1054 lines
105 KiB
YAML
Generated
1054 lines
105 KiB
YAML
Generated
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: (devel)
|
|
creationTimestamp: null
|
|
name: servicepolicies.servicemesh.kubesphere.io
|
|
spec:
|
|
group: servicemesh.kubesphere.io
|
|
names:
|
|
kind: ServicePolicy
|
|
listKind: ServicePolicyList
|
|
plural: servicepolicies
|
|
singular: servicepolicy
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha2
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: ServicePolicy is the Schema for the servicepolicies API
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: ServicePolicySpec defines the desired state of ServicePolicy
|
|
properties:
|
|
selector:
|
|
description: Label selector for destination rules.
|
|
properties:
|
|
matchExpressions:
|
|
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
|
|
items:
|
|
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
|
|
properties:
|
|
key:
|
|
description: key is the label key that the selector applies to.
|
|
type: string
|
|
operator:
|
|
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
|
|
type: string
|
|
values:
|
|
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
|
|
type: object
|
|
type: object
|
|
template:
|
|
description: Template used to create a destination rule
|
|
properties:
|
|
metadata:
|
|
description: Metadata of the virtual services created from this template
|
|
type: object
|
|
spec:
|
|
description: Spec indicates the behavior of a destination rule.
|
|
properties:
|
|
export_to:
|
|
description: "A list of namespaces to which this destination rule is exported. The resolution of a destination rule to apply to a service occurs in the context of a hierarchy of namespaces. Exporting a destination rule allows it to be included in the resolution hierarchy for services in other namespaces. This feature provides a mechanism for service owners and mesh administrators to control the visibility of destination rules across namespace boundaries. \n If no namespaces are specified then the destination rule is exported to all namespaces by default. \n The value \".\" is reserved and defines an export to the same namespace that the destination rule is declared in. Similarly, the value \"*\" is reserved and defines an export to all namespaces. \n NOTE: in the current release, the `exportTo` value is restricted to \".\" or \"*\" (i.e., the current namespace or all namespaces)."
|
|
items:
|
|
type: string
|
|
type: array
|
|
host:
|
|
description: "The name of a service from the service registry. Service names are looked up from the platform's service registry (e.g., Kubernetes services, Consul services, etc.) and from the hosts declared by [ServiceEntries](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). Rules defined for services that do not exist in the service registry will be ignored. \n *Note for Kubernetes users*: When short names are used (e.g. \"reviews\" instead of \"reviews.default.svc.cluster.local\"), Istio will interpret the short name based on the namespace of the rule, not the service. A rule in the \"default\" namespace containing a host \"reviews\" will be interpreted as \"reviews.default.svc.cluster.local\", irrespective of the actual namespace associated with the reviews service. _To avoid potential misconfigurations, it is recommended to always use fully qualified domain names over short names._ \n Note that the host field applies to both HTTP and TCP services."
|
|
type: string
|
|
subsets:
|
|
description: One or more named sets that represent individual versions of a service. Traffic policies can be overridden at subset level.
|
|
items:
|
|
description: "A subset of endpoints of a service. Subsets can be used for scenarios like A/B testing, or routing to a specific version of a service. Refer to [VirtualService](https://istio.io/docs/reference/config/networking/virtual-service/#VirtualService) documentation for examples of using subsets in these scenarios. In addition, traffic policies defined at the service-level can be overridden at a subset-level. The following rule uses a round robin load balancing policy for all traffic going to a subset named testversion that is composed of endpoints (e.g., pods) with labels (version:v3). \n {{<tabset category-name=\"example\">}} {{<tab name=\"v1alpha3\" category-value=\"v1alpha3\">}} ```yaml apiVersion: networking.istio.io/v1alpha3 kind: DestinationRule metadata: name: bookinfo-ratings spec: host: ratings.prod.svc.cluster.local trafficPolicy: loadBalancer: simple: LEAST_CONN subsets: - name: testversion labels: version: v3 trafficPolicy: loadBalancer: simple: ROUND_ROBIN ``` {{</tab>}} \n {{<tab name=\"v1beta1\" category-value=\"v1beta1\">}} ```yaml apiVersion: networking.istio.io/v1beta1 kind: DestinationRule metadata: name: bookinfo-ratings spec: host: ratings.prod.svc.cluster.local trafficPolicy: loadBalancer: simple: LEAST_CONN subsets: - name: testversion labels: version: v3 trafficPolicy: loadBalancer: simple: ROUND_ROBIN ``` {{</tab>}} {{</tabset>}} \n **Note:** Policies specified for subsets will not take effect until a route rule explicitly sends traffic to this subset. \n One or more labels are typically required to identify the subset destination, however, when the corresponding DestinationRule represents a host that supports multiple SNI hosts (e.g., an egress gateway), a subset without labels may be meaningful. In this case a traffic policy with [ClientTLSSettings](#ClientTLSSettings) can be used to identify a specific SNI host corresponding to the named subset."
|
|
properties:
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
description: Labels apply a filter over the endpoints of a service in the service registry. See route rules for examples of usage.
|
|
type: object
|
|
name:
|
|
description: Name of the subset. The service name and the subset name can be used for traffic splitting in a route rule.
