diff --git a/kubernetes/customresourcedefinitions.gen.yaml b/kubernetes/customresourcedefinitions.gen.yaml index ba00e7cb596..7faf3b3d477 100644 --- a/kubernetes/customresourcedefinitions.gen.yaml +++ b/kubernetes/customresourcedefinitions.gen.yaml @@ -11,19 +11,6 @@ metadata: release: istio name: destinationrules.networking.istio.io spec: - additionalPrinterColumns: - - JSONPath: .spec.host - description: The name of a service from the service registry - name: Host - type: string - - JSONPath: .metadata.creationTimestamp - description: 'CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for - lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' - name: Age - type: date group: networking.istio.io names: categories: @@ -39,372 +26,125 @@ spec: scope: Namespaced subresources: status: {} - validation: - openAPIV3Schema: - properties: - spec: - description: 'Configuration affecting load balancing, outlier detection, - etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html' - properties: - exportTo: - description: A list of namespaces to which this destination rule is - exported. - items: + versions: + - additionalPrinterColumns: + - JSONPath: .spec.host + description: The name of a service from the service registry + name: Host + type: string + - JSONPath: .metadata.creationTimestamp + description: 'CreationTimestamp is a timestamp representing the server time + when this object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for + lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' + name: Age + type: date + name: v1alpha3 + schema: + openAPIV3Schema: + properties: + spec: + description: 'Configuration affecting load balancing, outlier detection, + etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html' + properties: + exportTo: + description: A list of namespaces to which this destination rule is + exported. + items: + format: string + type: string + type: array + host: + description: The name of a service from the service registry. format: string type: string - type: array - host: - description: The name of a service from the service registry. - format: string - type: string - subsets: - items: - properties: - labels: - additionalProperties: + subsets: + items: + properties: + labels: + additionalProperties: + format: string + type: string + type: object + name: + description: Name of the subset. format: string type: string - type: object - name: - description: Name of the subset. - format: string - type: string - trafficPolicy: - description: Traffic policies that apply to this subset. - properties: - connectionPool: - properties: - http: - description: HTTP connection pool settings. - properties: - h2UpgradePolicy: - description: Specify if http1.1 connection should - be upgraded to http2 for the associated destination. - enum: - - DEFAULT - - DO_NOT_UPGRADE - - UPGRADE - type: string - http1MaxPendingRequests: - description: Maximum number of pending HTTP requests - to a destination. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to a backend. - format: int32 - type: integer - idleTimeout: - description: The idle timeout for upstream connection - pool connections. - type: string - maxRequestsPerConnection: - description: Maximum number of requests per connection - to a backend. - format: int32 - type: integer - maxRetries: - format: int32 - type: integer - useClientProtocol: - description: If set to true, client protocol will - be preserved while initiating connection to backend. - type: boolean - type: object - tcp: - description: Settings common to both HTTP and TCP upstream - connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP connections - to a destination host. - format: int32 - type: integer - tcpKeepalive: - description: If set then set SO_KEEPALIVE on the socket - to enable TCP Keepalives. - properties: - interval: - description: The time duration between keep-alive - probes. - type: string - probes: - type: integer - time: - type: string - type: object - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer algorithms. - oneOf: - - not: - anyOf: - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: Name of the cookie. - format: string - type: string - path: - description: Path to set for the cookie. - format: string - type: string - ttl: - description: Lifetime of the cookie. - type: string - type: object - httpHeaderName: - description: Hash based on a specific HTTP header. - format: string - type: string - httpQueryParameterName: - description: Hash based on a specific HTTP query parameter. - format: string - type: string - minimumRingSize: - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - localityLbSetting: - properties: - distribute: - description: 'Optional: only one of distribute or - failover can be set.' - items: - properties: - from: - description: Originating locality, '/' separated, - e.g. - format: string - type: string - to: - additionalProperties: - type: integer - description: Map of upstream localities to traffic - distribution weights. - type: object - type: object - type: array - enabled: - description: enable locality load balancing, this - is DestinationRule-level and will override mesh - wide settings in entirety. - nullable: true - type: boolean - failover: - description: 'Optional: only failover or distribute - can be set.' - items: - properties: - from: - description: Originating region. - format: string - type: string - to: - format: string - type: string - type: object - type: array - type: object - simple: - enum: - - ROUND_ROBIN - - LEAST_CONN - - RANDOM - - PASSTHROUGH - type: string - type: object - outlierDetection: - properties: - baseEjectionTime: - description: Minimum ejection duration. - type: string - consecutive5xxErrors: - description: Number of 5xx errors before a host is ejected - from the connection pool. - nullable: true - type: integer - consecutiveErrors: - format: int32 - type: integer - consecutiveGatewayErrors: - description: Number of gateway errors before a host is - ejected from the connection pool. - nullable: true - type: integer - interval: - description: Time interval between ejection sweep analysis. - type: string - maxEjectionPercent: - format: int32 - type: integer - minHealthPercent: - format: int32 - type: integer - type: object - portLevelSettings: - description: Traffic policies specific to individual ports. - items: + trafficPolicy: + description: Traffic policies that apply to this subset. + properties: + connectionPool: properties: - connectionPool: + http: + description: HTTP connection pool settings. + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests + to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + useClientProtocol: + description: If set to true, client protocol will + be preserved while initiating connection to backend. + type: boolean + type: object + tcp: + description: Settings common to both HTTP and TCP upstream + connections. properties: - http: - description: HTTP connection pool settings. + connectTimeout: + description: TCP connection timeout. + type: string + maxConnections: + description: Maximum number of HTTP1 /TCP connections + to a destination host. + format: int32 + type: integer + tcpKeepalive: + description: If set then set SO_KEEPALIVE on the + socket to enable TCP Keepalives. properties: - h2UpgradePolicy: - description: Specify if http1.1 connection should - be upgraded to http2 for the associated destination. - enum: - - DEFAULT - - DO_NOT_UPGRADE - - UPGRADE - type: string - http1MaxPendingRequests: - description: Maximum number of pending HTTP - requests to a destination. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to a - backend. - format: int32 - type: integer - idleTimeout: - description: The idle timeout for upstream connection - pool connections. + interval: + description: The time duration between keep-alive + probes. type: string - maxRequestsPerConnection: - description: Maximum number of requests per - connection to a backend. - format: int32 + probes: type: integer - maxRetries: - format: int32 - type: integer - useClientProtocol: - description: If set to true, client protocol - will be preserved while initiating connection - to backend. - type: boolean - type: object - tcp: - description: Settings common to both HTTP and TCP - upstream connections. - properties: - connectTimeout: - description: TCP connection timeout. + time: type: string - maxConnections: - description: Maximum number of HTTP1 /TCP connections - to a destination host. - format: int32 - type: integer - tcpKeepalive: - description: If set then set SO_KEEPALIVE on - the socket to enable TCP Keepalives. - properties: - interval: - description: The time duration between keep-alive - probes. - type: string - probes: - type: integer - time: - type: string - type: object type: object type: object - loadBalancer: - description: Settings controlling the load balancer - algorithms. - oneOf: - - not: - anyOf: - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash + type: object + loadBalancer: + description: Settings controlling the load balancer algorithms. + oneOf: + - not: + anyOf: - required: - simple - properties: @@ -430,528 +170,545 @@ spec: - httpQueryParameterName required: - consistentHash + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: properties: - consistentHash: + httpCookie: + description: Hash based on HTTP cookie. properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: Name of the cookie. - format: string - type: string - path: - description: Path to set for the cookie. - format: string - type: string - ttl: - description: Lifetime of the cookie. - type: string - type: object - httpHeaderName: - description: Hash based on a specific HTTP header. + name: + description: Name of the cookie. format: string type: string - httpQueryParameterName: - description: Hash based on a specific HTTP query - parameter. + path: + description: Path to set for the cookie. format: string type: string - minimumRingSize: - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - localityLbSetting: - properties: - distribute: - description: 'Optional: only one of distribute - or failover can be set.' - items: - properties: - from: - description: Originating locality, '/' - separated, e.g. - format: string - type: string - to: - additionalProperties: - type: integer - description: Map of upstream localities - to traffic distribution weights. - type: object - type: object - type: array - enabled: - description: enable locality load balancing, - this is DestinationRule-level and will override - mesh wide settings in entirety. - nullable: true - type: boolean - failover: - description: 'Optional: only failover or distribute - can be set.' - items: - properties: - from: - description: Originating region. - format: string - type: string - to: - format: string - type: string - type: object - type: array + ttl: + description: Lifetime of the cookie. + type: string type: object - simple: - enum: - - ROUND_ROBIN - - LEAST_CONN - - RANDOM - - PASSTHROUGH - type: string - type: object - outlierDetection: - properties: - baseEjectionTime: - description: Minimum ejection duration. + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string type: string - consecutive5xxErrors: - description: Number of 5xx errors before a host - is ejected from the connection pool. - nullable: true - type: integer - consecutiveErrors: - format: int32 - type: integer - consecutiveGatewayErrors: - description: Number of gateway errors before a host - is ejected from the connection pool. - nullable: true - type: integer - interval: - description: Time interval between ejection sweep - analysis. + httpQueryParameterName: + description: Hash based on a specific HTTP query + parameter. + format: string type: string - maxEjectionPercent: - format: int32 - type: integer - minHealthPercent: - format: int32 - type: integer - type: object - port: - properties: - number: + minimumRingSize: type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean type: object - tls: - description: TLS related settings for connections to - the upstream service. + localityLbSetting: properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - credentialName: - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server - during TLS handshake. - format: string - type: string - subjectAltNames: + distribute: + description: 'Optional: only one of distribute or + failover can be set.' items: - format: string - type: string + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to + traffic distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this + is DestinationRule-level and will override mesh + wide settings in entirety. + nullable: true + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object type: array type: object - type: object - type: array - tls: - description: TLS related settings for connections to the upstream - service. - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - credentialName: - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server during - TLS handshake. - format: string - type: string - subjectAltNames: - items: - format: string + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH type: string - type: array - type: object - type: object - type: object - type: array - trafficPolicy: - properties: - connectionPool: - properties: - http: - description: HTTP connection pool settings. - properties: - h2UpgradePolicy: - description: Specify if http1.1 connection should be upgraded - to http2 for the associated destination. - enum: - - DEFAULT - - DO_NOT_UPGRADE - - UPGRADE - type: string - http1MaxPendingRequests: - description: Maximum number of pending HTTP requests to - a destination. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to a backend. - format: int32 - type: integer - idleTimeout: - description: The idle timeout for upstream connection pool - connections. - type: string - maxRequestsPerConnection: - description: Maximum number of requests per connection to - a backend. - format: int32 - type: integer - maxRetries: - format: int32 - type: integer - useClientProtocol: - description: If set to true, client protocol will be preserved - while initiating connection to backend. - type: boolean - type: object - tcp: - description: Settings common to both HTTP and TCP upstream connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP connections to - a destination host. - format: int32 - type: integer - tcpKeepalive: - description: If set then set SO_KEEPALIVE on the socket - to enable TCP Keepalives. + type: object + outlierDetection: properties: - interval: - description: The time duration between keep-alive probes. + baseEjectionTime: + description: Minimum ejection duration. type: string - probes: + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + nullable: true + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host + is ejected from the connection pool. + nullable: true type: integer - time: + interval: + description: Time interval between ejection sweep analysis. type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer type: object - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer algorithms. - oneOf: - - not: - anyOf: - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp + portLevelSettings: + description: Traffic policies specific to individual ports. + items: + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection + should be upgraded to http2 for the associated + destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP + requests to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to + a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream + connection pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per + connection to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + useClientProtocol: + description: If set to true, client protocol + will be preserved while initiating connection + to backend. + type: boolean + type: object + tcp: + description: Settings common to both HTTP and + TCP upstream connections. + properties: + connectTimeout: + description: TCP connection timeout. + type: string + maxConnections: + description: Maximum number of HTTP1 /TCP + connections to a destination host. + format: int32 + type: integer + tcpKeepalive: + description: If set then set SO_KEEPALIVE + on the socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between + keep-alive probes. + type: string + probes: + type: integer + time: + type: string + type: object + type: object + type: object + loadBalancer: + description: Settings controlling the load balancer + algorithms. + oneOf: + - not: + anyOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. + properties: + name: + description: Name of the cookie. + format: string + type: string + path: + description: Path to set for the cookie. + format: string + type: string + ttl: + description: Lifetime of the cookie. + type: string + type: object + httpHeaderName: + description: Hash based on a specific HTTP + header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP + query parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute + or failover can be set.' + items: + properties: + from: + description: Originating locality, '/' + separated, e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities + to traffic distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, + this is DestinationRule-level and will override + mesh wide settings in entirety. + nullable: true + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + type: object + outlierDetection: + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host + is ejected from the connection pool. + nullable: true + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a + host is ejected from the connection pool. + nullable: true + type: integer + interval: + description: Time interval between ejection sweep + analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + type: object + port: + properties: + number: + type: integer + type: object + tls: + description: TLS related settings for connections + to the upstream service. + properties: + autoSan: + type: boolean + autoSni: + type: boolean + caCertificates: + format: string + type: string + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + credentialName: + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array + type: object + type: object + type: array + tls: + description: TLS related settings for connections to the + upstream service. properties: - name: - description: Name of the cookie. + autoSan: + type: boolean + autoSni: + type: boolean + caCertificates: format: string type: string - path: - description: Path to set for the cookie. + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. format: string type: string - ttl: - description: Lifetime of the cookie. + credentialName: + format: string type: string - type: object - httpHeaderName: - description: Hash based on a specific HTTP header. - format: string - type: string - httpQueryParameterName: - description: Hash based on a specific HTTP query parameter. - format: string - type: string - minimumRingSize: - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - localityLbSetting: - properties: - distribute: - description: 'Optional: only one of distribute or failover - can be set.' - items: - properties: - from: - description: Originating locality, '/' separated, - e.g. - format: string - type: string - to: - additionalProperties: - type: integer - description: Map of upstream localities to traffic - distribution weights. - type: object - type: object - type: array - enabled: - description: enable locality load balancing, this is DestinationRule-level - and will override mesh wide settings in entirety. - nullable: true - type: boolean - failover: - description: 'Optional: only failover or distribute can - be set.' - items: - properties: - from: - description: Originating region. - format: string - type: string - to: + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server during + TLS handshake. + format: string + type: string + subjectAltNames: + items: format: string type: string - type: object - type: array + type: array + type: object type: object - simple: - enum: - - ROUND_ROBIN - - LEAST_CONN - - RANDOM - - PASSTHROUGH - type: string - type: object - outlierDetection: - properties: - baseEjectionTime: - description: Minimum ejection duration. - type: string - consecutive5xxErrors: - description: Number of 5xx errors before a host is ejected from - the connection pool. - nullable: true - type: integer - consecutiveErrors: - format: int32 - type: integer - consecutiveGatewayErrors: - description: Number of gateway errors before a host is ejected - from the connection pool. - nullable: true - type: integer - interval: - description: Time interval between ejection sweep analysis. - type: string - maxEjectionPercent: - format: int32 - type: integer - minHealthPercent: - format: int32 - type: integer type: object - portLevelSettings: - description: Traffic policies specific to individual ports. - items: + type: array + trafficPolicy: + properties: + connectionPool: properties: - connectionPool: + http: + description: HTTP connection pool settings. + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should be upgraded + to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests to + a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + useClientProtocol: + description: If set to true, client protocol will be preserved + while initiating connection to backend. + type: boolean + type: object + tcp: + description: Settings common to both HTTP and TCP upstream + connections. properties: - http: - description: HTTP connection pool settings. + connectTimeout: + description: TCP connection timeout. + type: string + maxConnections: + description: Maximum number of HTTP1 /TCP connections + to a destination host. + format: int32 + type: integer + tcpKeepalive: + description: If set then set SO_KEEPALIVE on the socket + to enable TCP Keepalives. properties: - h2UpgradePolicy: - description: Specify if http1.1 connection should - be upgraded to http2 for the associated destination. - enum: - - DEFAULT - - DO_NOT_UPGRADE - - UPGRADE - type: string - http1MaxPendingRequests: - description: Maximum number of pending HTTP requests - to a destination. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to a backend. - format: int32 - type: integer - idleTimeout: - description: The idle timeout for upstream connection - pool connections. + interval: + description: The time duration between keep-alive + probes. type: string - maxRequestsPerConnection: - description: Maximum number of requests per connection - to a backend. - format: int32 + probes: type: integer - maxRetries: - format: int32 - type: integer - useClientProtocol: - description: If set to true, client protocol will - be preserved while initiating connection to backend. - type: boolean - type: object - tcp: - description: Settings common to both HTTP and TCP upstream - connections. - properties: - connectTimeout: - description: TCP connection timeout. + time: type: string - maxConnections: - description: Maximum number of HTTP1 /TCP connections - to a destination host. - format: int32 - type: integer - tcpKeepalive: - description: If set then set SO_KEEPALIVE on the socket - to enable TCP Keepalives. - properties: - interval: - description: The time duration between keep-alive - probes. - type: string - probes: - type: integer - time: - type: string - type: object type: object type: object - loadBalancer: - description: Settings controlling the load balancer algorithms. - oneOf: - - not: - anyOf: - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash + type: object + loadBalancer: + description: Settings controlling the load balancer algorithms. + oneOf: + - not: + anyOf: - required: - simple - properties: @@ -977,205 +734,1621 @@ spec: - httpQueryParameterName required: - consistentHash + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: properties: - consistentHash: + httpCookie: + description: Hash based on HTTP cookie. properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: Name of the cookie. - format: string - type: string - path: - description: Path to set for the cookie. - format: string - type: string - ttl: - description: Lifetime of the cookie. - type: string - type: object - httpHeaderName: - description: Hash based on a specific HTTP header. + name: + description: Name of the cookie. format: string type: string - httpQueryParameterName: - description: Hash based on a specific HTTP query parameter. + path: + description: Path to set for the cookie. format: string type: string - minimumRingSize: - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean + ttl: + description: Lifetime of the cookie. + type: string type: object - localityLbSetting: - properties: - distribute: - description: 'Optional: only one of distribute or - failover can be set.' - items: + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP query parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute or failover + can be set.' + items: + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to traffic + distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this is DestinationRule-level + and will override mesh wide settings in entirety. + nullable: true + type: boolean + failover: + description: 'Optional: only failover or distribute can + be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + type: object + outlierDetection: + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + nullable: true + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host is ejected + from the connection pool. + nullable: true + type: integer + interval: + description: Time interval between ejection sweep analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + type: object + portLevelSettings: + description: Traffic policies specific to individual ports. + items: + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests + to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + useClientProtocol: + description: If set to true, client protocol will + be preserved while initiating connection to backend. + type: boolean + type: object + tcp: + description: Settings common to both HTTP and TCP upstream + connections. + properties: + connectTimeout: + description: TCP connection timeout. + type: string + maxConnections: + description: Maximum number of HTTP1 /TCP connections + to a destination host. + format: int32 + type: integer + tcpKeepalive: + description: If set then set SO_KEEPALIVE on the + socket to enable TCP Keepalives. properties: - from: - description: Originating locality, '/' separated, - e.g. - format: string + interval: + description: The time duration between keep-alive + probes. + type: string + probes: + type: integer + time: type: string - to: - additionalProperties: - type: integer - description: Map of upstream localities to traffic - distribution weights. - type: object type: object - type: array - enabled: - description: enable locality load balancing, this - is DestinationRule-level and will override mesh - wide settings in entirety. - nullable: true - type: boolean - failover: - description: 'Optional: only failover or distribute - can be set.' - items: + type: object + type: object + loadBalancer: + description: Settings controlling the load balancer algorithms. + oneOf: + - not: + anyOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. properties: - from: - description: Originating region. + name: + description: Name of the cookie. format: string type: string - to: + path: + description: Path to set for the cookie. format: string type: string + ttl: + description: Lifetime of the cookie. + type: string type: object - type: array - type: object - simple: - enum: - - ROUND_ROBIN - - LEAST_CONN - - RANDOM - - PASSTHROUGH - type: string - type: object - outlierDetection: - properties: - baseEjectionTime: - description: Minimum ejection duration. - type: string - consecutive5xxErrors: - description: Number of 5xx errors before a host is ejected - from the connection pool. - nullable: true - type: integer - consecutiveErrors: - format: int32 - type: integer - consecutiveGatewayErrors: - description: Number of gateway errors before a host is - ejected from the connection pool. - nullable: true - type: integer - interval: - description: Time interval between ejection sweep analysis. - type: string - maxEjectionPercent: - format: int32 - type: integer - minHealthPercent: - format: int32 - type: integer - type: object - port: - properties: - number: - type: integer - type: object - tls: - description: TLS related settings for connections to the upstream - service. - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - credentialName: - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server during - TLS handshake. - format: string - type: string - subjectAltNames: - items: + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP query + parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute or + failover can be set.' + items: + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to + traffic distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this + is DestinationRule-level and will override mesh + wide settings in entirety. + nullable: true + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + type: object + outlierDetection: + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + nullable: true + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host + is ejected from the connection pool. + nullable: true + type: integer + interval: + description: Time interval between ejection sweep analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + type: object + port: + properties: + number: + type: integer + type: object + tls: + description: TLS related settings for connections to the + upstream service. + properties: + autoSan: + type: boolean + autoSni: + type: boolean + caCertificates: format: string type: string - type: array - type: object - type: object - type: array - tls: - description: TLS related settings for connections to the upstream - service. - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - credentialName: - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server during TLS - handshake. - format: string - type: string - subjectAltNames: - items: + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + credentialName: + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server during + TLS handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array + type: object + type: object + type: array + tls: + description: TLS related settings for connections to the upstream + service. + properties: + autoSan: + type: boolean + autoSni: + type: boolean + caCertificates: format: string type: string - type: array - type: object - type: object - type: object - status: - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - versions: - - name: v1alpha3 + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + credentialName: + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server during TLS + handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array + type: object + type: object + type: object + status: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object served: true storage: true - - name: v1beta1 + - additionalPrinterColumns: + - JSONPath: .spec.host + description: The name of a service from the service registry + name: Host + type: string + - JSONPath: .metadata.creationTimestamp + description: 'CreationTimestamp is a timestamp representing the server time + when this object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for + lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + properties: + spec: + description: 'Configuration affecting load balancing, outlier detection, + etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html' + properties: + exportTo: + description: A list of namespaces to which this destination rule is + exported. + items: + format: string + type: string + type: array + host: + description: The name of a service from the service registry. + format: string + type: string + subsets: + items: + properties: + labels: + additionalProperties: + format: string + type: string + type: object + name: + description: Name of the subset. + format: string + type: string + trafficPolicy: + description: Traffic policies that apply to this subset. + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests + to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + useClientProtocol: + description: If set to true, client protocol will + be preserved while initiating connection to backend. + type: boolean + type: object + tcp: + description: Settings common to both HTTP and TCP upstream + connections. + properties: + connectTimeout: + description: TCP connection timeout. + type: string + maxConnections: + description: Maximum number of HTTP1 /TCP connections + to a destination host. + format: int32 + type: integer + tcpKeepalive: + description: If set then set SO_KEEPALIVE on the + socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between keep-alive + probes. + type: string + probes: + type: integer + time: + type: string + type: object + type: object + type: object + loadBalancer: + description: Settings controlling the load balancer algorithms. + oneOf: + - not: + anyOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. + properties: + name: + description: Name of the cookie. + format: string + type: string + path: + description: Path to set for the cookie. + format: string + type: string + ttl: + description: Lifetime of the cookie. + type: string + type: object + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP query + parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute or + failover can be set.' + items: + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to + traffic distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this + is DestinationRule-level and will override mesh + wide settings in entirety. + nullable: true + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + type: object + outlierDetection: + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + nullable: true + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host + is ejected from the connection pool. + nullable: true + type: integer + interval: + description: Time interval between ejection sweep analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + type: object + portLevelSettings: + description: Traffic policies specific to individual ports. + items: + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection + should be upgraded to http2 for the associated + destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP + requests to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to + a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream + connection pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per + connection to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + useClientProtocol: + description: If set to true, client protocol + will be preserved while initiating connection + to backend. + type: boolean + type: object + tcp: + description: Settings common to both HTTP and + TCP upstream connections. + properties: + connectTimeout: + description: TCP connection timeout. + type: string + maxConnections: + description: Maximum number of HTTP1 /TCP + connections to a destination host. + format: int32 + type: integer + tcpKeepalive: + description: If set then set SO_KEEPALIVE + on the socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between + keep-alive probes. + type: string + probes: + type: integer + time: + type: string + type: object + type: object + type: object + loadBalancer: + description: Settings controlling the load balancer + algorithms. + oneOf: + - not: + anyOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. + properties: + name: + description: Name of the cookie. + format: string + type: string + path: + description: Path to set for the cookie. + format: string + type: string + ttl: + description: Lifetime of the cookie. + type: string + type: object + httpHeaderName: + description: Hash based on a specific HTTP + header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP + query parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute + or failover can be set.' + items: + properties: + from: + description: Originating locality, '/' + separated, e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities + to traffic distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, + this is DestinationRule-level and will override + mesh wide settings in entirety. + nullable: true + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + type: object + outlierDetection: + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host + is ejected from the connection pool. + nullable: true + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a + host is