Package bootstrap provides the functionality to initialize certain aspects of an xDS client by reading a bootstrap file.



This section is empty.


This section is empty.


This section is empty.


type CertProviderConfig

type CertProviderConfig struct {
	// Name is the registered name of the certificate provider.
	Name string
	// Config is the parsed config to be passed to the certificate provider.
	Config certprovider.StableConfig

CertProviderConfig wraps the certificate provider plugin name and config (corresponding to one plugin instance) found in the bootstrap file.

type Config

type Config struct {
	// BalancerName is the name of the xDS server to connect to.
	// The bootstrap file contains a list of servers (with name+creds), but we
	// pick the first one.
	BalancerName string
	// Creds contains the credentials to be used while talking to the xDS
	// server, as a grpc.DialOption.
	Creds grpc.DialOption
	// TransportAPI indicates the API version of xDS transport protocol to use.
	// This describes the xDS gRPC endpoint and version of
	// DiscoveryRequest/Response used on the wire.
	TransportAPI version.TransportAPI
	// NodeProto contains the Node proto to be used in xDS requests. The actual
	// type depends on the transport protocol version used.
	NodeProto proto.Message
	// CertProviderConfigs contain parsed configs for supported certificate
	// provider plugins found in the bootstrap file.
	CertProviderConfigs map[string]CertProviderConfig

Config provides the xDS client with several key bits of information that it requires in its interaction with an xDS server. The Config is initialized from the bootstrap file.

func NewConfig

func NewConfig() (*Config, error)

NewConfig returns a new instance of Config initialized by reading the bootstrap file found at ${GRPC_XDS_BOOTSTRAP}.

The format of the bootstrap file will be as follows: {

   "xds_server": {
     "server_uri": <string containing URI of xds server>,
     "channel_creds": [
         "type": <string containing channel cred type>,
         "config": <JSON object containing config for the type>
     "server_features": [ ... ]
		"certificate_providers" : {
			"default": {
				"plugin_name": "default-plugin-name",
				"config": { default plugin config in JSON }
			"foo": {
				"plugin_name": "foo",
				"config": { foo plugin config in JSON }
   "node": <JSON form of Node proto>


Currently, we support exactly one type of credential, which is "google_default", where we use the host's default certs for transport credentials and a Google oauth token for call credentials.

This function tries to process as much of the bootstrap file as possible (in the presence of the errors) and may return a Config object with certain fields left unspecified, in which case the caller should use some sane defaults.