|
|
type: string
|
|
traffic_policy:
|
|
description: Traffic policies that apply to this subset. Subsets inherit the traffic policies specified at the DestinationRule level. Settings specified at the subset level will override the corresponding settings specified at the DestinationRule level.
|
|
properties:
|
|
connection_pool:
|
|
description: Settings controlling the volume of connections to an upstream service
|
|
properties:
|
|
http:
|
|
description: HTTP connection pool settings.
|
|
properties:
|
|
h2_upgrade_policy:
|
|
description: Specify if http1.1 connection should be upgraded to http2 for the associated destination.
|
|
format: int32
|
|
type: integer
|
|
http1_max_pending_requests:
|
|
description: Maximum number of pending HTTP requests to a destination. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
http2_max_requests:
|
|
description: Maximum number of requests to a backend. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
idle_timeout:
|
|
description: The idle timeout for upstream connection pool connections. The idle timeout is defined as the period in which there are no active requests. If not set, the default is 1 hour. When the idle timeout is reached the connection will be closed. Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. Applies to both HTTP1.1 and HTTP2 connections.
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_requests_per_connection:
|
|
description: Maximum number of requests per connection to a backend. Setting this parameter to 1 disables keep alive. Default 0, meaning "unlimited", up to 2^29.
|
|
format: int32
|
|
type: integer
|
|
max_retries:
|
|
description: Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. Defaults to 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tcp:
|
|
description: Settings common to both HTTP and TCP upstream connections.
|
|
properties:
|
|
connect_timeout:
|
|
description: 'TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_connections:
|
|
description: Maximum number of HTTP1 /TCP connections to a destination host. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
tcp_keepalive:
|
|
description: If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.
|
|
properties:
|
|
interval:
|
|
description: The time duration between keep-alive probes. Default is to use the OS level configuration (unless overridden, Linux defaults to 75s.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
probes:
|
|
description: Maximum number of keepalive probes to send without response before deciding the connection is dead. Default is to use the OS level configuration (unless overridden, Linux defaults to 9.)
|
|
format: int32
|
|
type: integer
|
|
time:
|
|
description: The time duration a connection needs to be idle before keep-alive probes start being sent. Default is to use the OS level configuration (unless overridden, Linux defaults to 7200s (ie 2 hours.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
load_balancer:
|
|
description: Settings controlling the load balancer algorithms.
|
|
properties:
|
|
locality_lb_setting:
|
|
description: Locality load balancer settings, this will override mesh wide settings in entirety, meaning no merging would be performed between this object and the object one in MeshConfig
|
|
properties:
|
|
distribute:
|
|
description: 'Optional: only one of distribute or failover can be set. Explicitly specify loadbalancing weight across different zones and geographical locations. Refer to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight) If empty, the locality weight is set according to the endpoints number within it.'
|
|
items:
|
|
description: 'Describes how traffic originating in the ''from'' zone or sub-zone is distributed over a set of ''to'' zones. Syntax for specifying a zone is {region}/{zone}/{sub-zone} and terminal wildcards are allowed on any segment of the specification. Examples: * - matches all localities us-west/* - all zones and sub-zones within the us-west region us-west/zone-1/* - all sub-zones within us-west/zone-1'
|
|
properties:
|
|
from:
|
|
description: Originating locality, '/' separated, e.g. 'region/zone/sub_zone'.
|
|
type: string
|
|
to:
|
|
additionalProperties:
|
|
format: int32
|
|
type: integer
|
|
description: Map of upstream localities to traffic distribution weights. The sum of all weights should be == 100. Any locality not assigned a weight will receive no traffic.
|
|
type: object
|
|
type: object
|
|
type: array
|
|
enabled:
|
|
description: enable locality load balancing, this is DestinationRule-level and will override mesh wide settings in entirety. e.g. true means that turn on locality load balancing for this DestinationRule no matter what mesh wide settings is.
|
|
properties:
|
|
value:
|
|
description: The bool value.
|
|
type: boolean
|
|
type: object
|
|
failover:
|
|
description: 'Optional: only failover or distribute can be set. Explicitly specify the region traffic will land on when endpoints in local region becomes unhealthy. Should be used together with OutlierDetection to detect unhealthy endpoints. Note: if no OutlierDetection specified, this will not take effect.'
|
|
items:
|
|
description: Specify the traffic failover policy across regions. Since zone and sub-zone failover is supported by default this only needs to be specified for regions when the operator needs to constrain traffic failover so that the default behavior of failing over to any endpoint globally does not apply. This is useful when failing over traffic across regions would not improve service health or may need to be restricted for other reasons like regulatory controls.
|
|
properties:
|
|
from:
|
|
description: Originating region.