ejected from the connection pool. + nullable: true + type: integer + interval: + description: Time interval between ejection sweep + analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + type: object + port: + properties: + number: + type: integer + type: object + tls: + description: TLS related settings for connections + to the upstream service. + properties: + caCertificates: + format: string + type: string + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + credentialName: + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array + type: object + type: object + type: array + tls: + description: TLS related settings for connections to the + upstream service. + properties: + caCertificates: + format: string + type: string + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + credentialName: + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server during + TLS handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array + type: object + type: object + type: object + type: array + trafficPolicy: + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should be upgraded + to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests to + a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + useClientProtocol: + description: If set to true, client protocol will be preserved + while initiating connection to backend. + type: boolean + type: object + tcp: + description: Settings common to both HTTP and TCP upstream + connections. + properties: + connectTimeout: + description: TCP connection timeout. + type: string + maxConnections: + description: Maximum number of HTTP1 /TCP connections + to a destination host. + format: int32 + type: integer + tcpKeepalive: + description: If set then set SO_KEEPALIVE on the socket + to enable TCP Keepalives. + properties: + interval: + description: The time duration between keep-alive + probes. + type: string + probes: + type: integer + time: + type: string + type: object + type: object + type: object + loadBalancer: + description: Settings controlling the load balancer algorithms. + oneOf: + - not: + anyOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. + properties: + name: + description: Name of the cookie. + format: string + type: string + path: + description: Path to set for the cookie. + format: string + type: string + ttl: + description: Lifetime of the cookie. + type: string + type: object + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP query parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute or failover + can be set.' + items: + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to traffic + distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this is DestinationRule-level + and will override mesh wide settings in entirety. + nullable: true + type: boolean + failover: + description: 'Optional: only failover or distribute can + be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + type: object + outlierDetection: + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + nullable: true + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host is ejected + from the connection pool. + nullable: true + type: integer + interval: + description: Time interval between ejection sweep analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + type: object + portLevelSettings: + description: Traffic policies specific to individual ports. + items: + properties: + connectionPool: + properties: + http: + description: HTTP connection pool settings. + properties: + h2UpgradePolicy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + enum: + - DEFAULT + - DO_NOT_UPGRADE + - UPGRADE + type: string + http1MaxPendingRequests: + description: Maximum number of pending HTTP requests + to a destination. + format: int32 + type: integer + http2MaxRequests: + description: Maximum number of requests to a backend. + format: int32 + type: integer + idleTimeout: + description: The idle timeout for upstream connection + pool connections. + type: string + maxRequestsPerConnection: + description: Maximum number of requests per connection + to a backend. + format: int32 + type: integer + maxRetries: + format: int32 + type: integer + useClientProtocol: + description: If set to true, client protocol will + be preserved while initiating connection to backend. + type: boolean + type: object + tcp: + description: Settings common to both HTTP and TCP upstream + connections. + properties: + connectTimeout: + description: TCP connection timeout. + type: string + maxConnections: + description: Maximum number of HTTP1 /TCP connections + to a destination host. + format: int32 + type: integer + tcpKeepalive: + description: If set then set SO_KEEPALIVE on the + socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between keep-alive + probes. + type: string + probes: + type: integer + time: + type: string + type: object + type: object + type: object + loadBalancer: + description: Settings controlling the load balancer algorithms. + oneOf: + - not: + anyOf: + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + - required: + - simple + - properties: + consistentHash: + oneOf: + - not: + anyOf: + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + - required: + - httpHeaderName + - required: + - httpCookie + - required: + - useSourceIp + - required: + - httpQueryParameterName + required: + - consistentHash + properties: + consistentHash: + properties: + httpCookie: + description: Hash based on HTTP cookie. + properties: + name: + description: Name of the cookie. + format: string + type: string + path: + description: Path to set for the cookie. + format: string + type: string + ttl: + description: Lifetime of the cookie. + type: string + type: object + httpHeaderName: + description: Hash based on a specific HTTP header. + format: string + type: string + httpQueryParameterName: + description: Hash based on a specific HTTP query + parameter. + format: string + type: string + minimumRingSize: + type: integer + useSourceIp: + description: Hash based on the source IP address. + type: boolean + type: object + localityLbSetting: + properties: + distribute: + description: 'Optional: only one of distribute or + failover can be set.' + items: + properties: + from: + description: Originating locality, '/' separated, + e.g. + format: string + type: string + to: + additionalProperties: + type: integer + description: Map of upstream localities to + traffic distribution weights. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this + is DestinationRule-level and will override mesh + wide settings in entirety. + nullable: true + type: boolean + failover: + description: 'Optional: only failover or distribute + can be set.' + items: + properties: + from: + description: Originating region. + format: string + type: string + to: + format: string + type: string + type: object + type: array + type: object + simple: + enum: + - ROUND_ROBIN + - LEAST_CONN + - RANDOM + - PASSTHROUGH + type: string + type: object + outlierDetection: + properties: + baseEjectionTime: + description: Minimum ejection duration. + type: string + consecutive5xxErrors: + description: Number of 5xx errors before a host is ejected + from the connection pool. + nullable: true + type: integer + consecutiveErrors: + format: int32 + type: integer + consecutiveGatewayErrors: + description: Number of gateway errors before a host + is ejected from the connection pool. + nullable: true + type: integer + interval: + description: Time interval between ejection sweep analysis. + type: string + maxEjectionPercent: + format: int32 + type: integer + minHealthPercent: + format: int32 + type: integer + type: object + port: + properties: + number: + type: integer + type: object + tls: + description: TLS related settings for connections to the + upstream service. + properties: + caCertificates: + format: string + type: string + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + credentialName: + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server during + TLS handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array + type: object + type: object + type: array + tls: + description: TLS related settings for connections to the upstream + service. + properties: + caCertificates: + format: string + type: string + clientCertificate: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + credentialName: + format: string + type: string + mode: + enum: + - DISABLE + - SIMPLE + - MUTUAL + - ISTIO_MUTUAL + type: string + privateKey: + description: REQUIRED if mode is `MUTUAL`. + format: string + type: string + sni: + description: SNI string to present to the server during TLS + handshake. + format: string + type: string + subjectAltNames: + items: + format: string + type: string + type: array + type: object + type: object + type: object + status: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object served: true storage: false diff --git a/mesh/v1alpha1/istio.mesh.v1alpha1.gen.json b/mesh/v1alpha1/istio.mesh.v1alpha1.gen.json index 12e939d5ae9..52f9e370365 100644 --- a/mesh/v1alpha1/istio.mesh.v1alpha1.gen.json +++ b/mesh/v1alpha1/istio.mesh.v1alpha1.gen.json @@ -1273,6 +1273,13 @@ "description": "SNI string to present to the server during TLS handshake.", "type": "string", "format": "string" + }, + "autoSni": { + "description": "auto_sni and auto_san could automatically set the outbound SNI based on host/authority **NOTE:** auto_sni and auto_san fields are only applicable for HTTPs traffic when auto_sni field set as true, it will override the sni set above. Additional context: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-upstreamhttpprotocoloptions-auto-sni https://github.com/istio/istio/issues/27847", + "type": "boolean" + }, + "autoSan": { + "type": "boolean" } } }, diff --git a/networking/v1alpha3/destination_rule.gen.json b/networking/v1alpha3/destination_rule.gen.json index efbdacda7d2..4f48852a588 100644 --- a/networking/v1alpha3/destination_rule.gen.json +++ b/networking/v1alpha3/destination_rule.gen.json @@ -230,6 +230,13 @@ "description": "SNI string to present to the server during TLS handshake.", "type": "string", "format": "string" + }, + "autoSni": { + "description": "auto_sni and auto_san could automatically set the outbound SNI based on host/authority **NOTE:** auto_sni and auto_san fields are only applicable for HTTPs traffic when auto_sni field set as true, it will override the sni set above. Additional context: https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-upstreamhttpprotocoloptions-auto-sni https://github.com/istio/istio/issues/27847", + "type": "boolean" + }, + "autoSan": { + "type": "boolean" } } }, diff --git a/networking/v1alpha3/destination_rule.pb.go b/networking/v1alpha3/destination_rule.pb.go index 6bfd72686f1..66792a3247b 100644 --- a/networking/v1alpha3/destination_rule.pb.go +++ b/networking/v1alpha3/destination_rule.pb.go @@ -1834,7 +1834,16 @@ type ClientTLSSettings struct { // from the ServiceEntry. SubjectAltNames []string `protobuf:"bytes,5,rep,name=subject_alt_names,json=subjectAltNames,proto3" json:"subject_alt_names,omitempty"` // SNI string to present to the server during TLS handshake. - Sni string `protobuf:"bytes,6,opt,name=sni,proto3" json:"sni,omitempty"` + Sni string `protobuf:"bytes,6,opt,name=sni,proto3" json:"sni,omitempty"` + // auto_sni and auto_san could automatically set the outbound SNI + // based on host/authority + // **NOTE:** auto_sni and auto_san fields are only applicable for HTTPs traffic + // when auto_sni field set as true, it will override the sni set above. + // Additional context: + // https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-upstreamhttpprotocoloptions-auto-sni + // https://github.com/istio/istio/issues/27847 + AutoSni bool `protobuf:"varint,8,opt,name=auto_sni,json=autoSni,proto3" json:"auto_sni,omitempty"` + AutoSan bool `protobuf:"varint,9,opt,name=auto_san,json=autoSan,proto3" json:"auto_san,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -1922,6 +1931,20 @@ func (m *ClientTLSSettings) GetSni() string { return "" } +func (m *ClientTLSSettings) GetAutoSni() bool { + if m != nil { + return m.AutoSni + } + return false +} + +func (m *ClientTLSSettings) GetAutoSan() bool { + if m != nil { + return m.AutoSan + } + return false +} + // Locality-weighted load balancing allows administrators