2201 lines
154 KiB
YAML
2201 lines
154 KiB
YAML
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: (unknown)
|
|
creationTimestamp: null
|
|
name: servicepolicies.servicemesh.kubesphere.io
|
|
spec:
|
|
group: servicemesh.kubesphere.io
|
|
names:
|
|
kind: ServicePolicy
|
|
listKind: ServicePolicyList
|
|
plural: servicepolicies
|
|
singular: servicepolicy
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha2
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: ServicePolicy is the Schema for the servicepolicies API
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation
|
|
of an object. Servers should convert recognized schemas to the latest
|
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this
|
|
object represents. Servers may infer this from the endpoint the client
|
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: ServicePolicySpec defines the desired state of ServicePolicy
|
|
properties:
|
|
selector:
|
|
description: Label selector for destination rules.
|
|
properties:
|
|
matchExpressions:
|
|
description: matchExpressions is a list of label selector requirements.
|
|
The requirements are ANDed.
|
|
items:
|
|
description: A label selector requirement is a selector that
|
|
contains values, a key, and an operator that relates the key
|
|
and values.
|
|
properties:
|
|
key:
|
|
description: key is the label key that the selector applies
|
|
to.
|
|
type: string
|
|
operator:
|
|
description: operator represents a key's relationship to
|
|
a set of values. Valid operators are In, NotIn, Exists
|
|
and DoesNotExist.
|
|
type: string
|
|
values:
|
|
description: values is an array of string values. If the
|
|
operator is In or NotIn, the values array must be non-empty.
|
|
If the operator is Exists or DoesNotExist, the values
|
|
array must be empty. This array is replaced during a strategic
|
|
merge patch.
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: matchLabels is a map of {key,value} pairs. A single
|
|
{key,value} in the matchLabels map is equivalent to an element
|
|
of matchExpressions, whose key field is "key", the operator
|
|
is "In", and the values array contains only "value". The requirements
|
|
are ANDed.
|
|
type: object
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
template:
|
|
description: Template used to create a destination rule
|
|
properties:
|
|
metadata:
|
|
description: Metadata of the virtual services created from this
|
|
template
|
|
type: object
|
|
spec:
|
|
description: Spec indicates the behavior of a destination rule.
|
|
properties:
|
|
export_to:
|
|
description: "A list of namespaces to which this destination
|
|
rule is exported. The resolution of a destination rule to
|
|
apply to a service occurs in the context of a hierarchy
|
|
of namespaces. Exporting a destination rule allows it to
|
|
be included in the resolution hierarchy for services in
|
|
other namespaces. This feature provides a mechanism for
|
|
service owners and mesh administrators to control the visibility
|
|
of destination rules across namespace boundaries. \n If
|
|
no namespaces are specified then the destination rule is
|
|
exported to all namespaces by default. \n The value \".\"
|
|
is reserved and defines an export to the same namespace
|
|
that the destination rule is declared in. Similarly, the
|
|
value \"*\" is reserved and defines an export to all namespaces.
|
|
\n NOTE: in the current release, the `exportTo` value is
|
|
restricted to \".\" or \"*\" (i.e., the current namespace
|
|
or all namespaces)."
|
|
items:
|
|
type: string
|
|
type: array
|
|
host:
|
|
description: "The name of a service from the service registry.
|
|
Service names are looked up from the platform's service
|
|
registry (e.g., Kubernetes services, Consul services, etc.)
|
|
and from the hosts declared by [ServiceEntries](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry).
|
|
Rules defined for services that do not exist in the service
|
|
registry will be ignored. \n *Note for Kubernetes users*:
|
|
When short names are used (e.g. \"reviews\" instead of \"reviews.default.svc.cluster.local\"),
|
|
Istio will interpret the short name based on the namespace
|
|
of the rule, not the service. A rule in the \"default\"
|
|
namespace containing a host \"reviews\" will be interpreted
|
|
as \"reviews.default.svc.cluster.local\", irrespective of
|
|
the actual namespace associated with the reviews service.
|
|
_To avoid potential misconfigurations, it is recommended
|
|
to always use fully qualified domain names over short names._
|
|
\n Note that the host field applies to both HTTP and TCP
|
|
services."
|
|
type: string
|
|
subsets:
|
|
description: One or more named sets that represent individual
|
|
versions of a service. Traffic policies can be overridden
|
|
at subset level.
|
|
items:
|
|
description: "A subset of endpoints of a service. Subsets
|
|
can be used for scenarios like A/B testing, or routing
|
|
to a specific version of a service. Refer to [VirtualService](https://istio.io/docs/reference/config/networking/virtual-service/#VirtualService)
|
|
documentation for examples of using subsets in these scenarios.
|
|
In addition, traffic policies defined at the service-level
|
|
can be overridden at a subset-level. The following rule
|
|
uses a round robin load balancing policy for all traffic
|
|
going to a subset named testversion that is composed of
|
|
endpoints (e.g., pods) with labels (version:v3). \n {{<tabset
|
|
category-name=\"example\">}} {{<tab name=\"v1alpha3\"
|
|
category-value=\"v1alpha3\">}} ```yaml apiVersion: networking.istio.io/v1alpha3
|
|
kind: DestinationRule metadata: name: bookinfo-ratings
|
|
spec: host: ratings.prod.svc.cluster.local trafficPolicy:
|
|
loadBalancer: simple: LEAST_CONN subsets: - name: testversion
|
|
labels: version: v3 trafficPolicy: loadBalancer: simple:
|
|
ROUND_ROBIN ``` {{</tab>}} \n {{<tab name=\"v1beta1\"
|
|
category-value=\"v1beta1\">}} ```yaml apiVersion: networking.istio.io/v1beta1
|
|
kind: DestinationRule metadata: name: bookinfo-ratings
|
|
spec: host: ratings.prod.svc.cluster.local trafficPolicy:
|
|
loadBalancer: simple: LEAST_CONN subsets: - name: testversion
|
|
labels: version: v3 trafficPolicy: loadBalancer: simple:
|
|
ROUND_ROBIN ``` {{</tab>}} {{</tabset>}} \n **Note:**
|
|
Policies specified for subsets will not take effect until
|
|
a route rule explicitly sends traffic to this subset.
|
|
\n One or more labels are typically required to identify
|
|
the subset destination, however, when the corresponding
|
|
DestinationRule represents a host that supports multiple
|
|
SNI hosts (e.g., an egress gateway), a subset without
|
|
labels may be meaningful. In this case a traffic policy
|
|
with [ClientTLSSettings](#ClientTLSSettings) can be used
|
|
to identify a specific SNI host corresponding to the named
|
|
subset."
|
|
properties:
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
description: Labels apply a filter over the endpoints
|
|
of a service in the service registry. See route rules
|
|
for examples of usage.
|
|
type: object
|
|
name:
|
|
description: Name of the subset. The service name and
|
|
the subset name can be used for traffic splitting
|
|
in a route rule.
|
|
type: string
|
|
traffic_policy:
|
|
description: Traffic policies that apply to this subset.
|
|
Subsets inherit the traffic policies specified at
|
|
the DestinationRule level. Settings specified at the
|
|
subset level will override the corresponding settings
|
|
specified at the DestinationRule level.
|
|
properties:
|
|
connection_pool:
|
|
description: Settings controlling the volume of
|
|
connections to an upstream service
|
|
properties:
|
|
http:
|
|
description: HTTP connection pool settings.
|
|
properties:
|
|
h2_upgrade_policy:
|
|
description: Specify if http1.1 connection
|
|
should be upgraded to http2 for the associated
|
|
destination.
|
|
format: int32
|
|
type: integer
|
|
http1_max_pending_requests:
|
|
description: Maximum number of pending HTTP
|
|
requests to a destination. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
http2_max_requests:
|
|
description: Maximum number of requests
|
|
to a backend. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
idle_timeout:
|
|
description: The idle timeout for upstream
|
|
connection pool connections. The idle
|
|
timeout is defined as the period in which
|
|
there are no active requests. If not set,
|
|
the default is 1 hour. When the idle timeout
|
|
is reached the connection will be closed.
|
|
Note that request based timeouts mean
|
|
that HTTP/2 PINGs will not keep the connection
|
|
alive. Applies to both HTTP1.1 and HTTP2
|
|
connections.