|
|
type: string
|
|
to:
|
|
description: Destination region the traffic will fail over to when endpoints in the 'from' region becomes unhealthy.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|
|
outlier_detection:
|
|
description: Settings controlling eviction of unhealthy hosts from the load balancing pool
|
|
properties:
|
|
base_ejection_time:
|
|
description: 'Minimum ejection duration. A host will remain ejected for a period equal to the product of minimum ejection duration and the number of times the host has been ejected. This technique allows the system to automatically increase the ejection period for unhealthy upstream servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 30s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
consecutive_5xx_errors:
|
|
description: "Number of 5xx errors before a host is ejected from the connection pool. When the upstream host is accessed over an opaque TCP connection, connect timeouts, connection error/failure and request failure events qualify as a 5xx error. This feature defaults to 5 but can be disabled by setting the value to 0. \n Note that consecutive_gateway_errors and consecutive_5xx_errors can be used separately or together. Because the errors counted by consecutive_gateway_errors are also included in consecutive_5xx_errors, if the value of consecutive_gateway_errors is greater than or equal to the value of consecutive_5xx_errors, consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
consecutive_errors:
|
|
description: Number of errors before a host is ejected from the connection pool. Defaults to 5. When the upstream host is accessed over HTTP, a 502, 503, or 504 return code qualifies as an error. When the upstream host is accessed over an opaque TCP connection, connect timeouts and connection error/failure events qualify as an error. $hide_from_docs
|
|
format: int32
|
|
type: integer
|
|
consecutive_gateway_errors:
|
|
description: "Number of gateway errors before a host is ejected from the connection pool. When the upstream host is accessed over HTTP, a 502, 503, or 504 return code qualifies as a gateway error. When the upstream host is accessed over an opaque TCP connection, connect timeouts and connection error/failure events qualify as a gateway error. This feature is disabled by default or when set to the value 0. \n Note that consecutive_gateway_errors and consecutive_5xx_errors can be used separately or together. Because the errors counted by consecutive_gateway_errors are also included in consecutive_5xx_errors, if the value of consecutive_gateway_errors is greater than or equal to the value of consecutive_5xx_errors, consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
interval:
|
|
description: 'Time interval between ejection sweep analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_ejection_percent:
|
|
description: Maximum % of hosts in the load balancing pool for the upstream service that can be ejected. Defaults to 10%.
|
|
format: int32
|
|
type: integer
|
|
min_health_percent:
|
|
description: Outlier detection will be enabled as long as the associated load balancing pool has at least min_health_percent hosts in healthy mode. When the percentage of healthy hosts in the load balancing pool drops below this threshold, outlier detection will be disabled and the proxy will load balance across all hosts in the pool (healthy and unhealthy). The threshold can be disabled by setting it to 0%. The default is 0% as it's not typically applicable in k8s environments with few pods per service.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
port_level_settings:
|
|
description: Traffic policies specific to individual ports. Note that port level settings will override the destination-level settings. Traffic settings specified at the destination-level will not be inherited when overridden by port-level settings, i.e. default values will be applied to fields omitted in port-level traffic policies.
|
|
items:
|
|
description: Traffic policies that apply to specific ports of the service
|
|
properties:
|
|
connection_pool:
|
|
description: Settings controlling the volume of connections to an upstream service
|
|
properties:
|
|
http:
|
|
description: HTTP connection pool settings.
|
|
properties:
|
|
h2_upgrade_policy:
|
|
description: Specify if http1.1 connection should be upgraded to http2 for the associated destination.
|
|
format: int32
|
|
type: integer
|
|
http1_max_pending_requests:
|
|
description: Maximum number of pending HTTP requests to a destination. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
http2_max_requests:
|
|
description: Maximum number of requests to a backend. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
idle_timeout:
|
|
description: The idle timeout for upstream connection pool connections. The idle timeout is defined as the period in which there are no active requests. If not set, the default is 1 hour. When the idle timeout is reached the connection will be closed. Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. Applies to both HTTP1.1 and HTTP2 connections.
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_requests_per_connection:
|
|
description: Maximum number of requests per connection to a backend. Setting this parameter to 1 disables keep alive. Default 0, meaning "unlimited", up to 2^29.
|
|
format: int32
|
|
type: integer
|
|
max_retries:
|
|
description: Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. Defaults to 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tcp:
|
|
description: Settings common to both HTTP and TCP upstream connections.
|
|
properties:
|
|
connect_timeout:
|
|
description: 'TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_connections:
|
|
description: Maximum number of HTTP1 /TCP connections to a destination host. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
tcp_keepalive:
|
|
description: If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.
|
|
properties:
|
|
interval:
|
|
description: The time duration between keep-alive probes. Default is to use the OS level configuration (unless overridden, Linux defaults to 75s.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
probes:
|
|
description: Maximum number of keepalive probes to send without response before deciding the connection is dead. Default is to use the OS level configuration (unless overridden, Linux defaults to 9.)
|
|
format: int32
|
|
type: integer
|
|
time:
|
|
description: The time duration a connection needs to be idle before keep-alive probes start being sent. Default is to use the OS level configuration (unless overridden, Linux defaults to 7200s (ie 2 hours.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
load_balancer:
|
|
description: Settings controlling the load balancer algorithms.
|
|
properties:
|
|
locality_lb_setting:
|
|
description: Locality load balancer settings, this will override mesh wide settings in entirety, meaning no merging would be performed between this object and the object one in MeshConfig
|
|
properties:
|
|
distribute:
|
|
description: 'Optional: only one of distribute or failover can be set. Explicitly specify loadbalancing weight across different zones and geographical locations. Refer to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight) If empty, the locality weight is set according to the endpoints number within it.'
|
|
items:
|
|
description: 'Describes how traffic originating in the ''from'' zone or sub-zone is distributed over a set of ''to'' zones. Syntax for specifying a zone is {region}/{zone}/{sub-zone} and terminal wildcards are allowed on any segment of the specification. Examples: * - matches all localities us-west/* - all zones and sub-zones within the us-west region us-west/zone-1/* - all sub-zones within us-west/zone-1'
|
|
properties:
|
|
from:
|
|
description: Originating locality, '/' separated, e.g. 'region/zone/sub_zone'.
|
|
type: string
|
|
to:
|
|
additionalProperties:
|
|
format: int32
|
|
type: integer
|
|
description: Map of upstream localities to traffic distribution weights. The sum of all weights should be == 100. Any locality not assigned a weight will receive no traffic.
|
|
type: object
|
|
type: object
|
|
type: array
|
|
enabled:
|
|
description: enable locality load balancing, this is DestinationRule-level and will override mesh wide settings in entirety. e.g. true means that turn on locality load balancing for this DestinationRule no matter what mesh wide settings is.
|
|
properties:
|
|
value:
|
|
description: The bool value.
|
|
type: boolean
|
|
type: object
|
|
failover:
|
|
description: 'Optional: only failover or distribute can be set. Explicitly specify the region traffic will land on when endpoints in local region becomes unhealthy. Should be used together with OutlierDetection to detect unhealthy endpoints. Note: if no OutlierDetection specified, this will not take effect.'
|
|
items:
|
|
description: Specify the traffic failover policy across regions. Since zone and sub-zone failover is supported by default this only needs to be specified for regions when the operator needs to constrain traffic failover so that the default behavior of failing over to any endpoint globally does not apply. This is useful when failing over traffic across regions would not improve service health or may need to be restricted for other reasons like regulatory controls.
|
|
properties:
|
|
from:
|
|
description: Originating region.
|
|
type: string
|
|
to:
|
|
description: Destination region the traffic will fail over to when endpoints in the 'from' region becomes unhealthy.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|
|
outlier_detection:
|
|
description: Settings controlling eviction of unhealthy hosts from the load balancing pool
|
|
properties:
|
|
base_ejection_time:
|
|
description: 'Minimum ejection duration. A host will remain ejected for a period equal to the product of minimum ejection duration and the number of times the host has been ejected. This technique allows the system to automatically increase the ejection period for unhealthy upstream servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 30s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
consecutive_5xx_errors:
|
|
description: "Number of 5xx errors before a host is ejected from the connection pool. When the upstream host is accessed over an opaque TCP connection, connect timeouts, connection error/failure and request failure events qualify as a 5xx error. This feature defaults to 5 but can be disabled by setting the value to 0. \n Note that consecutive_gateway_errors and consecutive_5xx_errors can be used separately or together. Because the errors counted by consecutive_gateway_errors are also included in consecutive_5xx_errors, if the value of consecutive_gateway_errors is greater than or equal to the value of consecutive_5xx_errors, consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
consecutive_errors:
|
|
description: Number of errors before a host is ejected from the connection pool. Defaults to 5. When the upstream host is accessed over HTTP, a 502, 503, or 504 return code qualifies as an error. When the upstream host is accessed over an opaque TCP connection, connect timeouts and connection error/failure events qualify as an error. $hide_from_docs
|
|
format: int32
|
|
type: integer
|
|
consecutive_gateway_errors:
|
|
description: "Number of gateway errors before a host is ejected from the connection pool. When the upstream host is accessed over HTTP, a 502, 503, or 504 return code qualifies as a gateway error. When the upstream host is accessed over an opaque TCP connection, connect timeouts and connection error/failure events qualify as a gateway error. This feature is disabled by default or when set to the value 0. \n Note that consecutive_gateway_errors and consecutive_5xx_errors can be used separately or together. Because the errors counted by consecutive_gateway_errors are also included in consecutive_5xx_errors, if the value of consecutive_gateway_errors is greater than or equal to the value of consecutive_5xx_errors, consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
interval:
|
|
description: 'Time interval between ejection sweep analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_ejection_percent:
|
|
description: Maximum % of hosts in the load balancing pool for the upstream service that can be ejected. Defaults to 10%.
|
|
format: int32
|
|
type: integer
|
|
min_health_percent:
|
|
description: Outlier detection will be enabled as long as the associated load balancing pool has at least min_health_percent hosts in healthy mode. When the percentage of healthy hosts in the load balancing pool drops below this threshold, outlier detection will be disabled and the proxy will load balance across all hosts in the pool (healthy and unhealthy). The threshold can be disabled by setting it to 0%. The default is 0% as it's not typically applicable in k8s environments with few pods per service.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
port:
|
|
description: Specifies the number of a port on the destination service on which this policy is being applied.
|
|
properties:
|
|
number:
|
|
description: Valid port number
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tls:
|
|
description: TLS related settings for connections to the upstream service.
|
|
properties:
|
|
ca_certificates:
|
|
description: 'OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. If omitted, the proxy will not verify the server''s certificate. Should be empty if mode is `ISTIO_MUTUAL`.'
|
|
type: string
|
|
client_certificate:
|
|
description: REQUIRED if mode is `MUTUAL`. The path to the file holding the client-side TLS certificate to use. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
mode:
|
|
description: Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced.
|
|
format: int32
|
|
type: integer
|
|
private_key:
|
|
description: REQUIRED if mode is `MUTUAL`. The path to the file holding the client's private key. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
sni:
|
|
description: SNI string to present to the server during TLS handshake.
