envoy

package
v0.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 16, 2020 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// ServiceCertType is the prefix for the service certificate resource name. Example: "service-cert:webservice"
	ServiceCertType SDSCertType = "service-cert"

	// RootCertTypeForMTLSOutbound is the prefix for the mTLS root certificate resource name for upstream connectivity. Example: "root-cert-for-mtls-outbound:webservice"
	RootCertTypeForMTLSOutbound SDSCertType = "root-cert-for-mtls-outbound"

	// RootCertTypeForMTLSInbound is the prefix for the mTLS root certificate resource name for downstream connectivity. Example: "root-cert-for-mtls-inbound:webservice"
	RootCertTypeForMTLSInbound SDSCertType = "root-cert-for-mtls-inbound"

	// RootCertTypeForHTTPS is the prefix for the HTTPS root certificate resource name. Example: "root-cert-https:webservice"
	RootCertTypeForHTTPS SDSCertType = "root-cert-https"

	// Outbound refers to Envoy upstream connectivity direction for TLS certs
	Outbound SDSDirection = true

	// Inbound refers to Envoy downstream connectivity direction for TLS certs
	Inbound SDSDirection = false

	// Separator is the separator between the prefix and the name of the certificate.
	Separator = ":"

	// ConnectionTimeout is the timeout duration used by Envoy to timeout connections
	ConnectionTimeout = 5 * time.Second

	// TransportProtocolTLS is the TLS transport protocol used in Envoy configurations
	TransportProtocolTLS = "tls"

	// OutboundPassthroughCluster is the outbound passthrough cluster name
	OutboundPassthroughCluster = "passthrough-outbound"
)

Variables

View Source 
var ALPNInMesh = []string{"osm"}

ALPNInMesh indicates that the proxy is connecting to an in-mesh destination. It is set as a part of configuring the UpstreamTLSContext.

View Source 
var (
	// XDSResponseOrder is the order in which we send xDS responses: CDS, EDS, LDS, RDS
	// See: https://github.com/envoyproxy/go-control-plane/issues/59
	XDSResponseOrder = []TypeURI{TypeCDS, TypeEDS, TypeLDS, TypeRDS, TypeSDS}
)

Functions

func GetADSConfigSource 

func GetADSConfigSource() *core.ConfigSource

GetADSConfigSource creates an Envoy ConfigSource struct.

func GetAccessLog 

func GetAccessLog() []*envoy_config_filter_accesslog_v2.AccessLog

GetAccessLog creates an Envoy AccessLog struct.

func GetAddress 

func GetAddress(address string, port uint32) *core.Address

GetAddress creates an Envoy Address struct.

func GetDownstreamTLSContext 

func GetDownstreamTLSContext(serviceName service.NamespacedService, mTLS bool) *auth.DownstreamTlsContext

GetDownstreamTLSContext creates a downstream Envoy TLS Context

func GetOutboundPassthroughCluster 

func GetOutboundPassthroughCluster() *xds.Cluster

GetOutboundPassthroughCluster returns an Envoy cluster that is used for outbound passthrough traffic

func GetServiceCluster 

func GetServiceCluster(remoteService, localService service.NamespacedService) (*xds.Cluster, error)

GetServiceCluster creates an Envoy Cluster struct.

func GetTLSParams 

func GetTLSParams() *auth.TlsParameters

GetTLSParams creates Envoy TlsParameters struct.

func GetUpstreamTLSContext 

func GetUpstreamTLSContext(serviceName service.NamespacedService, sni string) *auth.UpstreamTlsContext

GetUpstreamTLSContext creates an upstream Envoy TLS Context

func MessageToAny 

func MessageToAny(pb proto.Message) (*any.Any, error)

MessageToAny converts from proto message to proto Any and returns an error if any

Types

type Proxy 

type Proxy struct {
	certificate.CommonName
	net.Addr
	ServiceName service.NamespacedService
	// contains filtered or unexported fields
}

Proxy is a representation of an Envoy proxy connected to the xDS server. This should at some point have a 1:1 match to an Endpoint (which is a member of a meshed service).

func NewProxy 

func NewProxy(cn certificate.CommonName, ip net.Addr) *Proxy

NewProxy creates a new instance of an Envoy proxy connected to the xDS servers.

func (Proxy) GetAnnouncementsChannel 

func (p Proxy) GetAnnouncementsChannel() chan interface{}

GetAnnouncementsChannel returns the announcement channel for the given Envoy proxy.

func (Proxy) GetCommonName 

func (p Proxy) GetCommonName() certificate.CommonName

GetCommonName returns the Subject Common Name from the mTLS certificate of the Envoy proxy connected to xDS.