to control the // distribution of traffic to endpoints based on the localities of where the // traffic originates and where it will terminate. These localities are @@ -2207,121 +2230,123 @@ func init() { } var fileDescriptor_12899beb695152c8 = []byte{ - // 1822 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x58, 0x4f, 0x73, 0x1b, 0xb7, - 0x15, 0x17, 0xb9, 0x14, 0x25, 0x3d, 0xea, 0x0f, 0x09, 0x6b, 0x1c, 0x9a, 0xee, 0x38, 0x2a, 0xa7, - 0x33, 0x51, 0xdd, 0x78, 0x15, 0xcb, 0x71, 0x27, 0x8d, 0x9b, 0x3f, 0xa4, 0xa4, 0x98, 0xaa, 0x29, - 0x91, 0x05, 0xa9, 0x4e, 0xeb, 0x1e, 0x76, 0xc0, 0x25, 0x44, 0x22, 0x5a, 0x2e, 0x36, 0x58, 0x2c, - 0x4d, 0xf9, 0x9c, 0x63, 0x3f, 0x42, 0x3f, 0x45, 0x0f, 0xbd, 0xf7, 0xd6, 0x5b, 0x7b, 0xc9, 0x3d, - 0xe3, 0x43, 0x3f, 0x41, 0x0f, 0x9d, 0x9e, 0x3a, 0xc0, 0x62, 0xc9, 0x95, 0x25, 0x4b, 0x96, 0x55, - 0xdf, 0x80, 0xf7, 0xe7, 0x87, 0x87, 0x87, 0xdf, 0x03, 0xde, 0x2e, 0xdc, 0xf7, 0xa9, 0x7c, 0xc1, - 0xc5, 0x09, 0xf3, 0x07, 0x5b, 0xe3, 0x87, 0xc4, 0x0b, 0x86, 0xe4, 0xd1, 0x56, 0x9f, 0x86, 0x92, - 0xf9, 0x44, 0x32, 0xee, 0x3b, 0x22, 0xf2, 0xa8, 0x1d, 0x08, 0x2e, 0x39, 0xba, 0xc3, 0x42, 0xc9, - 0xb8, 0x3d, 0xf3, 0xb0, 0x13, 0x8f, 0xca, 0x87, 0x03, 0xce, 0x07, 0x1e, 0xdd, 0x22, 0x01, 0xdb, - 0x3a, 0x66, 0xd4, 0xeb, 0x3b, 0x3d, 0x3a, 0x24, 0x63, 0xc6, 0x45, 0xec, 0x5b, 0xb9, 0x67, 0x0c, - 0xf4, 0xac, 0x17, 0x1d, 0x6f, 0xf5, 0x23, 0xa1, 0x17, 0x78, 0x93, 0xfe, 0x85, 0x20, 0x41, 0x40, - 0x45, 0x68, 0xf4, 0x3f, 0xbf, 0x28, 0xce, 0x31, 0x13, 0x32, 0x22, 0x9e, 0x13, 0x52, 0x31, 0x66, - 0xae, 0x09, 0xb3, 0xb2, 0x3e, 0xe0, 0x03, 0xae, 0x87, 0x5b, 0x6a, 0x14, 0x4b, 0xab, 0x3f, 0x64, - 0x60, 0x6d, 0x77, 0xb6, 0x2f, 0x1c, 0x79, 0x14, 0x7d, 0x00, 0xb9, 0x21, 0x0f, 0x65, 0x39, 0xb3, - 0x91, 0xd9, 0x5c, 0xaa, 0x5b, 0x3f, 0xd6, 0xb2, 0x58, 0x0b, 0x50, 0x0b, 0x56, 0xa5, 0x20, 0xc7, - 0xc7, 0xcc, 0x75, 0x02, 0xee, 0x31, 0xf7, 0xb4, 0x9c, 0xdd, 0xc8, 0x6c, 0x16, 0xb6, 0x37, 0xed, - 0x37, 0xa6, 0xc0, 0xee, 0xc6, 0x0e, 0x6d, 0x6d, 0x8f, 0x57, 0x64, 0x7a, 0x8a, 0x9e, 0xc0, 0x42, - 0x18, 0xf5, 0x42, 0x2a, 0xc3, 0xb2, 0xb5, 0x61, 0x6d, 0x16, 0xb6, 0x7f, 0x7a, 0x09, 0x52, 0x47, - 0x5b, 0xe2, 0xc4, 0x03, 0xdd, 0x85, 0x25, 0x3a, 0x09, 0xb8, 0x90, 0x8e, 0xe4, 0xe5, 0xdc, 0x86, - 0xb5, 0xb9, 0x84, 0x17, 0x63, 0x41, 0x97, 0x57, 0xff, 0x95, 0x87, 0x95, 0x33, 0x4b, 0xa3, 0x2e, - 0xac, 0x78, 0x9c, 0xf4, 0x9d, 0x1e, 0xf1, 0x88, 0xef, 0x52, 0xa1, 0xb7, 0x57, 0xd8, 0xde, 0xba, - 0x64, 0xc5, 0x26, 0x27, 0xfd, 0xba, 0x31, 0xef, 0x50, 0x29, 0x99, 0x3f, 0x08, 0xf1, 0xb2, 0x97, - 0x92, 0xa2, 0xe7, 0xb0, 0xe6, 0x72, 0xdf, 0xa7, 0xae, 0x66, 0x45, 0xc0, 0xb9, 0x67, 0x72, 0xf2, - 0xf0, 0x12, 0xdc, 0x9d, 0xa9, 0x47, 0x9b, 0x73, 0x6f, 0x8a, 0xbc, 0xea, 0x9e, 0x91, 0xa3, 0xdf, - 0x43, 0x89, 0x47, 0xd2, 0x63, 0x54, 0x38, 0x7d, 0x2a, 0x63, 0x45, 0xd9, 0xd2, 0xe8, 0xbf, 0xb8, - 0x04, 0xbd, 0x15, 0xfb, 0xec, 0x26, 0x2e, 0xb8, 0xc8, 0x5f, 0x93, 0xa0, 0x2f, 0xc1, 0x92, 0x5e, - 0x58, 0xce, 0x69, 0xac, 0x8f, 0x2f, 0x8b, 0xd4, 0x63, 0xd4, 0x97, 0xdd, 0x66, 0x67, 0x1a, 0xa4, - 0x72, 0x44, 0xdf, 0xc2, 0x2d, 0x9d, 0x78, 0x8f, 0x8e, 0xa9, 0xe2, 0x59, 0xac, 0x2b, 0xcf, 0xeb, - 0x33, 0xfc, 0xfc, 0x6d, 0xd9, 0x60, 0xb7, 0xd5, 0x59, 0x9d, 0xe1, 0x47, 0x49, 0xc1, 0x36, 0x15, - 0x6a, 0xb2, 0x60, 0xe5, 0xcf, 0x16, 0x94, 0xce, 0x19, 0xa2, 0x27, 0x90, 0x53, 0xa6, 0xe6, 0x10, - 0x3f, 0xba, 0x64, 0x49, 0xe5, 0xdb, 0xa1, 0x1e, 0x75, 0x25, 0x17, 0x58, 0x3b, 0x9d, 0xa7, 0x42, - 0xf6, 0x3d, 0x51, 0xc1, 0x7a, 0xaf, 0x54, 0xc8, 0xfd, 0x1f, 0xa9, 0x30, 0xff, 0x8e, 0x54, 0xa8, - 0xfe, 0x3b, 0x03, 0xf9, 0xb8, 0x32, 0xd5, 0xbd, 0xe1, 0x93, 0x11, 0x3d, 0x73, 0x6f, 0x28, 0x01, - 0xda, 0x83, 0xbc, 0x47, 0x7a, 0xd4, 0x0b, 0xcb, 0x59, 0xcd, 0x90, 0x07, 0x57, 0x56, 0xb9, 0xdd, - 0xd4, 0xf6, 0x7b, 0xbe, 0x14, 0xa7, 0xd8, 0x38, 0x5f, 0x70, 0xfd, 0x58, 0x37, 0xba, 0x7e, 0x2a, - 0xbf, 0x82, 0x42, 0x6a, 0x1d, 0x54, 0x04, 0xeb, 0x84, 0x9e, 0xc6, 0xe1, 0x63, 0x35, 0x44, 0xeb, - 0x30, 0x3f, 0x26, 0x5e, 0x44, 0x35, 0x41, 0x96, 0x70, 0x3c, 0xf9, 0x3c, 0xfb, 0x59, 0xa6, 0xfa, - 0x8f, 0x3c, 0xac, 0x5f, 0xc4, 0x09, 0x84, 0x21, 0x1f, 0xb2, 0x51, 0xe0, 0xc5, 0x69, 0x58, 0xdd, - 0xfe, 0xec, 0x9a, 0xa4, 0xb2, 0x3b, 0xda, 0xbb, 0x59, 0x6f, 0xcc, 0x61, 0x83, 0x84, 0x4e, 0x34, - 0xb3, 0x42, 0x16, 0x4a, 0xea, 0x4b, 0x67, 0x48, 0xc2, 0xa1, 0x61, 0xec, 0xd7, 0xd7, 0x05, 0xdf, - 0x99, 0xc2, 0x34, 0x48, 0x38, 0xd4, 0x8b, 0xac, 0xba, 0x67, 0x64, 0xe8, 0x18, 0x6e, 0x79, 0xdc, - 0x25, 0x1e, 0x93, 0xa7, 0x8e, 0xd7, 0x4b, 0x8a, 0xdb, 0xa4, 0xfa, 0x97, 0x97, 0x2e, 0x18, 0x7b, - 0x5d, 0xb0, 0x30, 0x2e, 0x25, 0x90, 0xcd, 0x9e, 0x11, 0x55, 0xfe, 0x6a, 0x41, 0xf1, 0xf5, 0x70, - 0xd0, 0x7d, 0x28, 0x0e, 0xa5, 0x0c, 0x9c, 0x21, 0x25, 0x7d, 0x2a, 0x9c, 0x19, 0x9d, 0x54, 0xa0, - 0x4a, 0xd3, 0xd0, 0x8a, 0x43, 0xc5, 0x2a, 0x1f, 0x0a, 0xda, 0xd6, 0xe5, 0xfc, 0x84, 0x51, 0x93, - 0x91, 0x67, 0x37, 0xcd, 0x88, 0xdd, 0xe8, 0x76, 0xdb, 0x3b, 0x1a, 0xb2, 0x31, 0x87, 0x41, 0xad, - 0x10, 0xcf, 0xd0, 0xcf, 0x60, 0x25, 0x0a, 0xa9, 0x13, 0xf2, 0x48, 0xb8, 0xd4, 0x61, 0x81, 0x4e, - 0xc9, 0x62, 0x63, 0x0e, 0x17, 0xa2, 0x90, 0x76, 0xb4, 0x74, 0x3f, 0x40, 0x4f, 0xe0, 0x8e, 0x8e, - 0xea, 0xbb, 0x88, 0x8a, 0x53, 0x27, 0x20, 0x82, 0x8c, 0xa8, 0x4c, 0xb6, 0x32, 0x6f, 0xb6, 0x72, - 0x5b, 0x99, 0xfc, 0x56, 0x59, 0xb4, 0x13, 0x03, 0xbd, 0xa5, 0xfb, 0x50, 0x1a, 0x31, 0x9f, 0x8d, - 0xa2, 0x91, 0x23, 0x98, 0x3f, 0x70, 0x42, 0xf6, 0x92, 0xea, 0x32, 0xcf, 0xe1, 0x35, 0xa3, 0xc0, - 0xcc, 0x1f, 0x74, 0xd8, 0x4b, 0x5a, 0x39, 0x01, 0x98, 0x85, 0xfa, 0xe6, 0xda, 0x43, 0x90, 0x0b, - 0x88, 0x1c, 0x1a, 0x06, 0xeb, 0x31, 0xfa, 0x04, 0x2c, 0x29, 0x93, 0xdb, 0xe9, 0x8e, 0x1d, 0xf7, - 0x18, 0x76, 0xd2, 0x63, 0xd8, 0xbb, 0xa6, 0x07, 0x89, 0x61, 0x94, 0x69, 0x1d, 0x60, 0x51, 0xd1, - 0xce, 0x39, 0xa1, 0xa7, 0xd5, 0x06, 0x2c, 0x26, 0x1c, 0x45, 0x6b, 0x50, 0xc0, 0xad, 0xa3, 0xc3, - 0x5d, 0x07, 0xb7, 0xea, 0xfb, 0x87, 0xc5, 0x39, 0xb4, 0x0a, 0xd0, 0xdc, 0xab, 0x75, 0xba, 0xce, - 0x4e, 0xeb, 0xf0, 0xb0, 0x98, 0x41, 0x00, 0x79, 0x5c, 0x3b, 0xdc, 0x6d, 0x1d, 0x14, 0xb3, 0xca, - 0xb8, 0x5d, 0xeb, 0x74, 0xba, 0x0d, 0xdc, 0x3a, 0x7a, 0xda, 0x28, 0x5a, 0xf5, 0x02, 0x2c, 0x79, - 0x3d, 0x53, 0xcb, 0xd5, 0xbf, 0x2d, 0xc2, 0xed, 0x8b, 0x6f, 0x43, 0xd4, 0x02, 0x4b, 0xba, 0x81, - 0xb9, 0xeb, 0xbf, 0xb8, 0xf6, 0x6d, 0x6a, 0x77, 0x77, 0xda, 0xa9, 0x4b, 0xcb, 0x0d, 0x10, 0x86, - 0x9c, 0x3a, 0x01, 0xc3, 0x99, 0x2f, 0xaf, 0x8f, 0xa8, 0x32, 0x3f, 0x85, 0xd4, 0x58, 0x95, 0xff, - 0x66, 0xa1, 0x90, 0x5a, 0x08, 0x7d, 0x04, 0x6b, 0x23, 0x32, 0x71, 0x66, 0x17, 0x79, 0xa8, 0x37, - 0x30, 0x8f, 0x57, 0x47, 0x64, 0x32, 0x83, 0x0d, 0x51, 0x7d, 0xfa, 0x6e, 0x38, 0x92, 0x8d, 0x28, - 0x8f, 0xa4, 0x89, 0xeb, 0xcd, 0x27, 0x33, 0x7d, 0x1f, 0xba, 0xb1, 0x03, 0xe2, 0xb0, 0x22, 0xdd, - 0xc0, 0x39, 0xa1, 0x34, 0x20, 0x1e, 0x1b, 0x53, 0x73, 0xb6, 0xbf, 0xb9, 0x51, 0xae, 0xec, 0xae, - 0x1b, 0x3c, 0x4b, 0x10, 0xf1, 0xb2, 0x4c, 0xcd, 0x2a, 0x7f, 0xca, 0xc0, 0x72, 0x5a, 0x8d, 0x6e, - 0x43, 0x3e, 0x10, 0xbc, 0x47, 0xe3, 0x5d, 0xae, 0x60, 0x33, 0x43, 0x0f, 0x20, 0xa7, 0x76, 0x75, - 0xf5, 0x96, 0xb4, 0x19, 0x7a, 0x0c, 0x8b, 0xcc, 0x97, 0x54, 0x8c, 0xc9, 0xd5, 0xfc, 0xc4, 0x53, - 0xd3, 0xca, 0xf7, 0x39, 0x58, 0x4e, 0x9f, 0x09, 0x7a, 0x02, 0x15, 0x75, 0x2a, 0x0f, 0x1d, 0x75, - 0x06, 0x01, 0xf5, 0xfb, 0xaa, 0x9c, 0x04, 0xfd, 0x2e, 0xa2, 0xa1, 0x4c, 0x0e, 0xe2, 0x03, 0x6d, - 0x71, 0x40, 0x26, 0xed, 0x58, 0x8f, 0x8d, 0x1a, 0x7d, 0x0c, 0x48, 0xa9, 0xb6, 0xb5, 0xf3, 0xd4, - 0x29, 0xab, 0x9d, 0xf4, 0xfd, 0xb4, 0x7d, 0x40, 0x26, 0x53, 0xeb, 0x2f, 0xe0, 0x6e, 0xda, 0xce, - 0x09, 0xa8, 0x48, 0x9d, 0xba, 0xde, 0xc5, 0x3c, 0x2e, 0x8f, 0x66, 0x1e, 0x6d, 0x2a, 0x66, 0xc9, - 0x47, 0x1f, 0x42, 0x21, 0x76, 0x97, 0x82, 0xd1, 0xb8, 0x27, 0x9b, 0xc7, 0xa0, 0xcd, 0xb5, 0x04, - 0xfd, 0x1a, 0x96, 0x59, 0xdf, 0xa3, 0x53, 0x72, 0xcc, 0x5f, 0x95, 0x96, 0x82, 0x32, 0x4f, 0x98, - 0xf1, 0x12, 0x4a, 0xc3, 0x6d, 0x27, 0x0a, 0x06, 0x82, 0xf4, 0x69, 0xf2, 0x6e, 0xe6, 0xf5, 0xd3, - 0x74, 0x78, 0x33, 0xde, 0xdb, 0x8d, 0xed, 0xa3, 0x18, 0xd6, 0xbc, 0xae, 0x6b, 0xc3, 0xb3, 0x02, - 0x64, 0xc3, 0x2d, 0x75, 0x63, 0xba, 0xba, 0x73, 0x70, 0x74, 0xa0, 0x2e, 0xf7, 0xca, 0x0b, 0xea, - 0xde, 0xc4, 0xa5, 0x28, 0xa4, 0x71, 0x4f, 0xd1, 0x36, 0x8a, 0xea, 0x57, 0xb0, 0xf6, 0x1a, 0x26, - 0x2a, 0xc0, 0xc2, 0xee, 0xde, 0x37, 0xb5, 0xa3, 0x66, 0xb7, 0x38, 0x87, 0x10, 0xac, 0xee, 0xb6, - 0x9c, 0xc3, 0x56, 0xd7, 0x39, 0x6a, 0x3f, 0xc5, 0xb5, 0xdd, 0xbd, 0x62, 0x46, 0x19, 0x24, 0x93, - 0x6c, 0xf5, 0x07, 0x0b, 0x8a, 0xaf, 0xf7, 0x3c, 0xe8, 0x21, 0x20, 0xf5, 0xc4, 0x51, 0x37, 0x92, - 0x6c, 0x4c, 0x1d, 0x2a, 0x04, 0x17, 0x86, 0x02, 0xf5, 0x6c, 0x39, 0x83, 0x4b, 0x29, 0xed, 0x9e, - 0x56, 0xa2, 0xe7, 0x50, 0x49, 0xbb, 0x0c, 0x88, 0xa4, 0x2f, 0xc8, 0x69, 0xe2, 0x9a, 0xd7, 0x07, - 0xf0, 0x93, 0x73, 0x07, 0x70, 0xb4, 0xef, 0xcb, 0x47, 0xdb, 0xbf, 0x53, 0x3d, 0x02, 0x2e, 0xa7, - 0xfc, 0x9f, 0xc6, 0xee, 0x06, 0x1b, 0xc3, 0xed, 0x34, 0xf6, 0xe3, 0xc9, 0x24, 0xc1, 0x5d, 0x78, - 0x0b, 0xdc, 0xf5, 0x94, 0xef, 0xe3, 0xc9, 0xc4, 0x60, 0xa6, 0xab, 0x26, 0xfb, 0xd6, 0x55, 0x83, - 0x9e, 0x02, 0xea, 0x91, 0x90, 0x3a, 0xf4, 0x5b, 0xd3, 0xb4, 0xea, 0x4a, 0xbd, 0xb2, 0xec, 0x8a, - 0xca, 0x69, 0xcf, 0xf8, 0x28, 0x9e, 0xa1, 0x4f, 0x60, 0x5d, 0x71, 0x78, 0x8a, 0x13, 0x50, 0xe1, - 0x52, 0x5f, 0x1a, 0x32, 0xa3, 0x11, 0x99, 0x24, 0xe6, 0xed, 0x58, 0xa3, 0x4a, 0x6c, 0xc4, 0x7c, - 0xf5, 0xce, 0x7b, 0x72, 0x38, 0xb5, 0x9f, 0x8f, 0x4b, 0x6c, 0xc4, 0xfc, 0x86, 0x56, 0x18, 0xeb, - 0xea, 0xf7, 0x16, 0x94, 0xce, 0xf5, 0x9f, 0xe8, 0x00, 0x72, 0x23, 0xde, 0x4f, 0x1a, 0xad, 0x4f, - 0xaf, 0xd3, 0xbb, 0xda, 0xdd, 0x66, 0x47, 0xf9, 0x9a, 0x97, 0x52, 0x0d, 0xd1, 0x03, 0x40, 0x86, - 0xa9, 0x2e, 0x15, 0x92, 0x1d, 0x33, 0x97, 0xc8, 0xa4, 0xf3, 0x2b, 0xc5, 0x9a, 0x9d, 0x99, 0x42, - 0xd5, 0x6d, 0x20, 0xd8, 0x98, 0x48, 0xaa, 0x5e, 0x45, 0x9d, 0xb5, 0x25, 0x0c, 0x46, 0xf4, 0x8c, - 0x9e, 0xaa, 0x07, 0xc0, 0x25, 0x69, 0xac, 0xb8, 0xb8, 0x97, 0xf0, 0xaa, 0x4b, 0x52, 0x40, 0xfa, - 0xa5, 0x70, 0x05, 0xed, 0x53, 0x5f, 0x32, 0xe2, 0xc5, 0x8d, 0xc2, 0x82, 0x31, 0x9c, 0x8a, 0x93, - 0xf6, 0x20, 0x8c, 0x7a, 0x2a, 0x93, 0x0e, 0xf1, 0xa4, 0xb6, 0x8c, 0x3f, 0xba, 0x96, 0xf0, 0x9a, - 0x51, 0xd4, 0x3c, 0xa9, 0x4c, 0x43, 0xd5, 0xcc, 0x86, 0x3e, 0xd3, 0x5c, 0x5d, 0xc2, 0x6a, 0x58, - 0xfd, 0x1a, 0x16, 0xcc, 0xae, 0x75, 0x55, 0xed, 0x77, 0x6a, 0xf5, 0xe6, 0x5e, 0x71, 0x4e, 0x3d, - 0xd1, 0x9d, 0xfd, 0x83, 0x76, 0x73, 0x2f, 0x7e, 0xae, 0x0f, 0x8e, 0xba, 0x47, 0xb5, 0x66, 0x31, - 0x8b, 0x8a, 0xb0, 0xbc, 0xdf, 0xe9, 0xee, 0xb7, 0x1c, 0x23, 0xb1, 0xaa, 0xff, 0xb1, 0xe0, 0xee, - 0x25, 0x5d, 0x1e, 0x22, 0x00, 0x7d, 0x16, 0x4a, 0xc1, 0x7a, 0x91, 0x54, 0xc7, 0xa2, 0x7a, 0xfd, - 0xda, 0xbb, 0x75, 0x8c, 0xf6, 0xee, 0x14, 0x08, 0xa7, 0x40, 0xd1, 0x1f, 0x61, 0xf1, 0x98, 0x30, - 0x8f, 0x8f, 0xf5, 0x57, 0x9b, 0x5a, 0xe0, 0xab, 0x77, 0x5c, 0xe0, 0x1b, 0x03, 0x83, 0xa7, 0x80, - 0xe8, 0x53, 0x58, 0xa0, 0x3e, 0xe9, 0x79, 0xb4, 0x6f, 0x8a, 0xa0, 0x72, 0xae, 0x08, 0xea, 0x9c, - 0x7b, 0x71, 0x25, 0x26, 0xa6, 0x95, 0xbf, 0x64, 0x00, 0x66, 0xd1, 0xaa, 0x86, 0xeb, 0x58, 0xf0, - 0x91, 0xf9, 0x8c, 0xd0, 0x63, 0xf4, 0x07, 0xc8, 0x4a, 0x6e, 0xe2, 0xdd, 0xbf, 0x71, 0x42, 0xec, - 0x2e, 0x8f, 0x3f, 0x8c, 0xb2, 0x92, 0x57, 0x1e, 0xc3, 0x82, 0x99, 0x5e, 0xf5, 0xfd, 0xb2, 0x92, - 0xfa, 0x7e, 0xa9, 0xd8, 0xb0, 0x98, 0x24, 0xe0, 0xc2, 0x88, 0x57, 0x4d, 0xc4, 0x4a, 0x92, 0x95, - 0xbc, 0x6e, 0xff, 0xfd, 0xd5, 0xbd, 0xcc, 0x3f, 0x5f, 0xdd, 0xcb, 0xfc, 0xf8, 0xea, 0x5e, 0xe6, - 0xf9, 0x46, 0xbc, 0x05, 0xc6, 0xf5, 0x9f, 0xad, 0x0b, 0xfe, 0x41, 0xf5, 0xf2, 0x3a, 0x63, 0x8f, - 0xfe, 0x17, 0x00, 0x00, 0xff, 0xff, 0x19, 0x48, 0xb3, 0x26, 0x49, 0x13, 0x00, 0x00, + // 1846 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x58, 0x4b, 0x73, 0x1b, 0xb9, + 0x11, 0x16, 0x1f, 0xa2, 0xc8, 0xa6, 0x1e, 0x24, 0xac, 0xf2, 0xd2, 0x74, 0xca, 0xab, 0xb0, 0x52, + 0xb5, 0x8a, 0xb3, 0x1e, 0xad, 0xe5, 0x75, 0x6a, 0xb3, 0xce, 0x3e, 0x48, 0x49, 0x6b, 0x2a, 0xa6, + 0x44, 0x06, 0xa4, 0x52, 0x89, 0x73, 0x98, 0x02, 0x87, 0x10, 0x89, 0xd5, 0x70, 0x30, 0x8b, 0xc1, + 0xd0, 0x94, 0xcf, 0x39, 0xe6, 0x27, 0xe4, 0x57, 0xe4, 0x90, 0x43, 0x6e, 0xb9, 0xe5, 0x96, 0x5c, + 0xf6, 0xbe, 0xe5, 0x43, 0x7e, 0x41, 0x0e, 0xa9, 0x9c, 0x52, 0xc0, 0x60, 0xc8, 0x91, 0x25, 0x4b, + 0x96, 0x15, 0xdf, 0x06, 0xfd, 0xf8, 0xd0, 0x68, 0x7c, 0x0d, 0x34, 0x06, 0xee, 0x7b, 0x54, 0xbe, + 0xe0, 0xe2, 0x84, 0x79, 0xc3, 0xad, 0xc9, 0x43, 0xe2, 0xfa, 0x23, 0xf2, 0x68, 0x6b, 0x40, 0x03, + 0xc9, 0x3c, 0x22, 0x19, 0xf7, 0x6c, 0x11, 0xba, 0xd4, 0xf2, 0x05, 0x97, 0x1c, 0xdd, 0x61, 0x81, + 0x64, 0xdc, 0x9a, 0x7b, 