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span
|
|
of time. Durations less than one second
|
|
are represented with a 0 `seconds`
|
|
field and a positive or negative `nanos`
|
|
field. For durations of one second
|
|
or more, a non-zero value for the
|
|
`nanos` field must be of the same
|
|
sign as the `seconds` field. Must
|
|
be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the
|
|
span of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note:
|
|
these bounds are computed from: 60
|
|
sec/min * 60 min/hr * 24 hr/day *
|
|
365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_requests_per_connection:
|
|
description: Maximum number of requests
|
|
per connection to a backend. Setting this
|
|
parameter to 1 disables keep alive. Default
|
|
0, meaning "unlimited", up to 2^29.
|
|
format: int32
|
|
type: integer
|
|
max_retries:
|
|
description: Maximum number of retries that
|
|
can be outstanding to all hosts in a cluster
|
|
at a given time. Defaults to 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tcp:
|
|
description: Settings common to both HTTP and
|
|
TCP upstream connections.
|
|
properties:
|
|
connect_timeout:
|
|
description: 'TCP connection timeout. format:
|
|
1h/1m/1s/1ms. MUST BE >=1ms. Default is
|
|
10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span
|
|
of time. Durations less than one second
|
|
are represented with a 0 `seconds`
|
|
field and a positive or negative `nanos`
|
|
field. For durations of one second
|
|
or more, a non-zero value for the
|
|
`nanos` field must be of the same
|
|
sign as the `seconds` field. Must
|
|
be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the
|
|
span of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note:
|
|
these bounds are computed from: 60
|
|
sec/min * 60 min/hr * 24 hr/day *
|
|
365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_connections:
|
|
description: Maximum number of HTTP1 /TCP
|
|
connections to a destination host. Default
|
|
2^32-1.
|
|
format: int32
|
|
type: integer
|
|
tcp_keepalive:
|
|
description: If set then set SO_KEEPALIVE
|
|
on the socket to enable TCP Keepalives.
|
|
properties:
|
|
interval:
|
|
description: The time duration between
|
|
keep-alive probes. Default is to use
|
|
the OS level configuration (unless
|
|
overridden, Linux defaults to 75s.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of
|
|
a second at nanosecond resolution
|
|
of the span of time. Durations
|
|
less than one second are represented
|
|
with a 0 `seconds` field and a
|
|
positive or negative `nanos` field.
|
|
For durations of one second or
|
|
more, a non-zero value for the
|
|
`nanos` field must be of the same
|
|
sign as the `seconds` field. Must
|
|
be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of
|
|
the span of time. Must be from
|
|
-315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds
|
|
are computed from: 60 sec/min
|
|
* 60 min/hr * 24 hr/day * 365.25
|
|
days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
probes:
|
|
description: Maximum number of keepalive
|
|
probes to send without response before
|
|
deciding the connection is dead. Default
|
|
is to use the OS level configuration
|
|
(unless overridden, Linux defaults
|
|
to 9.)
|
|
format: int32
|
|
type: integer
|
|
time:
|
|
description: The time duration a connection
|
|
needs to be idle before keep-alive
|
|
probes start being sent. Default is
|
|
to use the OS level configuration
|
|
(unless overridden, Linux defaults
|
|
to 7200s (ie 2 hours.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of
|
|
a second at nanosecond resolution
|
|
of the span of time. Durations
|
|
less than one second are represented
|
|
with a 0 `seconds` field and a
|
|
positive or negative `nanos` field.
|
|
For durations of one second or
|
|
more, a non-zero value for the
|
|
`nanos` field must be of the same
|
|
sign as the `seconds` field. Must
|
|
be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of
|
|
the span of time. Must be from
|
|
-315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds
|
|
are computed from: 60 sec/min
|
|
* 60 min/hr * 24 hr/day * 365.25
|
|
days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
load_balancer:
|
|
description: Settings controlling the load balancer
|
|
algorithms.
|
|
properties:
|
|
locality_lb_setting:
|
|
description: Locality load balancer settings,
|
|
this will override mesh wide settings in entirety,
|
|
meaning no merging would be performed between
|
|
this object and the object one in MeshConfig
|
|
properties:
|
|
distribute:
|
|
description: 'Optional: only one of distribute
|
|
or failover can be set. Explicitly specify
|
|
loadbalancing weight across different
|
|
zones and geographical locations. Refer
|
|
to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight)
|
|
If empty, the locality weight is set according
|
|
to the endpoints number within it.'
|
|
items:
|
|
description: 'Describes how traffic originating
|
|
in the ''from'' zone or sub-zone is
|
|
distributed over a set of ''to'' zones.
|
|
Syntax for specifying a zone is {region}/{zone}/{sub-zone}
|
|
and terminal wildcards are allowed on
|
|
any segment of the specification. Examples:
|
|
* - matches all localities us-west/*
|
|
- all zones and sub-zones within the
|
|
us-west region us-west/zone-1/* - all
|
|
sub-zones within us-west/zone-1'
|
|
properties:
|
|
from:
|
|
description: Originating locality,
|
|
'/' separated, e.g. 'region/zone/sub_zone'.
|
|
type: string
|
|
to:
|
|
additionalProperties:
|
|
format: int32
|
|
type: integer
|
|
description: Map of upstream localities
|
|
to traffic distribution weights.
|
|
The sum of all weights should be
|
|
== 100. Any locality not assigned
|
|
a weight will receive no traffic.
|
|
type: object
|
|
type: object
|
|
type: array
|
|
enabled:
|
|
description: enable locality load balancing,
|
|
this is DestinationRule-level and will
|
|
override mesh wide settings in entirety.
|
|
e.g. true means that turn on locality
|
|
load balancing for this DestinationRule
|
|
no matter what mesh wide settings is.
|
|
properties:
|
|
value:
|
|
description: The bool value.
|
|
type: boolean
|
|
type: object
|
|
failover:
|
|
description: 'Optional: only failover or
|
|
distribute can be set. Explicitly specify
|
|
the region traffic will land on when endpoints
|
|
in local region becomes unhealthy. Should
|
|
be used together with OutlierDetection
|
|
to detect unhealthy endpoints. Note: if
|
|
no OutlierDetection specified, this will
|
|
not take effect.'
|
|
items:
|
|
description: Specify the traffic failover
|
|
policy across regions. Since zone and
|
|
sub-zone failover is supported by default
|
|
this only needs to be specified for
|
|
regions when the operator needs to constrain
|
|
traffic failover so that the default
|
|
behavior of failing over to any endpoint
|
|
globally does not apply. This is useful
|
|
when failing over traffic across regions
|
|
would not improve service health or
|
|
may need to be restricted for other
|
|
reasons like regulatory controls.
|
|
properties:
|
|
from:
|
|
description: Originating region.
|
|
type: string
|
|
to:
|
|
description: Destination region the
|
|
traffic will fail over to when endpoints
|
|
in the 'from' region becomes unhealthy.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|
|
outlier_detection:
|
|
description: Settings controlling eviction of unhealthy
|
|
hosts from the load balancing pool
|
|
properties:
|
|
base_ejection_time:
|
|
description: 'Minimum ejection duration. A host
|
|
will remain ejected for a period equal to
|
|
the product of minimum ejection duration and
|
|
the number of times the host has been ejected.
|
|
This technique allows the system to automatically
|
|
increase the ejection period for unhealthy
|
|
upstream servers. format: 1h/1m/1s/1ms. MUST
|
|
BE >=1ms. Default is 30s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span of
|
|
time. Durations less than one second are
|
|
represented with a 0 `seconds` field and
|
|
a positive or negative `nanos` field.
|
|
For durations of one second or more, a
|
|
non-zero value for the `nanos` field must
|
|
be of the same sign as the `seconds` field.
|
|
Must be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span
|
|
of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note: these
|
|
bounds are computed from: 60 sec/min *
|
|
60 min/hr * 24 hr/day * 365.25 days/year
|
|
* 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
consecutive_5xx_errors:
|
|
description: "Number of 5xx errors before a
|
|
host is ejected from the connection pool.
