Documentation

Overview

Package envoy contains a configuration writer for v2 YAML config. To avoid a dependncy on a YAML library, we generate the YAML using the text/template package.

Index

Constants

View Source
const CACertificateKey = "ca.crt"

CACertificateKey stores the key for the TLS validation secret cert

View Source
const HTTPDefaultIdleTimeout = 60 * time.Second

HTTPDefaultIdleTimeout sets the idle timeout for HTTP connections to 60 seconds. This is chosen as a rough default to stop idle connections wasting resources, without stopping slow connections from being terminated too quickly. Exported so the same value can be used here and in e2e tests.

View Source
const TCPDefaultIdleTimeout = 9001 * time.Second

TCPDefaultIdleTimeout sets the idle timeout in seconds for connections through a TCP Proxy type filter. It's defaulted to two and a half hours for reasons documented at https://github.com/heptio/contour/issues/1074 Set to 9001 because now it's OVER NINE THOUSAND. Exported so the same value can be used here and in e2e tests.

Variables

This section is empty.

Functions

func Bootstrap

func Bootstrap(c *BootstrapConfig) *bootstrap.Bootstrap

Bootstrap creates a new v2 Bootstrap configuration.

func Cluster

func Cluster(c *dag.Cluster) *v2.Cluster

Cluster creates new v2.Cluster from dag.Cluster.

func ClusterCommonLBConfig

func ClusterCommonLBConfig() *v2.Cluster_CommonLbConfig

ClusterCommonLBConfig creates a *v2.Cluster_CommonLbConfig with HealthyPanicThreshold disabled.

func ClusterDiscoveryType

func ClusterDiscoveryType(t v2.Cluster_DiscoveryType) *v2.Cluster_Type

ClusterDiscoveryType returns the type of a ClusterDiscovery as a Cluster_type.

func ClusterLoadAssignment

func ClusterLoadAssignment(name string, addrs ...*core.Address) *v2.ClusterLoadAssignment

ClusterLoadAssignment returns a *v2.ClusterLoadAssignment with a single LocalityLbEndpoints of the supplied addresses.

func Clustername

func Clustername(cluster *dag.Cluster) string

Clustername returns the name of the CDS cluster for this service.

func ConfigSource

func ConfigSource(cluster string) *core.ConfigSource

ConfigSource returns a *core.ConfigSource for cluster.

func DownstreamTLSContext

func DownstreamTLSContext(secretName string, tlsMinProtoVersion auth.TlsParameters_TlsProtocol, alpnProtos ...string) *auth.DownstreamTlsContext

DownstreamTLSContext creates a new DownstreamTlsContext.

func Endpoints

func Endpoints(addrs ...*core.Address) []endpoint.LocalityLbEndpoints

Endpoints returns a slice of LocalityLbEndpoints. The slice contains one entry, with one LbEndpoint per *core.Address supplied.

func FileAccessLog

func FileAccessLog(path string) []*accesslog.AccessLog

FileAccessLog returns a new file based access log filter.

func FilterChainTLS

func FilterChainTLS(domain string, secret *dag.Secret, filters []listener.Filter, tlsMinProtoVersion auth.TlsParameters_TlsProtocol, alpnProtos ...string) listener.FilterChain

FilterChainTLS returns a TLS enabled listener.FilterChain,

func FilterChains

func FilterChains(filters ...listener.Filter) []listener.FilterChain

FilterChains returns a []listener.FilterChain for the supplied filters.

func Filters

func Filters(filters ...listener.Filter) []listener.Filter

Filters returns a []listener.Filter for the supplied filters.

func HTTPConnectionManager

func HTTPConnectionManager(routename, accessLogPath string) listener.Filter

HTTPConnectionManager creates a new HTTP Connection Manager filter for the supplied route and access log.

func LBEndpoint

func LBEndpoint(addr *core.Address) endpoint.LbEndpoint

LBEndpoint creates a new LbEndpoint.

func Listener

func Listener(name, address string, port int, lf []listener.ListenerFilter, filters ...listener.Filter) *v2.Listener

Listener returns a new v2.Listener for the supplied address, port, and filters.

func ProxyProtocol

func ProxyProtocol() listener.ListenerFilter

ProxyProtocol returns a new Proxy Protocol listener filter.

func RouteHeaders

func RouteHeaders() []*core.HeaderValueOption

RouteHeaders returns a list of headers to be applied at the Route level on envoy

func RoutePrefix

func RoutePrefix(prefix string) route.RouteMatch

RoutePrefix returns a prefix matcher.

func RouteRegex

func RouteRegex(regex string) route.RouteMatch

RouteRegex returns a regex matcher.

