/
bootstrap.proto
346 lines (282 loc) · 14.7 KB
/
bootstrap.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
syntax = "proto3";
package envoy.config.bootstrap.v2;
import "envoy/api/v2/auth/cert.proto";
import "envoy/api/v2/cluster.proto";
import "envoy/api/v2/core/address.proto";
import "envoy/api/v2/core/base.proto";
import "envoy/api/v2/core/config_source.proto";
import "envoy/api/v2/core/event_service_config.proto";
import "envoy/api/v2/core/socket_option.proto";
import "envoy/api/v2/listener.proto";
import "envoy/config/metrics/v2/stats.proto";
import "envoy/config/overload/v2alpha/overload.proto";
import "envoy/config/trace/v2/trace.proto";
import "google/protobuf/duration.proto";
import "google/protobuf/struct.proto";
import "google/protobuf/wrappers.proto";
import "envoy/annotations/deprecation.proto";
import "udpa/annotations/status.proto";
import "validate/validate.proto";
option java_package = "io.envoyproxy.envoy.config.bootstrap.v2";
option java_outer_classname = "BootstrapProto";
option java_multiple_files = true;
option (udpa.annotations.file_status).package_version_status = FROZEN;
// [#protodoc-title: Bootstrap]
// This proto is supplied via the :option:`-c` CLI flag and acts as the root
// of the Envoy v2 configuration. See the :ref:`v2 configuration overview
// <config_overview_bootstrap>` for more detail.
// Bootstrap :ref:`configuration overview <config_overview_bootstrap>`.
// [#next-free-field: 21]
message Bootstrap {
message StaticResources {
// Static :ref:`Listeners <envoy_api_msg_Listener>`. These listeners are
// available regardless of LDS configuration.
repeated api.v2.Listener listeners = 1;
// If a network based configuration source is specified for :ref:`cds_config
// <envoy_api_field_config.bootstrap.v2.Bootstrap.DynamicResources.cds_config>`, it's necessary
// to have some initial cluster definitions available to allow Envoy to know
// how to speak to the management server. These cluster definitions may not
// use :ref:`EDS <arch_overview_dynamic_config_eds>` (i.e. they should be static
// IP or DNS-based).
repeated api.v2.Cluster clusters = 2;
// These static secrets can be used by :ref:`SdsSecretConfig
// <envoy_api_msg_auth.SdsSecretConfig>`
repeated api.v2.auth.Secret secrets = 3;
}
message DynamicResources {
reserved 4;
// All :ref:`Listeners <envoy_api_msg_Listener>` are provided by a single
// :ref:`LDS <arch_overview_dynamic_config_lds>` configuration source.
api.v2.core.ConfigSource lds_config = 1;
// All post-bootstrap :ref:`Cluster <envoy_api_msg_Cluster>` definitions are
// provided by a single :ref:`CDS <arch_overview_dynamic_config_cds>`
// configuration source.
api.v2.core.ConfigSource cds_config = 2;
// A single :ref:`ADS <config_overview_ads>` source may be optionally
// specified. This must have :ref:`api_type
// <envoy_api_field_core.ApiConfigSource.api_type>` :ref:`GRPC
// <envoy_api_enum_value_core.ApiConfigSource.ApiType.GRPC>`. Only
// :ref:`ConfigSources <envoy_api_msg_core.ConfigSource>` that have
// the :ref:`ads <envoy_api_field_core.ConfigSource.ads>` field set will be
// streamed on the ADS channel.
api.v2.core.ApiConfigSource ads_config = 3;
}
reserved 10;
// Node identity to present to the management server and for instance
// identification purposes (e.g. in generated headers).
api.v2.core.Node node = 1;
// Statically specified resources.
StaticResources static_resources = 2;
// xDS configuration sources.
DynamicResources dynamic_resources = 3;
// Configuration for the cluster manager which owns all upstream clusters
// within the server.
ClusterManager cluster_manager = 4;
// Health discovery service config option.
// (:ref:`core.ApiConfigSource <envoy_api_msg_core.ApiConfigSource>`)
api.v2.core.ApiConfigSource hds_config = 14;
// Optional file system path to search for startup flag files.
string flags_path = 5;
// Optional set of stats sinks.
repeated metrics.v2.StatsSink stats_sinks = 6;
// Configuration for internal processing of stats.
metrics.v2.StatsConfig stats_config = 13;
// Optional duration between flushes to configured stats sinks. For
// performance reasons Envoy latches counters and only flushes counters and
// gauges at a periodic interval. If not specified the default is 5000ms (5
// seconds).
// Duration must be at least 1ms and at most 5 min.
google.protobuf.Duration stats_flush_interval = 7 [(validate.rules).duration = {
lt {seconds: 300}
gte {nanos: 1000000}
}];
// Optional watchdog configuration.