|
|
When the upstream host is accessed over an
|
|
opaque TCP connection, connect timeouts, connection
|
|
error/failure and request failure events qualify
|
|
as a 5xx error. This feature defaults to 5
|
|
but can be disabled by setting the value to
|
|
0. \n Note that consecutive_gateway_errors
|
|
and consecutive_5xx_errors can be used separately
|
|
or together. Because the errors counted by
|
|
consecutive_gateway_errors are also included
|
|
in consecutive_5xx_errors, if the value of
|
|
consecutive_gateway_errors is greater than
|
|
or equal to the value of consecutive_5xx_errors,
|
|
consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
consecutive_errors:
|
|
description: Number of errors before a host
|
|
is ejected from the connection pool. Defaults
|
|
to 5. When the upstream host is accessed over
|
|
HTTP, a 502, 503, or 504 return code qualifies
|
|
as an error. When the upstream host is accessed
|
|
over an opaque TCP connection, connect timeouts
|
|
and connection error/failure events qualify
|
|
as an error. $hide_from_docs
|
|
format: int32
|
|
type: integer
|
|
consecutive_gateway_errors:
|
|
description: "Number of gateway errors before
|
|
a host is ejected from the connection pool.
|
|
When the upstream host is accessed over HTTP,
|
|
a 502, 503, or 504 return code qualifies as
|
|
a gateway error. When the upstream host is
|
|
accessed over an opaque TCP connection, connect
|
|
timeouts and connection error/failure events
|
|
qualify as a gateway error. This feature is
|
|
disabled by default or when set to the value
|
|
0. \n Note that consecutive_gateway_errors
|
|
and consecutive_5xx_errors can be used separately
|
|
or together. Because the errors counted by
|
|
consecutive_gateway_errors are also included
|
|
in consecutive_5xx_errors, if the value of
|
|
consecutive_gateway_errors is greater than
|
|
or equal to the value of consecutive_5xx_errors,
|
|
consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
interval:
|
|
description: 'Time interval between ejection
|
|
sweep analysis. format: 1h/1m/1s/1ms. MUST
|
|
BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span of
|
|
time. Durations less than one second are
|
|
represented with a 0 `seconds` field and
|
|
a positive or negative `nanos` field.
|
|
For durations of one second or more, a
|
|
non-zero value for the `nanos` field must
|
|
be of the same sign as the `seconds` field.
|
|
Must be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span
|
|
of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note: these
|
|
bounds are computed from: 60 sec/min *
|
|
60 min/hr * 24 hr/day * 365.25 days/year
|
|
* 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_ejection_percent:
|
|
description: Maximum % of hosts in the load
|
|
balancing pool for the upstream service that
|
|
can be ejected. Defaults to 10%.
|
|
format: int32
|
|
type: integer
|
|
min_health_percent:
|
|
description: Outlier detection will be enabled
|
|
as long as the associated load balancing pool
|
|
has at least min_health_percent hosts in healthy
|
|
mode. When the percentage of healthy hosts
|
|
in the load balancing pool drops below this
|
|
threshold, outlier detection will be disabled
|
|
and the proxy will load balance across all
|
|
hosts in the pool (healthy and unhealthy).
|
|
The threshold can be disabled by setting it
|
|
to 0%. The default is 0% as it's not typically
|
|
applicable in k8s environments with few pods
|
|
per service.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
port_level_settings:
|
|
description: Traffic policies specific to individual
|
|
ports. Note that port level settings will override
|
|
the destination-level settings. Traffic settings
|
|
specified at the destination-level will not be
|
|
inherited when overridden by port-level settings,
|
|
i.e. default values will be applied to fields
|
|
omitted in port-level traffic policies.
|
|
items:
|
|
description: Traffic policies that apply to specific
|
|
ports of the service
|
|
properties:
|
|
connection_pool:
|
|
description: Settings controlling the volume
|
|
of connections to an upstream service
|
|
properties:
|
|
http:
|
|
description: HTTP connection pool settings.
|
|
properties:
|
|
h2_upgrade_policy:
|
|
description: Specify if http1.1 connection
|
|
should be upgraded to http2 for
|
|
the associated destination.
|
|
format: int32
|
|
type: integer
|
|
http1_max_pending_requests:
|
|
description: Maximum number of pending
|
|
HTTP requests to a destination.
|
|
Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
http2_max_requests:
|
|
description: Maximum number of requests
|
|
to a backend. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
idle_timeout:
|
|
description: The idle timeout for
|
|
upstream connection pool connections.
|
|
The idle timeout is defined as the
|
|
period in which there are no active
|
|
requests. If not set, the default
|
|
is 1 hour. When the idle timeout
|
|
is reached the connection will be
|
|
closed. Note that request based
|
|
timeouts mean that HTTP/2 PINGs
|
|
will not keep the connection alive.
|
|
Applies to both HTTP1.1 and HTTP2
|
|
connections.
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions
|
|
of a second at nanosecond resolution
|
|
of the span of time. Durations
|
|
less than one second are represented
|
|
with a 0 `seconds` field and
|
|
a positive or negative `nanos`
|
|
field. For durations of one
|
|
second or more, a non-zero value
|
|
for the `nanos` field must be
|
|
of the same sign as the `seconds`
|
|
field. Must be from -999,999,999
|
|
to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of
|
|
the span of time. Must be from
|
|
-315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds
|
|
are computed from: 60 sec/min
|
|
* 60 min/hr * 24 hr/day * 365.25
|
|
days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_requests_per_connection:
|
|
description: Maximum number of requests
|
|
per connection to a backend. Setting
|
|
this parameter to 1 disables keep
|
|
alive. Default 0, meaning "unlimited",
|
|
up to 2^29.
|
|
format: int32
|
|
type: integer
|
|
max_retries:
|
|
description: Maximum number of retries
|
|
that can be outstanding to all hosts
|
|
in a cluster at a given time. Defaults
|
|
to 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tcp:
|
|
description: Settings common to both HTTP
|
|
and TCP upstream connections.
|
|
properties:
|
|
connect_timeout:
|
|
description: 'TCP connection timeout.
|
|
format: 1h/1m/1s/1ms. MUST BE >=1ms.
|
|
Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions
|
|
of a second at nanosecond resolution
|
|
of the span of time. Durations
|
|
less than one second are represented
|
|
with a 0 `seconds` field and
|
|
a positive or negative `nanos`
|
|
field. For durations of one
|
|
second or more, a non-zero value
|
|
for the `nanos` field must be
|
|
of the same sign as the `seconds`
|
|
field. Must be from -999,999,999
|
|
to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of
|
|
the span of time. Must be from
|
|
-315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds
|
|
are computed from: 60 sec/min
|
|
* 60 min/hr * 24 hr/day * 365.25
|
|
days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_connections:
|
|
description: Maximum number of HTTP1
|
|
/TCP connections to a destination
|
|
host. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
tcp_keepalive:
|
|
description: If set then set SO_KEEPALIVE
|
|
on the socket to enable TCP Keepalives.
|
|
properties:
|
|
interval:
|
|
description: The time duration
|
|
between keep-alive probes. Default
|
|
is to use the OS level configuration
|
|
(unless overridden, Linux defaults
|
|
to 75s.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions
|
|
of a second at nanosecond
|
|
resolution of the span of
|
|
time. Durations less than
|
|
one second are represented
|
|
with a 0 `seconds` field
|
|
and a positive or negative
|
|
`nanos` field. For durations
|
|
of one second or more, a
|
|
non-zero value for the `nanos`
|
|
field must be of the same
|
|
sign as the `seconds` field.
|
|
Must be from -999,999,999
|
|
to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds
|
|
of the span of time. Must
|
|
be from -315,576,000,000
|
|
to +315,576,000,000 inclusive.
|
|
Note: these bounds are computed
|
|
from: 60 sec/min * 60 min/hr
|
|
* 24 hr/day * 365.25 days/year
|
|
* 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
probes:
|
|
description: Maximum number of
|
|
keepalive probes to send without
|
|
response before deciding the
|
|
connection is dead. Default
|
|
is to use the OS level configuration
|
|
(unless overridden, Linux defaults
|
|
to 9.)
