v3

package

v0.0.0-...-a1fe31f Latest Latest Go to latest Published: Dec 28, 2021 License: Apache-2.0 Imports: 51 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/projectsesame/sesame

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func AdminListener(port int) *envoy_listener_v3.Listener
func CORSVirtualHost(hostname string, corspolicy *envoy_route_v3.CorsPolicy, ...) *envoy_route_v3.VirtualHost
func Cluster(c *dag.Cluster) *envoy_cluster_v3.Cluster
func ClusterCommonLBConfig() *envoy_cluster_v3.Cluster_CommonLbConfig
func ClusterDiscoveryType(t envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster_Type
func ClusterDiscoveryTypeForAddress(address string, t envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster_Type
func ClusterLoadAssignment(name string, addrs ...*envoy_core_v3.Address) *envoy_endpoint_v3.ClusterLoadAssignment
func ConfigSource(cluster string) *envoy_core_v3.ConfigSource
func ContainsFallbackFilterChain(filterchains []*envoy_listener_v3.FilterChain) bool
func DownstreamTLSContext(serverSecret *dag.Secret, ...) *envoy_v3_tls.DownstreamTlsContext
func DownstreamTLSTransportSocket(tls *envoy_tls_v3.DownstreamTlsContext) *envoy_core_v3.TransportSocket
func Endpoints(addrs ...*envoy_core_v3.Address) []*envoy_endpoint_v3.LocalityLbEndpoints
func ExtensionCluster(ext *dag.ExtensionCluster) *envoy_cluster_v3.Cluster
func FileAccessLogEnvoy(path string, format string, extensions []string) []*envoy_accesslog_v3.AccessLog
func FileAccessLogJSON(path string, fields sesame_api_v1alpha1.AccessLogFields, extensions []string) []*envoy_accesslog_v3.AccessLog
func FilterChain(filters ...*envoy_listener_v3.Filter) *envoy_listener_v3.FilterChain
func FilterChainTLS(domain string, downstream *envoy_tls_v3.DownstreamTlsContext, ...) *envoy_listener_v3.FilterChain
func FilterChainTLSFallback(downstream *envoy_tls_v3.DownstreamTlsContext, ...) *envoy_listener_v3.FilterChain
func FilterChains(filters ...*envoy_listener_v3.Filter) []*envoy_listener_v3.FilterChain
func FilterExternalAuthz(authzClusterName string, failOpen bool, timeout timeout.Setting, ...) *http.HttpFilter
func FilterMisdirectedRequests(fqdn string) *http.HttpFilter
func Filters(filters ...*envoy_listener_v3.Filter) []*envoy_listener_v3.Filter
func GlobalRateLimitFilter(config *GlobalRateLimitConfig) *http.HttpFilter
func GlobalRateLimits(descriptors []*dag.RateLimitDescriptor) []*envoy_route_v3.RateLimit
func HTTPConnectionManager(routename string, accesslogger []*accesslog.AccessLog, ...) *envoy_listener_v3.Filter
func HTTPConnectionManagerBuilder() *httpConnectionManagerBuilder
func LBEndpoint(addr *envoy_core_v3.Address) *envoy_endpoint_v3.LbEndpoint
func Listener(name, address string, port int, lf []*envoy_listener_v3.ListenerFilter, ...) *envoy_listener_v3.Listener
func ListenerFilters(filters ...*envoy_listener_v3.ListenerFilter) []*envoy_listener_v3.ListenerFilter
func LocalRateLimitConfig(config *dag.LocalRateLimitPolicy, statPrefix string) *any.Any
func OriginalIPDetectionFilter(xffNumTrustedHops uint32) *http.HttpFilter
func ParseTLSVersion(version string) envoy_tls_v3.TlsParameters_TlsProtocol
func ProtoNamesForVersions(versions ...HTTPVersionType) []string
func ProxyProtocol() *envoy_listener_v3.ListenerFilter
func RouteConfiguration(name string, virtualhosts ...*envoy_route_v3.VirtualHost) *envoy_route_v3.RouteConfiguration
func RouteMatch(route *dag.Route) *envoy_route_v3.RouteMatch
func SafeRegexMatch(regex string) *matcher.RegexMatcher
func Secret(s *dag.Secret) *envoy_tls_v3.Secret
func SocketAddress(address string, port int) *envoy_core_v3.Address
func StaticClusterLoadAssignment(service *dag.Service) *envoy_endpoint_v3.ClusterLoadAssignment
func StatsListeners(metrics sesame_api_v1alpha1.MetricsConfig, ...) []*envoy_listener_v3.Listener
func StatsSecrets(metricsTLS *sesame_api_v1alpha1.MetricsTLS) []*envoy_tls_v3.Secret
func TCPKeepaliveSocketOptions() []*envoy_core_v3.SocketOption
func TCPProxy(statPrefix string, proxy *dag.TCPProxy, accesslogger []*accesslog.AccessLog) *envoy_listener_v3.Filter
func TLSInspector() *envoy_listener_v3.ListenerFilter
func UnixSocketAddress(address string, port int) *envoy_core_v3.Address
func UpgradeHTTPS() *envoy_route_v3.Route_Redirect
func UpstreamTLSContext(peerValidationContext *dag.PeerValidationContext, sni string, ...) *envoy_v3_tls.UpstreamTlsContext
func UpstreamTLSTransportSocket(tls *envoy_tls_v3.UpstreamTlsContext) *envoy_core_v3.TransportSocket
func VirtualHost(hostname string, routes ...*envoy_route_v3.Route) *envoy_route_v3.VirtualHost
func VirtualHostAndRoutes(vh *dag.VirtualHost, dagRoutes []*dag.Route, secure bool, ...) *envoy_route_v3.VirtualHost
func WeightedEndpoints(weight uint32, addrs ...*envoy_core_v3.Address) []*envoy_endpoint_v3.LocalityLbEndpoints
func WriteBootstrap(c *envoy.BootstrapConfig) error
type GlobalRateLimitConfig
type HTTPVersionType
- func CodecForVersions(versions ...HTTPVersionType) HTTPVersionType

