|
|
|
syntax = "proto3";
|
|
|
|
|
|
|
|
package envoy.api.v2;
|
|
|
|
|
|
|
|
import "api/auth.proto";
|
|
|
|
import "api/base.proto";
|
|
|
|
import "api/discovery.proto";
|
|
|
|
|
|
|
|
import "google/api/annotations.proto";
|
|
|
|
import "google/protobuf/duration.proto";
|
|
|
|
import "google/protobuf/wrappers.proto";
|
|
|
|
|
|
|
|
import "validate/validate.proto";
|
|
|
|
|
|
|
|
// [#protodoc-title: HTTP route management and RDS]
|
|
|
|
|
|
|
|
// The resource_names field in DiscoveryRequest specifies a route configuration.
|
|
|
|
// This allows an Envoy configuration with multiple HTTP listeners (and
|
|
|
|
// associated HTTP connection manager filters) to use different route
|
|
|
|
// configurations. Each listener will bind its HTTP connection manager filter to
|
|
|
|
// a route table via this identifier.
|
|
|
|
service RouteDiscoveryService {
|
|
|
|
rpc StreamRoutes(stream DiscoveryRequest)
|
|
|
|
returns (stream DiscoveryResponse) {
|
|
|
|
}
|
|
|
|
|
|
|
|
rpc FetchRoutes(DiscoveryRequest)
|
|
|
|
returns (DiscoveryResponse) {
|
|
|
|
option (google.api.http) = {
|
|
|
|
post: "/v2/discovery:routes"
|
|
|
|
body: "*"
|
|
|
|
};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Compared to the :ref:`cluster <envoy_api_field_RouteAction.cluster>` field that specifies a
|
|
|
|
// single upstream cluster as the target of a request, the :ref:`weighted_clusters
|
|
|
|
// <envoy_api_field_RouteAction.weighted_clusters>` option allows for specification of
|
|
|
|
// multiple upstream clusters along with weights that indicate the percentage of
|
|
|
|
// traffic to be forwarded to each cluster. The router selects an upstream cluster based on the
|
|
|
|
// weights.
|
|
|
|
message WeightedCluster {
|
|
|
|
message ClusterWeight {
|
|
|
|
// Name of the upstream cluster. The cluster must exist in the
|
|
|
|
// :ref:`cluster manager configuration <config_cluster_manager>`.
|
|
|
|
string name = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// An integer between 0-100. When a request matches the route, the choice of
|
|
|
|
// an upstream cluster is determined by its weight. The sum of weights
|
|
|
|
// across all entries in the clusters array must add up to 100.
|
|
|
|
google.protobuf.UInt32Value weight = 2 [(validate.rules).uint32.lte = 100];
|
|
|
|
|
|
|
|
// Optional endpoint metadata match criteria. Only endpoints in the upstream
|
|
|
|
// cluster with metadata matching that set in metadata_match will be
|
|
|
|
// considered. The filter name should be specified as *envoy.lb*.
|
|
|
|
Metadata metadata_match = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Specifies one or more upstream clusters associated with the route.
|
|
|
|
repeated ClusterWeight clusters = 1 [(validate.rules).repeated.min_items = 1];
|
|
|
|
|
|
|
|
// Specifies the runtime key prefix that should be used to construct the
|
|
|
|
// runtime keys associated with each cluster. When the *runtime_key_prefix* is
|
|
|
|
// specified, the router will look for weights associated with each upstream
|
|
|
|
// cluster under the key *runtime_key_prefix* + "." + *cluster[i].name* where
|
|
|
|
// *cluster[i]* denotes an entry in the clusters array field. If the runtime
|
|
|
|
// key for the cluster does not exist, the value specified in the
|
|
|
|
// configuration file will be used as the default weight. See the :ref:`runtime documentation
|
|
|
|
// <operations_runtime>` for how key names map to the underlying implementation.
|
|
|
|
string runtime_key_prefix = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
message RouteMatch {
|
|
|
|
oneof path_specifier {
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
// If specified, the route is a prefix rule meaning that the prefix must
|
|
|
|
// match the beginning of the *:path* header.
|
|
|
|
string prefix = 1;
|
|
|
|
|
|
|
|
// If specified, the route is an exact path rule meaning that the path must
|
|
|
|
// exactly match the *:path* header once the query string is removed.
|
|
|
|
string path = 2;
|
|
|
|
|
|
|
|
// If specified, the route is a regular expression rule meaning that the
|
|
|
|
// regex must match the *:path* header once the query string is removed. The entire path
|
|
|
|
// (without the query string) must match the regex. The rule will not match if only a
|
|
|
|
// subsequence of the *:path* header matches the regex. The regex grammar is defined `here
|
|
|
|
// <http://en.cppreference.com/w/cpp/regex/ecmascript>`_.
|
|
|
|
//
|
|
|
|
// Examples:
|
|
|
|
//
|
|
|
|
// * The regex */b[io]t* matches the path */bit*
|
|
|
|
// * The regex */b[io]t* matches the path */bot*
|
|
|
|
// * The regex */b[io]t* does not match the path */bite*
|
|
|
|
// * The regex */b[io]t* does not match the path */bit/bot*
|
|
|
|
string regex = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Indicates that prefix/path matching should be case insensitive. The default
|
|
|
|
// is true.
