/
dns_cache.proto
146 lines (125 loc) · 7.49 KB
/
dns_cache.proto
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
syntax = "proto3";
package envoy.extensions.common.dynamic_forward_proxy.v3;
import "envoy/config/cluster/v3/cluster.proto";
import "envoy/config/common/key_value/v3/config.proto";
import "envoy/config/core/v3/address.proto";
import "envoy/config/core/v3/extension.proto";
import "envoy/config/core/v3/resolver.proto";
import "google/protobuf/duration.proto";
import "google/protobuf/wrappers.proto";
import "envoy/annotations/deprecation.proto";
import "udpa/annotations/status.proto";
import "udpa/annotations/versioning.proto";
import "validate/validate.proto";
option java_package = "io.envoyproxy.envoy.extensions.common.dynamic_forward_proxy.v3";
option java_outer_classname = "DnsCacheProto";
option java_multiple_files = true;
option (udpa.annotations.file_status).package_version_status = ACTIVE;
// [#protodoc-title: Dynamic forward proxy common configuration]
// Configuration of circuit breakers for resolver.
message DnsCacheCircuitBreakers {
// The maximum number of pending requests that Envoy will allow to the
// resolver. If not specified, the default is 1024.
google.protobuf.UInt32Value max_pending_requests = 1;
}
// Configuration for the dynamic forward proxy DNS cache. See the :ref:`architecture overview
// <arch_overview_http_dynamic_forward_proxy>` for more information.
// [#next-free-field: 14]
message DnsCacheConfig {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.common.dynamic_forward_proxy.v2alpha.DnsCacheConfig";
// The name of the cache. Multiple named caches allow independent dynamic forward proxy
// configurations to operate within a single Envoy process using different configurations. All
// configurations with the same name *must* otherwise have the same settings when referenced
// from different configuration components. Configuration will fail to load if this is not
// the case.
string name = 1 [(validate.rules).string = {min_len: 1}];
// The DNS lookup family to use during resolution.
//
// [#comment:TODO(mattklein123): Figure out how to support IPv4/IPv6 "happy eyeballs" mode. The
// way this might work is a new lookup family which returns both IPv4 and IPv6 addresses, and
// then configures a host to have a primary and fall back address. With this, we could very
// likely build a "happy eyeballs" connection pool which would race the primary / fall back
// address and return the one that wins. This same method could potentially also be used for
// QUIC to TCP fall back.]
config.cluster.v3.Cluster.DnsLookupFamily dns_lookup_family = 2
[(validate.rules).enum = {defined_only: true}];
// The DNS refresh rate for currently cached DNS hosts. If not specified defaults to 60s.
//
// .. note:
//
// The returned DNS TTL is not currently used to alter the refresh rate. This feature will be
// added in a future change.
//
// .. note:
//
// The refresh rate is rounded to the closest millisecond, and must be at least 1ms.
google.protobuf.Duration dns_refresh_rate = 3
[(validate.rules).duration = {gte {nanos: 1000000}}];
// The TTL for hosts that are unused. Hosts that have not been used in the configured time
// interval will be purged. If not specified defaults to 5m.
//
// .. note:
//
// The TTL is only checked at the time of DNS refresh, as specified by *dns_refresh_rate*. This
// means that if the configured TTL is shorter than the refresh rate the host may not be removed
// immediately.
//
// .. note:
//
// The TTL has no relation to DNS TTL and is only used to control Envoy's resource usage.
google.protobuf.Duration host_ttl = 4 [(validate.rules).duration = {gt {}}];
// The maximum number of hosts that the cache will hold. If not specified defaults to 1024.
//
// .. note:
//
// The implementation is approximate and enforced independently on each worker thread, thus
// it is possible for the maximum hosts in the cache to go slightly above the configured
// value depending on timing. This is similar to how other circuit breakers work.
google.protobuf.UInt32Value max_hosts = 5 [(validate.rules).uint32 = {gt: 0}];
// If the DNS failure refresh rate is specified,
// this is used as the cache's DNS refresh rate when DNS requests are failing. If this setting is
// not specified, the failure refresh rate defaults to the dns_refresh_rate.
config.cluster.v3.Cluster.RefreshRate dns_failure_refresh_rate = 6;
// The config of circuit breakers for resolver. It provides a configurable threshold.
// Envoy will use dns cache circuit breakers with default settings even if this value is not set.
DnsCacheCircuitBreakers dns_cache_circuit_breaker = 7;
// Always use TCP queries instead of UDP queries for DNS lookups.
// Setting this value causes failure if the
// ``envoy.restart_features.use_apple_api_for_dns_lookups`` runtime value is true during
// server startup. Apple' API only uses UDP for DNS resolution.
// This field is deprecated in favor of *dns_resolution_config*
// which aggregates all of the DNS resolver configuration in a single message.
bool use_tcp_for_dns_lookups = 8
[deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
// DNS resolution configuration which includes the underlying dns resolver addresses and options.
// *dns_resolution_config* will be deprecated once
// :ref:'typed_dns_resolver_config <envoy_v3_api_field_extensions.common.dynamic_forward_proxy.v3.DnsCacheConfig.typed_dns_resolver_config>'
// is fully supported.
config.core.v3.DnsResolutionConfig dns_resolution_config = 9;
// DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
// or any other DNS resolver types and the related parameters.
// For example, an object of :ref:`DnsResolutionConfig <envoy_v3_api_msg_config.core.v3.DnsResolutionConfig>`
// can be packed into this *typed_dns_resolver_config*. This configuration will replace the
// :ref:'dns_resolution_config <envoy_v3_api_field_extensions.common.dynamic_forward_proxy.v3.DnsCacheConfig.dns_resolution_config>'
// configuration eventually.
// TODO(yanjunxiang): Investigate the deprecation plan for *dns_resolution_config*.
// During the transition period when both *dns_resolution_config* and *typed_dns_resolver_config* exists,
// this configuration is optional.
// When *typed_dns_resolver_config* is in place, Envoy will use it and ignore *dns_resolution_config*.
// When *typed_dns_resolver_config* is missing, the default behavior is in place.
// [#not-implemented-hide:]
config.core.v3.TypedExtensionConfig typed_dns_resolver_config = 12;
// Hostnames that should be preresolved into the cache upon creation. This might provide a
// performance improvement, in the form of cache hits, for hostnames that are going to be
// resolved during steady state and are known at config load time.
repeated config.core.v3.SocketAddress preresolve_hostnames = 10;
// The timeout used for DNS queries. This timeout is independent of any timeout and retry policy
// used by the underlying DNS implementation (e.g., c-areas and Apple DNS) which are opaque.
// Setting this timeout will ensure that queries succeed or fail within the specified time frame
// and are then retried using the standard refresh rates. Defaults to 5s if not set.
google.protobuf.Duration dns_query_timeout = 11 [(validate.rules).duration = {gt {}}];
// [#not-implemented-hide:]
// Configuration to flush the DNS cache to long term storage.
config.common.key_value.v3.KeyValueStoreConfig key_value_config = 13;
}