envoyconfig

package

v0.0.0-...-848778d Latest Latest Go to latest Published: May 1, 2026 License: Apache-2.0 Imports: 26 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cloudfoundry/executor

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func AssignProxyPorts(appPorts []executor.PortMapping) ([]executor.PortMapping, error)
func GenerateBootstrap(container executor.Container, adminPort uint16, requireClientCerts bool, ...) ([]byte, error)
func GenerateSDSCAResource(container executor.Container, idCred Credential, ...) ([]byte, error)
func GenerateSDSCertAndKey(name string, cred Credential) ([]byte, error)
func GetAvailablePort(allocatedPorts []executor.PortMapping, extraKnownPorts ...uint16) (uint16, error)
type Credential
- func (c Credential) IsEmpty() bool

Constants ¶

View Source

const (
	StartProxyPort  = 61001
	EndProxyPort    = 65534
	DefaultHTTPPort = 8080
	C2CTLSPort      = 61443
	AdsClusterName  = "pilot-ads"
)

Variables ¶

View Source

var (
	ErrNoPortsAvailable   = errors.New("no ports available")
	SupportedCipherSuites = []string{"ECDHE-RSA-AES256-GCM-SHA384", "ECDHE-RSA-AES128-GCM-SHA256"}
	AlpnProtocols         = []string{"h2,http/1.1"}
)

Functions ¶

func AssignProxyPorts ¶

func AssignProxyPorts(appPorts []executor.PortMapping) ([]executor.PortMapping, error)

AssignProxyPorts takes PortMappings with only ContainerPort set and returns enriched entries with ContainerTLSProxyPort allocated. Port 8080 also gets a C2C TLS mapping on 61443. HostPort and HostTLSProxyPort are left at 0.

func GenerateBootstrap ¶

func GenerateBootstrap(
	container executor.Container,
	adminPort uint16,
	requireClientCerts bool,
	adsServers []string,
	http2Enabled bool,
) ([]byte, error)

GenerateBootstrap returns envoy bootstrap YAML for the given container and options.

func GenerateSDSCAResource ¶

func GenerateSDSCAResource(container executor.Container, idCred Credential, trustedCACerts, verifySubjectAltName []string) ([]byte, error)

GenerateSDSCAResource returns SDS discovery response YAML for the validation context (trusted CA + SAN matchers).

func GenerateSDSCertAndKey ¶

func GenerateSDSCertAndKey(name string, cred Credential) ([]byte, error)

GenerateSDSCertAndKey returns SDS discovery response YAML for a cert/key secret.

func GetAvailablePort ¶

func GetAvailablePort(allocatedPorts []executor.PortMapping, extraKnownPorts ...uint16) (uint16, error)

GetAvailablePort returns a port not in allocatedPorts or extraKnownPorts.

Types ¶

type Credential ¶

type Credential struct {
	Cert string
	Key  string
}

Credential holds cert and key PEM strings for SDS.

func (Credential) IsEmpty ¶

func (c Credential) IsEmpty() bool

Source Files ¶

View all Source files

config.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL