Documentation

Index

Constants

View Source
const (
	IngressProxy = "ingress-proxy"

	// OriginIngress is a marker to indicate by which ProxyGenerator resources were generated.
	OriginIngress = "ingress"
)
View Source
const OriginAdmin = "admin"

    OriginAdmin is a marker to indicate by which ProxyGenerator resources were generated.

    View Source
    const OriginDirectAccess = "direct-access"

      OriginDirectAccess is a marker to indicate by which ProxyGenerator resources were generated.

      View Source
      const OriginInbound = "inbound"

        OriginInbound is a marker to indicate by which ProxyGenerator resources were generated.

        View Source
        const OriginOutbound = "outbound"

          OriginOutbound is a marker to indicate by which ProxyGenerator resources were generated.

          View Source
          const (
          	// OriginProbes is a marker to indicate by which ProxyGenerator resources were generated.
          	OriginProbe = "probe"
          )
          View Source
          const OriginPrometheus = "prometheus"

            OriginPrometheus is a marker to indicate by which ProxyGenerator resources were generated.

            View Source
            const OriginProxyTemplateRaw = "proxy-template-raw"

              OriginProxyTemplateRaw is a marker to indicate by which ProxyGenerator resources were generated.

              View Source
              const OriginTracing = "tracing"

                OriginTracing is a marker to indicate by which ProxyGenerator resources were generated.

                View Source
                const (
                	OriginTransparent = "transparent"
                )

                  OriginTransparent is a marker to indicate by which ProxyGenerator resources were generated.

                  Variables

                  This section is empty.

                  Functions

                  func InferServiceProtocol

                  func InferServiceProtocol(endpoints []core_xds.Endpoint) mesh_core.Protocol

                    InferServiceProtocol returns a common protocol for a given group of endpoints.

                    func RegisterProfile

                    func RegisterProfile(profileName string, generator ResourceGenerator)

                    Types

                    type AdminProxyGenerator

                    type AdminProxyGenerator struct {
                    }

                      AdminProxyGenerator generates resources to expose some endpoints of Admin API on public interface. By default, Admin API is exposed only on loopback interface because of security reasons.

                      func (AdminProxyGenerator) Generate

                      type CompositeResourceGenerator

                      type CompositeResourceGenerator []ResourceGenerator

                      func (CompositeResourceGenerator) Generate

                      type DirectAccessProxyGenerator

                      type DirectAccessProxyGenerator struct {
                      }

                        Transparent Proxy is based on having 1 IP for cluster (ex. ClusterIP of Service on K8S), so consuming apps by their IP is unknown destination from Envoy perspective. Therefore such request will go trough pass_trough cluster and won't be encrypted by mTLS. This generates listener for every IP and redirect traffic trough "direct_access" cluster which is configured to encrypt connections. Generating listener for every endpoint will cause XDS snapshot to be large therefore it should be used only if really needed.

                        Second approach to consider was to use FilterChainMatch on catch_all listener with list of all direct access endpoints instead of generating outbound listener, but it seemed to not work with Listener#UseOriginalDst

                        func (DirectAccessProxyGenerator) Generate

                        type Endpoint

                        type Endpoint struct {
                        	Address string
                        	Port    uint32
                        }

                        type Endpoints

                        type Endpoints []Endpoint

                        func (Endpoints) Len

                        func (a Endpoints) Len() int

                        func (Endpoints) Less

                        func (a Endpoints) Less(i, j int) bool

                        func (Endpoints) Swap

                        func (a Endpoints) Swap(i, j int)

                        type InboundProxyGenerator

                        type InboundProxyGenerator struct {
                        }

                        func (InboundProxyGenerator) Generate

                        type IngressGenerator

                        type IngressGenerator struct {
                        }

                        func (IngressGenerator) Generate

                        func (i IngressGenerator) Generate(ctx xds_context.Context, proxy *model.Proxy) (*model.ResourceSet, error)

                        type OutboundProxyGenerator

                        type OutboundProxyGenerator struct {
                        }

                        func (OutboundProxyGenerator) Generate

                        type ProbeProxyGenerator

                        type ProbeProxyGenerator struct {
                        }

                        func (ProbeProxyGenerator) Generate

                        type PrometheusEndpointGenerator

                        type PrometheusEndpointGenerator struct {
                        }

                          PrometheusEndpointGenerator generates an inbound Envoy listener that forwards HTTP requests into the `/stats/prometheus` endpoint of the Envoy Admin API.

                          When generating such a listener, it's important not to overshadow a port that is already in use by the application or other Envoy listeners. In the latter case we prefer not generate Prometheus endpoint at all rather than introduce undeterministic behaviour.

                          func (PrometheusEndpointGenerator) Generate

                          type ProxyTemplateGenerator

                          type ProxyTemplateGenerator struct {
                          	ProxyTemplate *kuma_mesh.ProxyTemplate
                          }

                          func (*ProxyTemplateGenerator) Generate

                          type ProxyTemplateProfileSource

                          type ProxyTemplateProfileSource struct {
                          	ProfileName string
                          }

                          func (*ProxyTemplateProfileSource) Generate

                          type ProxyTemplateRawSource

                          type ProxyTemplateRawSource struct {
                          	Resources []*kuma_mesh.ProxyTemplateRawResource
                          }

                          func (*ProxyTemplateRawSource) Generate

                          type ResourceGenerator

                          type ResourceGenerator interface {
                          	Generate(xds_context.Context, *model.Proxy) (*model.ResourceSet, error)
                          }

                          func NewDefaultProxyProfile

                          func NewDefaultProxyProfile() ResourceGenerator

                          type TracingProxyGenerator

                          type TracingProxyGenerator struct {
                          }

                          func (TracingProxyGenerator) Generate

                          type TransparentProxyGenerator

                          type TransparentProxyGenerator struct {
                          }

                          func (TransparentProxyGenerator) Generate

                          Directories

                          Path Synopsis
                          v2
                          v3