Watchdog watchdog = 8;
// Configuration for an external tracing provider. If not specified, no
// tracing will be performed.
trace.v2.Tracing tracing = 9;
// Configuration for the runtime configuration provider (deprecated). If not
// specified, a “null” provider will be used which will result in all defaults
// being used.
Runtime runtime = 11 [deprecated = true, (envoy.annotations.disallowed_by_default) = true];
// Configuration for the runtime configuration provider. If not
// specified, a “null” provider will be used which will result in all defaults
// being used.
LayeredRuntime layered_runtime = 17;
// Configuration for the local administration HTTP server.
Admin admin = 12;
// Optional overload manager configuration.
overload.v2alpha.OverloadManager overload_manager = 15;
// Enable :ref:`stats for event dispatcher <operations_performance>`, defaults to false.
// Note that this records a value for each iteration of the event loop on every thread. This
// should normally be minimal overhead, but when using
// :ref:`statsd <envoy_api_msg_config.metrics.v2.StatsdSink>`, it will send each observed value
// over the wire individually because the statsd protocol doesn't have any way to represent a
// histogram summary. Be aware that this can be a very large volume of data.
bool enable_dispatcher_stats = 16;
// Optional string which will be used in lieu of x-envoy in prefixing headers.
//
// For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be
// transformed into x-foo-retry-on etc.
//
// Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the
// headers Envoy will trust for core code and core extensions only. Be VERY careful making
// changes to this string, especially in multi-layer Envoy deployments or deployments using
// extensions which are not upstream.
string header_prefix = 18;
// Optional proxy version which will be used to set the value of :ref:`server.version statistic
// <server_statistics>` if specified. Envoy will not process this value, it will be sent as is to
// :ref:`stats sinks <envoy_api_msg_config.metrics.v2.StatsSink>`.
google.protobuf.UInt64Value stats_server_version_override = 19;
// Always use TCP queries instead of UDP queries for DNS lookups.
// This may be overridden on a per-cluster basis in cds_config,
// when :ref:`dns_resolvers <envoy_api_field_Cluster.dns_resolvers>` and
// :ref:`use_tcp_for_dns_lookups <envoy_api_field_Cluster.use_tcp_for_dns_lookups>` are
// specified.
bool use_tcp_for_dns_lookups = 20;
}
// Administration interface :ref:`operations documentation
// <operations_admin_interface>`.
message Admin {
// The path to write the access log for the administration server. If no
// access log is desired specify ‘/dev/null’. This is only required if
// :ref:`address <envoy_api_field_config.bootstrap.v2.Admin.address>` is set.
string access_log_path = 1;
// The cpu profiler output path for the administration server. If no profile
// path is specified, the default is ‘/var/log/envoy/envoy.prof’.
string profile_path = 2;
// The TCP address that the administration server will listen on.
// If not specified, Envoy will not start an administration server.
api.v2.core.Address address = 3;
// Additional socket options that may not be present in Envoy source code or
// precompiled binaries.
repeated api.v2.core.SocketOption socket_options = 4;
}
// Cluster manager :ref:`architecture overview <arch_overview_cluster_manager>`.
message ClusterManager {
message OutlierDetection {
// Specifies the path to the outlier event log.
string event_log_path = 1;
// [#not-implemented-hide:]
// The gRPC service for the outlier detection event service.
// If empty, outlier detection events won't be sent to a remote endpoint.
api.v2.core.EventServiceConfig event_service = 2;
}
// Name of the local cluster (i.e., the cluster that owns the Envoy running
// this configuration). In order to enable :ref:`zone aware routing
// <arch_overview_load_balancing_zone_aware_routing>` this option must be set.
// If *local_cluster_name* is defined then :ref:`clusters
// <envoy_api_msg_Cluster>` must be defined in the :ref:`Bootstrap
// static cluster resources
// <envoy_api_field_config.bootstrap.v2.Bootstrap.StaticResources.clusters>`. This is unrelated to
// the :option:`--service-cluster` option which does not `affect zone aware
// routing <https://github.com/envoyproxy/envoy/issues/774>`_.
string local_cluster_name = 1;
// Optional global configuration for outlier detection.
OutlierDetection outlier_detection = 2;
// Optional configuration used to bind newly established upstream connections.
// This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config.
api.v2.core.BindConfig upstream_bind_config = 3;
// A management server endpoint to stream load stats to via
// *StreamLoadStats*. This must have :ref:`api_type
// <envoy_api_field_core.ApiConfigSource.api_type>` :ref:`GRPC
// <envoy_api_enum_value_core.ApiConfigSource.ApiType.GRPC>`.
api.v2.core.ApiConfigSource load_stats_config = 4;
}
// Envoy process watchdog configuration. When configured, this monitors for
// nonresponsive threads and kills the process after the configured thresholds.
