|
|
|
syntax = "proto3";
|
|
|
|
|
|
|
|
package envoy.config.core.v3;
|
|
|
|
|
|
|
|
import "envoy/config/core/v3/socket_option.proto";
|
|
|
|
|
|
|
|
import "google/protobuf/wrappers.proto";
|
|
|
|
|
|
|
|
import "udpa/annotations/status.proto";
|
|
|
|
import "udpa/annotations/versioning.proto";
|
|
|
|
import "validate/validate.proto";
|
|
|
|
|
|
|
|
option java_package = "io.envoyproxy.envoy.config.core.v3";
|
|
|
|
option java_outer_classname = "AddressProto";
|
|
|
|
option java_multiple_files = true;
|
|
|
|
option (udpa.annotations.file_status).package_version_status = ACTIVE;
|
|
|
|
|
|
|
|
// [#protodoc-title: Network addresses]
|
|
|
|
|
|
|
|
message Pipe {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Pipe";
|
|
|
|
|
|
|
|
// Unix Domain Socket path. On Linux, paths starting with '@' will use the
|
|
|
|
// abstract namespace. The starting '@' is replaced by a null byte by Envoy.
|
|
|
|
// Paths starting with '@' will result in an error in environments other than
|
|
|
|
// Linux.
|
|
|
|
string path = 1 [(validate.rules).string = {min_len: 1}];
|
|
|
|
|
|
|
|
// The mode for the Pipe. Not applicable for abstract sockets.
|
|
|
|
uint32 mode = 2 [(validate.rules).uint32 = {lte: 511}];
|
|
|
|
}
|
|
|
|
|
|
|
|
// [#not-implemented-hide:] The address represents an envoy internal listener.
|
|
|
|
// TODO(lambdai): Make this address available for listener and endpoint.
|
|
|
|
// TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30.
|
|
|
|
message EnvoyInternalAddress {
|
|
|
|
oneof address_name_specifier {
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
// [#not-implemented-hide:] The :ref:`listener name <envoy_api_field_config.listener.v3.Listener.name>` of the destination internal listener.
|
|
|
|
string server_listener_name = 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// [#next-free-field: 7]
|
|
|
|
message SocketAddress {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.SocketAddress";
|
|
|
|
|
|
|
|
enum Protocol {
|
|
|
|
TCP = 0;
|
|
|
|
UDP = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
Protocol protocol = 1 [(validate.rules).enum = {defined_only: true}];
|
|
|
|
|
|
|
|
// The address for this socket. :ref:`Listeners <config_listeners>` will bind
|
|
|
|
// to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::``
|
|
|
|
// to bind to any address. [#comment:TODO(zuercher) reinstate when implemented:
|
|
|
|
// It is possible to distinguish a Listener address via the prefix/suffix matching
|
|
|
|
// in :ref:`FilterChainMatch <envoy_api_msg_config.listener.v3.FilterChainMatch>`.] When used
|
|
|
|
// within an upstream :ref:`BindConfig <envoy_api_msg_config.core.v3.BindConfig>`, the address
|
|
|
|
// controls the source address of outbound connections. For :ref:`clusters
|
|
|
|
// <envoy_api_msg_config.cluster.v3.Cluster>`, the cluster type determines whether the
|
|
|
|
// address must be an IP (*STATIC* or *EDS* clusters) or a hostname resolved by DNS
|
|
|
|
// (*STRICT_DNS* or *LOGICAL_DNS* clusters). Address resolution can be customized
|
|
|
|
// via :ref:`resolver_name <envoy_api_field_config.core.v3.SocketAddress.resolver_name>`.
|
|
|
|
string address = 2 [(validate.rules).string = {min_len: 1}];
|
|
|
|
|
|
|
|
oneof port_specifier {
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
uint32 port_value = 3 [(validate.rules).uint32 = {lte: 65535}];
|
|
|
|
|
|
|
|
// This is only valid if :ref:`resolver_name
|
|
|
|
// <envoy_api_field_config.core.v3.SocketAddress.resolver_name>` is specified below and the
|
|
|
|
// named resolver is capable of named port resolution.