|
|
type: string
|
|
subject_alt_names:
|
|
description: A list of alternate names to verify the subject identity in the certificate. If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. If specified, this list overrides the value of subject_alt_names from the ServiceEntry.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
type: array
|
|
tls:
|
|
description: TLS related settings for connections to the upstream service.
|
|
properties:
|
|
ca_certificates:
|
|
description: 'OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. If omitted, the proxy will not verify the server''s certificate. Should be empty if mode is `ISTIO_MUTUAL`.'
|
|
type: string
|
|
client_certificate:
|
|
description: REQUIRED if mode is `MUTUAL`. The path to the file holding the client-side TLS certificate to use. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
mode:
|
|
description: Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced.
|
|
format: int32
|
|
type: integer
|
|
private_key:
|
|
description: REQUIRED if mode is `MUTUAL`. The path to the file holding the client's private key. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
sni:
|
|
description: SNI string to present to the server during TLS handshake.
|
|
type: string
|
|
subject_alt_names:
|
|
description: A list of alternate names to verify the subject identity in the certificate. If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. If specified, this list overrides the value of subject_alt_names from the ServiceEntry.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: array
|
|
traffic_policy:
|
|
description: Traffic policies to apply (load balancing policy, connection pool sizes, outlier detection).
|
|
properties:
|
|
connection_pool:
|
|
description: Settings controlling the volume of connections to an upstream service
|
|
properties:
|
|
http:
|
|
description: HTTP connection pool settings.
|
|
properties:
|
|
h2_upgrade_policy:
|
|
description: Specify if http1.1 connection should be upgraded to http2 for the associated destination.
|
|
format: int32
|
|
type: integer
|
|
http1_max_pending_requests:
|
|
description: Maximum number of pending HTTP requests to a destination. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
http2_max_requests:
|
|
description: Maximum number of requests to a backend. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
idle_timeout:
|
|
description: The idle timeout for upstream connection pool connections. The idle timeout is defined as the period in which there are no active requests. If not set, the default is 1 hour. When the idle timeout is reached the connection will be closed. Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. Applies to both HTTP1.1 and HTTP2 connections.
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_requests_per_connection:
|
|
description: Maximum number of requests per connection to a backend. Setting this parameter to 1 disables keep alive. Default 0, meaning "unlimited", up to 2^29.
|
|
format: int32
|
|
type: integer
|
|
max_retries:
|
|
description: Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. Defaults to 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tcp:
|
|
description: Settings common to both HTTP and TCP upstream connections.
|
|
properties:
|
|
connect_timeout:
|
|
description: 'TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_connections:
|
|
description: Maximum number of HTTP1 /TCP connections to a destination host. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
tcp_keepalive:
|
|
description: If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.
|
|
properties:
|
|
interval:
|
|
description: The time duration between keep-alive probes. Default is to use the OS level configuration (unless overridden, Linux defaults to 75s.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
probes:
|
|
description: Maximum number of keepalive probes to send without response before deciding the connection is dead. Default is to use the OS level configuration (unless overridden, Linux defaults to 9.)
|
|
format: int32
|
|
type: integer
|
|
time:
|
|
description: The time duration a connection needs to be idle before keep-alive probes start being sent. Default is to use the OS level configuration (unless overridden, Linux defaults to 7200s (ie 2 hours.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
load_balancer:
|
|
description: Settings controlling the load balancer algorithms.
|
|
properties:
|
|
locality_lb_setting:
|
|
description: Locality load balancer settings, this will override mesh wide settings in entirety, meaning no merging would be performed between this object and the object one in MeshConfig
|
|
properties:
|
|
distribute:
|
|
description: 'Optional: only one of distribute or failover can be set. Explicitly specify loadbalancing weight across different zones and geographical locations. Refer to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight) If empty, the locality weight is set according to the endpoints number within it.'
|
|
items:
|
|
description: 'Describes how traffic originating in the ''from'' zone or sub-zone is distributed over a set of ''to'' zones. Syntax for specifying a zone is {region}/{zone}/{sub-zone} and terminal wildcards are allowed on any segment of the specification. Examples: * - matches all localities us-west/* - all zones and sub-zones within the us-west region us-west/zone-1/* - all sub-zones within us-west/zone-1'
|
|
properties:
|
|
from:
|
|
description: Originating locality, '/' separated, e.g. 'region/zone/sub_zone'.
|
|
type: string
|
|
to:
|
|
additionalProperties:
|
|
format: int32
|
|
type: integer
|
|
description: Map of upstream localities to traffic distribution weights. The sum of all weights should be == 100. Any locality not assigned a weight will receive no traffic.
|
|
type: object
|
|
type: object
|
|
type: array
|
|
enabled:
|
|
description: enable locality load balancing, this is DestinationRule-level and will override mesh wide settings in entirety. e.g. true means that turn on locality load balancing for this DestinationRule no matter what mesh wide settings is.
|
|
properties:
|
|
value:
|
|
description: The bool value.
|
|
type: boolean
|
|
type: object
|
|
failover:
|
|
description: 'Optional: only failover or distribute can be set. Explicitly specify the region traffic will land on when endpoints in local region becomes unhealthy. Should be used together with OutlierDetection to detect unhealthy endpoints. Note: if no OutlierDetection specified, this will not take effect.'