Constants ¶

View Source

const (
	HTTPVersionAuto HTTPVersionType = http.HttpConnectionManager_AUTO
	HTTPVersion1    HTTPVersionType = http.HttpConnectionManager_HTTP1
	HTTPVersion2    HTTPVersionType = http.HttpConnectionManager_HTTP2
	HTTPVersion3    HTTPVersionType = http.HttpConnectionManager_HTTP3

	HTTPFilterRouter  = "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
	HTTPFilterCORS    = "type.googleapis.com/envoy.extensions.filters.http.cors.v3.Cors"
	HTTPFilterGrpcWeb = "type.googleapis.com/envoy.extensions.filters.http.grpc_web.v3.GrpcWeb"
	HTTPFilterGzip    = "type.googleapis.com/envoy.extensions.compression.gzip.compressor.v3.Gzip"
)

Variables ¶

This section is empty.

Functions ¶

func AdminListener ¶

func AdminListener(port int) *envoy_listener_v3.Listener

AdminListener returns a *envoy_listener_v3.Listener configured to serve Envoy debug routes from the admin webpage.

func CORSVirtualHost ¶

func CORSVirtualHost(hostname string, corspolicy *envoy_route_v3.CorsPolicy, routes ...*envoy_route_v3.Route) *envoy_route_v3.VirtualHost

CORSVirtualHost creates a new route.VirtualHost with a CORS policy.

func Cluster ¶

func Cluster(c *dag.Cluster) *envoy_cluster_v3.Cluster

Cluster creates new envoy_cluster_v3.Cluster from dag.Cluster.

func ClusterCommonLBConfig ¶

func ClusterCommonLBConfig() *envoy_cluster_v3.Cluster_CommonLbConfig

ClusterCommonLBConfig creates a *envoy_cluster_v3.Cluster_CommonLbConfig with HealthyPanicThreshold disabled.

func ClusterDiscoveryType ¶

func ClusterDiscoveryType(t envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster_Type

ClusterDiscoveryType returns the type of a ClusterDiscovery as a Cluster_type.