|
|
|
|
google.protobuf.BoolValue case_sensitive = 4;
|
|
|
|
|
|
|
|
// Indicates that the route should additionally match on a runtime key. An
|
|
|
|
// integer between 0-100. Every time the route is considered for a match, a
|
|
|
|
// random number between 0-99 is selected. If the number is <= the value found
|
|
|
|
// in the key (checked first) or, if the key is not present, the default
|
|
|
|
// value, the route is a match (assuming everything also about the route
|
|
|
|
// matches). A runtime route configuration can be used to roll out route changes in a
|
|
|
|
// gradual manner without full code/config deploys. Refer to the
|
|
|
|
// :ref:`traffic shifting <config_http_conn_man_route_table_traffic_splitting_shift>` docs
|
|
|
|
// for additional documentation.
|
|
|
|
RuntimeUInt32 runtime = 5;
|
|
|
|
|
|
|
|
// Specifies a set of headers that the route should match on. The router will
|
|
|
|
// check the request’s headers against all the specified headers in the route
|
|
|
|
// config. A match will happen if all the headers in the route are present in
|
|
|
|
// the request with the same values (or based on presence if the value field
|
|
|
|
// is not in the config).
|
|
|
|
repeated HeaderMatcher headers = 6;
|
|
|
|
}
|
|
|
|
|
|
|
|
message CorsPolicy {
|
|
|
|
// Specifies the origins that will be allowed to do CORS requests.
|
|
|
|
repeated string allow_origin = 1;
|
|
|
|
|
|
|
|
// Specifies the content for the *access-control-allow-methods* header.
|
|
|
|
string allow_methods = 2;
|
|
|
|
|
|
|
|
// Specifies the content for the *access-control-allow-headers* header.
|
|
|
|
string allow_headers = 3;
|
|
|
|
|
|
|
|
// Specifies the content for the *access-control-expose-headers* header.
|
|
|
|
string expose_headers = 4;
|
|
|
|
|
|
|
|
// Specifies the content for the *access-control-max-age* header.
|
|
|
|
string max_age = 5;
|
|
|
|
|
|
|
|
// Specifies whether the resource allows credentials.
|
|
|
|
google.protobuf.BoolValue allow_credentials = 6;
|
|
|
|
|
|
|
|
// Specifies if CORS is enabled. Defaults to true. Only effective on route.
|
|
|
|
google.protobuf.BoolValue enabled = 7;
|
|
|
|
}
|
|
|
|
|
|
|
|
message RouteAction {
|
|
|
|
oneof cluster_specifier {
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
// Indicates the upstream cluster to which the request should be routed
|
|
|
|
// to.
|
|
|
|
string cluster = 1;
|
|
|
|
|
|
|
|
// Envoy will determine the cluster to route to by reading the value of the
|
|
|
|
// HTTP header named by cluster_header from the request headers. If the
|
|
|
|
// header is not found or the referenced cluster does not exist, Envoy will
|
|
|
|
// return a 404 response.
|
|
|
|
//
|
|
|
|
// .. attention::
|
|
|
|
//
|
|
|
|
// Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1
|
|
|
|
// *Host* header. Thus, if attempting to match on *Host*, match on *:authority* instead.
|
|
|
|
string cluster_header = 2;
|
|
|
|
|
|
|
|
// Multiple upstream clusters can be specified for a given route. The
|
|
|
|
// request is routed to one of the upstream clusters based on weights
|
|
|
|
// assigned to each cluster. See the
|
|
|
|
// :ref:`traffic splitting <config_http_conn_man_route_table_traffic_splitting_split>`
|
|
|
|
// for additional documentation.
|
|
|
|
WeightedCluster weighted_clusters = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Optional endpoint metadata match criteria. Only endpoints in the upstream
|
|
|
|
// cluster with metadata matching that set in metadata_match will be
|
|
|
|
// considered. The filter name should be specified as *envoy.lb*.
|
|
|
|
Metadata metadata_match = 4;
|
|
|
|
|
|
|
|
// Indicates that during forwarding, the matched prefix (or path) should be
|
|
|
|
// swapped with this value. This option allows application URLs to be rooted
|
|
|
|
// at a different path from those exposed at the reverse proxy layer.
|
|
|
|
string prefix_rewrite = 5;
|
|
|
|
|
|
|
|
oneof host_rewrite_specifier {
|
|
|
|
// Indicates that during forwarding, the host header will be swapped with
|
|
|
|
// this value.
|
|
|
|
string host_rewrite = 6;
|
|
|
|
|
|
|
|
// Indicates that during forwarding, the host header will be swapped with
|
|
|
|
// the hostname of the upstream host chosen by the cluster manager. This
|
|
|
|
// option is applicable only when the destination cluster for a route is of
|
|
|
|
// type *strict_dns* or *logical_dns*. Setting this to true with other cluster
|
|
|
|
// types has no effect.
|
|
|
|
google.protobuf.BoolValue auto_host_rewrite = 7;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Specifies the timeout for the route. If not specified, the default is 15s.