|
|
items:
|
|
description: Specify the traffic failover policy across regions. Since zone and sub-zone failover is supported by default this only needs to be specified for regions when the operator needs to constrain traffic failover so that the default behavior of failing over to any endpoint globally does not apply. This is useful when failing over traffic across regions would not improve service health or may need to be restricted for other reasons like regulatory controls.
|
|
properties:
|
|
from:
|
|
description: Originating region.
|
|
type: string
|
|
to:
|
|
description: Destination region the traffic will fail over to when endpoints in the 'from' region becomes unhealthy.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|
|
outlier_detection:
|
|
description: Settings controlling eviction of unhealthy hosts from the load balancing pool
|
|
properties:
|
|
base_ejection_time:
|
|
description: 'Minimum ejection duration. A host will remain ejected for a period equal to the product of minimum ejection duration and the number of times the host has been ejected. This technique allows the system to automatically increase the ejection period for unhealthy upstream servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 30s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
consecutive_5xx_errors:
|
|
description: "Number of 5xx errors before a host is ejected from the connection pool. When the upstream host is accessed over an opaque TCP connection, connect timeouts, connection error/failure and request failure events qualify as a 5xx error. This feature defaults to 5 but can be disabled by setting the value to 0. \n Note that consecutive_gateway_errors and consecutive_5xx_errors can be used separately or together. Because the errors counted by consecutive_gateway_errors are also included in consecutive_5xx_errors, if the value of consecutive_gateway_errors is greater than or equal to the value of consecutive_5xx_errors, consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
consecutive_errors:
|
|
description: Number of errors before a host is ejected from the connection pool. Defaults to 5. When the upstream host is accessed over HTTP, a 502, 503, or 504 return code qualifies as an error. When the upstream host is accessed over an opaque TCP connection, connect timeouts and connection error/failure events qualify as an error. $hide_from_docs
|
|
format: int32
|
|
type: integer
|
|
consecutive_gateway_errors:
|
|
description: "Number of gateway errors before a host is ejected from the connection pool. When the upstream host is accessed over HTTP, a 502, 503, or 504 return code qualifies as a gateway error. When the upstream host is accessed over an opaque TCP connection, connect timeouts and connection error/failure events qualify as a gateway error. This feature is disabled by default or when set to the value 0. \n Note that consecutive_gateway_errors and consecutive_5xx_errors can be used separately or together. Because the errors counted by consecutive_gateway_errors are also included in consecutive_5xx_errors, if the value of consecutive_gateway_errors is greater than or equal to the value of consecutive_5xx_errors, consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
interval:
|
|
description: 'Time interval between ejection sweep analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_ejection_percent:
|
|
description: Maximum % of hosts in the load balancing pool for the upstream service that can be ejected. Defaults to 10%.
|
|
format: int32
|
|
type: integer
|
|
min_health_percent:
|
|
description: Outlier detection will be enabled as long as the associated load balancing pool has at least min_health_percent hosts in healthy mode. When the percentage of healthy hosts in the load balancing pool drops below this threshold, outlier detection will be disabled and the proxy will load balance across all hosts in the pool (healthy and unhealthy). The threshold can be disabled by setting it to 0%. The default is 0% as it's not typically applicable in k8s environments with few pods per service.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
port_level_settings:
|
|
description: Traffic policies specific to individual ports. Note that port level settings will override the destination-level settings. Traffic settings specified at the destination-level will not be inherited when overridden by port-level settings, i.e. default values will be applied to fields omitted in port-level traffic policies.
|
|
items:
|
|
description: Traffic policies that apply to specific ports of the service
|
|
properties:
|
|
connection_pool:
|
|
description: Settings controlling the volume of connections to an upstream service
|
|
properties:
|
|
http:
|
|
description: HTTP connection pool settings.
|
|
properties:
|
|
h2_upgrade_policy:
|
|
description: Specify if http1.1 connection should be upgraded to http2 for the associated destination.
|
|
format: int32
|
|
type: integer
|
|
http1_max_pending_requests:
|
|
description: Maximum number of pending HTTP requests to a destination. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
http2_max_requests:
|
|
description: Maximum number of requests to a backend. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
idle_timeout:
|
|
description: The idle timeout for upstream connection pool connections. The idle timeout is defined as the period in which there are no active requests. If not set, the default is 1 hour. When the idle timeout is reached the connection will be closed. Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive. Applies to both HTTP1.1 and HTTP2 connections.