func ClusterDiscoveryTypeForAddress ¶

func ClusterDiscoveryTypeForAddress(address string, t envoy_cluster_v3.Cluster_DiscoveryType) *envoy_cluster_v3.Cluster_Type

ClusterDiscoveryTypeForAddress returns the type of a ClusterDiscovery as a Cluster_type. If the provided address is an IP, overrides the type to STATIC, otherwise uses the passed in type.

func ClusterLoadAssignment ¶

func ClusterLoadAssignment(name string, addrs ...*envoy_core_v3.Address) *envoy_endpoint_v3.ClusterLoadAssignment

ClusterLoadAssignment returns a *envoy_endpoint_v3.ClusterLoadAssignment with a single LocalityLbEndpoints of the supplied addresses.

func ConfigSource ¶

func ConfigSource(cluster string) *envoy_core_v3.ConfigSource

ConfigSource returns a *envoy_core_v3.ConfigSource for cluster.

func ContainsFallbackFilterChain ¶

func ContainsFallbackFilterChain(filterchains []*envoy_listener_v3.FilterChain) bool

func DownstreamTLSContext ¶

func DownstreamTLSContext(serverSecret *dag.Secret, tlsMinProtoVersion envoy_v3_tls.TlsParameters_TlsProtocol, cipherSuites []string, peerValidationContext *dag.PeerValidationContext, alpnProtos ...string) *envoy_v3_tls.DownstreamTlsContext

DownstreamTLSContext creates a new DownstreamTlsContext.

func DownstreamTLSTransportSocket ¶

func DownstreamTLSTransportSocket(tls *envoy_tls_v3.DownstreamTlsContext) *envoy_core_v3.TransportSocket

DownstreamTLSTransportSocket returns a custom transport socket using the DownstreamTlsContext provided.

func Endpoints ¶

func Endpoints(addrs ...*envoy_core_v3.Address) []*envoy_endpoint_v3.LocalityLbEndpoints

Endpoints returns a slice of LocalityLbEndpoints. The slice contains one entry, with one LbEndpoint per *envoy_core_v3.Address supplied.

func ExtensionCluster ¶

func ExtensionCluster(ext *dag.ExtensionCluster) *envoy_cluster_v3.Cluster

ExtensionCluster builds a envoy_cluster_v3.Cluster struct for the given extension service.

func FileAccessLogEnvoy ¶

func FileAccessLogEnvoy(path string, format string, extensions []string) []*envoy_accesslog_v3.AccessLog

FileAccessLogEnvoy returns a new file based access log filter

func FileAccessLogJSON ¶

func FileAccessLogJSON(path string, fields sesame_api_v1alpha1.AccessLogFields, extensions []string) []*envoy_accesslog_v3.AccessLog

FileAccessLogJSON returns a new file based access log filter that will log in JSON format

func FilterChain ¶

func FilterChain(filters ...*envoy_listener_v3.Filter) *envoy_listener_v3.FilterChain

FilterChain returns a *envoy_listener_v3.FilterChain for the supplied filters.

func FilterChainTLS ¶

func FilterChainTLS(domain string, downstream *envoy_tls_v3.DownstreamTlsContext, filters []*envoy_listener_v3.Filter) *envoy_listener_v3.FilterChain

FilterChainTLS returns a TLS enabled envoy_listener_v3.FilterChain.

func FilterChainTLSFallback ¶

func FilterChainTLSFallback(downstream *envoy_tls_v3.DownstreamTlsContext, filters []*envoy_listener_v3.Filter) *envoy_listener_v3.FilterChain

FilterChainTLSFallback returns a TLS enabled envoy_listener_v3.FilterChain conifgured for FallbackCertificate.

func FilterChains ¶

func FilterChains(filters ...*envoy_listener_v3.Filter) []*envoy_listener_v3.FilterChain

FilterChains returns a []*envoy_listener_v3.FilterChain for the supplied filters.

func FilterExternalAuthz ¶

func FilterExternalAuthz(authzClusterName string, failOpen bool, timeout timeout.Setting, bufferSettings *dag.AuthorizationServerBufferSettings) *http.HttpFilter

