/
discovery.proto
390 lines (326 loc) · 17.6 KB
/
discovery.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
syntax = "proto3";
package envoy.service.discovery.v3;
import "envoy/config/core/v3/base.proto";
import "google/protobuf/any.proto";
import "google/protobuf/duration.proto";
import "google/rpc/status.proto";
import "udpa/annotations/status.proto";
import "udpa/annotations/versioning.proto";
import "validate/validate.proto";
option java_package = "io.envoyproxy.envoy.service.discovery.v3";
option java_outer_classname = "DiscoveryProto";
option java_multiple_files = true;
option go_package = "github.com/envoyproxy/go-control-plane/envoy/service/discovery/v3;discoveryv3";
option (udpa.annotations.file_status).package_version_status = ACTIVE;
// [#protodoc-title: Common discovery API components]
// Specifies a resource to be subscribed to.
message ResourceLocator {
// The resource name to subscribe to.
string name = 1;
// A set of dynamic parameters used to match against the dynamic parameter
// constraints on the resource. This allows clients to select between
// multiple variants of the same resource.
map<string, string> dynamic_parameters = 2;
}
// Specifies a concrete resource name.
message ResourceName {
// The name of the resource.
string name = 1;
// Dynamic parameter constraints associated with this resource. To be used by client-side caches
// (including xDS proxies) when matching subscribed resource locators.
DynamicParameterConstraints dynamic_parameter_constraints = 2;
}
// A DiscoveryRequest requests a set of versioned resources of the same type for
// a given Envoy node on some API.
// [#next-free-field: 8]
message DiscoveryRequest {
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DiscoveryRequest";
// The version_info provided in the request messages will be the version_info
// received with the most recent successfully processed response or empty on
// the first request. It is expected that no new request is sent after a
// response is received until the Envoy instance is ready to ACK/NACK the new
// configuration. ACK/NACK takes place by returning the new API config version
// as applied or the previous API config version respectively. Each type_url
// (see below) has an independent version associated with it.
string version_info = 1;
// The node making the request.
config.core.v3.Node node = 2;
// List of resources to subscribe to, e.g. list of cluster names or a route
// configuration name. If this is empty, all resources for the API are
// returned. LDS/CDS may have empty resource_names, which will cause all
// resources for the Envoy instance to be returned. The LDS and CDS responses
// will then imply a number of resources that need to be fetched via EDS/RDS,
// which will be explicitly enumerated in resource_names.
repeated string resource_names = 3;
// [#not-implemented-hide:]
// Alternative to ``resource_names`` field that allows specifying dynamic
// parameters along with each resource name. Clients that populate this
// field must be able to handle responses from the server where resources
// are wrapped in a Resource message.
// Note that it is legal for a request to have some resources listed
// in ``resource_names`` and others in ``resource_locators``.
repeated ResourceLocator resource_locators = 7;
// Type of the resource that is being requested, e.g.
// "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment". This is implicit
// in requests made via singleton xDS APIs such as CDS, LDS, etc. but is
// required for ADS.
string type_url = 4;
// nonce corresponding to DiscoveryResponse being ACK/NACKed. See above
// discussion on version_info and the DiscoveryResponse nonce comment. This
// may be empty only if 1) this is a non-persistent-stream xDS such as HTTP,
// or 2) the client has not yet accepted an update in this xDS stream (unlike
// delta, where it is populated only for new explicit ACKs).
string response_nonce = 5;
// This is populated when the previous :ref:`DiscoveryResponse <envoy_v3_api_msg_service.discovery.v3.DiscoveryResponse>`
// failed to update configuration. The ``message`` field in ``error_details`` provides the Envoy
// internal exception related to the failure. It is only intended for consumption during manual
// debugging, the string provided is not guaranteed to be stable across Envoy versions.
google.rpc.Status error_detail = 6;
}
// [#next-free-field: 7]
message DiscoveryResponse {
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DiscoveryResponse";
// The version of the response data.
string version_info = 1;
// The response resources. These resources are typed and depend on the API being called.
repeated google.protobuf.Any resources = 2;
// [#not-implemented-hide:]
// Canary is used to support two Envoy command line flags:
//
// * --terminate-on-canary-transition-failure. When set, Envoy is able to
// terminate if it detects that configuration is stuck at canary. Consider
// this example sequence of updates:
// - Management server applies a canary config successfully.
// - Management server rolls back to a production config.
// - Envoy rejects the new production config.
// Since there is no sensible way to continue receiving configuration
// updates, Envoy will then terminate and apply production config from a
// clean slate.
// * --dry-run-canary. When set, a canary response will never be applied, only
// validated via a dry run.
bool canary = 3;
// Type URL for resources. Identifies the xDS API when muxing over ADS.
// Must be consistent with the type_url in the 'resources' repeated Any (if non-empty).
string type_url = 4;
// For gRPC based subscriptions, the nonce provides a way to explicitly ack a
// specific DiscoveryResponse in a following DiscoveryRequest. Additional
// messages may have been sent by Envoy to the management server for the
// previous version on the stream prior to this DiscoveryResponse, that were
// unprocessed at response send time. The nonce allows the management server
// to ignore any further DiscoveryRequests for the previous version until a
// DiscoveryRequest bearing the nonce. The nonce is optional and is not
// required for non-stream based xDS implementations.
string nonce = 5;
// The control plane instance that sent the response.
config.core.v3.ControlPlane control_plane = 6;
}
// DeltaDiscoveryRequest and DeltaDiscoveryResponse are used in a new gRPC
// endpoint for Delta xDS.
//
// With Delta xDS, the DeltaDiscoveryResponses do not need to include a full
// snapshot of the tracked resources. Instead, DeltaDiscoveryResponses are a
// diff to the state of a xDS client.
// In Delta XDS there are per-resource versions, which allow tracking state at
// the resource granularity.
// An xDS Delta session is always in the context of a gRPC bidirectional
// stream. This allows the xDS server to keep track of the state of xDS clients
// connected to it.
//
// In Delta xDS the nonce field is required and used to pair
// DeltaDiscoveryResponse to a DeltaDiscoveryRequest ACK or NACK.
// Optionally, a response message level system_version_info is present for
// debugging purposes only.
//
// DeltaDiscoveryRequest plays two independent roles. Any DeltaDiscoveryRequest
// can be either or both of: [1] informing the server of what resources the
// client has gained/lost interest in (using resource_names_subscribe and
// resource_names_unsubscribe), or [2] (N)ACKing an earlier resource update from
// the server (using response_nonce, with presence of error_detail making it a NACK).
// Additionally, the first message (for a given type_url) of a reconnected gRPC stream
// has a third role: informing the server of the resources (and their versions)
// that the client already possesses, using the initial_resource_versions field.
//
// As with state-of-the-world, when multiple resource types are multiplexed (ADS),
// all requests/acknowledgments/updates are logically walled off by type_url:
// a Cluster ACK exists in a completely separate world from a prior Route NACK.
// In particular, initial_resource_versions being sent at the "start" of every
// gRPC stream actually entails a message for each type_url, each with its own
// initial_resource_versions.
// [#next-free-field: 10]
message DeltaDiscoveryRequest {
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.DeltaDiscoveryRequest";
// The node making the request.
config.core.v3.Node node = 1;
// Type of the resource that is being requested, e.g.
// ``type.googleapis.com/envoy.api.v2.ClusterLoadAssignment``. This does not need to be set if
// resources are only referenced via ``xds_resource_subscribe`` and
// ``xds_resources_unsubscribe``.
string type_url = 2;
// DeltaDiscoveryRequests allow the client to add or remove individual
// resources to the set of tracked resources in the context of a stream.
// All resource names in the resource_names_subscribe list are added to the
// set of tracked resources and all resource names in the resource_names_unsubscribe
// list are removed from the set of tracked resources.
//
// *Unlike* state-of-the-world xDS, an empty resource_names_subscribe or
// resource_names_unsubscribe list simply means that no resources are to be
// added or removed to the resource list.
// *Like* state-of-the-world xDS, the server must send updates for all tracked
// resources, but can also send updates for resources the client has not subscribed to.
//
// NOTE: the server must respond with all resources listed in resource_names_subscribe,
// even if it believes the client has the most recent version of them. The reason:
// the client may have dropped them, but then regained interest before it had a chance
// to send the unsubscribe message. See DeltaSubscriptionStateTest.RemoveThenAdd.
//
// These two fields can be set in any DeltaDiscoveryRequest, including ACKs
// and initial_resource_versions.
//
// A list of Resource names to add to the list of tracked resources.
repeated string resource_names_subscribe = 3;
// A list of Resource names to remove from the list of tracked resources.
repeated string resource_names_unsubscribe = 4;
// [#not-implemented-hide:]
// Alternative to ``resource_names_subscribe`` field that allows specifying dynamic parameters
// along with each resource name.
// Note that it is legal for a request to have some resources listed
// in ``resource_names_subscribe`` and others in ``resource_locators_subscribe``.
repeated ResourceLocator resource_locators_subscribe = 8;
// [#not-implemented-hide:]
// Alternative to ``resource_names_unsubscribe`` field that allows specifying dynamic parameters
// along with each resource name.
// Note that it is legal for a request to have some resources listed
// in ``resource_names_unsubscribe`` and others in ``resource_locators_unsubscribe``.
repeated ResourceLocator resource_locators_unsubscribe = 9;
// Informs the server of the versions of the resources the xDS client knows of, to enable the
// client to continue the same logical xDS session even in the face of gRPC stream reconnection.
// It will not be populated: [1] in the very first stream of a session, since the client will
// not yet have any resources, [2] in any message after the first in a stream (for a given
// type_url), since the server will already be correctly tracking the client's state.
// (In ADS, the first message *of each type_url* of a reconnected stream populates this map.)
// The map's keys are names of xDS resources known to the xDS client.
// The map's values are opaque resource versions.
map<string, string> initial_resource_versions = 5;
// When the DeltaDiscoveryRequest is a ACK or NACK message in response
// to a previous DeltaDiscoveryResponse, the response_nonce must be the
// nonce in the DeltaDiscoveryResponse.