func (Proxy) GetConnectedAt 

func (p Proxy) GetConnectedAt() time.Time

GetConnectedAt returns the timestamp of when the given proxy connected to the control plane.

func (Proxy) GetIP 

func (p Proxy) GetIP() net.Addr

GetIP returns the IP address of the Envoy proxy connected to xDS.

func (Proxy) GetLastAppliedVersion 

func (p Proxy) GetLastAppliedVersion(typeURI TypeURI) uint64

GetLastAppliedVersion returns the last version sucessfully applied to the given Envoy proxy.

func (*Proxy) GetLastSentNonce 

func (p *Proxy) GetLastSentNonce(typeURI TypeURI) string

GetLastSentNonce returns last sent nonce.

func (Proxy) GetLastSentVersion 

func (p Proxy) GetLastSentVersion(typeURI TypeURI) uint64

GetLastSentVersion returns the last sent version.

func (Proxy) GetService 

func (p Proxy) GetService() service.NamespacedService

GetService determines the meshed service this endpoint should support based on the mTLS certificate. From "a.b.c" returns "b.c". By convention "a" is the ID of the proxy. Remaining "b.c" is the name of the service.

func (*Proxy) IncrementLastSentVersion 

func (p *Proxy) IncrementLastSentVersion(typeURI TypeURI) uint64

IncrementLastSentVersion increments last sent version.

func (*Proxy) SetLastAppliedVersion 

func (p *Proxy) SetLastAppliedVersion(typeURI TypeURI, version uint64)

SetLastAppliedVersion records the version of the given Envoy proxy that was last acknowledged.

func (*Proxy) SetLastSentVersion 

func (p *Proxy) SetLastSentVersion(typeURI TypeURI, ver uint64)

SetLastSentVersion records the version of the given config last sent to the proxy.

func (*Proxy) SetNewNonce 

func (p *Proxy) SetNewNonce(typeURI TypeURI) string

SetNewNonce sets and returns a new nonce.

func (Proxy) String 

func (p Proxy) String() string

String returns the CommonName of the proxy.

type SDSCert 

type SDSCert struct {
	// Service is a namespaced service struct
	Service service.NamespacedService
	// CertType is the certificate type
	CertType SDSCertType
}

SDSCert is only used to interface the naming and related functions to Marshal/Unmarshal a resource name, this avoids having sprintf/parsing logic all over the place

func UnmarshalSDSCert 

func UnmarshalSDSCert(str string) (*SDSCert, error)

UnmarshalSDSCert parses and returns Certificate type and Namespaced Service name given a correctly formatted string, otherwise returns error

func (SDSCert) String 

func (sdsc SDSCert) String() string

String is a common facility/interface to generate a string resource name out of a SDSCert This is to keep the sprintf logic and/or separators used agnostic to other modules

type SDSCertType 

type SDSCertType string

SDSCertType is a type of a certificate requested by an Envoy proxy via SDS.

func (SDSCertType) String 

func (ct SDSCertType) String() string

type SDSDirection 

type SDSDirection bool

SDSDirection is a type to identify TLS certificate connectivity direction.

type TypeURI 

type TypeURI string

TypeURI is a string describing the Envoy xDS payload. 

const (
	// TypeSDS is the SDS type URI.
	TypeSDS TypeURI = "type.googleapis.com/envoy.api.v2.auth.Secret"

	// TypeCDS is the CDS type URI.
	TypeCDS TypeURI = "type.googleapis.com/envoy.api.v2.Cluster"

	// TypeLDS is the LDS type URI.
	TypeLDS TypeURI = "type.googleapis.com/envoy.api.v2.Listener"

	// TypeRDS is the RDS type URI.
	TypeRDS TypeURI = "type.googleapis.com/envoy.api.v2.RouteConfiguration"

	// TypeEDS is the EDS type URI.
	TypeEDS TypeURI = "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment"

	// TypeUpstreamTLSContext is an Envoy type URI.
	TypeUpstreamTLSContext TypeURI = "type.googleapis.com/envoy.api.v2.auth.UpstreamTlsContext"

	// TypeZipkinConfig is an Envoy type URI.
	TypeZipkinConfig TypeURI = "type.googleapis.com/envoy.config.trace.v2.ZipkinConfig"

	// TransportSocketTLS is an Envoy string constant.
	TransportSocketTLS = "envoy.transport_sockets.tls"

	//LocalClusterSuffix is the tag to append to local clusters
	LocalClusterSuffix = "-local"
)

func (TypeURI) String 

func (t TypeURI) String() string

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.