Documentation
¶
Index ¶
- Constants
- Variables
- func ApplyMeshConfigDefaults(yaml string) (*proxyconfig.MeshConfig, error)
- func DefaultMeshConfig() proxyconfig.MeshConfig
- func DefaultProxyConfig() proxyconfig.ProxyConfig
- func GetPrivateIP() net.IP
- func ParsePort(addr string) int
- func ResolveAddr(addr string) (string, error)
- func WaitForPrivateNetwork() bool
- type Agent
- type Environment
- type Node
- type NodeType
- type Proxy
- type Retry
Constants ¶
const ( // IngressCertsPath is the path location for ingress certificates IngressCertsPath = "/etc/istio/ingress-certs/" // AuthCertsPath is the path location for mTLS certificates AuthCertsPath = "/etc/certs/" // CertChainFilename is mTLS chain file CertChainFilename = "cert-chain.pem" // KeyFilename is mTLS private key KeyFilename = "key.pem" // RootCertFilename is mTLS root cert RootCertFilename = "root-cert.pem" // IngressCertFilename is the ingress cert file name IngressCertFilename = "tls.crt" // IngressKeyFilename is the ingress private key file name IngressKeyFilename = "tls.key" )
const ( // MaxAborts is the maximum number of cascading abort messages to buffer. // This should be the upper bound on the number of proxies available at any point in time. MaxAborts = 10 )
Variables ¶
var ( // DefaultRetry configuration for proxies DefaultRetry = Retry{ MaxRetries: 10, InitialInterval: 200 * time.Millisecond, } )
Functions ¶
func ApplyMeshConfigDefaults ¶
func ApplyMeshConfigDefaults(yaml string) (*proxyconfig.MeshConfig, error)
ApplyMeshConfigDefaults returns a new MeshConfig decoded from the input YAML with defaults applied to omitted configuration values.
func DefaultMeshConfig ¶
func DefaultMeshConfig() proxyconfig.MeshConfig
DefaultMeshConfig configuration
func DefaultProxyConfig ¶
func DefaultProxyConfig() proxyconfig.ProxyConfig
DefaultProxyConfig for individual proxies
func GetPrivateIP ¶
GetPrivateIP returns a private IP address, or panics if no IP is available.
func ResolveAddr ¶
ResolveAddr resolves an authority address to an IP address
func WaitForPrivateNetwork ¶
func WaitForPrivateNetwork() bool
WaitForPrivateNetwork blocks until a private IP address is available, or a timeout is reached. Returns 'true' if a private IP is available before timeout is reached, and 'false' otherwise.
Types ¶
type Agent ¶
type Agent interface {
// ScheduleConfigUpdate sets the desired configuration for the proxy. Agent
// compares the current active configuration to the desired state and
// initiates a restart if necessary. If the restart fails, the agent attempts
// to retry with an exponential back-off.
ScheduleConfigUpdate(config interface{})
// Run starts the agent control loop and awaits for a signal on the input
// channel to exit the loop.
Run(ctx context.Context)
}
Agent manages the restarts and the life cycle of a proxy binary. Agent keeps track of all running proxy epochs and their configurations. Hot restarts are performed by launching a new proxy process with a strictly incremented restart epoch. It is up to the proxy to ensure that older epochs gracefully shutdown and carry over all the necessary state to the latest epoch. The agent does not terminate older epochs. The initial epoch is 0.
The restart protocol matches Envoy semantics for restart epochs: to successfully launch a new Envoy process that will replace the running Envoy processes, the restart epoch of the new process must be exactly 1 greater than the highest restart epoch of the currently running Envoy processes. See https://envoyproxy.github.io/envoy/intro/arch_overview/hot_restart.html for more information about the Envoy hot restart protocol.
Agent requires two functions "run" and "cleanup". Run function is a call to start the proxy and must block until the proxy exits. Cleanup function is executed immediately after the proxy exits and must be non-blocking since it is executed synchronously in the main agent control loop. Both functions take the proxy epoch as an argument. A typical scenario would involve epoch 0 followed by a failed epoch 1 start. The agent then attempts to start epoch 1 again.
Whenever the run function returns an error, the agent assumes that the proxy failed to start and attempts to restart the proxy several times with an exponential back-off. The subsequent restart attempts may reuse the epoch from the failed attempt. Retry budgets are allocated whenever the desired configuration changes.
Agent executes a single control loop that receives notifications about scheduled configuration updates, exits from older proxy epochs, and retry attempt timers. The call to schedule a configuration update will block until the control loop is ready to accept and process the configuration update.
type Environment ¶
type Environment struct {
// Discovery interface for listing services and instances
model.ServiceDiscovery
// Accounts interface for listing service accounts
model.ServiceAccounts
// Config interface for listing routing rules
model.IstioConfigStore
// Mesh is the mesh config (to be merged into the config store)
Mesh *proxyconfig.MeshConfig
// Mixer subject alternate name for mutual TLS
MixerSAN []string
}
Environment provides an aggregate environmental API for Pilot
type Node ¶
type Node struct {
// Type specifies the node type
Type NodeType
// IPAddress is the IP address of the proxy used to identify it and its
// co-located service instances. Example: "10.60.1.6"
IPAddress string
// ID is the unique platform-specific sidecar proxy ID
ID string
// Domain defines the DNS domain suffix for short hostnames (e.g.
// "default.svc.cluster.local")
Domain string
}
Node defines the proxy attributes used by xDS identification
func ParseServiceNode ¶
ParseServiceNode is the inverse of service node function
func (Node) ServiceNode ¶
ServiceNode encodes the proxy node attributes into a URI-acceptable string
type NodeType ¶
type NodeType string
NodeType decides the responsibility of the proxy serves in the mesh
type Proxy ¶
type Proxy interface {
// Run command for a config, epoch, and abort channel
Run(interface{}, int, <-chan error) error
// Cleanup command for an epoch
Cleanup(int)
// Panic command is invoked with the desired config when all retries to
// start the proxy fail just before the agent terminating
Panic(interface{})
}
Proxy defines command interface for a proxy
type Retry ¶
type Retry struct {
// MaxRetries is the maximum number of retries
MaxRetries int
// InitialInterval is the delay between the first restart, from then on it is
// multiplied by a factor of 2 for each subsequent retry
InitialInterval time.Duration
// contains filtered or unexported fields
}
Retry configuration for the proxy
Source Files
Directories