FilterExternalAuthz returns an `ext_authz` filter configured with the requested parameters.

func FilterMisdirectedRequests ¶

func FilterMisdirectedRequests(fqdn string) *http.HttpFilter

func Filters ¶

func Filters(filters ...*envoy_listener_v3.Filter) []*envoy_listener_v3.Filter

Filters returns a []*envoy_listener_v3.Filter for the supplied filters.

func GlobalRateLimitFilter ¶

func GlobalRateLimitFilter(config *GlobalRateLimitConfig) *http.HttpFilter

GlobalRateLimitFilter returns a configured HTTP global rate limit filter, or nil if config is nil.

func GlobalRateLimits ¶

func GlobalRateLimits(descriptors []*dag.RateLimitDescriptor) []*envoy_route_v3.RateLimit

GlobalRateLimits converts DAG RateLimitDescriptors to Envoy RateLimits.

func HTTPConnectionManager ¶

func HTTPConnectionManager(routename string, accesslogger []*accesslog.AccessLog, requestTimeout time.Duration) *envoy_listener_v3.Filter

HTTPConnectionManager creates a new HTTP Connection Manager filter for the supplied route, access log, and client request timeout.

func HTTPConnectionManagerBuilder ¶

func HTTPConnectionManagerBuilder() *httpConnectionManagerBuilder

HTTPConnectionManagerBuilder creates a new HTTP connection manager builder. nolint:revive

func LBEndpoint ¶

func LBEndpoint(addr *envoy_core_v3.Address) *envoy_endpoint_v3.LbEndpoint

LBEndpoint creates a new LbEndpoint.

func Listener ¶

func Listener(name, address string, port int, lf []*envoy_listener_v3.ListenerFilter, filters ...*envoy_listener_v3.Filter) *envoy_listener_v3.Listener

Listener returns a new envoy_listener_v3.Listener for the supplied address, port, and filters.

func ListenerFilters ¶

func ListenerFilters(filters ...*envoy_listener_v3.ListenerFilter) []*envoy_listener_v3.ListenerFilter

ListenerFilters returns a []*envoy_listener_v3.ListenerFilter for the supplied listener filters.

func LocalRateLimitConfig ¶

func LocalRateLimitConfig(config *dag.LocalRateLimitPolicy, statPrefix string) *any.Any

LocalRateLimitConfig returns a config for the HTTP local rate limit filter.

func OriginalIPDetectionFilter ¶

func OriginalIPDetectionFilter(xffNumTrustedHops uint32) *http.HttpFilter

func ParseTLSVersion ¶

func ParseTLSVersion(version string) envoy_tls_v3.TlsParameters_TlsProtocol

func ProtoNamesForVersions ¶

func ProtoNamesForVersions(versions ...HTTPVersionType) []string

ProtoNamesForVersions returns the slice of ALPN protocol names for the give HTTP versions.

func ProxyProtocol ¶

func ProxyProtocol() *envoy_listener_v3.ListenerFilter

ProxyProtocol returns a new Proxy Protocol listener filter.

func RouteConfiguration ¶

func RouteConfiguration(name string, virtualhosts ...*envoy_route_v3.VirtualHost) *envoy_route_v3.RouteConfiguration

RouteConfiguration returns a *envoy_route_v3.RouteConfiguration.

func RouteMatch ¶

func RouteMatch(route *dag.Route) *envoy_route_v3.RouteMatch

RouteMatch creates a *envoy_route_v3.RouteMatch for the supplied *dag.Route.

func SafeRegexMatch ¶

func SafeRegexMatch(regex string) *matcher.RegexMatcher

SafeRegexMatch returns a matcher.RegexMatcher for the supplied regex. SafeRegexMatch does not escape regex meta characters.

func Secret ¶

func Secret(s *dag.Secret) *envoy_tls_v3.Secret

Secret creates new envoy_tls_v3.Secret from secret.

func SocketAddress ¶

func SocketAddress(address string, port int) *envoy_core_v3.Address

SocketAddress creates a new TCP envoy_core_v3.Address.

func StaticClusterLoadAssignment ¶

func StaticClusterLoadAssignment(service *dag.Service) *envoy_endpoint_v3.ClusterLoadAssignment