|
|
format: int32
|
|
type: integer
|
|
time:
|
|
description: The time duration
|
|
a connection needs to be idle
|
|
before keep-alive probes start
|
|
being sent. Default is to use
|
|
the OS level configuration (unless
|
|
overridden, Linux defaults to
|
|
7200s (ie 2 hours.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions
|
|
of a second at nanosecond
|
|
resolution of the span of
|
|
time. Durations less than
|
|
one second are represented
|
|
with a 0 `seconds` field
|
|
and a positive or negative
|
|
`nanos` field. For durations
|
|
of one second or more, a
|
|
non-zero value for the `nanos`
|
|
field must be of the same
|
|
sign as the `seconds` field.
|
|
Must be from -999,999,999
|
|
to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds
|
|
of the span of time. Must
|
|
be from -315,576,000,000
|
|
to +315,576,000,000 inclusive.
|
|
Note: these bounds are computed
|
|
from: 60 sec/min * 60 min/hr
|
|
* 24 hr/day * 365.25 days/year
|
|
* 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
load_balancer:
|
|
description: Settings controlling the load
|
|
balancer algorithms.
|
|
properties:
|
|
locality_lb_setting:
|
|
description: Locality load balancer settings,
|
|
this will override mesh wide settings
|
|
in entirety, meaning no merging would
|
|
be performed between this object and
|
|
the object one in MeshConfig
|
|
properties:
|
|
distribute:
|
|
description: 'Optional: only one of
|
|
distribute or failover can be set.
|
|
Explicitly specify loadbalancing
|
|
weight across different zones and
|
|
geographical locations. Refer to
|
|
[Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight)
|
|
If empty, the locality weight is
|
|
set according to the endpoints number
|
|
within it.'
|
|
items:
|
|
description: 'Describes how traffic
|
|
originating in the ''from'' zone
|
|
or sub-zone is distributed over
|
|
a set of ''to'' zones. Syntax
|
|
for specifying a zone is {region}/{zone}/{sub-zone}
|
|
and terminal wildcards are allowed
|
|
on any segment of the specification.
|
|
Examples: * - matches all localities
|
|
us-west/* - all zones and sub-zones
|
|
within the us-west region us-west/zone-1/*
|
|
- all sub-zones within us-west/zone-1'
|
|
properties:
|
|
from:
|
|
description: Originating locality,
|
|
'/' separated, e.g. 'region/zone/sub_zone'.
|
|
type: string
|
|
to:
|
|
additionalProperties:
|
|
format: int32
|
|
type: integer
|
|
description: Map of upstream
|
|
localities to traffic distribution
|
|
weights. The sum of all weights
|
|
should be == 100. Any locality
|
|
not assigned a weight will
|
|
receive no traffic.
|
|
type: object
|
|
type: object
|
|
type: array
|
|
enabled:
|
|
description: enable locality load
|
|
balancing, this is DestinationRule-level
|
|
and will override mesh wide settings
|
|
in entirety. e.g. true means that
|
|
turn on locality load balancing
|
|
for this DestinationRule no matter
|
|
what mesh wide settings is.
|
|
properties:
|
|
value:
|
|
description: The bool value.
|
|
type: boolean
|
|
type: object
|
|
failover:
|
|
description: 'Optional: only failover
|
|
or distribute can be set. Explicitly
|
|
specify the region traffic will
|
|
land on when endpoints in local
|
|
region becomes unhealthy. Should
|
|
be used together with OutlierDetection
|
|
to detect unhealthy endpoints. Note:
|
|
if no OutlierDetection specified,
|
|
this will not take effect.'
|
|
items:
|
|
description: Specify the traffic
|
|
failover policy across regions.
|
|
Since zone and sub-zone failover
|
|
is supported by default this only
|
|
needs to be specified for regions
|
|
when the operator needs to constrain
|
|
traffic failover so that the default
|
|
behavior of failing over to any
|
|
endpoint globally does not apply.
|
|
This is useful when failing over
|
|
traffic across regions would not
|
|
improve service health or may
|
|
need to be restricted for other
|
|
reasons like regulatory controls.
|
|
properties:
|
|
from:
|
|
description: Originating region.
|
|
type: string
|
|
to:
|
|
description: Destination region
|
|
the traffic will fail over
|
|
to when endpoints in the 'from'
|
|
region becomes unhealthy.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|
|
outlier_detection:
|
|
description: Settings controlling eviction
|
|
of unhealthy hosts from the load balancing
|
|
pool
|
|
properties:
|
|
base_ejection_time:
|
|
description: 'Minimum ejection duration.
|
|
A host will remain ejected for a period
|
|
equal to the product of minimum ejection
|
|
duration and the number of times the
|
|
host has been ejected. This technique
|
|
allows the system to automatically increase
|
|
the ejection period for unhealthy upstream
|
|
servers. format: 1h/1m/1s/1ms. MUST
|
|
BE >=1ms. Default is 30s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a
|
|
second at nanosecond resolution
|
|
of the span of time. Durations less
|
|
than one second are represented
|
|
with a 0 `seconds` field and a positive
|
|
or negative `nanos` field. For durations
|
|
of one second or more, a non-zero
|
|
value for the `nanos` field must
|
|
be of the same sign as the `seconds`
|
|
field. Must be from -999,999,999
|
|
to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the
|
|
span of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note:
|
|
these bounds are computed from:
|
|
60 sec/min * 60 min/hr * 24 hr/day
|
|
* 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
consecutive_5xx_errors:
|
|
description: "Number of 5xx errors before
|
|
a host is ejected from the connection
|
|
pool. When the upstream host is accessed
|
|
over an opaque TCP connection, connect
|
|
timeouts, connection error/failure and
|
|
request failure events qualify as a
|
|
5xx error. This feature defaults to
|
|
5 but can be disabled by setting the
|
|
value to 0. \n Note that consecutive_gateway_errors
|
|
and consecutive_5xx_errors can be used
|
|
separately or together. Because the
|
|
errors counted by consecutive_gateway_errors
|
|
are also included in consecutive_5xx_errors,
|
|
if the value of consecutive_gateway_errors
|
|
is greater than or equal to the value
|
|
of consecutive_5xx_errors, consecutive_gateway_errors
|
|
will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
consecutive_errors:
|
|
description: Number of errors before a
|
|
host is ejected from the connection
|
|
pool. Defaults to 5. When the upstream
|
|
host is accessed over HTTP, a 502, 503,
|
|
or 504 return code qualifies as an error.
|
|
When the upstream host is accessed over
|
|
an opaque TCP connection, connect timeouts
|
|
and connection error/failure events
|
|
qualify as an error. $hide_from_docs
|
|
format: int32
|
|
type: integer
|
|
consecutive_gateway_errors:
|
|
description: "Number of gateway errors
|
|
before a host is ejected from the connection
|
|
pool. When the upstream host is accessed
|
|
over HTTP, a 502, 503, or 504 return
|
|
code qualifies as a gateway error. When
|
|
the upstream host is accessed over an
|
|
opaque TCP connection, connect timeouts
|
|
and connection error/failure events
|
|
qualify as a gateway error. This feature
|
|
is disabled by default or when set to
|
|
the value 0. \n Note that consecutive_gateway_errors
|
|
and consecutive_5xx_errors can be used
|
|
separately or together. Because the
|
|
errors counted by consecutive_gateway_errors
|
|
are also included in consecutive_5xx_errors,
|
|
if the value of consecutive_gateway_errors
|
|
is greater than or equal to the value
|
|
of consecutive_5xx_errors, consecutive_gateway_errors
|
|
will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
interval:
|
|
description: 'Time interval between ejection
|
|
sweep analysis. format: 1h/1m/1s/1ms.
|
|
MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a
|
|
second at nanosecond resolution
|
|
of the span of time. Durations less
|
|
than one second are represented
|
|
with a 0 `seconds` field and a positive
|
|
or negative `nanos` field. For durations
|
|
of one second or more, a non-zero
|
|
value for the `nanos` field must
|
|
be of the same sign as the `seconds`
|
|
field. Must be from -999,999,999
|
|
to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the
|
|
span of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note:
|
|
these bounds are computed from:
|
|
60 sec/min * 60 min/hr * 24 hr/day
|
|
* 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_ejection_percent:
|
|
description: Maximum % of hosts in the
|
|
load balancing pool for the upstream
|
|
service that can be ejected. Defaults
|
|
to 10%.