// See the :ref:`watchdog documentation <operations_performance_watchdog>` for more information.
message Watchdog {
// The duration after which Envoy counts a nonresponsive thread in the
// *watchdog_miss* statistic. If not specified the default is 200ms.
google.protobuf.Duration miss_timeout = 1;
// The duration after which Envoy counts a nonresponsive thread in the
// *watchdog_mega_miss* statistic. If not specified the default is
// 1000ms.
google.protobuf.Duration megamiss_timeout = 2;
// If a watched thread has been nonresponsive for this duration, assume a
// programming error and kill the entire Envoy process. Set to 0 to disable
// kill behavior. If not specified the default is 0 (disabled).
google.protobuf.Duration kill_timeout = 3;
// If at least two watched threads have been nonresponsive for at least this
// duration assume a true deadlock and kill the entire Envoy process. Set to 0
// to disable this behavior. If not specified the default is 0 (disabled).
google.protobuf.Duration multikill_timeout = 4;
}
// Runtime :ref:`configuration overview <config_runtime>` (deprecated).
message Runtime {
// The implementation assumes that the file system tree is accessed via a
// symbolic link. An atomic link swap is used when a new tree should be
// switched to. This parameter specifies the path to the symbolic link. Envoy
// will watch the location for changes and reload the file system tree when
// they happen. If this parameter is not set, there will be no disk based
// runtime.
string symlink_root = 1;
// Specifies the subdirectory to load within the root directory. This is
// useful if multiple systems share the same delivery mechanism. Envoy
// configuration elements can be contained in a dedicated subdirectory.
string subdirectory = 2;
// Specifies an optional subdirectory to load within the root directory. If
// specified and the directory exists, configuration values within this
// directory will override those found in the primary subdirectory. This is
// useful when Envoy is deployed across many different types of servers.
// Sometimes it is useful to have a per service cluster directory for runtime
// configuration. See below for exactly how the override directory is used.
string override_subdirectory = 3;
// Static base runtime. This will be :ref:`overridden
// <config_runtime_layering>` by other runtime layers, e.g.
// disk or admin. This follows the :ref:`runtime protobuf JSON representation
// encoding <config_runtime_proto_json>`.
google.protobuf.Struct base = 4;
}
// [#next-free-field: 6]
message RuntimeLayer {
// :ref:`Disk runtime <config_runtime_local_disk>` layer.
message DiskLayer {
// The implementation assumes that the file system tree is accessed via a
// symbolic link. An atomic link swap is used when a new tree should be
// switched to. This parameter specifies the path to the symbolic link.
// Envoy will watch the location for changes and reload the file system tree
// when they happen. See documentation on runtime :ref:`atomicity
// <config_runtime_atomicity>` for further details on how reloads are
// treated.
string symlink_root = 1;
// Specifies the subdirectory to load within the root directory. This is
// useful if multiple systems share the same delivery mechanism. Envoy
// configuration elements can be contained in a dedicated subdirectory.
string subdirectory = 3;
// :ref:`Append <config_runtime_local_disk_service_cluster_subdirs>` the
// service cluster to the path under symlink root.
bool append_service_cluster = 2;
}
// :ref:`Admin console runtime <config_runtime_admin>` layer.
message AdminLayer {
}
// :ref:`Runtime Discovery Service (RTDS) <config_runtime_rtds>` layer.
message RtdsLayer {
// Resource to subscribe to at *rtds_config* for the RTDS layer.
string name = 1;
// RTDS configuration source.
api.v2.core.ConfigSource rtds_config = 2;
}
// Descriptive name for the runtime layer. This is only used for the runtime
// :http:get:`/runtime` output.
string name = 1 [(validate.rules).string = {min_bytes: 1}];
oneof layer_specifier {
option (validate.required) = true;
// :ref:`Static runtime <config_runtime_bootstrap>` layer.
// This follows the :ref:`runtime protobuf JSON representation encoding
// <config_runtime_proto_json>`. Unlike static xDS resources, this static
// layer is overridable by later layers in the runtime virtual filesystem.
google.protobuf.Struct static_layer = 2;
DiskLayer disk_layer = 3;
AdminLayer admin_layer = 4;
RtdsLayer rtds_layer = 5;
}
}
// Runtime :ref:`configuration overview <config_runtime>`.
message LayeredRuntime {
// The :ref:`layers <config_runtime_layering>` of the runtime. This is ordered
// such that later layers in the list overlay earlier entries.
repeated RuntimeLayer layers = 1;
}