0x58, 0xb1, 0x47, 0xf5, 0xc3, 0x21, 0xe7, 0x43, 0x97, 0x6e, 0x11, 0x9f, + 0x6d, 0x1d, 0x33, 0xea, 0x0e, 0xec, 0x3e, 0x1d, 0x91, 0x09, 0xe3, 0x22, 0xf2, 0xad, 0xde, 0x33, + 0x06, 0x7a, 0xd4, 0x0f, 0x8f, 0xb7, 0x06, 0xa1, 0xd0, 0x13, 0xbc, 0x49, 0xff, 0x42, 0x10, 0xdf, + 0xa7, 0x22, 0x30, 0xfa, 0x9f, 0x5e, 0x14, 0xe7, 0x84, 0x09, 0x19, 0x12, 0xd7, 0x0e, 0xa8, 0x98, + 0x30, 0xc7, 0x84, 0x59, 0x5d, 0x1f, 0xf2, 0x21, 0xd7, 0x9f, 0x5b, 0xea, 0x2b, 0x92, 0xd6, 0xbe, + 0x4f, 0xc1, 0xda, 0xee, 0x7c, 0x5d, 0x38, 0x74, 0x29, 0xfa, 0x00, 0xb2, 0x23, 0x1e, 0xc8, 0x4a, + 0x6a, 0x23, 0xb5, 0x59, 0x68, 0x64, 0x7e, 0xa8, 0xa7, 0xb1, 0x16, 0xa0, 0x36, 0xac, 0x4a, 0x41, + 0x8e, 0x8f, 0x99, 0x63, 0xfb, 0xdc, 0x65, 0xce, 0x69, 0x25, 0xbd, 0x91, 0xda, 0x2c, 0x6e, 0x6f, + 0x5a, 0x6f, 0x4c, 0x81, 0xd5, 0x8b, 0x1c, 0x3a, 0xda, 0x1e, 0xaf, 0xc8, 0xe4, 0x10, 0x3d, 0x81, + 0xa5, 0x20, 0xec, 0x07, 0x54, 0x06, 0x95, 0xcc, 0x46, 0x66, 0xb3, 0xb8, 0xfd, 0xe3, 0x4b, 0x90, + 0xba, 0xda, 0x12, 0xc7, 0x1e, 0xe8, 0x2e, 0x14, 0xe8, 0xd4, 0xe7, 0x42, 0xda, 0x92, 0x57, 0xb2, + 0x1b, 0x99, 0xcd, 0x02, 0xce, 0x47, 0x82, 0x1e, 0xaf, 0xfd, 0x2b, 0x07, 0x2b, 0x67, 0xa6, 0x46, + 0x3d, 0x58, 0x71, 0x39, 0x19, 0xd8, 0x7d, 0xe2, 0x12, 0xcf, 0xa1, 0x42, 0x2f, 0xaf, 0xb8, 0xbd, + 0x75, 0xc9, 0x8c, 0x2d, 0x4e, 0x06, 0x0d, 0x63, 0xde, 0xa5, 0x52, 0x32, 0x6f, 0x18, 0xe0, 0x65, + 0x37, 0x21, 0x45, 0xcf, 0x61, 0xcd, 0xe1, 0x9e, 0x47, 0x1d, 0xcd, 0x0a, 0x9f, 0x73, 0xd7, 0xe4, + 0xe4, 0xe1, 0x25, 0xb8, 0x3b, 0x33, 0x8f, 0x0e, 0xe7, 0xee, 0x0c, 0x79, 0xd5, 0x39, 0x23, 0x47, + 0xbf, 0x85, 0x32, 0x0f, 0xa5, 0xcb, 0xa8, 0xb0, 0x07, 0x54, 0x46, 0x8a, 0x4a, 0x46, 0xa3, 0xff, + 0xec, 0x12, 0xf4, 0x76, 0xe4, 0xb3, 0x1b, 0xbb, 0xe0, 0x12, 0x7f, 0x4d, 0x82, 0xbe, 0x84, 0x8c, + 0x74, 0x83, 0x4a, 0x56, 0x63, 0x7d, 0x7c, 0x59, 0xa4, 0x2e, 0xa3, 0x9e, 0xec, 0xb5, 0xba, 0xb3, + 0x20, 0x95, 0x23, 0xfa, 0x16, 0x6e, 0xe9, 0xc4, 0xbb, 0x74, 0x42, 0x15, 0xcf, 0x22, 0x5d, 0x65, + 0x51, 0xef, 0xe1, 0xe7, 0x6f, 0xcb, 0x06, 0xab, 0xa3, 0xf6, 0xea, 0x0c, 0x3f, 0xca, 0x0a, 0xb6, + 0xa5, 0x50, 0xe3, 0x09, 0xab, 0x7f, 0xca, 0x40, 0xf9, 0x9c, 0x21, 0x7a, 0x02, 0x59, 0x65, 0x6a, + 0x36, 0xf1, 0xa3, 0x4b, 0xa6, 0x54, 0xbe, 0x5d, 0xea, 0x52, 0x47, 0x72, 0x81, 0xb5, 0xd3, 0x79, + 0x2a, 0xa4, 0xdf, 0x13, 0x15, 0x32, 0xef, 0x95, 0x0a, 0xd9, 0xff, 0x23, 0x15, 0x16, 0xdf, 0x91, + 0x0a, 0xb5, 0x7f, 0xa7, 0x20, 0x17, 0x55, 0xa6, 0x3a, 0x37, 0x3c, 0x32, 0xa6, 0x67, 0xce, 0x0d, + 0x25, 0x40, 0x7b, 0x90, 0x73, 0x49, 0x9f, 0xba, 0x41, 0x25, 0xad, 0x19, 0xf2, 0xe0, 0xca, 0x2a, + 0xb7, 0x5a, 0xda, 0x7e, 0xcf, 0x93, 0xe2, 0x14, 0x1b, 0xe7, 0x0b, 0x8e, 0x9f, 0xcc, 0x8d, 0x8e, + 0x9f, 0xea, 0x2f, 0xa0, 0x98, 0x98, 0x07, 0x95, 0x20, 0x73, 0x42, 0x4f, 0xa3, 0xf0, 0xb1, 0xfa, + 0x44, 0xeb, 0xb0, 0x38, 0x21, 0x6e, 0x48, 0x35, 0x41, 0x0a, 0x38, 0x1a, 0x7c, 0x9e, 0xfe, 0x2c, + 0x55, 0xfb, 0x47, 0x0e, 0xd6, 0x2f, 0xe2, 0x04, 0xc2, 0x90, 0x0b, 0xd8, 0xd8, 0x77, 0xa3, 0x34, + 0xac, 0x6e, 0x7f, 0x76, 0x4d, 0x52, 0x59, 0x5d, 0xed, 0xdd, 0x6a, 0x34, 0x17, 0xb0, 0x41, 0x42, + 0x27, 0x9a, 0x59, 0x01, 0x0b, 0x24, 0xf5, 0xa4, 0x3d, 0x22, 0xc1, 0xc8, 0x30, 0xf6, 0xeb, 0xeb, + 0x82, 0xef, 0xcc, 0x60, 0x9a, 0x24, 0x18, 0xe9, 0x49, 0x56, 0x9d, 0x33, 0x32, 0x74, 0x0c, 0xb7, + 0x5c, 0xee, 0x10, 0x97, 0xc9, 0x53, 0xdb, 0xed, 0xc7, 0xc5, 0x6d, 0x52, 0xfd, 0xf3, 0x4b, 0x27, + 0x8c, 0xbc, 0x2e, 0x98, 0x18, 0x97, 0x63, 0xc8, 0x56, 0xdf, 0x88, 0xaa, 0x7f, 0xc9, 0x40, 0xe9, + 0xf5, 0x70, 0xd0, 0x7d, 0x28, 0x8d, 0xa4, 0xf4, 0xed, 0x11, 0x25, 0x03, 0x2a, 0xec, 0x39, 0x9d, + 0x54, 0xa0, 0x4a, 0xd3, 0xd4, 0x8a, 0x43, 0xc5, 0x2a, 0x0f, 0x8a, 0xda, 0xd6, 0xe1, 0xfc, 0x84, + 0x51, 0x93, 0x91, 0x67, 0x37, 0xcd, 0x88, 0xd5, 0xec, 0xf5, 0x3a, 0x3b, 0x1a, 0xb2, 0xb9, 0x80, + 0x41, 0xcd, 0x10, 0x8d, 0xd0, 0x4f, 0x60, 0x25, 0x0c, 0xa8, 0x1d, 0xf0, 0x50, 0x38, 0xd4, 0x66, + 0xbe, 0x4e, 0x49, 0xbe, 0xb9, 0x80, 0x8b, 0x61, 0x40, 0xbb, 0x5a, 0xba, 0xef, 0xa3, 0x27, 0x70, + 0x47, 0x47, 0xf5, 0x5d, 0x48, 0xc5, 0xa9, 0xed, 0x13, 0x41, 0xc6, 0x54, 0xc6, 0x4b, 0x59, 0x34, + 0x4b, 0xb9, 0xad, 0x4c, 0x7e, 0xad, 0x2c, 0x3a, 0xb1, 0x81, 0x5e, 0xd2, 0x7d, 0x28, 0x8f, 0x99, + 0xc7, 0xc6, 0xe1, 0xd8, 0x16, 0xcc, 0x1b, 0xda, 0x01, 0x7b, 0x49, 0x75, 0x99, 0x67, 0xf1, 0x9a, + 0x51, 0x60, 0xe6, 0x0d, 0xbb, 0xec, 0x25, 0xad, 0x9e, 0x00, 0xcc, 0x43, 0x7d, 0x73, 0xed, 0x21, + 0xc8, 0xfa, 0x44, 0x8e, 0x0c, 0x83, 0xf5, 0x37, 0xfa, 0x04, 0x32, 0x52, 0xc6, 0xa7, 0xd3, 0x1d, + 0x2b, 0xea, 0x31, 0xac, 0xb8, 0xc7, 0xb0, 0x76, 0x4d, 0x0f, 0x12, 0xc1, 0x28, 0xd3, 0x06, 0x40, + 0x5e, 0xd1, 0xce, 0x3e, 0xa1, 0xa7, 0xb5, 0x26, 0xe4, 0x63, 0x8e, 0xa2, 0x35, 0x28, 0xe2, 0xf6, + 0xd1, 0xe1, 0xae, 0x8d, 0xdb, 0x8d, 0xfd, 0xc3, 0xd2, 0x02, 0x5a, 0x05, 0x68, 0xed, 0xd5, 0xbb, + 0x3d, 0x7b, 0xa7, 0x7d, 0x78, 0x58, 0x4a, 0x21, 0x80, 0x1c, 0xae, 0x1f, 0xee, 0xb6, 0x0f, 0x4a, + 0x69, 0x65, 0xdc, 0xa9, 0x77, 0xbb, 0xbd, 0x26, 0x6e, 0x1f, 0x3d, 0x6d, 0x96, 0x32, 0x8d, 0x22, + 0x14, 0xdc, 0xbe, 0xa9, 0xe5, 0xda, 0xdf, 0xf2, 0x70, 0xfb, 0xe2, 0xd3, 0x10, 0xb5, 0x21, 0x23, + 0x1d, 0xdf, 0x9c, 0xf5, 0x5f, 0x5c, 0xfb, 0x34, 0xb5, 0x7a, 0x3b, 0x9d, 0xc4, 0xa1, 0xe5, 0xf8, + 0x08, 0x43, 0x56, 0xed, 0x80, 0xe1, 0xcc, 0x97, 0xd7, 0x47, 0x54, 0x99, 0x9f, 0x41, 0x6a, 0xac, + 0xea, 0x7f, 0xd3, 0x50, 0x4c, 0x4c, 0x84, 0x3e, 0x82, 0xb5, 0x31, 0x99, 0xda, 0xf3, 0x83, 0x3c, + 0xd0, 0x0b, 0x58, 0xc4, 0xab, 0x63, 0x32, 0x9d, 0xc3, 0x06, 0xa8, 0x31, 0xbb, 0x37, 0x6c, 0xc9, + 0xc6, 0x94, 0x87, 0xd2, 0xc4, 0xf5, 0xe6, 0x9d, 0x99, 0xdd, 0x0f, 0xbd, 0xc8, 0x01, 0x71, 0x58, + 0x91, 0x8e, 0x6f, 0x9f, 0x50, 0xea, 0x13, 0x97, 0x4d, 0xa8, 0xd9, 0xdb, 0x5f, 0xdd, 0x28, 0x57, + 0x56, 0xcf, 0xf1, 0x9f, 0xc5, 0x88, 0x78, 0x59, 0x26, 0x46, 0xd5, 0x3f, 0xa6, 0x60, 0x39, 0xa9, + 0x46, 0xb7, 0x21, 0xe7, 0x0b, 0xde, 0xa7, 0xd1, 0x2a, 0x57, 0xb0, 0x19, 0xa1, 0x07, 0x90, 0x55, + 0xab, 0xba, 0x7a, 0x49, 0xda, 0x0c, 0x3d, 0x86, 0x3c, 0xf3, 0x24, 0x15, 0x13, 0x72, 0x35, 0x3f, + 0xf1, 0xcc, 0xb4, 0xfa, 0x87, 0x2c, 0x2c, 0x27, 0xf7, 0x04, 0x3d, 0x81, 0xaa, 0xda, 0x95, 0x87, + 0xb6, 0xda, 0x03, 0x9f, 0x7a, 0x03, 0x55, 0x4e, 0x82, 0x7e, 0x17, 0xd2, 0x40, 0xc6, 0x1b, 0xf1, + 0x81, 0xb6, 0x38, 0x20, 0xd3, 0x4e, 0xa4, 0xc7, 0x46, 0x8d, 0x3e, 0x06, 0xa4, 0x54, 0xdb, 0xda, + 0x79, 0xe6, 0x94, 0xd6, 0x4e, 0xfa, 0x7c, 0xda, 0x3e, 0x20, 0xd3, 0x99, 0xf5, 0x17, 0x70, 0x37, + 0x69, 0x67, 0xfb, 0x54, 0x24, 0x76, 0x5d, 0xaf, 0x62, 0x11, 0x57, 0xc6, 0x73, 0x8f, 0x0e, 0x15, + 0xf3, 0xe4, 0xa3, 0x0f, 0xa1, 0x18, 0xb9, 0x4b, 0xc1, 0x68, 0xd4, 0x93, 0x2d, 0x62, 0xd0, 0xe6, + 0x5a, 0x82, 0x7e, 0x09, 0xcb, 0x6c, 0xe0, 0xd2, 0x19, 0x39, 0x16, 0xaf, 0x4a, 0x4b, 0x51, 0x99, + 0xc7, 0xcc, 0x78, 0x09, 0xe5, 0xd1, 0xb6, 0x1d, 0xfa, 0x43, 0x41, 0x06, 0x34, 0xbe, 0x37, 0x73, + 0xfa, 0x6a, 0x3a, 0xbc, 0x19, 0xef, 0xad, 0xe6, 0xf6, 0x51, 0x04, 0x6b, 0x6e, 0xd7, 0xb5, 0xd1, + 0x59, 0x01, 0xb2, 0xe0, 0x96, 0x3a, 0x31, 0x1d, 0xdd, 0x39, 0xd8, 0x3a, 0x50, 0x87, 0xbb, 0x95, + 0x25, 0x75, 0x6e, 0xe2, 0x72, 0x18, 0xd0, 0xa8, 0xa7, 0xe8, 0x18, 0x45, 0xed, 0x2b, 0x58, 0x7b, + 0x0d, 0x13, 0x15, 0x61, 0x69, 0x77, 0xef, 0x9b, 0xfa, 0x51, 0xab, 0x57, 0x5a, 0x40, 0x08, 0x56, + 0x77, 0xdb, 0xf6, 0x61, 0xbb, 0x67, 0x1f, 0x75, 0x9e, 0xe2, 0xfa, 0xee, 0x5e, 0x29, 0xa5, 0x0c, + 0xe2, 0x41, 0xba, 0xf6, 0x7d, 0x06, 0x4a, 0xaf, 0xf7, 0x3c, 0xe8, 0x21, 0x20, 0x75, 0xc5, 0x51, + 0x27, 0x94, 0x6c, 0x42, 0x6d, 0x2a, 0x04, 0x17, 0x86, 0x02, 0x8d, 0x74, 0x25, 0x85, 0xcb, 0x09, + 0xed, 0x9e, 0x56, 0xa2, 0xe7, 0x50, 0x4d, 0xba, 0x0c, 0x89, 0xa4, 0x2f, 0xc8, 0x69, 0xec, 0x9a, + 0xd3, 0x1b, 0xf0, 0xa3, 0x73, 0x1b, 0x70, 0xb4, 0xef, 0xc9, 0x47, 0xdb, 0xbf, 0x51, 0x3d, 0x02, + 0xae, 0x24, 0xfc, 0x9f, 0x46, 0xee, 0x06, 0x1b, 0xc3, 0xed, 0x24, 0xf6, 0xe3, 0xe9, 0x34, 0xc6, + 0x5d, 0x7a, 0x0b, 0xdc, 0xf5, 0x84, 0xef, 0xe3, 0xe9, 0xd4, 0x60, 0x26, 0xab, 0x26, 0xfd, 0xd6, + 0x55, 0x83, 0x9e, 0x02, 0xea, 0x93, 0x80, 0xda, 0xf4, 0x5b, 0xd3, 0xb4, 0xea, 0x4a, 0xbd, 0xb2, + 0xec, 0x4a, 0xca, 0x69, 0xcf, 0xf8, 0x28, 0x9e, 0xa1, 0x4f, 0x60, 0x5d, 0x71, 0x78, 0x86, 0xe3, + 0x53, 0xe1, 0x50, 0x4f, 0x1a, 0x32, 0xa3, 0x31, 0x99, 0xc6, 0xe6, 0x9d, 0x48, 0xa3, 0x4a, 0x6c, + 0xcc, 0x3c, 0x75, 0xcf, 0xbb, 0x72, 0x34, 0xb3, 0x5f, 0x8c, 0x4a, 0x6c, 0xcc, 0xbc, 0xa6, 0x56, + 0x18, 0xeb, 0xda, 0x5f, 0x33, 0x50, 0x3e, 0xd7, 0x7f, 0xa2, 0x03, 0xc8, 0x8e, 0xf9, 0x20, 0x6e, + 0xb4, 0x3e, 0xbd, 0x4e, 0xef, 0x6a, 0xf5, 0x5a, 0x5d, 0xe5, 0x6b, 0x6e, 0x4a, 0xf5, 0x89, 0x1e, + 0x00, 0x32, 0x4c, 0x75, 0xa8, 0x90, 0xec, 0x98, 0x39, 0x44, 0xc6, 0x9d, 0x5f, 0x39, 0xd2, 0xec, + 0xcc, 0x15, 0xaa, 0x6e, 0x7d, 0xc1, 0x26, 0x44, 0x52, 0x75, 0x2b, 0xea, 0xac, 0x15, 0x30, 0x18, + 0xd1, 0x33, 0x7a, 0xaa, 0x2e, 0x00, 0x87, 0x24, 0xb1, 0xa2, 0xe2, 0x2e, 0xe0, 0x55, 0x87, 0x24, + 0x80, 0xf4, 0x4d, 0xe1, 0x08, 0x3a, 0xa0, 0x9e, 0x64, 0xc4, 0x8d, 0x1a, 0x85, 0x25, 0x63, 0x38, + 0x13, 0xc7, 0xed, 0x41, 0x10, 0xf6, 0x55, 0x26, 0x6d, 0xe2, 0x4a, 0x6d, 0x19, 0x3d, 0xba, 0x0a, + 0x78, 0xcd, 0x28, 0xea, 0xae, 0x54, 0xa6, 0x81, 0x6a, 0x66, 0x03, 0x8f, 0x69, 0xae, 0x16, 0xb0, + 0xfa, 0x44, 0x77, 0x20, 0x4f, 0x42, 0xc9, 0x6d, 0x25, 0xce, 0xeb, 0x12, 0x5c, 0x52, 0xe3, 0x6e, + 0x52, 0x45, 0xbc, 0x4a, 0x21, 0xa1, 0x22, 0x5e, 0xed, 0x6b, 0x58, 0x32, 0xb9, 0xd2, 0xb5, 0xb8, + 0xdf, 0xad, 0x37, 0x5a, 0x7b, 0xa5, 0x05, 0x75, 0xb1, 0x77, 0xf7, 0x0f, 0x3a, 0xad, 0xbd, 0xe8, + 0x92, 0x3f, 0x38, 0xea, 0x1d, 0xd5, 0x5b, 0xa5, 0x34, 0x2a, 0xc1, 0xf2, 0x7e, 0xb7, 0xb7, 0xdf, + 0xb6, 0x8d, 0x24, 0x53, 0xfb, 0x4f, 0x06, 0xee, 0x5e, 0xd2, 0x1b, 0x22, 0x02, 0x30, 0x60, 0x81, + 0x14, 0xac, 0x1f, 0x4a, 0xb5, 0x99, 0xea, 0x85, 0x50, 0x7f, 0xb7, 0x3e, 0xd3, 0xda, 0x9d, 0x01, + 0xe1, 0x04, 0x28, 0xfa, 0x3d, 0xe4, 0x8f, 0x09, 0x73, 0xf9, 0x44, 0xbf, 0xf5, 0xd4, 0x04, 0x5f, + 0xbd, 0xe3, 0x04, 0xdf, 0x18, 0x18, 0x3c, 0x03, 0x44, 0x9f, 0xc2, 0x12, 0xf5, 0x48, 0xdf, 0xa5, + 0x03, 0x53, 0x3a, 0xd5, 0x73, 0xa5, 0xd3, 0xe0, 0xdc, 0x8d, 0xea, 0x37, 0x36, 0xad, 0xfe, 0x39, + 0x05, 0x30, 0x8f, 0x56, 0xb5, 0x69, 0xc7, 0x82, 0x8f, 0xcd, 0xe3, 0x43, 0x7f, 0xa3, 0xdf, 0x41, + 0x5a, 0x72, 0x13, 0xef, 0xfe, 0x8d, 0x13, 0x62, 0xf5, 0x78, 0xf4, 0x9c, 0x4a, 0x4b, 0x5e, 0x7d, + 0x0c, 0x4b, 0x66, 0x78, 0xd5, 0xab, 0x67, 0x25, 0xf1, 0xea, 0xa9, 0x5a, 0x90, 0x8f, 0x13, 0x70, + 0x61, 0xc4, 0xab, 0x26, 0x62, 0x25, 0x49, 0x4b, 0xde, 0xb0, 0xfe, 0xfe, 0xea, 0x5e, 0xea, 0x9f, + 0xaf, 0xee, 0xa5, 0x7e, 0x78, 0x75, 0x2f, 0xf5, 0x7c, 0x23, 0x5a, 0x02, 0xe3, 0xfa, 0x7f, 0xd8, + 0x05, 0x7f, 0xae, 0xfa, 0x39, 0x9d, 0xb1, 0x47, 0xff, 0x0b, 0x00, 0x00, 0xff, 0xff, 0xfd, 0x46, + 0x50, 0xb8, 0x7f, 0x13, 0x00, 0x00, } func (m *DestinationRule) Marshal() (dAtA []byte, err error) { @@ -3220,6 +3245,26 @@ func (m *ClientTLSSettings) MarshalToSizedBuffer(dAtA []byte) (int, error) { i -= len(m.XXX_unrecognized) copy(dAtA[i:], m.XXX_unrecognized) } + if m.AutoSan { + i-- + if m.AutoSan { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i-- + dAtA[i] = 0x48 + } + if m.AutoSni { + i-- + if m.AutoSni { + dAtA[i] = 1 + } else { + dAtA[i] = 0 + } + i-- + dAtA[i] = 0x40 + } if len(m.CredentialName) > 0 { i -= len(m.CredentialName) copy(dAtA[i:], m.CredentialName) @@ -3863,6 +3908,12 @@ func (m *ClientTLSSettings) Size() (n int) { if l > 0 { n += 1 + l + sovDestinationRule(uint64(l)) } + if m.AutoSni { + n += 2 + } + if m.AutoSan { + n += 2 + } if m.XXX_unrecognized != nil { n += len(m.XXX_unrecognized) } @@ -6458,6 +6509,46 @@ func (m *ClientTLSSettings) Unmarshal(dAtA []byte) error { } m.CredentialName = string(dAtA[iNdEx:postIndex]) iNdEx = postIndex + case 8: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field AutoSni", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowDestinationRule + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + m.AutoSni = bool(v != 0) + case 9: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field AutoSan", wireType) + } + var v int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowDestinationRule + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + v |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + m.AutoSan = bool(v != 0) default: iNdEx = preIndex skippy, err := skipDestinationRule(dAtA[iNdEx:]) diff --git a/networking/v1alpha3/destination_rule.pb.html b/networking/v1alpha3/destination_rule.pb.html index e9c3dd38ea5..087909a7866 100644 --- a/networking/v1alpha3/destination_rule.pb.html +++ b/networking/v1alpha3/destination_rule.pb.html @@ -1060,6 +1060,32 @@

ClientTLSSettings

SNI string to present to the server during TLS handshake.