|
|
format: int32
|
|
type: integer
|
|
min_health_percent:
|
|
description: Outlier detection will be
|
|
enabled as long as the associated load
|
|
balancing pool has at least min_health_percent
|
|
hosts in healthy mode. When the percentage
|
|
of healthy hosts in the load balancing
|
|
pool drops below this threshold, outlier
|
|
detection will be disabled and the proxy
|
|
will load balance across all hosts in
|
|
the pool (healthy and unhealthy). The
|
|
threshold can be disabled by setting
|
|
it to 0%. The default is 0% as it's
|
|
not typically applicable in k8s environments
|
|
with few pods per service.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
port:
|
|
description: Specifies the number of a port
|
|
on the destination service on which this
|
|
policy is being applied.
|
|
properties:
|
|
number:
|
|
description: Valid port number
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tls:
|
|
description: TLS related settings for connections
|
|
to the upstream service.
|
|
properties:
|
|
ca_certificates:
|
|
description: 'OPTIONAL: The path to the
|
|
file containing certificate authority
|
|
certificates to use in verifying a presented
|
|
server certificate. If omitted, the
|
|
proxy will not verify the server''s
|
|
certificate. Should be empty if mode
|
|
is `ISTIO_MUTUAL`.'
|
|
type: string
|
|
client_certificate:
|
|
description: REQUIRED if mode is `MUTUAL`.
|
|
The path to the file holding the client-side
|
|
TLS certificate to use. Should be empty
|
|
if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
mode:
|
|
description: Indicates whether connections
|
|
to this port should be secured using
|
|
TLS. The value of this field determines
|
|
how TLS is enforced.
|
|
format: int32
|
|
type: integer
|
|
private_key:
|
|
description: REQUIRED if mode is `MUTUAL`.
|
|
The path to the file holding the client's
|
|
private key. Should be empty if mode
|
|
is `ISTIO_MUTUAL`.
|
|
type: string
|
|
sni:
|
|
description: SNI string to present to
|
|
the server during TLS handshake.
|
|
type: string
|
|
subject_alt_names:
|
|
description: A list of alternate names
|
|
to verify the subject identity in the
|
|
certificate. If specified, the proxy
|
|
will verify that the server certificate's
|
|
subject alt name matches one of the
|
|
specified values. If specified, this
|
|
list overrides the value of subject_alt_names
|
|
from the ServiceEntry.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
type: array
|
|
tls:
|
|
description: TLS related settings for connections
|
|
to the upstream service.
|
|
properties:
|
|
ca_certificates:
|
|
description: 'OPTIONAL: The path to the file
|
|
containing certificate authority certificates
|
|
to use in verifying a presented server certificate.
|
|
If omitted, the proxy will not verify the
|
|
server''s certificate. Should be empty if
|
|
mode is `ISTIO_MUTUAL`.'
|
|
type: string
|
|
client_certificate:
|
|
description: REQUIRED if mode is `MUTUAL`. The
|
|
path to the file holding the client-side TLS
|
|
certificate to use. Should be empty if mode
|
|
is `ISTIO_MUTUAL`.
|
|
type: string
|
|
mode:
|
|
description: Indicates whether connections to
|
|
this port should be secured using TLS. The
|
|
value of this field determines how TLS is
|
|
enforced.
|
|
format: int32
|
|
type: integer
|
|
private_key:
|
|
description: REQUIRED if mode is `MUTUAL`. The
|
|
path to the file holding the client's private
|
|
key. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
sni:
|
|
description: SNI string to present to the server
|
|
during TLS handshake.
|
|
type: string
|
|
subject_alt_names:
|
|
description: A list of alternate names to verify
|
|
the subject identity in the certificate. If
|
|
specified, the proxy will verify that the
|
|
server certificate's subject alt name matches
|
|
one of the specified values. If specified,
|
|
this list overrides the value of subject_alt_names
|
|
from the ServiceEntry.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: array
|
|
traffic_policy:
|
|
description: Traffic policies to apply (load balancing policy,
|
|
connection pool sizes, outlier detection).
|
|
properties:
|
|
connection_pool:
|
|
description: Settings controlling the volume of connections
|
|
to an upstream service
|
|
properties:
|
|
http:
|
|
description: HTTP connection pool settings.
|
|
properties:
|
|
h2_upgrade_policy:
|
|
description: Specify if http1.1 connection should
|
|
be upgraded to http2 for the associated destination.
|
|
format: int32
|
|
type: integer
|
|
http1_max_pending_requests:
|
|
description: Maximum number of pending HTTP requests
|
|
to a destination. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
http2_max_requests:
|
|
description: Maximum number of requests to a backend.
|
|
Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
idle_timeout:
|
|
description: The idle timeout for upstream connection
|
|
pool connections. The idle timeout is defined
|
|
as the period in which there are no active requests.
|
|
If not set, the default is 1 hour. When the
|
|
idle timeout is reached the connection will
|
|
be closed. Note that request based timeouts
|
|
mean that HTTP/2 PINGs will not keep the connection
|
|
alive. Applies to both HTTP1.1 and HTTP2 connections.
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span of
|
|
time. Durations less than one second are
|
|
represented with a 0 `seconds` field and
|
|
a positive or negative `nanos` field. For
|
|
durations of one second or more, a non-zero
|
|
value for the `nanos` field must be of the
|
|
same sign as the `seconds` field. Must be
|
|
from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of
|
|
time. Must be from -315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds are computed
|
|
from: 60 sec/min * 60 min/hr * 24 hr/day
|
|
* 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_requests_per_connection:
|
|
description: Maximum number of requests per connection
|
|
to a backend. Setting this parameter to 1 disables
|
|
keep alive. Default 0, meaning "unlimited",
|
|
up to 2^29.
|
|
format: int32
|
|
type: integer
|
|
max_retries:
|
|
description: Maximum number of retries that can
|
|
be outstanding to all hosts in a cluster at
|
|
a given time. Defaults to 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tcp:
|
|
description: Settings common to both HTTP and TCP
|
|
upstream connections.
|
|
properties:
|
|
connect_timeout:
|
|
description: 'TCP connection timeout. format:
|
|
1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span of
|
|
time. Durations less than one second are
|
|
represented with a 0 `seconds` field and
|
|
a positive or negative `nanos` field. For
|
|
durations of one second or more, a non-zero
|
|
value for the `nanos` field must be of the
|
|
same sign as the `seconds` field. Must be
|
|
from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of
|
|
time. Must be from -315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds are computed
|
|
from: 60 sec/min * 60 min/hr * 24 hr/day
|
|
* 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_connections:
|
|
description: Maximum number of HTTP1 /TCP connections
|
|
to a destination host. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
tcp_keepalive:
|
|
description: If set then set SO_KEEPALIVE on the
|
|
socket to enable TCP Keepalives.
|
|
properties:
|
|
interval:
|
|
description: The time duration between keep-alive
|
|
probes. Default is to use the OS level configuration
|
|
(unless overridden, Linux defaults to 75s.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span
|
|
of time. Durations less than one second
|
|
are represented with a 0 `seconds` field
|
|
and a positive or negative `nanos` field.
|
|
For durations of one second or more,
|
|
a non-zero value for the `nanos` field
|
|
must be of the same sign as the `seconds`
|
|
field. Must be from -999,999,999 to
|
|
+999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span
|
|
of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note:
|
|
these bounds are computed from: 60 sec/min
|
|
* 60 min/hr * 24 hr/day * 365.25 days/year
|
|
* 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
probes:
|
|
description: Maximum number of keepalive probes
|
|
to send without response before deciding
|
|
the connection is dead. Default is to use
|
|
the OS level configuration (unless overridden,
|
|
Linux defaults to 9.)
|
|
format: int32
|
|
type: integer
|
|
time:
|
|
description: The time duration a connection
|
|
needs to be idle before keep-alive probes
|
|
start being sent. Default is to use the
|
|
OS level configuration (unless overridden,
|
|
Linux defaults to 7200s (ie 2 hours.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span
|
|
of time. Durations less than one second
|
|
are represented with a 0 `seconds` field
|
|
and a positive or negative `nanos` field.
|
|
For durations of one second or more,
|
|
a non-zero value for the `nanos` field
|
|
must be of the same sign as the `seconds`
|
|
field. Must be from -999,999,999 to
|
|
+999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span
|
|
of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note:
|
|
these bounds are computed from: 60 sec/min
|
|
* 60 min/hr * 24 hr/day * 365.25 days/year
|
|
* 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
load_balancer:
|
|
description: Settings controlling the load balancer algorithms.
