } @@ -687,7 +638,7 @@ message RateLimit { // ("destination_cluster", "") // // Once a request matches against a route table rule, a routed cluster is determined by one of - // the following :ref:`route table configuration ` + // the following :ref:`route table configuration ` // settings: // // * :ref:`cluster ` indicates the upstream cluster diff --git a/envoy/config/bootstrap/v2/BUILD b/envoy/config/bootstrap/v2/BUILD index d089ce077..dd66035f6 100644 --- a/envoy/config/bootstrap/v2/BUILD +++ b/envoy/config/bootstrap/v2/BUILD @@ -8,10 +8,10 @@ api_proto_library( deps = [ "//envoy/api/v2:address", "//envoy/api/v2:base", + "//envoy/api/v2:cds", "//envoy/api/v2:config_source", + "//envoy/api/v2:lds", "//envoy/api/v2/auth:cert", - "//envoy/api/v2/cluster", - "//envoy/api/v2/listener", "//envoy/config/metrics/v2:metrics_service", "//envoy/config/metrics/v2:stats", "//envoy/config/ratelimit/v2:rls", @@ -25,10 +25,10 @@ api_go_proto_library( deps = [ "//envoy/api/v2:address_go_proto", "//envoy/api/v2:base_go_proto", + "//envoy/api/v2:cds_go_grpc", "//envoy/api/v2:config_source_go_proto", + "//envoy/api/v2:lds_go_grpc", "//envoy/api/v2/auth:cert_go_proto", - "//envoy/api/v2/cluster:cluster_go_proto", - "//envoy/api/v2/listener:listener_go_proto", "//envoy/config/metrics/v2:metrics_service_go_proto", "//envoy/config/metrics/v2:stats_go_proto", "//envoy/config/ratelimit/v2:rls_go_grpc", diff --git a/envoy/config/bootstrap/v2/bootstrap.proto b/envoy/config/bootstrap/v2/bootstrap.proto index b044e46c6..9f19a44b5 100644 --- a/envoy/config/bootstrap/v2/bootstrap.proto +++ b/envoy/config/bootstrap/v2/bootstrap.proto @@ -12,8 +12,8 @@ import "envoy/api/v2/address.proto"; import "envoy/api/v2/base.proto"; import "envoy/api/v2/auth/cert.proto"; import "envoy/api/v2/config_source.proto"; -import "envoy/api/v2/cluster/cluster.proto"; -import "envoy/api/v2/listener/listener.proto"; +import "envoy/api/v2/cds.proto"; +import "envoy/api/v2/lds.proto"; import "envoy/config/trace/v2/trace.proto"; import "envoy/config/metrics/v2/stats.proto"; import "envoy/config/ratelimit/v2/rls.proto"; @@ -30,9 +30,9 @@ message Bootstrap { envoy.api.v2.Node node = 1; message StaticResources { - // Static :ref:`Listeners `. These listeners are + // Static :ref:`Listeners `. These listeners are // available regardless of LDS configuration. - repeated envoy.api.v2.listener.Listener listeners = 1; + repeated envoy.api.v2.Listener listeners = 1; // If a network based configuration source is specified for :ref:`cds_config // `, it's necessary @@ -40,7 +40,7 @@ message Bootstrap { // how to speak to the management server. These cluster definitions may not // use :ref:`EDS ` (i.e. they should be static // IP or DNS-based). - repeated envoy.api.v2.cluster.Cluster clusters = 2; + repeated envoy.api.v2.Cluster clusters = 2; // [#not-implemented-hide:] repeated envoy.api.v2.auth.Secret secrets = 3; @@ -49,11 +49,11 @@ message Bootstrap { StaticResources static_resources = 2; message DynamicResources { - // All :ref:`Listeners ` are provided by a single + // All :ref:`Listeners ` are provided by a single // :ref:`LDS ` configuration source. envoy.api.v2.ConfigSource lds_config = 1; - // All post-bootstrap :ref:`Cluster ` definitions are + // All post-bootstrap :ref:`Cluster ` definitions are // provided by a single :ref:`CDS ` // configuration source. envoy.api.v2.ConfigSource cds_config = 2; diff --git a/envoy/service/discovery/v2/ads.proto b/envoy/service/discovery/v2/ads.proto index 615dad0d3..49d117e5c 100644 --- a/envoy/service/discovery/v2/ads.proto +++ b/envoy/service/discovery/v2/ads.proto @@ -10,6 +10,11 @@ import "envoy/api/v2/discovery.proto"; message AdsDummy { } +// [#not-implemented-hide:] Discovery services for endpoints, clusters, routes, +// and listeners are retained in the package `envoy.api.v2` for backwards +// compatibility with existing management servers. New development in discovery +// services should proceed in the package `envoy.service.discovery.v2`. + // See https://github.com/lyft/envoy-api#apis for a description of the role of // ADS and how it is intended to be used by a management server. ADS requests // have the same structure as their singleton xDS counterparts, but can diff --git a/test/build/build_test.cc b/test/build/build_test.cc index bc2ced17a..2d9d1a807 100644 --- a/test/build/build_test.cc +++ b/test/build/build_test.cc @@ -6,9 +6,6 @@ // Basic C++ build/link validation for the v2 xDS APIs. int main(int argc, char* argv[]) { const auto methods = { - "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources", - "envoy.service.discovery.v2.HealthDiscoveryService.FetchHealthCheck", - "envoy.service.discovery.v2.HealthDiscoveryService.StreamHealthCheck", "envoy.api.v2.ClusterDiscoveryService.FetchClusters", "envoy.api.v2.ClusterDiscoveryService.StreamClusters", "envoy.api.v2.EndpointDiscoveryService.FetchEndpoints", @@ -17,6 +14,9 @@ int main(int argc, char* argv[]) { "envoy.api.v2.ListenerDiscoveryService.StreamListeners", "envoy.api.v2.RouteDiscoveryService.FetchRoutes", "envoy.api.v2.RouteDiscoveryService.StreamRoutes", + "envoy.service.discovery.v2.AggregatedDiscoveryService.StreamAggregatedResources", + "envoy.service.discovery.v2.HealthDiscoveryService.FetchHealthCheck", + "envoy.service.discovery.v2.HealthDiscoveryService.StreamHealthCheck", "envoy.service.accesslog.v2.AccessLogService.StreamAccessLogs", "envoy.service.metrics.v2.MetricsService.StreamMetrics", "envoy.service.ratelimit.v2.RateLimitService.ShouldRateLimit", diff --git a/test/validate/pgv_test.cc b/test/validate/pgv_test.cc index 9c31e004f..fdc9efc74 100644 --- a/test/validate/pgv_test.cc +++ b/test/validate/pgv_test.cc @@ -4,7 +4,7 @@ // We don't use all the headers in the test below, but including them anyway as // a cheap way to get some C++ compiler sanity checking. #include "envoy/api/v2/protocol.pb.validate.h" -#include "envoy/api/v2/cluster/cluster.pb.validate.h" +#include "envoy/api/v2/cds.pb.validate.h" #include "envoy/api/v2/filter/accesslog/accesslog.pb.validate.h" #include "envoy/api/v2/filter/http/buffer.pb.validate.h" #include "envoy/api/v2/filter/http/fault.pb.validate.h" diff --git a/tools/BUILD b/tools/BUILD index 0f3325a52..04be86a30 100644 --- a/tools/BUILD +++ b/tools/BUILD @@ -6,8 +6,8 @@ py_binary( licenses = ["notice"], # Apache 2 visibility = ["//visibility:public"], deps = [ + "//envoy/api/v2:lds_py", "//envoy/api/v2/filter/network:http_connection_manager_py", - "//envoy/api/v2/listener:listener_py", ], ) diff --git a/tools/generate_listeners.py b/tools/generate_listeners.py index f35cb776e..b485438a9 100644 --- a/tools/generate_listeners.py +++ b/tools/generate_listeners.py @@ -16,7 +16,7 @@ from google.protobuf import struct_pb2 from google.protobuf import text_format -from envoy.api.v2.listener import listener_pb2 +from envoy.api.v2 import lds_pb2 from envoy.api.v2.filter.network import http_connection_manager_pb2 @@ -43,7 +43,7 @@ def ParseProto(path, filter_name): def GenerateListeners(listeners_pb_path, output_pb_path, output_json_path, fragments): - listener = listener_pb2.Listener() + listener = lds_pb2.Listener() with open(listeners_pb_path, 'r') as f: text_format.Merge(f.read(), listener)