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_requests_per_connection:
|
|
description: Maximum number of requests per connection to a backend. Setting this parameter to 1 disables keep alive. Default 0, meaning "unlimited", up to 2^29.
|
|
format: int32
|
|
type: integer
|
|
max_retries:
|
|
description: Maximum number of retries that can be outstanding to all hosts in a cluster at a given time. Defaults to 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tcp:
|
|
description: Settings common to both HTTP and TCP upstream connections.
|
|
properties:
|
|
connect_timeout:
|
|
description: 'TCP connection timeout. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_connections:
|
|
description: Maximum number of HTTP1 /TCP connections to a destination host. Default 2^32-1.
|
|
format: int32
|
|
type: integer
|
|
tcp_keepalive:
|
|
description: If set then set SO_KEEPALIVE on the socket to enable TCP Keepalives.
|
|
properties:
|
|
interval:
|
|
description: The time duration between keep-alive probes. Default is to use the OS level configuration (unless overridden, Linux defaults to 75s.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
probes:
|
|
description: Maximum number of keepalive probes to send without response before deciding the connection is dead. Default is to use the OS level configuration (unless overridden, Linux defaults to 9.)
|
|
format: int32
|
|
type: integer
|
|
time:
|
|
description: The time duration a connection needs to be idle before keep-alive probes start being sent. Default is to use the OS level configuration (unless overridden, Linux defaults to 7200s (ie 2 hours.)
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
load_balancer:
|
|
description: Settings controlling the load balancer algorithms.
|
|
properties:
|
|
locality_lb_setting:
|
|
description: Locality load balancer settings, this will override mesh wide settings in entirety, meaning no merging would be performed between this object and the object one in MeshConfig
|
|
properties:
|
|
distribute:
|
|
description: 'Optional: only one of distribute or failover can be set. Explicitly specify loadbalancing weight across different zones and geographical locations. Refer to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight) If empty, the locality weight is set according to the endpoints number within it.'
|
|
items:
|
|
description: 'Describes how traffic originating in the ''from'' zone or sub-zone is distributed over a set of ''to'' zones. Syntax for specifying a zone is {region}/{zone}/{sub-zone} and terminal wildcards are allowed on any segment of the specification. Examples: * - matches all localities us-west/* - all zones and sub-zones within the us-west region us-west/zone-1/* - all sub-zones within us-west/zone-1'
|
|
properties:
|
|
from:
|
|
description: Originating locality, '/' separated, e.g. 'region/zone/sub_zone'.
|
|
type: string
|
|
to:
|
|
additionalProperties:
|
|
format: int32
|
|
type: integer
|
|
description: Map of upstream localities to traffic distribution weights. The sum of all weights should be == 100. Any locality not assigned a weight will receive no traffic.
|
|
type: object
|
|
type: object
|
|
type: array
|
|
enabled:
|
|
description: enable locality load balancing, this is DestinationRule-level and will override mesh wide settings in entirety. e.g. true means that turn on locality load balancing for this DestinationRule no matter what mesh wide settings is.
|
|
properties:
|
|
value:
|
|
description: The bool value.
|
|
type: boolean
|
|
type: object
|
|
failover:
|
|
description: 'Optional: only failover or distribute can be set. Explicitly specify the region traffic will land on when endpoints in local region becomes unhealthy. Should be used together with OutlierDetection to detect unhealthy endpoints. Note: if no OutlierDetection specified, this will not take effect.'
|
|
items:
|
|
description: Specify the traffic failover policy across regions. Since zone and sub-zone failover is supported by default this only needs to be specified for regions when the operator needs to constrain traffic failover so that the default behavior of failing over to any endpoint globally does not apply. This is useful when failing over traffic across regions would not improve service health or may need to be restricted for other reasons like regulatory controls.
|
|
properties:
|
|
from:
|
|
description: Originating region.
|
|
type: string
|
|
to:
|
|
description: Destination region the traffic will fail over to when endpoints in the 'from' region becomes unhealthy.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
type: object
|
|
type: object
|
|
outlier_detection:
|
|
description: Settings controlling eviction of unhealthy hosts from the load balancing pool
|
|
properties:
|
|
base_ejection_time:
|
|
description: 'Minimum ejection duration. A host will remain ejected for a period equal to the product of minimum ejection duration and the number of times the host has been ejected. This technique allows the system to automatically increase the ejection period for unhealthy upstream servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 30s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
consecutive_5xx_errors:
|
|
description: "Number of 5xx errors before a host is ejected from the connection pool. When the upstream host is accessed over an opaque TCP connection, connect timeouts, connection error/failure and request failure events qualify as a 5xx error. This feature defaults to 5 but can be disabled by setting the value to 0. \n Note that consecutive_gateway_errors and consecutive_5xx_errors can be used separately or together. Because the errors counted by consecutive_gateway_errors are also included in consecutive_5xx_errors, if the value of consecutive_gateway_errors is greater than or equal to the value of consecutive_5xx_errors, consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
consecutive_errors:
|
|
description: Number of errors before a host is ejected from the connection pool. Defaults to 5. When the upstream host is accessed over HTTP, a 502, 503, or 504 return code qualifies as an error. When the upstream host is accessed over an opaque TCP connection, connect timeouts and connection error/failure events qualify as an error. $hide_from_docs
|
|
format: int32
|
|
type: integer
|
|
consecutive_gateway_errors:
|
|
description: "Number of gateway errors before a host is ejected from the connection pool. When the upstream host is accessed over HTTP, a 502, 503, or 504 return code qualifies as a gateway error. When the upstream host is accessed over an opaque TCP connection, connect timeouts and connection error/failure events qualify as a gateway error. This feature is disabled by default or when set to the value 0. \n Note that consecutive_gateway_errors and consecutive_5xx_errors can be used separately or together. Because the errors counted by consecutive_gateway_errors are also included in consecutive_5xx_errors, if the value of consecutive_gateway_errors is greater than or equal to the value of consecutive_5xx_errors, consecutive_gateway_errors will have no effect."