|
|
properties:
|
|
locality_lb_setting:
|
|
description: Locality load balancer settings, this
|
|
will override mesh wide settings in entirety, meaning
|
|
no merging would be performed between this object
|
|
and the object one in MeshConfig
|
|
properties:
|
|
distribute:
|
|
description: 'Optional: only one of distribute
|
|
or failover can be set. Explicitly specify loadbalancing
|
|
weight across different zones and geographical
|
|
locations. Refer to [Locality weighted load
|
|
balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight)
|
|
If empty, the locality weight is set according
|
|
to the endpoints number within it.'
|
|
items:
|
|
description: 'Describes how traffic originating
|
|
in the ''from'' zone or sub-zone is distributed
|
|
over a set of ''to'' zones. Syntax for specifying
|
|
a zone is {region}/{zone}/{sub-zone} and terminal
|
|
wildcards are allowed on any segment of the
|
|
specification. Examples: * - matches all localities
|
|
us-west/* - all zones and sub-zones within
|
|
the us-west region us-west/zone-1/* - all
|
|
sub-zones within us-west/zone-1'
|
|
properties:
|
|
from:
|
|
description: Originating locality, '/' separated,
|
|
e.g. 'region/zone/sub_zone'.
|
|
type: string
|
|
to:
|
|
additionalProperties:
|
|
format: int32
|
|
type: integer
|
|
description: Map of upstream localities
|
|
to traffic distribution weights. The sum
|
|
of all weights should be == 100. Any locality
|
|
not assigned a weight will receive no
|
|
traffic.
|
|
type: object
|
|
type: object
|
|
type: array
|
|
enabled:
|
|
description: enable locality load balancing, this
|
|
is DestinationRule-level and will override mesh
|
|
wide settings in entirety. e.g. true means that
|
|
turn on locality load balancing for this DestinationRule
|
|
no matter what mesh wide settings is.
|
|
properties:
|
|
value:
|
|
description: The bool value.
|
|
type: boolean
|
|
type: object
|
|
failover:
|
|
description: 'Optional: only failover or distribute
|
|
can be set. Explicitly specify the region traffic
|
|
will land on when endpoints in local region
|
|
becomes unhealthy. Should be used together with
|
|
OutlierDetection to detect unhealthy endpoints.
|
|
Note: if no OutlierDetection specified, this
|
|
will not take effect.'
|
|
items:
|
|
description: Specify the traffic failover policy
|
|
across regions. Since zone and sub-zone failover
|
|
is supported by default this only needs to
|
|
be specified for regions when the operator
|
|
needs to constrain traffic failover so that
|
|
the default behavior of failing over to any
|
|
endpoint globally does not apply. This is
|
|
useful when failing over traffic across regions
|
|
would not improve service health or may need
|
|
to be restricted for other reasons like regulatory
|
|
controls.
|
|
properties:
|
|
from:
|
|
description: Originating region.
|
|
type: string
|
|
to:
|
|
description: Destination region the traffic
|
|
will fail over to when endpoints in the
|
|
'from' region becomes unhealthy.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|
|
outlier_detection:
|
|
description: Settings controlling eviction of unhealthy
|
|
hosts from the load balancing pool
|
|
properties:
|
|
base_ejection_time:
|
|
description: 'Minimum ejection duration. A host will
|
|
remain ejected for a period equal to the product
|
|
of minimum ejection duration and the number of times
|
|
the host has been ejected. This technique allows
|
|
the system to automatically increase the ejection
|
|
period for unhealthy upstream servers. format: 1h/1m/1s/1ms.
|
|
MUST BE >=1ms. Default is 30s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond
|
|
resolution of the span of time. Durations less
|
|
than one second are represented with a 0 `seconds`
|
|
field and a positive or negative `nanos` field.
|
|
For durations of one second or more, a non-zero
|
|
value for the `nanos` field must be of the same
|
|
sign as the `seconds` field. Must be from -999,999,999
|
|
to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time.
|
|
Must be from -315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds are computed from:
|
|
60 sec/min * 60 min/hr * 24 hr/day * 365.25
|
|
days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
consecutive_5xx_errors:
|
|
description: "Number of 5xx errors before a host is
|
|
ejected from the connection pool. When the upstream
|
|
host is accessed over an opaque TCP connection,
|
|
connect timeouts, connection error/failure and request
|
|
failure events qualify as a 5xx error. This feature
|
|
defaults to 5 but can be disabled by setting the
|
|
value to 0. \n Note that consecutive_gateway_errors
|
|
and consecutive_5xx_errors can be used separately
|
|
or together. Because the errors counted by consecutive_gateway_errors
|
|
are also included in consecutive_5xx_errors, if
|
|
the value of consecutive_gateway_errors is greater
|
|
than or equal to the value of consecutive_5xx_errors,
|
|
consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
consecutive_errors:
|
|
description: Number of errors before a host is ejected
|
|
from the connection pool. Defaults to 5. When the
|
|
upstream host is accessed over HTTP, a 502, 503,
|
|
or 504 return code qualifies as an error. When the
|
|
upstream host is accessed over an opaque TCP connection,
|
|
connect timeouts and connection error/failure events
|
|
qualify as an error. $hide_from_docs
|
|
format: int32
|
|
type: integer
|
|
consecutive_gateway_errors:
|
|
description: "Number of gateway errors before a host
|
|
is ejected from the connection pool. When the upstream
|
|
host is accessed over HTTP, a 502, 503, or 504 return
|
|
code qualifies as a gateway error. When the upstream
|
|
host is accessed over an opaque TCP connection,
|
|
connect timeouts and connection error/failure events
|
|
qualify as a gateway error. This feature is disabled
|
|
by default or when set to the value 0. \n Note that
|
|
consecutive_gateway_errors and consecutive_5xx_errors
|
|
can be used separately or together. Because the
|
|
errors counted by consecutive_gateway_errors are
|
|
also included in consecutive_5xx_errors, if the
|
|
value of consecutive_gateway_errors is greater than
|
|
or equal to the value of consecutive_5xx_errors,
|
|
consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
interval:
|
|
description: 'Time interval between ejection sweep
|
|
analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default
|
|
is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond
|
|
resolution of the span of time. Durations less
|
|
than one second are represented with a 0 `seconds`
|
|
field and a positive or negative `nanos` field.
|
|
For durations of one second or more, a non-zero
|
|
value for the `nanos` field must be of the same
|
|
sign as the `seconds` field. Must be from -999,999,999
|
|
to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time.
|
|
Must be from -315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds are computed from:
|
|
60 sec/min * 60 min/hr * 24 hr/day * 365.25
|
|
days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_ejection_percent:
|
|
description: Maximum % of hosts in the load balancing
|
|
pool for the upstream service that can be ejected.
|
|
Defaults to 10%.
|
|
format: int32
|
|
type: integer
|
|
min_health_percent:
|
|
description: Outlier detection will be enabled as
|
|
long as the associated load balancing pool has at
|
|
least min_health_percent hosts in healthy mode.
|
|
When the percentage of healthy hosts in the load
|
|
balancing pool drops below this threshold, outlier
|
|
detection will be disabled and the proxy will load
|
|
balance across all hosts in the pool (healthy and
|
|
unhealthy). The threshold can be disabled by setting
|
|
it to 0%. The default is 0% as it's not typically
|
|
applicable in k8s environments with few pods per
|
|
service.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
port_level_settings:
|
|
description: Traffic policies specific to individual ports.
|
|
Note that port level settings will override the destination-level
|
|
settings. Traffic settings specified at the destination-level
|
|
will not be inherited when overridden by port-level
|
|
settings, i.e. default values will be applied to fields
|
|
omitted in port-level traffic policies.
|
|
items:
|
|
description: Traffic policies that apply to specific
|
|
ports of the service
|
|
properties:
|
|
connection_pool:
|
|
description: Settings controlling the volume of
|
|
connections to an upstream service
|
|
properties:
|
|
http:
|
|
description: HTTP connection pool settings.
|
|
properties:
|
|
h2_upgrade_policy:
|
|
description: Specify if http1.1 connection
|
|
should be upgraded to http2 for the associated
|
|
destination.
|
|
format: int32
|
|
type: integer
|
|
http1_max_pending_requests:
|
|
description: Maximum number of pending HTTP
|
|
requests to a destination. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
http2_max_requests:
|
|
description: Maximum number of requests
|
|
to a backend. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
idle_timeout:
|
|
description: The idle timeout for upstream
|
|
connection pool connections. The idle
|
|
timeout is defined as the period in which
|
|
there are no active requests. If not set,
|
|
the default is 1 hour. When the idle timeout
|
|
is reached the connection will be closed.
|
|
Note that request based timeouts mean
|
|
that HTTP/2 PINGs will not keep the connection
|
|
alive. Applies to both HTTP1.1 and HTTP2
|
|
connections.