|
|
|
|
//
|
|
|
|
// .. note::
|
|
|
|
//
|
|
|
|
// This timeout includes all retries. See also
|
|
|
|
// :ref:`config_http_filters_router_x-envoy-upstream-rq-timeout-ms`,
|
|
|
|
// :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms`, and the
|
|
|
|
// :ref:`retry overview <arch_overview_http_routing_retry>`.
|
|
|
|
google.protobuf.Duration timeout = 8;
|
|
|
|
|
|
|
|
// HTTP retry :ref:`architecture overview <arch_overview_http_routing_retry>`.
|
|
|
|
message RetryPolicy {
|
|
|
|
// Specifies the conditions under which retry takes place. These are the same
|
|
|
|
// conditions documented for :ref:`config_http_filters_router_x-envoy-retry-on` and
|
|
|
|
// :ref:`config_http_filters_router_x-envoy-retry-grpc-on`.
|
|
|
|
string retry_on = 1;
|
|
|
|
|
|
|
|
// Specifies the allowed number of retries. This parameter is optional and
|
|
|
|
// defaults to 1. These are the same conditions documented for
|
|
|
|
// :ref:`config_http_filters_router_x-envoy-max-retries`.
|
|
|
|
google.protobuf.UInt32Value num_retries = 2;
|
|
|
|
|
|
|
|
// Specifies a non-zero timeout per retry attempt. This parameter is optional.
|
|
|
|
// The same conditions documented for
|
|
|
|
// :ref:`config_http_filters_router_x-envoy-upstream-rq-per-try-timeout-ms` apply.
|
|
|
|
//
|
|
|
|
// .. note::
|
|
|
|
//
|
|
|
|
// If left unspecified, Envoy will use the global
|
|
|
|
// :ref:`route timeout <envoy_api_field_RouteAction.timeout>` for the request.
|
|
|
|
// Consequently, when using a :ref:`5xx <config_http_filters_router_x-envoy-retry-on>` based
|
|
|
|
// retry policy, a request that times out will not be retried as the total timeout budget
|
|
|
|
// would have been exhausted.
|
|
|
|
google.protobuf.Duration per_try_timeout = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Indicates that the route has a retry policy.
|
|
|
|
RetryPolicy retry_policy = 9;
|
|
|
|
|
|
|
|
// The router is capable of shadowing traffic from one cluster to another. The current
|
|
|
|
// implementation is "fire and forget," meaning Envoy will not wait for the shadow cluster to
|
|
|
|
// respond before returning the response from the primary cluster. All normal statistics are
|
|
|
|
// collected for the shadow cluster making this feature useful for testing.
|
|
|
|
//
|
|
|
|
// During shadowing, the host/authority header is altered such that *-shadow* is appended. This is
|
|
|
|
// useful for logging. For example, *cluster1* becomes *cluster1-shadow*.
|
|
|
|
message RequestMirrorPolicy {
|
|
|
|
// Specifies the cluster that requests will be mirrored to. The cluster must
|
|
|
|
// exist in the cluster manager configuration.
|
|
|
|
string cluster = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// If not specified, all requests to the target cluster will be mirrored. If
|
|
|
|
// specified, Envoy will lookup the runtime key to get the % of requests to
|
|
|
|
// mirror. Valid values are from 0 to 10000, allowing for increments of
|
|
|
|
// 0.01% of requests to be mirrored. If the runtime key is specified in the
|
|
|
|
// configuration but not present in runtime, 0 is the default and thus 0% of
|
|
|
|
// requests will be mirrored.
|
|
|
|
string runtime_key = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Indicates that the route has a request mirroring policy.
|
|
|
|
RequestMirrorPolicy request_mirror_policy = 10;
|
|
|
|
|
|
|
|
// Optionally specifies the :ref:`routing priority <arch_overview_http_routing_priority>`.
|
|
|
|
RoutingPriority priority = 11;
|
|
|
|
|
|
|
|
// Specifies a set of headers that will be added to requests matching this
|
|
|
|
// route. Headers specified at this level are applied before headers from the
|
|
|
|
// enclosing :ref:`envoy_api_msg_VirtualHost` and :ref:`envoy_api_msg_RouteConfiguration`.
|
|
|
|
// For more information see the documentation on :ref:`custom request headers
|
|
|
|
// <config_http_conn_man_headers_custom_request_headers>`.
|
|
|
|
repeated HeaderValueOption request_headers_to_add = 12;
|
|
|
|
|
|
|
|
// Specifies a set of headers that will be added to responses to requests
|
|
|
|
// matching this route. Headers specified at this level are applied before
|
|
|
|
// headers from the enclosing :ref:`envoy_api_msg_VirtualHost` and
|
|
|
|
// :ref:`envoy_api_msg_RouteConfiguration`.
|
|
|
|
repeated HeaderValueOption response_headers_to_add = 18;
|
|
|
|
|
|
|
|
// Specifies a list of HTTP headers that should be removed from each response
|
|
|
|
// to requests matching this route.
|
|
|
|
repeated string response_headers_to_remove = 19;
|
|
|
|
|
|
|
|
// Specifies a set of rate limit configurations that could be applied to the
|
|
|
|
// route.
|
|
|
|
repeated RateLimit rate_limits = 13;
|
|
|
|
|
|
|
|
// Specifies if the rate limit filter should include the virtual host rate
|
|
|
|
// limits. By default, if the route configured rate limits, the virtual host
|
|
|
|
// :ref:`rate_limits <envoy_api_field_VirtualHost.rate_limits>` are not applied to the request.