+ + +No + + + +autoSni +bool + +

autosni and autosan could automatically set the outbound SNI +based on host/authority +NOTE: autosni and autosan fields are only applicable for HTTPs traffic +when auto_sni field set as true, it will override the sni set above. +Additional context: +https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-upstreamhttpprotocoloptions-auto-sni +https://github.com/istio/istio/issues/27847

+ + + +No + + + +autoSan +bool + No diff --git a/networking/v1alpha3/destination_rule.proto b/networking/v1alpha3/destination_rule.proto index 0e47d736f34..a8678f77433 100644 --- a/networking/v1alpha3/destination_rule.proto +++ b/networking/v1alpha3/destination_rule.proto @@ -952,6 +952,15 @@ message ClientTLSSettings { // SNI string to present to the server during TLS handshake. string sni = 6; + // auto_sni and auto_san could automatically set the outbound SNI + // based on host/authority + // **NOTE:** auto_sni and auto_san fields are only applicable for HTTPs traffic + // when auto_sni field set as true, it will override the sni set above. + // Additional context: + // https://www.envoyproxy.io/docs/envoy/latest/api-v3/config/core/v3/protocol.proto#envoy-v3-api-field-config-core-v3-upstreamhttpprotocoloptions-auto-sni + // https://github.com/istio/istio/issues/27847 + bool auto_sni = 8; + bool auto_san = 9; } // Locality-weighted load balancing allows administrators to control the diff --git a/proto.lock b/proto.lock index a138dcf9ea0..ffc8c4e2ac3 100644 --- a/proto.lock +++ b/proto.lock @@ -36038,28 +36038,6 @@ "name": "ingress_selector", "type": "string" }, - { - "id": 10, - "name": "auth_policy", - "type": "AuthPolicy", - "options": [ - { - "name": "deprecated", - "value": "true" - } - ] - }, - { - "id": 11, - "name": "rds_refresh_delay", - "type": "google.protobuf.Duration", - "options": [ - { - "name": "deprecated", - "value": "true" - } - ] - }, { "id": 12, "name": "enable_tracing", @@ -36216,6 +36194,8 @@ 48, 25, 30, + 10, + 11, 15, 16, 18, @@ -36224,10 +36204,10 @@ 21, 23, 29, + 53, 37, 38, - 39, - 53 + 39 ], "reserved_names": [ "mixer_check_server", @@ -36236,16 +36216,18 @@ "disable_mixer_http_reports", "policy_check_fail_open", "sidecar_to_telemetry_session_affinity", + "auth_policy", + "rds_refresh_delay", "mixer_address", "enable_client_side_policy_check", "sds_uds_path", "sds_refresh_delay", "enable_sds_token_mount", "sds_use_k8s_sa_jwt", + "termination_drain_duration", "disable_report_batch", "report_batch_max_entries", - "report_batch_max_time", - "termination_drain_duration" + "report_batch_max_time" ], "messages": [ { @@ -37084,6 +37066,11 @@ "id": 32, "name": "proxy_stats_matcher", "type": "ProxyStatsMatcher" + }, + { + "id": 33, + "name": "hold_application_until_proxy_starts", + "type": "google.protobuf.BoolValue" } ], "maps": [ @@ -37722,6 +37709,16 @@ "id": 6, "name": "sni", "type": "string" + }, + { + "id": 8, + "name": "auto_sni", + "type": "bool" + }, + { + "id": 9, + "name": "auto_san", + "type": "bool" } ] }, @@ -42069,7 +42066,13 @@ "field": { "id": 51, "name": "addon_components", - "type": "ExternalComponentSpec" + "type": "ExternalComponentSpec", + "options": [ + { + "name": "deprecated", + "value": "true" + } + ] } } ] diff --git a/python/istio_api/networking/v1alpha3/destination_rule_pb2.py b/python/istio_api/networking/v1alpha3/destination_rule_pb2.py index 67b2e434f49..3a6a768a2e7 100644 --- a/python/istio_api/networking/v1alpha3/destination_rule_pb2.py +++ b/python/istio_api/networking/v1alpha3/destination_rule_pb2.py @@ -25,7 +25,7 @@ package='istio.networking.v1alpha3', syntax='proto3', serialized_options=_b('Z istio.io/api/networking/v1alpha3'), - serialized_pb=_b('\n*networking/v1alpha3/destination_rule.proto\x12\x19istio.networking.v1alpha3\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1egoogle/protobuf/wrappers.proto\x1a)networking/v1alpha3/virtual_service.proto\x1a\x14gogoproto/gogo.proto\"\xad\x01\n\x0f\x44\x65stinationRule\x12\x11\n\x04host\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12@\n\x0etraffic_policy\x18\x02 \x01(\x0b\x32(.istio.networking.v1alpha3.TrafficPolicy\x12\x32\n\x07subsets\x18\x03 \x03(\x0b\x32!.istio.networking.v1alpha3.Subset\x12\x11\n\texport_to\x18\x04 \x03(\t\"\xe3\x05\n\rTrafficPolicy\x12\x46\n\rload_balancer\x18\x01 \x01(\x0b\x32/.istio.networking.v1alpha3.LoadBalancerSettings\x12J\n\x0f\x63onnection_pool\x18\x02 \x01(\x0b\x32\x31.istio.networking.v1alpha3.ConnectionPoolSettings\x12\x46\n\x11outlier_detection\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.OutlierDetection\x12\x39\n\x03tls\x18\x04 \x01(\x0b\x32,.istio.networking.v1alpha3.ClientTLSSettings\x12W\n\x13port_level_settings\x18\x05 \x03(\x0b\x32:.istio.networking.v1alpha3.TrafficPolicy.PortTrafficPolicy\x1a\xe1\x02\n\x11PortTrafficPolicy\x12\x35\n\x04port\x18\x01 \x01(\x0b\x32\'.istio.networking.v1alpha3.PortSelector\x12\x46\n\rload_balancer\x18\x02 \x01(\x0b\x32/.istio.networking.v1alpha3.LoadBalancerSettings\x12J\n\x0f\x63onnection_pool\x18\x03 \x01(\x0b\x32\x31.istio.networking.v1alpha3.ConnectionPoolSettings\x12\x46\n\x11outlier_detection\x18\x04 \x01(\x0b\x32+.istio.networking.v1alpha3.OutlierDetection\x12\x39\n\x03tls\x18\x05 \x01(\x0b\x32,.istio.networking.v1alpha3.ClientTLSSettings\"\xcb\x01\n\x06Subset\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12=\n\x06labels\x18\x02 \x03(\x0b\x32-.istio.networking.v1alpha3.Subset.LabelsEntry\x12@\n\x0etraffic_policy\x18\x03 \x01(\x0b\x32(.istio.networking.v1alpha3.TrafficPolicy\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xc1\x05\n\x14LoadBalancerSettings\x12J\n\x06simple\x18\x01 \x01(\x0e\x32\x38.istio.networking.v1alpha3.LoadBalancerSettings.SimpleLBH\x00\x12[\n\x0f\x63onsistent_hash\x18\x02 \x01(\x0b\x32@.istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLBH\x00\x12S\n\x13locality_lb_setting\x18\x03 \x01(\x0b\x32\x36.istio.networking.v1alpha3.LocalityLoadBalancerSetting\x1a\xd3\x02\n\x10\x43onsistentHashLB\x12\x1a\n\x10http_header_name\x18\x01 \x01(\tH\x00\x12\x62\n\x0bhttp_cookie\x18\x02 \x01(\x0b\x32K.istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLB.HTTPCookieH\x00\x12\x17\n\ruse_source_ip\x18\x03 \x01(\x08H\x00\x12#\n\x19http_query_parameter_name\x18\x05 \x01(\tH\x00\x12\x19\n\x11minimum_ring_size\x18\x04 \x01(\x04\x1aZ\n\nHTTPCookie\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x0c\n\x04path\x18\x02 \x01(\t\x12+\n\x03ttl\x18\x03 \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x02\x42\n\n\x08hash_key\"H\n\x08SimpleLB\x12\x0f\n\x0bROUND_ROBIN\x10\x00\x12\x0e\n\nLEAST_CONN\x10\x01\x12\n\n\x06RANDOM\x10\x02\x12\x0f\n\x0bPASSTHROUGH\x10\x03\x42\x0b\n\tlb_policy\"\xed\x06\n\x16\x43onnectionPoolSettings\x12J\n\x03tcp\x18\x01 \x01(\x0b\x32=.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings\x12L\n\x04http\x18\x02 \x01(\x0b\x32>.istio.networking.v1alpha3.ConnectionPoolSettings.HTTPSettings\x1a\xb3\x02\n\x0bTCPSettings\x12\x17\n\x0fmax_connections\x18\x01 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x61\n\rtcp_keepalive\x18\x03 \x01(\x0b\x32J.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive\x1at\n\x0cTcpKeepalive\x12\x0e\n\x06probes\x18\x01 \x01(\r\x12\'\n\x04time\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12+\n\x08interval\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x1a\x82\x03\n\x0cHTTPSettings\x12\"\n\x1ahttp1_max_pending_requests\x18\x01 \x01(\x05\x12\x1a\n\x12http2_max_requests\x18\x02 \x01(\x05\x12#\n\x1bmax_requests_per_connection\x18\x03 \x01(\x05\x12\x13\n\x0bmax_retries\x18\x04 \x01(\x05\x12/\n\x0cidle_timeout\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12i\n\x11h2_upgrade_policy\x18\x06 \x01(\x0e\x32N.istio.networking.v1alpha3.ConnectionPoolSettings.HTTPSettings.H2UpgradePolicy\x12\x1b\n\x13use_client_protocol\x18\x07 \x01(\x08\"?\n\x0fH2UpgradePolicy\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x00\x12\x12\n\x0e\x44O_NOT_UPGRADE\x10\x01\x12\x0b\n\x07UPGRADE\x10\x02\"\xd0\x02\n\x10OutlierDetection\x12\x1e\n\x12\x63onsecutive_errors\x18\x01 \x01(\x05\x42\x02\x18\x01\x12@\n\x1a\x63onsecutive_gateway_errors\x18\x06 \x01(\x0b\x32\x1c.google.protobuf.UInt32Value\x12<\n\x16\x63onsecutive_5xx_errors\x18\x07 \x01(\x0b\x32\x1c.google.protobuf.UInt32Value\x12+\n\x08interval\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x35\n\x12\x62\x61se_ejection_time\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x1c\n\x14max_ejection_percent\x18\x04 \x01(\x05\x12\x1a\n\x12min_health_percent\x18\x05 \x01(\x05\"\xa9\x02\n\x11\x43lientTLSSettings\x12G\n\x04mode\x18\x01 \x01(\x0e\x32\x34.istio.networking.v1alpha3.ClientTLSSettings.TLSmodeB\x03\xe0\x41\x02\x12\x1a\n\x12\x63lient_certificate\x18\x02 \x01(\t\x12\x13\n\x0bprivate_key\x18\x03 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x04 \x01(\t\x12\x17\n\x0f\x63redential_name\x18\x07 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x05 \x03(\t\x12\x0b\n\x03sni\x18\x06 \x01(\t\"@\n\x07TLSmode\x12\x0b\n\x07\x44ISABLE\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x10\n\x0cISTIO_MUTUAL\x10\x03\"\xb9\x03\n\x1bLocalityLoadBalancerSetting\x12U\n\ndistribute\x18\x01 \x03(\x0b\x32\x41.istio.networking.v1alpha3.LocalityLoadBalancerSetting.Distribute\x12Q\n\x08\x66\x61ilover\x18\x02 \x03(\x0b\x32?.istio.networking.v1alpha3.LocalityLoadBalancerSetting.Failover\x12+\n\x07\x65nabled\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.BoolValue\x1a\x9c\x01\n\nDistribute\x12\x0c\n\x04\x66rom\x18\x01 \x01(\t\x12U\n\x02to\x18\x02 \x03(\x0b\x32I.istio.networking.v1alpha3.LocalityLoadBalancerSetting.Distribute.ToEntry\x1a)\n\x07ToEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\r:\x02\x38\x01\x1a$\n\x08\x46\x61ilover\x12\x0c\n\x04\x66rom\x18\x01 \x01(\t\x12\n\n\x02to\x18\x02 \x01(\tB\"Z istio.io/api/networking/v1alpha3b\x06proto3') + serialized_pb=_b('\n*networking/v1alpha3/destination_rule.proto\x12\x19istio.networking.v1alpha3\x1a\x1fgoogle/api/field_behavior.