Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AdsBootstrapperOptions ¶
type AdsBootstrapperOptions struct {
CommonOptions
// Flags for ADS
AdsConnectTimeout time.Duration
}
AdsBootstrapperOptions describes the possible overrides used by the ADS bootstrapper to create the envoy bootstrap config.
func DefaultAdsBootstrapperOptions ¶
func DefaultAdsBootstrapperOptions() AdsBootstrapperOptions
DefaultAdsBootstrapperOptions returns AdsBootstrapperOptions with default values.
The default values are expected to match the default values from the flags.
type CommonOptions ¶
type CommonOptions struct {
// Flags for envoy
AdminAddress string
AdminPort int
AdsNamedPipe string
Node string
GeneratedHeaderPrefix string
TracingOptions *TracingOptions
// Flags for metadata
NonGCP bool
HttpRequestTimeout time.Duration
MetadataURL string
IamURL string
// Configures the identity used when making requests to Service Control.
ServiceControlCredentials *IAMCredentialsOptions
// Configures the identity used when making requests to backends.
BackendAuthCredentials *IAMCredentialsOptions
// Whether to disallow colon in the url wildcard path segment.
DisallowColonInWildcardPathSegment bool
}
CommonOptions describes the possible overrides used by both the ADS bootstrapper and the config generator. By defining all the common options in one struct, we prevent duplicate flag initialization and reduce repeated code.
func DefaultCommonOptions ¶
func DefaultCommonOptions() CommonOptions
DefaultCommonOptions returns CommonOptions with default values.
The default values are expected to match the default values from the flags.
type ConfigGeneratorOptions ¶
type ConfigGeneratorOptions struct {
CommonOptions
// Cors related configurations.
CorsAllowCredentials bool
CorsAllowHeaders string
CorsAllowMethods string
CorsAllowOrigin string
CorsAllowOriginRegex string
CorsExposeHeaders string
CorsMaxAge time.Duration
CorsPreset string
CorsOperationDelimiter string
// Backend routing configurations.
BackendDnsLookupFamily string
// Envoy specific configurations.
ClusterConnectTimeout time.Duration
StreamIdleTimeout time.Duration
// Full URI to the backend: scheme, address/hostname, port
BackendAddress string
EnableBackendAddressOverride bool
LocalHTTPBackendAddress string
// Health check related
Healthz string
HealthCheckOperation string
HealthCheckAutogeneratedOperationPrefix string
HealthCheckGrpcBackend bool
HealthCheckGrpcBackendService string
HealthCheckGrpcBackendInterval time.Duration
HealthCheckGrpcBackendNoTrafficInterval time.Duration
// Network related configurations.
ListenerAddress string
ServiceManagementURL string
ServiceControlURL string
ListenerPort int
SslServerCertPath string
SslServerCipherSuites string
SslServerRootCertPath string
SslMinimumProtocol string
SslMaximumProtocol string
EnableHSTS bool
SslSidestreamClientRootCertsPath string
SslBackendClientCertPath string
SslBackendClientRootCertsPath string
SslBackendClientCipherSuites string
DnsResolverAddresses string
// Headers manipulation:
AddRequestHeaders string
AppendRequestHeaders string
AddResponseHeaders string
AppendResponseHeaders string
EnableOperationNameHeader bool
// Flags for non_gcp deployment.
ServiceAccountKey string
TokenAgentPort uint
EnableApplicationDefaultCredentials bool
// Flags for external calls.
DisableOidcDiscovery bool
DependencyErrorBehavior string
// Flags for testing purpose.
SkipJwtAuthnFilter bool
SkipServiceControlFilter bool
// Envoy configurations.
AccessLog string
AccessLogFormat string
EnvoyUseRemoteAddress bool
EnvoyXffNumTrustedHops int
LogJwtPayloads string
LogRequestHeaders string
LogResponseHeaders string
MinStreamReportIntervalMs uint64
SuppressEnvoyHeaders bool
UnderscoresInHeaders bool
NormalizePath bool
MergeSlashesInPath bool
DisallowEscapedSlashesInPath bool
ServiceControlNetworkFailOpen bool
ServiceControlEnableApiKeyUidReporting bool
EnableGrpcForHttp1 bool
ConnectionBufferLimitBytes int
// JwtAuthn related flags
DisableJwksAsyncFetch bool
JwksAsyncFetchFastListener bool
JwksCacheDurationInS int
JwksFetchNumRetries int
JwksFetchRetryBackOffBaseInterval time.Duration
JwksFetchRetryBackOffMaxInterval time.Duration
JwtPadForwardPayloadHeader bool
JwtCacheSize uint
DisableJwtAudienceServiceNameCheck bool
ScCheckTimeoutMs int
ScQuotaTimeoutMs int
ScReportTimeoutMs int
BackendRetryOns string
BackendRetryNum uint
BackendPerTryTimeout time.Duration
BackendRetryOnStatusCodes string
ScCheckRetries int
ScQuotaRetries int
ScReportRetries int
BackendClusterMaxRequests int
ComputePlatformOverride string
EnableResponseCompression bool
ClientIPFromForwardedHeader bool
TranscodingAlwaysPrintPrimitiveFields bool
TranscodingAlwaysPrintEnumsAsInts bool
TranscodingStreamNewLineDelimited bool
TranscodingPreserveProtoFieldNames bool
TranscodingIgnoreQueryParameters string
TranscodingIgnoreUnknownQueryParameters bool
TranscodingQueryParametersDisableUnescapePlus bool
TranscodingMatchUnregisteredCustomVerb bool
TranscodingStrictRequestValidation bool
TranscodingRejectCollision bool
TranscodingCaseInsensitiveEnumParsing bool
APIAllowList []string
AllowDiscoveryAPIs bool
}
ConfigGeneratorOptions describes the possible overrides for the service config to envoy config translation. Note that this rename is difficult because it will break managed api gateway team
func DefaultConfigGeneratorOptions ¶
func DefaultConfigGeneratorOptions() ConfigGeneratorOptions
DefaultConfigGeneratorOptions returns ConfigGeneratorOptions with default values.
The default values are expected to match the default values from the flags.
type IAMCredentialsOptions ¶
type IAMCredentialsOptions struct {
// The Service Account to fetch the token for. If left empty, IAM Credentials API will not be used to sign tokens.
ServiceAccountEmail string
TokenKind IamTokenKind
// Optionally impersonate the ServiceAccountEmail using this chain of delegates. See:
// https://cloud.google.com/iam/docs/reference/credentials/rest/v1/projects.serviceAccounts/generateIdToken
Delegates []string
}
IAMCredentialsOptions configures Envoy to authenticate requests using the given service account instead of the identity of the machine.
type IamTokenKind ¶
type IamTokenKind int
IamTokenKind specifies which type of token to generate using the IAM Credentials API.
const ( // AccessToken indicates the access token should be generated. AccessToken IamTokenKind = iota // IDToken indicates the OpenID Connect ID token should be generated. IDToken )
type TracingOptions ¶
type TracingOptions struct {
DisableTracing bool
ProjectId string
StackdriverAddress string
SamplingRate float64
IncomingContext string
OutgoingContext string
MaxNumAttributes int64
MaxNumAnnotations int64
MaxNumMessageEvents int64
MaxNumLinks int64
EnableVerboseAnnotations bool
}
TracingOptions are the shared options to create tracing config.
Source Files
Click to show internal directories.
Click to hide internal directories.