|
|
|
|
string named_port = 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
// The name of the custom resolver. This must have been registered with Envoy. If
|
|
|
|
// this is empty, a context dependent default applies. If the address is a concrete
|
|
|
|
// IP address, no resolution will occur. If address is a hostname this
|
|
|
|
// should be set for resolution other than DNS. Specifying a custom resolver with
|
|
|
|
// *STRICT_DNS* or *LOGICAL_DNS* will generate an error at runtime.
|
|
|
|
string resolver_name = 5;
|
|
|
|
|
|
|
|
// When binding to an IPv6 address above, this enables `IPv4 compatibility
|
|
|
|
// <https://tools.ietf.org/html/rfc3493#page-11>`_. Binding to ``::`` will
|
|
|
|
// allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into
|
|
|
|
// IPv6 space as ``::FFFF:<IPv4-address>``.
|
|
|
|
bool ipv4_compat = 6;
|
|
|
|
}
|
|
|
|
|
|
|
|
message TcpKeepalive {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.TcpKeepalive";
|
|
|
|
|
|
|
|
// Maximum number of keepalive probes to send without response before deciding
|
|
|
|
// the connection is dead. Default is to use the OS level configuration (unless
|
|
|
|
// overridden, Linux defaults to 9.)
|
|
|
|
google.protobuf.UInt32Value keepalive_probes = 1;
|
|
|
|
|
|
|
|
// The number of seconds a connection needs to be idle before keep-alive probes
|
|
|
|
// start being sent. Default is to use the OS level configuration (unless
|
|
|
|
// overridden, Linux defaults to 7200s (i.e., 2 hours.)
|
|
|
|
google.protobuf.UInt32Value keepalive_time = 2;
|
|
|
|
|
|
|
|
// The number of seconds between keep-alive probes. Default is to use the OS
|
|
|
|
// level configuration (unless overridden, Linux defaults to 75s.)
|
|
|
|
google.protobuf.UInt32Value keepalive_interval = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
message BindConfig {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.BindConfig";
|
|
|
|
|
|
|
|
// The address to bind to when creating a socket.
|
|
|
|
SocketAddress source_address = 1 [(validate.rules).message = {required: true}];
|
|
|
|
|
|
|
|
// Whether to set the *IP_FREEBIND* option when creating the socket. When this
|
|
|
|
// flag is set to true, allows the :ref:`source_address
|
|
|
|
// <envoy_api_field_config.cluster.v3.UpstreamBindConfig.source_address>` to be an IP address
|
|
|
|
// that is not configured on the system running Envoy. When this flag is set
|
|
|
|
// to false, the option *IP_FREEBIND* is disabled on the socket. When this
|
|
|
|
// flag is not set (default), the socket is not modified, i.e. the option is
|
|
|
|
// neither enabled nor disabled.
|
|
|
|
google.protobuf.BoolValue freebind = 2;
|
|
|
|
|
|
|
|
// Additional socket options that may not be present in Envoy source code or
|
|
|
|
// precompiled binaries.
|
|
|
|
repeated SocketOption socket_options = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Addresses specify either a logical or physical address and port, which are
|
|
|
|
// used to tell Envoy where to bind/listen, connect to upstream and find
|
|
|
|
// management servers.
|
|
|
|
message Address {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.Address";
|
|
|
|
|
|
|
|
oneof address {
|
|
|
|
option (validate.required) = true;
|
|
|
|
|
|
|
|
SocketAddress socket_address = 1;
|
|
|
|
|
|
|
|
Pipe pipe = 2;
|
|
|
|
|
|
|
|
// [#not-implemented-hide:]
|
|
|
|
EnvoyInternalAddress envoy_internal_address = 3;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// CidrRange specifies an IP Address and a prefix length to construct
|
|
|
|
// the subnet mask for a `CIDR <https://tools.ietf.org/html/rfc4632>`_ range.
|
|
|
|
message CidrRange {
|
|
|
|
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.core.CidrRange";
|
|
|
|
|
|
|
|
// IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``.
|
|
|
|
string address_prefix = 1 [(validate.rules).string = {min_len: 1}];
|
|
|
|
|
|
|
|
// Length of prefix, e.g. 0, 32.
|
|
|
|
google.protobuf.UInt32Value prefix_len = 2 [(validate.rules).uint32 = {lte: 128}];
|
|
|
|
}
|