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span
|
|
of time. Durations less than one second
|
|
are represented with a 0 `seconds`
|
|
field and a positive or negative `nanos`
|
|
field. For durations of one second
|
|
or more, a non-zero value for the
|
|
`nanos` field must be of the same
|
|
sign as the `seconds` field. Must
|
|
be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the
|
|
span of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note:
|
|
these bounds are computed from: 60
|
|
sec/min * 60 min/hr * 24 hr/day *
|
|
365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_requests_per_connection:
|
|
description: Maximum number of requests
|
|
per connection to a backend. Setting this
|
|
parameter to 1 disables keep alive. Default
|
|
0, meaning "unlimited", up to 2^29.
|
|
format: int32
|
|
type: integer
|
|
max_retries:
|
|
description: Maximum number of retries that
|
|
can be outstanding to all hosts in a cluster
|
|
at a given time. Defaults to 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tcp:
|
|
description: Settings common to both HTTP and
|
|
TCP upstream connections.
|
|
properties:
|
|
connect_timeout:
|
|
description: 'TCP connection timeout. format:
|
|
1h/1m/1s/1ms. MUST BE >=1ms. Default is
|
|
10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span
|
|
of time. Durations less than one second
|
|
are represented with a 0 `seconds`
|
|
field and a positive or negative `nanos`
|
|
field. For durations of one second
|
|
or more, a non-zero value for the
|
|
`nanos` field must be of the same
|
|
sign as the `seconds` field. Must
|
|
be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the
|
|
span of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note:
|
|
these bounds are computed from: 60
|
|
sec/min * 60 min/hr * 24 hr/day *
|
|
365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_connections:
|
|
description: Maximum number of HTTP1 /TCP
|
|
connections to a destination host. Default
|
|
2^32-1.
|
|
format: int32
|
|
type: integer
|
|
tcp_keepalive:
|
|
description: If set then set SO_KEEPALIVE
|
|
on the socket to enable TCP Keepalives.
|
|
properties:
|
|
interval:
|
|
description: The time duration between
|
|
keep-alive probes. Default is to use
|
|
the OS level configuration (unless
|
|
overridden, Linux defaults to 75s.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of
|
|
a second at nanosecond resolution
|
|
of the span of time. Durations
|
|
less than one second are represented
|
|
with a 0 `seconds` field and a
|
|
positive or negative `nanos` field.
|
|
For durations of one second or
|
|
more, a non-zero value for the
|
|
`nanos` field must be of the same
|
|
sign as the `seconds` field. Must
|
|
be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of
|
|
the span of time. Must be from
|
|
-315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds
|
|
are computed from: 60 sec/min
|
|
* 60 min/hr * 24 hr/day * 365.25
|
|
days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
probes:
|
|
description: Maximum number of keepalive
|
|
probes to send without response before
|
|
deciding the connection is dead. Default
|
|
is to use the OS level configuration
|
|
(unless overridden, Linux defaults
|
|
to 9.)
|
|
format: int32
|
|
type: integer
|
|
time:
|
|
description: The time duration a connection
|
|
needs to be idle before keep-alive
|
|
probes start being sent. Default is
|
|
to use the OS level configuration
|
|
(unless overridden, Linux defaults
|
|
to 7200s (ie 2 hours.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of
|
|
a second at nanosecond resolution
|
|
of the span of time. Durations
|
|
less than one second are represented
|
|
with a 0 `seconds` field and a
|
|
positive or negative `nanos` field.
|
|
For durations of one second or
|
|
more, a non-zero value for the
|
|
`nanos` field must be of the same
|
|
sign as the `seconds` field. Must
|
|
be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of
|
|
the span of time. Must be from
|
|
-315,576,000,000 to +315,576,000,000
|
|
inclusive. Note: these bounds
|
|
are computed from: 60 sec/min
|
|
* 60 min/hr * 24 hr/day * 365.25
|
|
days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
load_balancer:
|
|
description: Settings controlling the load balancer
|
|
algorithms.
|
|
properties:
|
|
locality_lb_setting:
|
|
description: Locality load balancer settings,
|
|
this will override mesh wide settings in entirety,
|
|
meaning no merging would be performed between
|
|
this object and the object one in MeshConfig
|
|
properties:
|
|
distribute:
|
|
description: 'Optional: only one of distribute
|
|
or failover can be set. Explicitly specify
|
|
loadbalancing weight across different
|
|
zones and geographical locations. Refer
|
|
to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight)
|
|
If empty, the locality weight is set according
|
|
to the endpoints number within it.'
|
|
items:
|
|
description: 'Describes how traffic originating
|
|
in the ''from'' zone or sub-zone is
|
|
distributed over a set of ''to'' zones.
|
|
Syntax for specifying a zone is {region}/{zone}/{sub-zone}
|
|
and terminal wildcards are allowed on
|
|
any segment of the specification. Examples:
|
|
* - matches all localities us-west/*
|
|
- all zones and sub-zones within the
|
|
us-west region us-west/zone-1/* - all
|
|
sub-zones within us-west/zone-1'
|
|
properties:
|
|
from:
|
|
description: Originating locality,
|
|
'/' separated, e.g. 'region/zone/sub_zone'.
|
|
type: string
|
|
to:
|
|
additionalProperties:
|
|
format: int32
|
|
type: integer
|
|
description: Map of upstream localities
|
|
to traffic distribution weights.
|
|
The sum of all weights should be
|
|
== 100. Any locality not assigned
|
|
a weight will receive no traffic.
|
|
type: object
|
|
type: object
|
|
type: array
|
|
enabled:
|
|
description: enable locality load balancing,
|
|
this is DestinationRule-level and will
|
|
override mesh wide settings in entirety.
|
|
e.g. true means that turn on locality
|
|
load balancing for this DestinationRule
|
|
no matter what mesh wide settings is.
|
|
properties:
|
|
value:
|
|
description: The bool value.
|
|
type: boolean
|
|
type: object
|
|
failover:
|
|
description: 'Optional: only failover or
|
|
distribute can be set. Explicitly specify
|
|
the region traffic will land on when endpoints
|
|
in local region becomes unhealthy. Should
|
|
be used together with OutlierDetection
|
|
to detect unhealthy endpoints. Note: if
|
|
no OutlierDetection specified, this will
|
|
not take effect.'
|
|
items:
|
|
description: Specify the traffic failover
|
|
policy across regions. Since zone and
|
|
sub-zone failover is supported by default
|
|
this only needs to be specified for
|
|
regions when the operator needs to constrain
|
|
traffic failover so that the default
|
|
behavior of failing over to any endpoint
|
|
globally does not apply. This is useful
|
|
when failing over traffic across regions
|
|
would not improve service health or
|
|
may need to be restricted for other
|
|
reasons like regulatory controls.
|
|
properties:
|
|
from:
|
|
description: Originating region.
|
|
type: string
|
|
to:
|
|
description: Destination region the
|
|
traffic will fail over to when endpoints
|
|
in the 'from' region becomes unhealthy.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|
|
outlier_detection:
|
|
description: Settings controlling eviction of unhealthy
|
|
hosts from the load balancing pool
|
|
properties:
|
|
base_ejection_time:
|
|
description: 'Minimum ejection duration. A host
|
|
will remain ejected for a period equal to
|
|
the product of minimum ejection duration and
|
|
the number of times the host has been ejected.
|
|
This technique allows the system to automatically
|
|
increase the ejection period for unhealthy
|
|
upstream servers. format: 1h/1m/1s/1ms. MUST
|
|
BE >=1ms. Default is 30s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span of
|
|
time. Durations less than one second are
|
|
represented with a 0 `seconds` field and
|
|
a positive or negative `nanos` field.