|
|
|
|
google.protobuf.BoolValue include_vh_rate_limits = 14;
|
|
|
|
|
|
|
|
// Specifies the route's hashing policy if the upstream cluster uses a hashing :ref:`load balancer
|
|
|
|
// <arch_overview_load_balancing_types>`.
|
|
|
|
message HashPolicy {
|
|
|
|
message Header {
|
|
|
|
// The name of the request header that will be used to obtain the hash
|
|
|
|
// key. If the request header is not present, no hash will be produced.
|
|
|
|
string header_name = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
// Envoy supports two types of cookie affinity:
|
|
|
|
//
|
|
|
|
// 1. Passive. Envoy takes a cookie that's present in the cookies header and
|
|
|
|
// hashes on its value.
|
|
|
|
//
|
|
|
|
// 2. Generated. Envoy generates and sets a cookie with an expiration (TTL)
|
|
|
|
// on the first request from the client in its response to the client,
|
|
|
|
// based on the endpoint the request gets sent to. The client then
|
|
|
|
// presents this on the next and all subsequent requests. The hash of
|
|
|
|
// this is sufficient to ensure these requests get sent to the same
|
|
|
|
// endpoint. The cookie is generated by hashing the source and
|
|
|
|
// destination ports and addresses so that multiple independent HTTP2
|
|
|
|
// streams on the same connection will independently receive the same
|
|
|
|
// cookie, even if they arrive at the Envoy simultaneously.
|
|
|
|
message Cookie {
|
|
|
|
// The name of the cookie that will be used to obtain the hash key. If the
|
|
|
|
// cookie is not present and ttl below is not set, no hash will be
|
|
|
|
// produced.
|
|
|
|
string name = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// If specified, a cookie with the TTL will be generated if the cookie is
|
|
|
|
// not present.
|
|
|
|
google.protobuf.Duration ttl = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
message ConnectionProperties {
|
|
|
|
// Hash on source IP address.
|
|
|
|
bool source_ip = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
oneof policy_specifier {
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
// Header hash policy.
|
|
|
|
Header header = 1;
|
|
|
|
|
|
|
|
// Cookie hash policy.
|
|
|
|
Cookie cookie = 2;
|
|
|
|
|
|
|
|
// Connection properties hash policy.
|
|
|
|
ConnectionProperties connection_properties = 3;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Specifies a list of hash policies to use for ring hash load balancing. Each
|
|
|
|
// hash policy is evaluated individually and the combined result is used to
|
|
|
|
// route the request. The method of combination is deterministic such that
|
|
|
|
// identical lists of hash policies will produce the same hash. Since a hash
|
|
|
|
// policy examines specific parts of a request, it can fail to produce a hash
|
|
|
|
// (i.e. if the hashed header is not present). If (and only if) all configured
|
|
|
|
// hash policies fail to generate a hash, no hash will be produced for
|
|
|
|
// the route. In this case, the behavior is the same as if no hash policies
|
|
|
|
// were specified (i.e. the ring hash load balancer will choose a random
|
|
|
|
// backend).
|
|
|
|
repeated HashPolicy hash_policy = 15;
|
|
|
|
|
|
|
|
// Indicates that a HTTP/1.1 client connection to this particular route
|
|
|
|
// should be allowed (and expected) to upgrade to a WebSocket connection. The
|
|
|
|
// default is false.
|
|
|
|
//
|
|
|
|
// .. attention::
|
|
|
|
//
|
|
|
|
// If set to true, Envoy will expect the first request matching this route to
|
|
|
|
// contain WebSocket upgrade headers. If the headers are not present, the
|
|
|
|
// connection will be rejected. If set to true, Envoy will setup plain TCP
|
|
|
|
// proxying between the client and the upstream server. Hence, an upstream
|
|
|
|
// server that rejects the WebSocket upgrade request is also responsible for
|
|
|
|
// closing the associated connection. Until then, Envoy will continue to
|
|
|
|
// proxy data from the client to the upstream server.
|
|
|
|
//
|
|
|
|
// Redirects, timeouts and retries are not supported on routes where websocket upgrades are
|
|
|
|
// allowed.
|
|
|
|
google.protobuf.BoolValue use_websocket = 16;
|
|
|
|
|
|
|
|
// Indicates that the route has a CORS policy.
|
|
|
|
CorsPolicy cors = 17;
|
|
|
|
}
|
|
|
|
|
|
|
|
message RedirectAction {
|
|
|
|
// The host portion of the URL will be swapped with this value.
|
|
|
|
string host_redirect = 1;
|
|
|
|
|
|
|
|
// The path portion of the URL will be swapped with this value.
|
|
|
|
string path_redirect = 2;
|
|
|
|
|
|
|
|
enum RedirectResponseCode {
|
|
|
|
// Moved Permanently HTTP Status Code - 301.
|
|
|
|
MOVED_PERMANENTLY = 0;
|
|
|
|
|
|
|
|
// Found HTTP Status Code - 302.
|
|
|
|
FOUND = 1;
|
|
|
|
|
|
|
|
// See Other HTTP Status Code - 303.
|
|
|
|
SEE_OTHER = 2;
|
|
|
|
|
|
|
|
// Temporary Redirect HTTP Status Code - 307.
|
|
|
|
TEMPORARY_REDIRECT = 3;
|
|
|
|
|
|
|
|
// Permanent Redirect HTTP Status Code - 308.
|
|
|
|
PERMANENT_REDIRECT = 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
// The HTTP status code to use in the redirect response. The default response
|
|
|
|
// code is MOVED_PERMANENTLY (301).
|
|
|
|
RedirectResponseCode response_code = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
message Decorator {
|
|
|
|
// The operation name associated with the request matched to this route. If tracing is
|
|
|
|
// enabled, this information will be used as the span name reported for this request.
|
|
|
|
//
|
|
|
|
// .. note::
|
|
|
|
//
|
|
|
|
// For ingress (inbound) requests, or egress (outbound) responses, this value may be overridden
|
|
|
|
// by the :ref:`x-envoy-decorator-operation
|
|
|
|
// <config_http_filters_router_x-envoy-decorator-operation>` header.
|
|
|
|
string operation = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
// A route is both a specification of how to match a request as well as an indication of what to do
|
|
|
|
// next (e.g., redirect, forward, rewrite, etc.).
|
|
|
|
//
|
|
|
|
// .. attention::
|
|
|
|
//
|
|
|
|
// Envoy supports routing on HTTP method via :ref:`header matching
|
|
|
|
// <envoy_api_msg_HeaderMatcher>`.
|
|
|
|
message Route {
|
|
|
|
// Route matching parameters.
|
|
|
|
RouteMatch match = 1 [(validate.rules).message.required = true];
|
|
|
|
|
|
|
|
oneof action {
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
// Route request to some upstream cluster.
|
|
|
|
RouteAction route = 2;
|
|
|
|
|
|
|
|
// Return a redirect.
|
|
|
|
RedirectAction redirect = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// The Metadata field can be used to provide additional information
|
|
|
|
// about the route. It can be used for configuration, stats, and logging.
|
|
|
|
// The metadata should go under the filter namespace that will need it.
|
|
|
|
// For instance, if the metadata is intended for the Router filter,
|
|
|
|
// the filter name should be specified as *envoy.router*.
|
|
|
|
Metadata metadata = 4;
|
|
|
|
|
|
|
|
// Decorator for the matched route.
|
|
|
|
Decorator decorator = 5;
|
|
|
|
|
|
|
|
// [#not-implemented-hide:]
|
|
|
|
// Return a 401/403 when auth checks fail.
|
|
|
|
AuthAction auth = 6;
|
|
|
|
}
|
|
|
|
|
|
|
|
// A virtual cluster is a way of specifying a regex matching rule against
|
|
|
|
// certain important endpoints such that statistics are generated explicitly for
|
|
|
|
// the matched requests. The reason this is useful is that when doing
|
|
|
|
// prefix/path matching Envoy does not always know what the application
|
|
|
|
// considers to be an endpoint. Thus, it’s impossible for Envoy to generically
|
|
|
|
// emit per endpoint statistics. However, often systems have highly critical
|
|
|
|
// endpoints that they wish to get “perfect” statistics on. Virtual cluster
|
|
|
|
// statistics are perfect in the sense that they are emitted on the downstream
|
|
|
|
// side such that they include network level failures.
|
|
|
|
//
|
|
|
|
// Documentation for :ref:`virtual cluster statistics <config_http_filters_router_stats>`.
|
|
|
|
//
|
|
|
|
// .. note::
|
|
|
|
//
|
|
|
|
// Virtual clusters are a useful tool, but we do not recommend setting up a virtual cluster for
|
|
|
|
// every application endpoint. This is both not easily maintainable and as well the matching and
|
|
|
|
// statistics output are not free.
|
|
|
|
message VirtualCluster {
|
|
|
|
// Specifies a regex pattern to use for matching requests. The entire path of the request
|
|
|
|
// must match the regex. The regex grammar used is defined `here
|
|
|
|
// <http://en.cppreference.com/w/cpp/regex/ecmascript>`_.
|
|
|
|
//
|
|
|
|
// Examples:
|
|
|
|
//
|
|
|
|
// * The regex */rides/\d+* matches the path */rides/0*
|
|
|
|
// * The regex */rides/\d+* matches the path */rides/123*
|
|
|
|
// * The regex */rides/\d+* does not match the path */rides/123/456*
|
|
|
|
string pattern = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// Specifies the name of the virtual cluster. The virtual cluster name as well
|
|
|
|
// as the virtual host name are used when emitting statistics. The statistics are emitted by the
|
|
|
|
// router filter and are documented :ref:`here <config_http_filters_router_stats>`.
|
|
|
|
string name = 2 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// Optionally specifies the HTTP method to match on. For example GET, PUT,
|
|
|
|
// etc.
|
|
|
|
RequestMethod method = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Global rate limiting :ref:`architecture overview <arch_overview_rate_limit>`.
|
|
|
|
message RateLimit {
|
|
|
|
// Refers to the stage set in the filter. The rate limit configuration only
|
|
|
|
// applies to filters with the same stage number. The default stage number is
|
|
|
|
// 0.
|
|
|
|
//
|
|
|
|
// .. note::
|
|
|
|
//
|
|
|
|
// The filter supports a range of 0 - 10 inclusively for stage numbers.
|
|
|
|
google.protobuf.UInt32Value stage = 1 [(validate.rules).uint32.lte = 10];
|
|
|
|
|
|
|
|
// The key to be set in runtime to disable this rate limit configuration.
|
|
|
|
string disable_key = 2;
|
|
|
|
|
|
|
|
message Action {
|
|
|
|
// The following descriptor entry is appended to the descriptor:
|
|
|
|
//
|
|
|
|
// .. code-block:: cpp
|
|
|
|
//
|
|
|
|
// ("source_cluster", "<local service cluster>")
|
|
|
|
//
|
|
|
|
// <local service cluster> is derived from the :option:`--service-cluster` option.
|
|
|
|
message SourceCluster {}
|
|
|
|
|
|
|
|
// The following descriptor entry is appended to the descriptor:
|
|
|
|
//
|
|
|
|
// .. code-block:: cpp
|
|
|
|
//
|
|
|
|
// ("destination_cluster", "<routed target cluster>")
|
|
|
|
//
|
|
|
|
// Once a request matches against a route table rule, a routed cluster is determined by one of
|
|
|
|
// the following :ref:`route table configuration <envoy_api_msg_RouteConfiguration>`
|
|
|
|
// settings:
|
|
|
|
//
|
|
|
|
// * :ref:`cluster <envoy_api_field_RouteAction.cluster>` indicates the upstream cluster
|
|
|
|
// to route to.
|
|
|
|
// * :ref:`weighted_clusters <envoy_api_field_RouteAction.weighted_clusters>`
|
|
|
|
// chooses a cluster randomly from a set of clusters with attributed weight.
|
|
|
|
// * :ref:`cluster_header <envoy_api_field_RouteAction.cluster_header>` indicates which
|
|
|
|
// header in the request contains the target cluster.
|
|
|
|
message DestinationCluster {}
|
|
|
|
|
|
|
|
// The following descriptor entry is appended when a header contains a key that matches the
|
|
|
|
// *header_name*:
|
|
|
|
//
|
|
|
|
// .. code-block:: cpp
|
|
|
|
//
|
|
|
|
// ("<descriptor_key>", "<header_value_queried_from_header>")
|
|
|
|
message RequestHeaders {
|
|
|
|
// The header name to be queried from the request headers. The header’s
|
|
|
|
// value is used to populate the value of the descriptor entry for the
|
|
|
|
// descriptor_key.
|
|
|
|
string header_name = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// The key to use in the descriptor entry.
|
|
|
|
string descriptor_key = 2 [(validate.rules).string.min_len = 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
// The following descriptor entry is appended to the descriptor and is populated using the
|
|
|
|
// trusted address from :ref:`x-forwarded-for <config_http_conn_man_headers_x-forwarded-for>`:
|
|
|
|
//
|
|
|
|
// .. code-block:: cpp
|
|
|
|
//
|
|
|
|
// ("remote_address", "<trusted address from x-forwarded-for>")
|
|
|
|
message RemoteAddress {}
|
|
|
|
|
|
|
|
// The following descriptor entry is appended to the descriptor:
|
|
|
|
//
|
|
|
|
// .. code-block:: cpp
|
|
|
|
//
|
|
|
|
// ("generic_key", "<descriptor_value>")
|
|
|
|
message GenericKey {
|
|
|
|
// The value to use in the descriptor entry.
|
|
|
|
string descriptor_value = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
// The following descriptor entry is appended to the descriptor:
|
|
|
|
//
|
|
|
|
// .. code-block:: cpp
|
|
|
|
//
|
|
|
|
// ("header_match", "<descriptor_value>")
|
|
|
|
message HeaderValueMatch {
|
|
|
|
// The value to use in the descriptor entry.
|
|
|
|
string descriptor_value = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// If set to true, the action will append a descriptor entry when the
|
|
|
|
// request matches the headers. If set to false, the action will append a
|
|
|
|
// descriptor entry when the request does not match the headers. The
|
|
|
|
// default value is true.
|
|
|
|
google.protobuf.BoolValue expect_match = 2;
|
|
|
|
|
|
|
|
// Specifies a set of headers that the rate limit action should match
|
|
|
|
// on. The action will check the request’s headers against all the
|
|
|
|
// specified headers in the config. A match will happen if all the
|
|
|
|
// headers in the config are present in the request with the same values
|
|
|
|
// (or based on presence if the value field is not in the config).
|
|
|
|
repeated HeaderMatcher headers = 3 [(validate.rules).repeated.min_items = 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
oneof action_specifier {
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
// Rate limit on source cluster.
|
|
|
|
SourceCluster source_cluster = 1;
|
|
|
|
|
|
|
|
// Rate limit on destination cluster.
|
|
|
|
DestinationCluster destination_cluster = 2;
|
|
|
|
|
|
|
|
// Rate limit on request headers.
|
|
|
|
RequestHeaders request_headers = 3;
|
|
|
|
|
|
|
|
// Rate limit on remote address.
|
|
|
|
RemoteAddress remote_address = 4;
|
|
|
|
|
|
|
|
// Rate limit on a generic key.
|
|
|
|
GenericKey generic_key = 5;
|
|
|
|
|
|
|
|
// Rate limit on the existence of request headers.