func RouteRoute

func RouteRoute(r *dag.Route) *route.Route_Route

RouteRoute creates a route.Route_Route for the services supplied. If len(services) is greater than one, the route's action will be a weighted cluster.

func Secret

func Secret(s *dag.Secret) *auth.Secret

Secret creates new v2auth.Secret from secret.

func Secretname

func Secretname(s *dag.Secret) string

Secretname returns the name of the SDS secret for this secret.

func SocketAddress

func SocketAddress(address string, port int) *core.Address

SocketAddress creates a new TCP core.Address.

func StaticClusterLoadAssignment

func StaticClusterLoadAssignment(service *dag.TCPService) *v2.ClusterLoadAssignment

StaticClusterLoadAssignment creates a *v2.ClusterLoadAssignment pointing to the external DNS address of the service

func StatsListener

func StatsListener(address string, port int) *v2.Listener

StatsListener returns a *v2.Listener configured to serve prometheus metrics on /stats.

func TCPProxy

func TCPProxy(statPrefix string, proxy *dag.TCPProxy, accessLogPath string) listener.Filter

TCPProxy creates a new TCPProxy filter.

func TLSInspector

func TLSInspector() listener.ListenerFilter

TLSInspector returns a new TLS inspector listener filter.

func UpgradeHTTPS

func UpgradeHTTPS() *route.Route_Redirect

UpgradeHTTPS returns a route Action that redirects the request to HTTPS.

func UpstreamTLSContext

func UpstreamTLSContext(ca []byte, subjectName string, alpnProtocols ...string) *auth.UpstreamTlsContext

UpstreamTLSContext creates an auth.UpstreamTlsContext. By default UpstreamTLSContext returns a HTTP/1.1 TLS enabled context. A list of additional ALPN protocols can be provided.

func VirtualHost

func VirtualHost(hostname string) route.VirtualHost

VirtualHost creates a new route.VirtualHost.

Types

type BootstrapConfig

type BootstrapConfig struct {
	// AdminAccessLogPath is the path to write the access log for the administration server.
	// Defaults to /dev/null.
	AdminAccessLogPath string

	// AdminAddress is the TCP address that the administration server will listen on.
	// Defaults to 127.0.0.1.
	AdminAddress string

	// AdminPort is the port that the administration server will listen on.
	// Defaults to 9001.
	AdminPort int

	// XDSAddress is the TCP address of the gRPC XDS management server.
	// Defaults to 127.0.0.1.
	XDSAddress string

	// XDSGRPCPort is the management server port that provides the v2 gRPC API.
	// Defaults to 8001.
	XDSGRPCPort int

	// Namespace is the namespace where Contour is running
	Namespace string

	//GrpcCABundle is the filename that contains a CA certificate chain that can
	//verify the client cert.
	GrpcCABundle string

	// GrpcClientCert is the filename that contains a client certificate. May contain a full bundle if you
	// don't want to pass a CA Bundle.
	GrpcClientCert string

	// GrpcClientKey is the filename that contains a client key for secure gRPC with TLS.
	GrpcClientKey string
}

BootstrapConfig holds configuration values for a v2.Bootstrap.

type ConfigWriter

type ConfigWriter struct {
	// AdminAccessLogPath is the path to write the access log for the administration server.
	// Defaults to /dev/null.
	AdminAccessLogPath string

	// AdminAddress is the TCP address that the administration server will listen on.
	// Defaults to 127.0.0.1.
	AdminAddress string

	// AdminPort is the port that the administration server will listen on.
	// Defaults to 9001.
	AdminPort int

	// StatsAddress is the address that Envoy will listen on which serves the /stats path
	// Defaults to 0.0.0.0
	StatsAddress string

	// StatsPort is the port that Envoy will listen on which serves the /stats path
	// Defaults to 8002
	StatsPort int

	// XDSAddress is the TCP address of the XDS management server. For JSON configurations
	// this is the address of the v1 REST API server. For YAML configurations this is the
	// address of the v2 gRPC management server.
	// Defaults to 127.0.0.1.
	XDSAddress string

	// XDSRESTPort is the management server port that provides the v1 REST API.
	// Defaults to 8000.
	XDSRESTPort int

	// XDSGRPCPort is the management server port that provides the v2 gRPC API.
	// Defaults to 8001.
	XDSGRPCPort int
}

A ConfigWriter knows how to write a bootstap Envoy configuration in YAML format.

func (*ConfigWriter) WriteYAML

func (c *ConfigWriter) WriteYAML(w io.Writer) error

WriteYAML writes the configuration to the supplied writer in YAML v2 format. If the supplied io.Writer is a file, it should end with a .yaml extension.