StaticClusterLoadAssignment creates a *envoy_endpoint_v3.ClusterLoadAssignment pointing to the external DNS address of the service

func StatsListeners ¶

func StatsListeners(metrics sesame_api_v1alpha1.MetricsConfig, health sesame_api_v1alpha1.HealthConfig) []*envoy_listener_v3.Listener

StatsListeners returns an array of *envoy_listener_v3.Listeners, either single HTTP listener or HTTP and HTTPS listeners depending on config. The listeners are configured to serve:

prometheus metrics on /stats (either over HTTP or HTTPS)
readiness probe on /ready (always over HTTP)

func StatsSecrets ¶

func StatsSecrets(metricsTLS *sesame_api_v1alpha1.MetricsTLS) []*envoy_tls_v3.Secret

StatsSecrets returns SDS secrets that refer to local file paths in Envoy container.

func TCPKeepaliveSocketOptions ¶

func TCPKeepaliveSocketOptions() []*envoy_core_v3.SocketOption

func TCPProxy ¶

func TCPProxy(statPrefix string, proxy *dag.TCPProxy, accesslogger []*accesslog.AccessLog) *envoy_listener_v3.Filter

TCPProxy creates a new TCPProxy filter.

func TLSInspector ¶

func TLSInspector() *envoy_listener_v3.ListenerFilter

TLSInspector returns a new TLS inspector listener filter.

func UnixSocketAddress ¶

func UnixSocketAddress(address string, port int) *envoy_core_v3.Address

UnixSocketAddress creates a new Unix Socket envoy_core_v3.Address.

func UpgradeHTTPS ¶

func UpgradeHTTPS() *envoy_route_v3.Route_Redirect

UpgradeHTTPS returns a route Action that redirects the request to HTTPS.

func UpstreamTLSContext ¶

func UpstreamTLSContext(peerValidationContext *dag.PeerValidationContext, sni string, clientSecret *dag.Secret, alpnProtocols ...string) *envoy_v3_tls.UpstreamTlsContext

UpstreamTLSContext creates an envoy_v3_tls.UpstreamTlsContext. By default UpstreamTLSContext returns a HTTP/1.1 TLS enabled context. A list of additional ALPN protocols can be provided.

func UpstreamTLSTransportSocket ¶

func UpstreamTLSTransportSocket(tls *envoy_tls_v3.UpstreamTlsContext) *envoy_core_v3.TransportSocket

UpstreamTLSTransportSocket returns a custom transport socket using the UpstreamTlsContext provided.

func VirtualHost ¶

func VirtualHost(hostname string, routes ...*envoy_route_v3.Route) *envoy_route_v3.VirtualHost

VirtualHost creates a new route.VirtualHost.

func VirtualHostAndRoutes ¶

func VirtualHostAndRoutes(vh *dag.VirtualHost, dagRoutes []*dag.Route, secure bool, authService *dag.ExtensionCluster) *envoy_route_v3.VirtualHost

VirtualHostAndRoutes converts a DAG virtual host and routes to an Envoy virtual host.

func WeightedEndpoints ¶

func WeightedEndpoints(weight uint32, addrs ...*envoy_core_v3.Address) []*envoy_endpoint_v3.LocalityLbEndpoints

func WriteBootstrap ¶

func WriteBootstrap(c *envoy.BootstrapConfig) error

WriteBootstrap writes bootstrap configuration to files.

Types ¶

type GlobalRateLimitConfig ¶

type GlobalRateLimitConfig struct {
	ExtensionService        types.NamespacedName
	FailOpen                bool
	Timeout                 timeout.Setting
	Domain                  string
	EnableXRateLimitHeaders bool
}

GlobalRateLimitConfig stores configuration for an HTTP global rate limiting filter.

type HTTPVersionType ¶

type HTTPVersionType = http.HttpConnectionManager_CodecType

func CodecForVersions ¶

func CodecForVersions(versions ...HTTPVersionType) HTTPVersionType

CodecForVersions determines a single Envoy HTTP codec constant that support all the given HTTP protocol versions.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL