|
|
|
// [#protodoc-title: Bootstrap]
|
|
|
|
// This proto is supplied via the :option:`-c` CLI flag and acts as the root
|
|
|
|
// of the Envoy v2 configuration. See the :ref:`v2 configuration overview
|
|
|
|
// <config_overview_v2_bootstrap>` for more detail.
|
|
|
|
|
|
|
|
syntax = "proto3";
|
|
|
|
|
|
|
|
package envoy.config.bootstrap.v2;
|
|
|
|
|
|
|
|
option java_outer_classname = "BootstrapProto";
|
|
|
|
option java_multiple_files = true;
|
|
|
|
option java_package = "io.envoyproxy.envoy.config.bootstrap.v2";
|
|
|
|
option go_package = "v2";
|
|
|
|
|
|
|
|
import "envoy/api/v2/core/address.proto";
|
|
|
|
import "envoy/api/v2/core/base.proto";
|
|
|
|
import "envoy/api/v2/auth/cert.proto";
|
|
|
|
import "envoy/api/v2/core/config_source.proto";
|
|
|
|
import "envoy/api/v2/cds.proto";
|
|
|
|
import "envoy/api/v2/lds.proto";
|
|
|
|
import "envoy/config/trace/v2/trace.proto";
|
|
|
|
import "envoy/config/metrics/v2/stats.proto";
|
|
|
|
import "envoy/config/overload/v2alpha/overload.proto";
|
|
|
|
|
|
|
|
import "google/protobuf/duration.proto";
|
|
|
|
import "google/protobuf/struct.proto";
|
|
|
|
|
|
|
|
import "validate/validate.proto";
|
|
|
|
import "gogoproto/gogo.proto";
|
|
|
|
|
|
|
|
// Bootstrap :ref:`configuration overview <config_overview_v2_bootstrap>`.
|
|
|
|
message Bootstrap {
|
|
|
|
// Node identity to present to the management server and for instance
|
|
|
|
// identification purposes (e.g. in generated headers).
|
|
|
|
envoy.api.v2.core.Node node = 1;
|
|
|
|
|
|
|
|
message StaticResources {
|
|
|
|
// Static :ref:`Listeners <envoy_api_msg_Listener>`. These listeners are
|
|
|
|
// available regardless of LDS configuration.
|
|
|
|
repeated envoy.api.v2.Listener listeners = 1;
|
|
|
|
|
|
|
|
// If a network based configuration source is specified for :ref:`cds_config
|
|
|
|
// <envoy_api_field_config.bootstrap.v2.Bootstrap.DynamicResources.cds_config>`, it's necessary
|
|
|
|
// to have some initial cluster definitions available to allow Envoy to know
|
|
|
|
// how to speak to the management server. These cluster definitions may not
|
|
|
|
// use :ref:`EDS <arch_overview_dynamic_config_eds>` (i.e. they should be static
|
|
|
|
// IP or DNS-based).
|
|
|
|
repeated envoy.api.v2.Cluster clusters = 2;
|
|
|
|
|
|
|
|
// These static secrets can be used by :ref:`SdsSecretConfig
|
|
|
|
// <envoy_api_msg_auth.SdsSecretConfig>`
|
|
|
|
repeated envoy.api.v2.auth.Secret secrets = 3;
|
|
|
|
}
|
|
|
|
// Statically specified resources.
|
|
|
|
StaticResources static_resources = 2;
|
|
|
|
|
|
|
|
message DynamicResources {
|
|
|
|
// All :ref:`Listeners <envoy_api_msg_Listener>` are provided by a single
|
|
|
|
// :ref:`LDS <arch_overview_dynamic_config_lds>` configuration source.
|
|
|
|
envoy.api.v2.core.ConfigSource lds_config = 1;
|
|
|
|
|
|
|
|
// All post-bootstrap :ref:`Cluster <envoy_api_msg_Cluster>` definitions are
|
|
|
|
// provided by a single :ref:`CDS <arch_overview_dynamic_config_cds>`
|
|
|
|
// configuration source.
|
|
|
|
envoy.api.v2.core.ConfigSource cds_config = 2;
|
|
|
|
|
|
|
|
// A single :ref:`ADS <config_overview_v2_ads>` source may be optionally
|
|
|
|
// specified. This must have :ref:`api_type
|
|
|
|
// <envoy_api_field_core.ApiConfigSource.api_type>` :ref:`GRPC
|
|
|
|
// <envoy_api_enum_value_core.ApiConfigSource.ApiType.GRPC>`. Only
|
|
|
|
// :ref:`ConfigSources <envoy_api_msg_core.ConfigSource>` that have
|
|
|
|
// the :ref:`ads <envoy_api_field_core.ConfigSource.ads>` field set will be
|
|
|
|
// streamed on the ADS channel.
|
|
|
|
envoy.api.v2.core.ApiConfigSource ads_config = 3;
|
|
|
|
|
|
|
|
reserved 4;
|
|
|
|
}
|
|
|
|
// xDS configuration sources.
|
|
|
|
DynamicResources dynamic_resources = 3;
|
|
|
|
|
|
|
|
// Configuration for the cluster manager which owns all upstream clusters
|
|
|
|
// within the server.
|
|
|
|
ClusterManager cluster_manager = 4;
|
|
|
|
|
|
|
|
// Health discovery service config option.
|
|
|
|
// (:ref:`core.ApiConfigSource <envoy_api_msg_core.ApiConfigSource>`)
|
|
|
|
envoy.api.v2.core.ApiConfigSource hds_config = 14;
|
|
|
|
|
|
|
|
// Optional file system path to search for startup flag files.
|
|
|
|
string flags_path = 5;
|
|
|
|
|
|
|
|
// Optional set of stats sinks.
|
|
|
|
repeated envoy.config.metrics.v2.StatsSink stats_sinks = 6;
|
|
|
|
|
|
|
|
// Configuration for internal processing of stats.
|
|
|
|
envoy.config.metrics.v2.StatsConfig stats_config = 13;
|
|
|
|
|
|
|
|
// Optional duration between flushes to configured stats sinks. For
|
|
|
|
// performance reasons Envoy latches counters and only flushes counters and
|
|
|
|
// gauges at a periodic interval. If not specified the default is 5000ms (5
|
|
|
|
// seconds).
|
|
|
|
google.protobuf.Duration stats_flush_interval = 7 [(gogoproto.stdduration) = true];
|
|
|
|
|
|
|
|
// Optional watchdog configuration.
|
|
|
|
Watchdog watchdog = 8;
|
|
|
|
|
|
|
|
// Configuration for an external tracing provider. If not specified, no
|
|
|
|
// tracing will be performed.
|
|
|
|
envoy.config.trace.v2.Tracing tracing = 9;
|
|
|
|
|
|
|
|
reserved 10;
|
|
|
|
|
|
|
|
// Configuration for the runtime configuration provider (deprecated). If not
|
|
|
|
// specified, a “null” provider will be used which will result in all defaults
|
|
|
|
// being used.
|
|
|
|
Runtime runtime = 11 [deprecated = true];
|
|
|
|
|
|
|
|
// Configuration for the runtime configuration provider. If not
|
|
|
|
// specified, a “null” provider will be used which will result in all defaults
|
|
|
|
// being used.
|
|
|
|
LayeredRuntime layered_runtime = 17;
|
|
|
|
|
|
|
|
// Configuration for the local administration HTTP server.
|
|
|
|
Admin admin = 12;
|
|
|
|
|
|
|
|
// Optional overload manager configuration.
|
|
|
|
envoy.config.overload.v2alpha.OverloadManager overload_manager = 15;
|
|
|
|
|
|
|
|
// Enable :ref:`stats for event dispatcher <operations_performance>`, defaults to false.
|
|
|
|
// Note that this records a value for each iteration of the event loop on every thread. This
|
|
|
|
// should normally be minimal overhead, but when using
|
|
|
|
// :ref:`statsd <envoy_api_msg_config.metrics.v2.StatsdSink>`, it will send each observed value
|
|
|
|
// over the wire individually because the statsd protocol doesn't have any way to represent a
|
|
|
|
// histogram summary. Be aware that this can be a very large volume of data.
|
|
|
|
bool enable_dispatcher_stats = 16;
|
|
|
|
|
|
|
|
// Optional string which will be used in lieu of x-envoy in prefixing headers.
|
|
|
|
//
|
|
|
|
// For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be
|
|
|
|
// transformed into x-foo-retry-on etc.
|
|
|
|
//
|
|
|
|
// Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the
|
|
|
|
// headers Envoy will trust for core code and core extensions only. Be VERY careful making
|
|
|
|
// changes to this string, especially in multi-layer Envoy deployments or deployments using
|
|
|
|
// extensions which are not upstream.
|
|
|
|
string header_prefix = 18;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Administration interface :ref:`operations documentation
|
|
|
|
// <operations_admin_interface>`.
|
|
|
|
message Admin {
|
|
|
|
// The path to write the access log for the administration server. If no
|
|
|
|
// access log is desired specify ‘/dev/null’. This is only required if
|
|
|
|
// :ref:`address <envoy_api_field_config.bootstrap.v2.Admin.address>` is set.
|
|
|
|
string access_log_path = 1;
|
|
|
|
|
|
|
|
// The cpu profiler output path for the administration server. If no profile
|
|
|
|
// path is specified, the default is ‘/var/log/envoy/envoy.prof’.
|
|
|
|
string profile_path = 2;
|
|
|
|
|
|
|
|
// The TCP address that the administration server will listen on.
|
|
|
|
// If not specified, Envoy will not start an administration server.
|
|
|
|
envoy.api.v2.core.Address address = 3;
|
|
|
|
|
|
|
|
// Additional socket options that may not be present in Envoy source code or
|
|
|
|
// precompiled binaries.
|
|
|
|
repeated envoy.api.v2.core.SocketOption socket_options = 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Cluster manager :ref:`architecture overview <arch_overview_cluster_manager>`.
|
|
|
|
message ClusterManager {
|
|
|
|
// Name of the local cluster (i.e., the cluster that owns the Envoy running
|
|
|
|
// this configuration). In order to enable :ref:`zone aware routing
|
|
|
|
// <arch_overview_load_balancing_zone_aware_routing>` this option must be set.
|
|
|
|
// If *local_cluster_name* is defined then :ref:`clusters
|
|
|
|
// <envoy_api_msg_Cluster>` must be defined in the :ref:`Bootstrap
|
|
|
|
// static cluster resources
|
|
|
|
// <envoy_api_field_config.bootstrap.v2.Bootstrap.StaticResources.clusters>`. This is unrelated to
|
|
|
|
// the :option:`--service-cluster` option which does not `affect zone aware
|
|
|
|
// routing <https://github.com/envoyproxy/envoy/issues/774>`_.
|
|
|
|
string local_cluster_name = 1;
|
|
|
|
|
|
|
|
message OutlierDetection {
|
|
|
|
// Specifies the path to the outlier event log.
|
|
|
|
string event_log_path = 1;
|
|
|
|
}
|
|
|
|
// Optional global configuration for outlier detection.
|
|
|
|
OutlierDetection outlier_detection = 2;
|
|
|
|
|
|
|
|
// Optional configuration used to bind newly established upstream connections.
|
|
|
|
// This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config.
|
|
|
|
envoy.api.v2.core.BindConfig upstream_bind_config = 3;
|
|
|
|
|
|
|
|
// A management server endpoint to stream load stats to via
|
|
|
|
// *StreamLoadStats*. This must have :ref:`api_type
|
|
|
|
// <envoy_api_field_core.ApiConfigSource.api_type>` :ref:`GRPC
|
|
|
|
// <envoy_api_enum_value_core.ApiConfigSource.ApiType.GRPC>`.
|
|
|
|
envoy.api.v2.core.ApiConfigSource load_stats_config = 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Envoy process watchdog configuration. When configured, this monitors for
|
|
|
|
// nonresponsive threads and kills the process after the configured thresholds.
|
|
|
|
message Watchdog {
|
|
|
|
// The duration after which Envoy counts a nonresponsive thread in the
|
|
|
|
// *server.watchdog_miss* statistic. If not specified the default is 200ms.
|
|
|
|
google.protobuf.Duration miss_timeout = 1;
|
|
|
|
|
|
|
|
// The duration after which Envoy counts a nonresponsive thread in the
|
|
|
|
// *server.watchdog_mega_miss* statistic. If not specified the default is
|
|
|
|
// 1000ms.
|
|
|
|
google.protobuf.Duration megamiss_timeout = 2;
|
|
|
|
|
|
|
|
// If a watched thread has been nonresponsive for this duration, assume a
|
|
|
|
// programming error and kill the entire Envoy process. Set to 0 to disable
|
|
|
|
// kill behavior. If not specified the default is 0 (disabled).
|
|
|
|
google.protobuf.Duration kill_timeout = 3;
|
|
|
|
|
|
|
|
// If at least two watched threads have been nonresponsive for at least this
|
|
|
|
// duration assume a true deadlock and kill the entire Envoy process. Set to 0
|
|
|
|
// to disable this behavior. If not specified the default is 0 (disabled).
|
|
|
|
google.protobuf.Duration multikill_timeout = 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Runtime :ref:`configuration overview <config_runtime>` (deprecated).
|
|
|
|
message Runtime {
|
|
|
|
// The implementation assumes that the file system tree is accessed via a
|
|
|
|
// symbolic link. An atomic link swap is used when a new tree should be
|
|
|
|
// switched to. This parameter specifies the path to the symbolic link. Envoy
|
|
|
|
// will watch the location for changes and reload the file system tree when
|
|
|
|
// they happen. If this parameter is not set, there will be no disk based
|
|
|
|
// runtime.
|
|
|
|
string symlink_root = 1;
|
|
|
|
|
|
|
|
// Specifies the subdirectory to load within the root directory. This is
|
|
|
|
// useful if multiple systems share the same delivery mechanism. Envoy
|
|
|
|
// configuration elements can be contained in a dedicated subdirectory.
|
|
|
|
string subdirectory = 2;
|
|
|
|
|
|
|
|
// Specifies an optional subdirectory to load within the root directory. If
|
|
|
|
// specified and the directory exists, configuration values within this
|
|
|
|
// directory will override those found in the primary subdirectory. This is
|
|
|
|
// useful when Envoy is deployed across many different types of servers.
|
|
|
|
// Sometimes it is useful to have a per service cluster directory for runtime
|
|
|
|
// configuration. See below for exactly how the override directory is used.
|
|
|
|
string override_subdirectory = 3;
|
|
|
|
|
|
|
|
// Static base runtime. This will be :ref:`overridden
|
|
|
|
// <config_runtime_layering>` by other runtime layers, e.g.
|
|
|
|
// disk or admin. This follows the :ref:`runtime protobuf JSON representation
|
|
|
|
// encoding <config_runtime_proto_json>`.
|
|
|
|
google.protobuf.Struct base = 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
message RuntimeLayer {
|
|
|
|
// :ref:`Disk runtime <config_runtime_local_disk>` layer.
|
|
|
|
message DiskLayer {
|
|
|
|
// The implementation assumes that the file system tree is accessed via a
|
|
|
|
// symbolic link. An atomic link swap is used when a new tree should be
|
|
|
|
// switched to. This parameter specifies the path to the symbolic link.
|
|
|
|
// Envoy will watch the location for changes and reload the file system tree
|
|
|
|
// when they happen. See documentation on runtime :ref:`atomicity
|
|
|
|
// <config_runtime_atomicity>` for further details on how reloads are
|
|
|
|
// treated.
|
|
|
|
string symlink_root = 1;
|
|
|
|
|
|
|
|
// Specifies the subdirectory to load within the root directory. This is
|
|
|
|
// useful if multiple systems share the same delivery mechanism. Envoy
|
|
|
|
// configuration elements can be contained in a dedicated subdirectory.
|
|
|
|
string subdirectory = 3;
|
|
|
|
|
|
|
|
// :ref:`Append <config_runtime_local_disk_service_cluster_subdirs>` the
|
|
|
|
// service cluster to the path under symlink root.
|
|
|
|
bool append_service_cluster = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
// :ref:`Admin console runtime <config_runtime_admin>` layer.
|
|
|
|
message AdminLayer {
|
|
|
|
}
|
|
|
|
|
|
|
|
// :ref:`Runtime Discovery Service (RTDS) <config_runtime_rtds>` layer.
|
|
|
|
message RtdsLayer {
|
|
|
|
// Resource to subscribe to at *rtds_config* for the RTDS layer.
|
|
|
|
string name = 1;
|
|
|
|
|
|
|
|
// RTDS configuration source.
|
|
|
|
envoy.api.v2.core.ConfigSource rtds_config = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Descriptive name for the runtime layer. This is only used for the runtime
|
|
|
|
// :http:get:`/runtime` output.
|
|
|
|
string name = 1 [(validate.rules).string.min_bytes = 1];
|
|
|
|
|
|
|
|
oneof layer_specifier {
|
|
|
|
// :ref:`Static runtime <config_runtime_bootstrap>` layer.
|
|
|
|
// This follows the :ref:`runtime protobuf JSON representation encoding
|
|
|
|
// <config_runtime_proto_json>`. Unlike static xDS resources, this static
|
|
|
|
// layer is overridable by later layers in the runtime virtual filesystem.
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
google.protobuf.Struct static_layer = 2;
|
|
|
|
DiskLayer disk_layer = 3;
|
|
|
|
AdminLayer admin_layer = 4;
|
|
|
|
RtdsLayer rtds_layer = 5;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Runtime :ref:`configuration overview <config_runtime>`.
|
|
|
|
message LayeredRuntime {
|
|
|
|
// The :ref:`layers <config_runtime_layering>` of the runtime. This is ordered
|
|
|
|
// such that later layers in the list overlay earlier entries.
|
|
|
|
repeated RuntimeLayer layers = 1;
|
|
|
|
}
|