|
|
properties:
|
|
value:
|
|
description: The uint32 value.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
interval:
|
|
description: 'Time interval between ejection sweep analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.'
|
|
properties:
|
|
nanos:
|
|
description: Signed fractions of a second at nanosecond resolution of the span of time. Durations less than one second are represented with a 0 `seconds` field and a positive or negative `nanos` field. For durations of one second or more, a non-zero value for the `nanos` field must be of the same sign as the `seconds` field. Must be from -999,999,999 to +999,999,999 inclusive.
|
|
format: int32
|
|
type: integer
|
|
seconds:
|
|
description: 'Signed seconds of the span of time. Must be from -315,576,000,000 to +315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years'
|
|
format: int64
|
|
type: integer
|
|
type: object
|
|
max_ejection_percent:
|
|
description: Maximum % of hosts in the load balancing pool for the upstream service that can be ejected. Defaults to 10%.
|
|
format: int32
|
|
type: integer
|
|
min_health_percent:
|
|
description: Outlier detection will be enabled as long as the associated load balancing pool has at least min_health_percent hosts in healthy mode. When the percentage of healthy hosts in the load balancing pool drops below this threshold, outlier detection will be disabled and the proxy will load balance across all hosts in the pool (healthy and unhealthy). The threshold can be disabled by setting it to 0%. The default is 0% as it's not typically applicable in k8s environments with few pods per service.
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
port:
|
|
description: Specifies the number of a port on the destination service on which this policy is being applied.
|
|
properties:
|
|
number:
|
|
description: Valid port number
|
|
format: int32
|
|
type: integer
|
|
type: object
|
|
tls:
|
|
description: TLS related settings for connections to the upstream service.
|
|
properties:
|
|
ca_certificates:
|
|
description: 'OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. If omitted, the proxy will not verify the server''s certificate. Should be empty if mode is `ISTIO_MUTUAL`.'
|
|
type: string
|
|
client_certificate:
|
|
description: REQUIRED if mode is `MUTUAL`. The path to the file holding the client-side TLS certificate to use. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
mode:
|
|
description: Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced.
|
|
format: int32
|
|
type: integer
|
|
private_key:
|
|
description: REQUIRED if mode is `MUTUAL`. The path to the file holding the client's private key. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
sni:
|
|
description: SNI string to present to the server during TLS handshake.
|
|
type: string
|
|
subject_alt_names:
|
|
description: A list of alternate names to verify the subject identity in the certificate. If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. If specified, this list overrides the value of subject_alt_names from the ServiceEntry.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
type: array
|
|
tls:
|
|
description: TLS related settings for connections to the upstream service.
|
|
properties:
|
|
ca_certificates:
|
|
description: 'OPTIONAL: The path to the file containing certificate authority certificates to use in verifying a presented server certificate. If omitted, the proxy will not verify the server''s certificate. Should be empty if mode is `ISTIO_MUTUAL`.'
|
|
type: string
|
|
client_certificate:
|
|
description: REQUIRED if mode is `MUTUAL`. The path to the file holding the client-side TLS certificate to use. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
mode:
|
|
description: Indicates whether connections to this port should be secured using TLS. The value of this field determines how TLS is enforced.
|
|
format: int32
|
|
type: integer
|
|
private_key:
|
|
description: REQUIRED if mode is `MUTUAL`. The path to the file holding the client's private key. Should be empty if mode is `ISTIO_MUTUAL`.
|
|
type: string
|
|
sni:
|
|
description: SNI string to present to the server during TLS handshake.
|
|
type: string
|
|
subject_alt_names:
|
|
description: A list of alternate names to verify the subject identity in the certificate. If specified, the proxy will verify that the server certificate's subject alt name matches one of the specified values. If specified, this list overrides the value of subject_alt_names from the ServiceEntry.
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
type: object
|
|
status:
|
|
description: ServicePolicyStatus defines the observed state of ServicePolicy
|
|
properties:
|
|
completionTime:
|
|
description: Represents time when the strategy was completed. It is represented in RFC3339 form and is in UTC.
|
|
format: date-time
|
|
type: string
|
|
conditions:
|
|
description: The latest available observations of an object's current state.
|
|
items:
|
|
description: StrategyCondition describes current state of a strategy.
|
|
properties:
|
|
lastProbeTime:
|
|
description: Last time the condition was checked.
|
|
format: date-time
|
|
type: string
|
|
lastTransitionTime:
|
|
description: Last time the condition transit from one status to another
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: Human readable message indicating details about last transition.
|
|
type: string
|
|
reason:
|
|
description: reason for the condition's last transition
|
|
type: string
|
|
status:
|
|
description: Status of the condition, one of True, False, Unknown
|
|
type: string
|
|
type:
|
|
description: Type of strategy condition, Complete or Failed.
|
|
type: string
|
|
type: object
|
|
type: array
|
|
startTime:
|
|
description: Represents time when the strategy was acknowledged by the controller. It is represented in RFC3339 form and is in UTC.
|
|
format: date-time
|
|
type: string
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
status:
|
|
acceptedNames:
|
|
kind: ""
|
|
plural: ""
|
|
conditions: []
|
|
storedVersions: []
|