|
|
|
|
HeaderValueMatch header_value_match = 6;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// A list of actions that are to be applied for this rate limit configuration.
|
|
|
|
// Order matters as the actions are processed sequentially and the descriptor
|
|
|
|
// is composed by appending descriptor entries in that sequence. If an action
|
|
|
|
// cannot append a descriptor entry, no descriptor is generated for the
|
|
|
|
// configuration. See :ref:`composing actions
|
|
|
|
// <config_http_filters_rate_limit_composing_actions>` for additional documentation.
|
|
|
|
repeated Action actions = 3 [(validate.rules).string.min_len = 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
// .. attention::
|
|
|
|
//
|
|
|
|
// Internally, Envoy always uses the HTTP/2 *:authority* header to represent the HTTP/1 *Host*
|
|
|
|
// header. Thus, if attempting to match on *Host*, match on *:authority* instead.
|
|
|
|
//
|
|
|
|
// .. attention::
|
|
|
|
//
|
|
|
|
// To route on HTTP method, use the special HTTP/2 *:method* header. This works for both
|
|
|
|
// HTTP/1 and HTTP/2 as Envoy normalizes headers. E.g.,
|
|
|
|
//
|
|
|
|
// .. code-block:: json
|
|
|
|
//
|
|
|
|
// {
|
|
|
|
// "name": ":method",
|
|
|
|
// "value": "POST"
|
|
|
|
// }
|
|
|
|
message HeaderMatcher {
|
|
|
|
// Specifies the name of the header in the request.
|
|
|
|
string name = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// Specifies the value of the header. If the value is absent a request that
|
|
|
|
// has the name header will match, regardless of the header’s value.
|
|
|
|
string value = 2;
|
|
|
|
|
|
|
|
// Specifies whether the header value is a regular
|
|
|
|
// expression or not. Defaults to false. The entire request header value must match the regex. The
|
|
|
|
// rule will not match if only a subsequence of the request header value matches the regex. The
|
|
|
|
// regex grammar used in the value field is defined
|
|
|
|
// `here <http://en.cppreference.com/w/cpp/regex/ecmascript>`_.
|
|
|
|
//
|
|
|
|
// Examples:
|
|
|
|
//
|
|
|
|
// * The regex *\d{3}* matches the value *123*
|
|
|
|
// * The regex *\d{3}* does not match the value *1234*
|
|
|
|
// * The regex *\d{3}* does not match the value *123.456*
|
|
|
|
google.protobuf.BoolValue regex = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// The top level element in the routing configuration is a virtual host. Each virtual host has
|
|
|
|
// a logical name as well as a set of domains that get routed to it based on the incoming request's
|
|
|
|
// host header. This allows a single listener to service multiple top level domain path trees. Once a
|
|
|
|
// virtual host is selected based on the domain, the routes are processed in order to see which
|
|
|
|
// upstream cluster to route to or whether to perform a redirect.
|
|
|
|
message VirtualHost {
|
|
|
|
// The logical name of the virtual host. This is used when emitting certain
|
|
|
|
// statistics but is not relevant for routing.
|
|
|
|
string name = 1 [(validate.rules).string.min_len = 1];
|
|
|
|
|
|
|
|
// A list of domains (host/authority header) that will be matched to this
|
|
|
|
// virtual host. Wildcard hosts are supported in the form of “*.foo.com” or
|
|
|
|
// “*-bar.foo.com”.
|
|
|
|
//
|
|
|
|
// .. note::
|
|
|
|
//
|
|
|
|
// The wildcard will not match the empty string.
|
|
|
|
// e.g. “*-bar.foo.com” will match “baz-bar.foo.com” but not “-bar.foo.com”.
|
|
|
|
// Additionally, a special entry “*” is allowed which will match any
|
|
|
|
// host/authority header. Only a single virtual host in the entire route
|
|
|
|
// configuration can match on “*”. A domain must be unique across all virtual
|
|
|
|
// hosts or the config will fail to load.
|
|
|
|
repeated string domains = 2 [(validate.rules).repeated.min_items = 1];
|
|
|
|
|
|
|
|
// The list of routes that will be matched, in order, for incoming requests.
|
|
|
|
// The first route that matches will be used.
|
|
|
|
repeated Route routes = 3;
|
|
|
|
|
|
|
|
enum TlsRequirementType {
|
|
|
|
// No TLS requirement for the virtual host.
|
|
|
|
NONE = 0;
|
|
|
|
|
|
|
|
// External requests must use TLS. If a request is external and it is not
|
|
|
|
// using TLS, a 301 redirect will be sent telling the client to use HTTPS.
|
|
|
|
EXTERNAL_ONLY = 1;
|
|
|
|
|
|
|
|
// All requests must use TLS. If a request is not using TLS, a 301 redirect
|
|
|
|
// will be sent telling the client to use HTTPS.
|
|
|
|
ALL = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Specifies the type of TLS enforcement the virtual host expects. If this option is not
|
|
|
|
// specified, there is no TLS requirement for the virtual host.
|
|
|
|
TlsRequirementType require_tls = 4;
|
|
|
|
|
|
|
|
// A list of virtual clusters defined for this virtual host. Virtual clusters
|
|
|
|
// are used for additional statistics gathering.