|
|
For durations of one second or more, a
|
|
non-zero value for the `nanos` field must
|
|
be of the same sign as the `seconds` field.
|
|
Must be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span
|
|
of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note: these
|
|
bounds are computed from: 60 sec/min *
|
|
60 min/hr * 24 hr/day * 365.25 days/year
|
|
* 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
consecutive_5xx_errors:
|
|
description: "Number of 5xx errors before a
|
|
host is ejected from the connection pool.
|
|
When the upstream host is accessed over an
|
|
opaque TCP connection, connect timeouts, connection
|
|
error/failure and request failure events qualify
|
|
as a 5xx error. This feature defaults to 5
|
|
but can be disabled by setting the value to
|
|
0. \n Note that consecutive_gateway_errors
|
|
and consecutive_5xx_errors can be used separately
|
|
or together. Because the errors counted by
|
|
consecutive_gateway_errors are also included
|
|
in consecutive_5xx_errors, if the value of
|
|
consecutive_gateway_errors is greater than
|
|
or equal to the value of consecutive_5xx_errors,
|
|
consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
consecutive_errors:
|
|
description: Number of errors before a host
|
|
is ejected from the connection pool. Defaults
|
|
to 5. When the upstream host is accessed over
|
|
HTTP, a 502, 503, or 504 return code qualifies
|
|
as an error. When the upstream host is accessed
|
|
over an opaque TCP connection, connect timeouts
|
|
and connection error/failure events qualify
|
|
as an error. $hide_from_docs
|
|
format: int32
|
|
type: integer
|
|
consecutive_gateway_errors:
|
|
description: "Number of gateway errors before
|
|
a host is ejected from the connection pool.
|
|
When the upstream host is accessed over HTTP,
|
|
a 502, 503, or 504 return code qualifies as
|
|
a gateway error. When the upstream host is
|
|
accessed over an opaque TCP connection, connect
|
|
timeouts and connection error/failure events
|
|
qualify as a gateway error. This feature is
|
|
disabled by default or when set to the value
|
|
0. \n Note that consecutive_gateway_errors
|
|
and consecutive_5xx_errors can be used separately
|
|
or together. Because the errors counted by
|
|
consecutive_gateway_errors are also included
|
|
in consecutive_5xx_errors, if the value of
|
|
consecutive_gateway_errors is greater than
|
|
or equal to the value of consecutive_5xx_errors,
|
|
consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
interval:
|
|
description: 'Time interval between ejection
|
|
sweep analysis. format: 1h/1m/1s/1ms. MUST
|
|
BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second
|
|
at nanosecond resolution of the span of
|
|
time. Durations less than one second are
|
|
represented with a 0 `seconds` field and
|
|
a positive or negative `nanos` field.
|
|
For durations of one second or more, a
|
|
non-zero value for the `nanos` field must
|
|
be of the same sign as the `seconds` field.
|
|
Must be from -999,999,999 to +999,999,999
|
|
inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span
|
|
of time. Must be from -315,576,000,000
|
|
to +315,576,000,000 inclusive. Note: these
|
|
bounds are computed from: 60 sec/min *
|
|
60 min/hr * 24 hr/day * 365.25 days/year
|
|
* 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_ejection_percent:
|
|
description: Maximum % of hosts in the load
|
|
balancing pool for the upstream service that
|
|
can be ejected. Defaults to 10%.
|
|
format: int32
|
|
type: integer
|
|
min_health_percent:
|
|
description: Outlier detection will be enabled
|
|
as long as the associated load balancing pool
|
|
has at least min_health_percent hosts in healthy
|
|
mode. When the percentage of healthy hosts
|
|
in the load balancing pool drops below this
|
|
threshold, outlier detection will be disabled
|
|
and the proxy will load balance across all
|
|
hosts in the pool (healthy and unhealthy).
|
|
The threshold can be disabled by setting it
|
|
to 0%. The default is 0% as it's not typically
|
|
applicable in k8s environments with few pods
|
|
per service.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
port:
|
|
description: Specifies the number of a port on the
|
|
destination service on which this policy is being
|
|
applied.
|
|
properties:
|
|
number:
|
|
description: Valid port number
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tls:
|
|
description: TLS related settings for connections
|
|
to the upstream service.
|
|
properties:
|
|
ca_certificates:
|
|
description: 'OPTIONAL: The path to the file
|
|
containing certificate authority certificates
|
|
to use in verifying a presented server certificate.
|
|
If omitted, the proxy will not verify the
|
|
server''s certificate. Should be empty if
|
|
mode is `ISTIO_MUTUAL`.'
|
|
type: string
|
|
client_certificate:
|
|
description: REQUIRED if mode is `MUTUAL`. The
|
|
path to the file holding the client-side TLS
|
|
certificate to use. Should be empty if mode
|
|
is `ISTIO_MUTUAL`.
|
|
type: string
|
|
mode:
|
|
description: Indicates whether connections to
|
|
this port should be secured using TLS. The
|
|
value of this field determines how TLS is
|
|
enforced.
|
|
format: int32
|
|
type: integer
|
|
private_key:
|
|
description: REQUIRED if mode is `MUTUAL`. The
|
|
path to the file holding the client's private
|
|
key. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
sni:
|
|
description: SNI string to present to the server
|
|
during TLS handshake.
|
|
type: string
|
|
subject_alt_names:
|
|
description: A list of alternate names to verify
|
|
the subject identity in the certificate. If
|
|
specified, the proxy will verify that the
|
|
server certificate's subject alt name matches
|
|
one of the specified values. If specified,
|
|
this list overrides the value of subject_alt_names
|
|
from the ServiceEntry.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
type: array
|
|
tls:
|
|
description: TLS related settings for connections to the
|
|
upstream service.
|
|
properties:
|
|
ca_certificates:
|
|
description: 'OPTIONAL: The path to the file containing
|
|
certificate authority certificates to use in verifying
|
|
a presented server certificate. If omitted, the
|
|
proxy will not verify the server''s certificate.
|
|
Should be empty if mode is `ISTIO_MUTUAL`.'
|
|
type: string
|
|
client_certificate:
|
|
description: REQUIRED if mode is `MUTUAL`. The path
|
|
to the file holding the client-side TLS certificate
|
|
to use. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
mode:
|
|
description: Indicates whether connections to this
|
|
port should be secured using TLS. The value of this
|
|
field determines how TLS is enforced.
|
|
format: int32
|
|
type: integer
|
|
private_key:
|
|
description: REQUIRED if mode is `MUTUAL`. The path
|
|
to the file holding the client's private key. Should
|
|
be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
sni:
|
|
description: SNI string to present to the server during
|
|
TLS handshake.
|
|
type: string
|
|
subject_alt_names:
|
|
description: A list of alternate names to verify the
|
|
subject identity in the certificate. If specified,
|
|
the proxy will verify that the server certificate's
|
|
subject alt name matches one of the specified values.
|
|
If specified, this list overrides the value of subject_alt_names
|
|
from the ServiceEntry.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
status:
|
|
description: ServicePolicyStatus defines the observed state of ServicePolicy
|
|
properties:
|
|
completionTime:
|
|
description: Represents time when the strategy was completed. It is
|
|
represented in RFC3339 form and is in UTC.
|
|
format: date-time
|
|
type: string
|
|
conditions:
|
|
description: The latest available observations of an object's current
|
|
state.
|
|
items:
|
|
description: StrategyCondition describes current state of a strategy.
|
|
properties:
|
|
lastProbeTime:
|
|
description: Last time the condition was checked.
|
|
format: date-time
|
|
type: string
|
|
lastTransitionTime:
|
|
description: Last time the condition transit from one status
|
|
to another
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: Human readable message indicating details about
|
|
last transition.
|
|
type: string
|
|
reason:
|
|
description: reason for the condition's last transition
|
|
type: string
|
|
status:
|
|
description: Status of the condition, one of True, False, Unknown
|
|
type: string
|
|
type:
|
|
description: Type of strategy condition, Complete or Failed.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
startTime:
|
|
description: Represents time when the strategy was acknowledged by
|
|
the controller. It is represented in RFC3339 form and is in UTC.
|
|
format: date-time
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|