// Otherwise (unlike in DiscoveryRequest) response_nonce must be omitted.
string response_nonce = 6;
// This is populated when the previous :ref:`DiscoveryResponse <envoy_v3_api_msg_service.discovery.v3.DiscoveryResponse>`
// failed to update configuration. The ``message`` field in ``error_details``
// provides the Envoy internal exception related to the failure.
google.rpc.Status error_detail = 7;
}
// [#next-free-field: 9]
message DeltaDiscoveryResponse {
option (udpa.annotations.versioning).previous_message_type =
"envoy.api.v2.DeltaDiscoveryResponse";
// The version of the response data (used for debugging).
string system_version_info = 1;
// The response resources. These are typed resources, whose types must match
// the type_url field.
repeated Resource resources = 2;
// field id 3 IS available!
// Type URL for resources. Identifies the xDS API when muxing over ADS.
// Must be consistent with the type_url in the Any within 'resources' if 'resources' is non-empty.
string type_url = 4;
// Resources names of resources that have be deleted and to be removed from the xDS Client.
// Removed resources for missing resources can be ignored.
repeated string removed_resources = 6;
// Alternative to removed_resources that allows specifying which variant of
// a resource is being removed. This variant must be used for any resource
// for which dynamic parameter constraints were sent to the client.
repeated ResourceName removed_resource_names = 8;
// The nonce provides a way for DeltaDiscoveryRequests to uniquely
// reference a DeltaDiscoveryResponse when (N)ACKing. The nonce is required.
string nonce = 5;
// [#not-implemented-hide:]
// The control plane instance that sent the response.
config.core.v3.ControlPlane control_plane = 7;
}
// A set of dynamic parameter constraints associated with a variant of an individual xDS resource.
// These constraints determine whether the resource matches a subscription based on the set of
// dynamic parameters in the subscription, as specified in the
// :ref:`ResourceLocator.dynamic_parameters<envoy_v3_api_field_service.discovery.v3.ResourceLocator.dynamic_parameters>`
// field. This allows xDS implementations (clients, servers, and caching proxies) to determine
// which variant of a resource is appropriate for a given client.
message DynamicParameterConstraints {
// A single constraint for a given key.
message SingleConstraint {
message Exists {
}
// The key to match against.
string key = 1;
oneof constraint_type {
option (validate.required) = true;
// Matches this exact value.
string value = 2;
// Key is present (matches any value except for the key being absent).
// This allows setting a default constraint for clients that do
// not send a key at all, while there may be other clients that need
// special configuration based on that key.
Exists exists = 3;
}
}
message ConstraintList {
repeated DynamicParameterConstraints constraints = 1;
}
oneof type {
// A single constraint to evaluate.
SingleConstraint constraint = 1;
// A list of constraints that match if any one constraint in the list
// matches.
ConstraintList or_constraints = 2;
// A list of constraints that must all match.
ConstraintList and_constraints = 3;
// The inverse (NOT) of a set of constraints.
DynamicParameterConstraints not_constraints = 4;
}
}
// [#next-free-field: 10]
message Resource {
option (udpa.annotations.versioning).previous_message_type = "envoy.api.v2.Resource";
// Cache control properties for the resource.
// [#not-implemented-hide:]
message CacheControl {
// If true, xDS proxies may not cache this resource.
// Note that this does not apply to clients other than xDS proxies, which must cache resources
// for their own use, regardless of the value of this field.
bool do_not_cache = 1;
}
// The resource's name, to distinguish it from others of the same type of resource.
// Only one of ``name`` or ``resource_name`` may be set.
string name = 3;
// Alternative to the ``name`` field, to be used when the server supports
// multiple variants of the named resource that are differentiated by
// dynamic parameter constraints.
// Only one of ``name`` or ``resource_name`` may be set.
ResourceName resource_name = 8;
// The aliases are a list of other names that this resource can go by.
repeated string aliases = 4;
// The resource level version. It allows xDS to track the state of individual
// resources.
string version = 1;
// The resource being tracked.
google.protobuf.Any resource = 2;
// Time-to-live value for the resource. For each resource, a timer is started. The timer is
// reset each time the resource is received with a new TTL. If the resource is received with
// no TTL set, the timer is removed for the resource. Upon expiration of the timer, the
// configuration for the resource will be removed.
//
// The TTL can be refreshed or changed by sending a response that doesn't change the resource
// version. In this case the resource field does not need to be populated, which allows for
// light-weight "heartbeat" updates to keep a resource with a TTL alive.
//
// The TTL feature is meant to support configurations that should be removed in the event of
// a management server failure. For example, the feature may be used for fault injection
// testing where the fault injection should be terminated in the event that Envoy loses contact
// with the management server.
google.protobuf.Duration ttl = 6;
// Cache control properties for the resource.
// [#not-implemented-hide:]
CacheControl cache_control = 7;
// The Metadata field can be used to provide additional information for the resource.
// E.g. the trace data for debugging.
config.core.v3.Metadata metadata = 9;
}