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1egoogle/protobuf/wrappers.proto\x1a)networking/v1alpha3/virtual_service.proto\x1a\x14gogoproto/gogo.proto\"\xad\x01\n\x0f\x44\x65stinationRule\x12\x11\n\x04host\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12@\n\x0etraffic_policy\x18\x02 \x01(\x0b\x32(.istio.networking.v1alpha3.TrafficPolicy\x12\x32\n\x07subsets\x18\x03 \x03(\x0b\x32!.istio.networking.v1alpha3.Subset\x12\x11\n\texport_to\x18\x04 \x03(\t\"\xe3\x05\n\rTrafficPolicy\x12\x46\n\rload_balancer\x18\x01 \x01(\x0b\x32/.istio.networking.v1alpha3.LoadBalancerSettings\x12J\n\x0f\x63onnection_pool\x18\x02 \x01(\x0b\x32\x31.istio.networking.v1alpha3.ConnectionPoolSettings\x12\x46\n\x11outlier_detection\x18\x03 \x01(\x0b\x32+.istio.networking.v1alpha3.OutlierDetection\x12\x39\n\x03tls\x18\x04 \x01(\x0b\x32,.istio.networking.v1alpha3.ClientTLSSettings\x12W\n\x13port_level_settings\x18\x05 \x03(\x0b\x32:.istio.networking.v1alpha3.TrafficPolicy.PortTrafficPolicy\x1a\xe1\x02\n\x11PortTrafficPolicy\x12\x35\n\x04port\x18\x01 \x01(\x0b\x32\'.istio.networking.v1alpha3.PortSelector\x12\x46\n\rload_balancer\x18\x02 \x01(\x0b\x32/.istio.networking.v1alpha3.LoadBalancerSettings\x12J\n\x0f\x63onnection_pool\x18\x03 \x01(\x0b\x32\x31.istio.networking.v1alpha3.ConnectionPoolSettings\x12\x46\n\x11outlier_detection\x18\x04 \x01(\x0b\x32+.istio.networking.v1alpha3.OutlierDetection\x12\x39\n\x03tls\x18\x05 \x01(\x0b\x32,.istio.networking.v1alpha3.ClientTLSSettings\"\xcb\x01\n\x06Subset\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12=\n\x06labels\x18\x02 \x03(\x0b\x32-.istio.networking.v1alpha3.Subset.LabelsEntry\x12@\n\x0etraffic_policy\x18\x03 \x01(\x0b\x32(.istio.networking.v1alpha3.TrafficPolicy\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01\"\xc1\x05\n\x14LoadBalancerSettings\x12J\n\x06simple\x18\x01 \x01(\x0e\x32\x38.istio.networking.v1alpha3.LoadBalancerSettings.SimpleLBH\x00\x12[\n\x0f\x63onsistent_hash\x18\x02 \x01(\x0b\x32@.istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLBH\x00\x12S\n\x13locality_lb_setting\x18\x03 \x01(\x0b\x32\x36.istio.networking.v1alpha3.LocalityLoadBalancerSetting\x1a\xd3\x02\n\x10\x43onsistentHashLB\x12\x1a\n\x10http_header_name\x18\x01 \x01(\tH\x00\x12\x62\n\x0bhttp_cookie\x18\x02 \x01(\x0b\x32K.istio.networking.v1alpha3.LoadBalancerSettings.ConsistentHashLB.HTTPCookieH\x00\x12\x17\n\ruse_source_ip\x18\x03 \x01(\x08H\x00\x12#\n\x19http_query_parameter_name\x18\x05 \x01(\tH\x00\x12\x19\n\x11minimum_ring_size\x18\x04 \x01(\x04\x1aZ\n\nHTTPCookie\x12\x11\n\x04name\x18\x01 \x01(\tB\x03\xe0\x41\x02\x12\x0c\n\x04path\x18\x02 \x01(\t\x12+\n\x03ttl\x18\x03 \x01(\x0b\x32\x19.google.protobuf.DurationB\x03\xe0\x41\x02\x42\n\n\x08hash_key\"H\n\x08SimpleLB\x12\x0f\n\x0bROUND_ROBIN\x10\x00\x12\x0e\n\nLEAST_CONN\x10\x01\x12\n\n\x06RANDOM\x10\x02\x12\x0f\n\x0bPASSTHROUGH\x10\x03\x42\x0b\n\tlb_policy\"\xed\x06\n\x16\x43onnectionPoolSettings\x12J\n\x03tcp\x18\x01 \x01(\x0b\x32=.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings\x12L\n\x04http\x18\x02 \x01(\x0b\x32>.istio.networking.v1alpha3.ConnectionPoolSettings.HTTPSettings\x1a\xb3\x02\n\x0bTCPSettings\x12\x17\n\x0fmax_connections\x18\x01 \x01(\x05\x12\x32\n\x0f\x63onnect_timeout\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x61\n\rtcp_keepalive\x18\x03 \x01(\x0b\x32J.istio.networking.v1alpha3.ConnectionPoolSettings.TCPSettings.TcpKeepalive\x1at\n\x0cTcpKeepalive\x12\x0e\n\x06probes\x18\x01 \x01(\r\x12\'\n\x04time\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12+\n\x08interval\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x1a\x82\x03\n\x0cHTTPSettings\x12\"\n\x1ahttp1_max_pending_requests\x18\x01 \x01(\x05\x12\x1a\n\x12http2_max_requests\x18\x02 \x01(\x05\x12#\n\x1bmax_requests_per_connection\x18\x03 \x01(\x05\x12\x13\n\x0bmax_retries\x18\x04 \x01(\x05\x12/\n\x0cidle_timeout\x18\x05 \x01(\x0b\x32\x19.google.protobuf.Duration\x12i\n\x11h2_upgrade_policy\x18\x06 \x01(\x0e\x32N.istio.networking.v1alpha3.ConnectionPoolSettings.HTTPSettings.H2UpgradePolicy\x12\x1b\n\x13use_client_protocol\x18\x07 \x01(\x08\"?\n\x0fH2UpgradePolicy\x12\x0b\n\x07\x44\x45\x46\x41ULT\x10\x00\x12\x12\n\x0e\x44O_NOT_UPGRADE\x10\x01\x12\x0b\n\x07UPGRADE\x10\x02\"\xd0\x02\n\x10OutlierDetection\x12\x1e\n\x12\x63onsecutive_errors\x18\x01 \x01(\x05\x42\x02\x18\x01\x12@\n\x1a\x63onsecutive_gateway_errors\x18\x06 \x01(\x0b\x32\x1c.google.protobuf.UInt32Value\x12<\n\x16\x63onsecutive_5xx_errors\x18\x07 \x01(\x0b\x32\x1c.google.protobuf.UInt32Value\x12+\n\x08interval\x18\x02 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x35\n\x12\x62\x61se_ejection_time\x18\x03 \x01(\x0b\x32\x19.google.protobuf.Duration\x12\x1c\n\x14max_ejection_percent\x18\x04 \x01(\x05\x12\x1a\n\x12min_health_percent\x18\x05 \x01(\x05\"\xcd\x02\n\x11\x43lientTLSSettings\x12G\n\x04mode\x18\x01 \x01(\x0e\x32\x34.istio.networking.v1alpha3.ClientTLSSettings.TLSmodeB\x03\xe0\x41\x02\x12\x1a\n\x12\x63lient_certificate\x18\x02 \x01(\t\x12\x13\n\x0bprivate_key\x18\x03 \x01(\t\x12\x17\n\x0f\x63\x61_certificates\x18\x04 \x01(\t\x12\x17\n\x0f\x63redential_name\x18\x07 \x01(\t\x12\x19\n\x11subject_alt_names\x18\x05 \x03(\t\x12\x0b\n\x03sni\x18\x06 \x01(\t\x12\x10\n\x08\x61uto_sni\x18\x08 \x01(\x08\x12\x10\n\x08\x61uto_san\x18\t \x01(\x08\"@\n\x07TLSmode\x12\x0b\n\x07\x44ISABLE\x10\x00\x12\n\n\x06SIMPLE\x10\x01\x12\n\n\x06MUTUAL\x10\x02\x12\x10\n\x0cISTIO_MUTUAL\x10\x03\"\xb9\x03\n\x1bLocalityLoadBalancerSetting\x12U\n\ndistribute\x18\x01 \x03(\x0b\x32\x41.istio.networking.v1alpha3.LocalityLoadBalancerSetting.Distribute\x12Q\n\x08\x66\x61ilover\x18\x02 \x03(\x0b\x32?.istio.networking.v1alpha3.LocalityLoadBalancerSetting.Failover\x12+\n\x07\x65nabled\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.BoolValue\x1a\x9c\x01\n\nDistribute\x12\x0c\n\x04\x66rom\x18\x01 \x01(\t\x12U\n\x02to\x18\x02 \x03(\x0b\x32I.istio.networking.v1alpha3.LocalityLoadBalancerSetting.Distribute.ToEntry\x1a)\n\x07ToEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\r:\x02\x38\x01\x1a$\n\x08\x46\x61ilover\x12\x0c\n\x04\x66rom\x18\x01 \x01(\t\x12\n\n\x02to\x18\x02 \x01(\tB\"Z istio.io/api/networking/v1alpha3b\x06proto3') , dependencies=[google_dot_api_dot_field__behavior__pb2.DESCRIPTOR,google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,google_dot_protobuf_dot_wrappers__pb2.DESCRIPTOR,networking_dot_v1alpha3_dot_virtual__service__pb2.DESCRIPTOR,gogoproto_dot_gogo__pb2.DESCRIPTOR,]) @@ -112,8 +112,8 @@ ], containing_type=None, serialized_options=None, - serialized_start=3520, - serialized_end=3584, + serialized_start=3556, + serialized_end=3620, ) _sym_db.RegisterEnumDescriptor(_CLIENTTLSSETTINGS_TLSMODE) @@ -851,6 +851,20 @@ message_type=None, enum_type=None, containing_type=None, is_extension=False, extension_scope=None, serialized_options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='auto_sni', full_name='istio.networking.v1alpha3.ClientTLSSettings.auto_sni', index=7, + number=8, type=8, cpp_type=7, label=1, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + serialized_options=None, file=DESCRIPTOR), + _descriptor.FieldDescriptor( + name='auto_san', full_name='istio.networking.v1alpha3.ClientTLSSettings.auto_san', index=8, + number=9, type=8, cpp_type=7, label=1, + has_default_value=False, default_value=False, + message_type=None, enum_type=None, containing_type=None, + is_extension=False, extension_scope=None, + serialized_options=None, file=DESCRIPTOR), ], extensions=[ ], @@ -865,7 +879,7 @@ oneofs=[ ], serialized_start=3287, - serialized_end=3584, + serialized_end=3620, ) @@ -902,8 +916,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=3949, - serialized_end=3990, + serialized_start=3985, + serialized_end=4026, ) _LOCALITYLOADBALANCERSETTING_DISTRIBUTE = _descriptor.Descriptor( @@ -939,8 +953,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=3834, - serialized_end=3990, + serialized_start=3870, + serialized_end=4026, ) _LOCALITYLOADBALANCERSETTING_FAILOVER = _descriptor.Descriptor( @@ -976,8 +990,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=3992, - serialized_end=4028, + serialized_start=4028, + serialized_end=4064, ) _LOCALITYLOADBALANCERSETTING = _descriptor.Descriptor( @@ -1020,8 +1034,8 @@ extension_ranges=[], oneofs=[ ], - serialized_start=3587, - serialized_end=4028, + serialized_start=3623, + serialized_end=4064, ) _DESTINATIONRULE.fields_by_name['traffic_policy'].message_type = _TRAFFICPOLICY