|
|
|
|
repeated VirtualCluster virtual_clusters = 5;
|
|
|
|
|
|
|
|
// Specifies a set of rate limit configurations that will be applied to the
|
|
|
|
// virtual host.
|
|
|
|
repeated RateLimit rate_limits = 6;
|
|
|
|
|
|
|
|
// Specifies a list of HTTP headers that should be added to each request
|
|
|
|
// handled by this virtual host. Headers specified at this level are applied
|
|
|
|
// after headers from enclosed :ref:`envoy_api_msg_RouteAction` and before headers from the
|
|
|
|
// enclosing :ref:`envoy_api_msg_RouteConfiguration`. For more information see the documentation
|
|
|
|
// on :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.
|
|
|
|
repeated HeaderValueOption request_headers_to_add = 7;
|
|
|
|
|
|
|
|
// Specifies a list of HTTP headers that should be added to each response
|
|
|
|
// handled by this virtual host. Headers specified at this level are applied
|
|
|
|
// after headers from enclosed :ref:`envoy_api_msg_RouteAction` and before headers from the
|
|
|
|
// enclosing :ref:`envoy_api_msg_RouteConfiguration`.
|
|
|
|
repeated HeaderValueOption response_headers_to_add = 10;
|
|
|
|
|
|
|
|
// Specifies a list of HTTP headers that should be removed from each response
|
|
|
|
// handle by this virtual host.
|
|
|
|
repeated string response_headers_to_remove = 11;
|
|
|
|
|
|
|
|
// Indicates that the virtual host has a CORS policy.
|
|
|
|
CorsPolicy cors = 8;
|
|
|
|
|
|
|
|
// [#not-implemented-hide:]
|
|
|
|
// Return a 401/403 when auth checks fail.
|
|
|
|
AuthAction auth = 9;
|
|
|
|
}
|
|
|
|
|
|
|
|
// * Routing :ref:`architecture overview <arch_overview_http_routing>`
|
|
|
|
// * HTTP :ref:`router filter <config_http_filters_router>`
|
|
|
|
message RouteConfiguration {
|
|
|
|
// The name of the route configuration. For example, it might match
|
|
|
|
// :ref:`route_config_name <envoy_api_field_filter.network.Rds.route_config_name>` in
|
|
|
|
// :ref:`envoy_api_msg_filter.network.Rds`.
|
|
|
|
string name = 1;
|
|
|
|
|
|
|
|
// An array of virtual hosts that make up the route table.
|
|
|
|
repeated VirtualHost virtual_hosts = 2;
|
|
|
|
|
|
|
|
// Optionally specifies a list of HTTP headers that the connection manager
|
|
|
|
// will consider to be internal only. If they are found on external requests they will be cleaned
|
|
|
|
// prior to filter invocation. See :ref:`config_http_conn_man_headers_x-envoy-internal` for more
|
|
|
|
// information.
|
|
|
|
repeated string internal_only_headers = 3;
|
|
|
|
|
|
|
|
// Specifies a list of HTTP headers that should be added to each response that
|
|
|
|
// the connection manager encodes. Headers specified at this level are applied
|
|
|
|
// after headers from any enclosed :ref:`envoy_api_msg_VirtualHost` or
|
|
|
|
// :ref:`envoy_api_msg_RouteAction`.
|
|
|
|
repeated HeaderValueOption response_headers_to_add = 4;
|
|
|
|
|
|
|
|
// Specifies a list of HTTP headers that should be removed from each response
|
|
|
|
// that the connection manager encodes.
|
|
|
|
repeated string response_headers_to_remove = 5;
|
|
|
|
|
|
|
|
// Specifies a list of HTTP headers that should be added to each request
|
|
|
|
// routed by the HTTP connection manager. Headers specified at this level are
|
|
|
|
// applied after headers from any enclosed :ref:`envoy_api_msg_VirtualHost` or
|
|
|
|
// :ref:`envoy_api_msg_RouteAction`. For more information see the documentation on
|
|
|
|
// :ref:`custom request headers <config_http_conn_man_headers_custom_request_headers>`.
|
|
|
|
repeated HeaderValueOption request_headers_to_add = 6;
|
|
|
|
|
|
|
|
// An optional boolean that specifies whether the clusters that the route
|
|
|
|
// table refers to will be validated by the cluster manager. If set to true
|
|
|
|
// and a route refers to a non-existent cluster, the route table will not
|
|
|
|
// load. If set to false and a route refers to a non-existent cluster, the
|
|
|
|
// route table will load and the router filter will return a 404 if the route
|
|
|
|
// is selected at runtime. This setting defaults to true if the route table
|
|
|
|
// is statically defined via the :ref:`route_config
|
|
|
|
// <envoy_api_field_filter.network.HttpConnectionManager.route_config>` option. This setting
|
|
|
|
// default to false if the route table is loaded dynamically via the :ref:`rds
|
|
|
|
// <envoy_api_field_filter.network.HttpConnectionManager.rds>` option. Users
|
|
|
|
// may which to override the default behavior in certain cases (for example
|
|
|
|
// when using CDS with a static route table).
|
|
|
|
google.protobuf.BoolValue validate_clusters = 7;
|
|
|
|
}
|