META-INF.armeria.grpc.armeria-main.dsc Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of centraldogma-xds Show documentation
Show all versions of centraldogma-xds Show documentation
Highly-available version-controlled service configuration repository based on Git, ZooKeeper and HTTP/2 (centraldogma-xds)
The newest version!
?.
google/protobuf/any.protogoogle.protobuf"6
Any
type_url ( RtypeUrl
value (
RvalueBv
com.google.protobufBAnyProtoPZ,google.golang.org/protobuf/types/known/anypb?GPB?
Google.Protobuf.WellKnownTypesJ?,
�?
?
�2?
Protocol Buffers - Google's data interchange format
Copyright 2008 Google Inc. All rights reserved.
https://developers.google.com/protocol-buffers/
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
�
"�C
"�C
#�,
#�,
$�)
$�)
%�"
%�"
&�!
$&�!
'�;
%'�;
?
��?? `Any` contains an arbitrary serialized protocol buffer message along with a
URL that describes the type of the serialized message.
Protobuf library provides support to pack/unpack Any values in the form
of utility functions or additional generated methods of the Any type.
Example 1: Pack and unpack a message in C++.
Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
...
}
Example 2: Pack and unpack a message in Java.
Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
any.Unpack(foo)
...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
...
}
The pack methods provided by protobuf library will by default use
'type.googleapis.com/full.type.name' as the type URL and the unpack
methods only use the fully qualified type name after the last '/'
in the type URL, for example "foo.bar.com/x/y.z" will yield type
name "y.z".
JSON
====
The JSON representation of an `Any` value uses the regular
representation of the deserialized, embedded message, with an
additional field `@type` which contains the type URL. Example:
package google.profile;
message Person {
string first_name = 1;
string last_name = 2;
}
{
"@type": "type.googleapis.com/google.profile.Person",
"firstName": ,
"lastName":
}
If the embedded message type is well-known and has a custom JSON
representation, that representation will be embedded adding a field
`value` which holds the custom JSON in addition to the `@type`
field. Example (for message [google.protobuf.Duration][]):
{
"@type": "type.googleapis.com/google.protobuf.Duration",
"value": "1.212s"
}
�
?
��??
A URL/resource name that uniquely identifies the type of the serialized
protocol buffer message. This string must contain at least
one "/" character. The last segment of the URL's path must represent
the fully qualified name of the type (as in
`path/google.protobuf.Duration`). The name should be in a canonical form
(e.g., leading "." is not accepted).
In practice, teams usually precompile into the binary all types that they
expect it to use in the context of Any. However, for URLs which use the
scheme `http`, `https`, or no scheme, one can optionally set up a type
server that maps type URLs to message definitions as follows:
* If no scheme is provided, `https` is assumed.
* An HTTP GET on the URL must yield a [google.protobuf.Type][]
value in binary format, or produce an error.
* Applications are allowed to cache lookup results based on the
URL, or have them precompiled into a binary to avoid any
lookup. Therefore, binary compatibility needs to be preserved
on changes to types. (Use versioned type names to manage
breaking changes.)
Note: this functionality is not currently available in the official
protobuf release, and it is not used for type URLs beginning with
type.googleapis.com. As of May 2023, there are no widely used type server
implementations and no plans to implement one.
Schemes other than `http`, `https` (or the empty scheme) might be
used with implementation specific semantics.
��?
��?
��?
W
�?I Must be a valid serialized protocol buffer of the above specified type.
�?
�?
�?bproto3
??
google/protobuf/descriptor.protogoogle.protobuf"M
FileDescriptorSet8
file (
2$.google.protobuf.FileDescriptorProtoRfile"?
FileDescriptorProto
name ( Rname
package ( Rpackage
dependency ( R
dependency+
public_dependency
(RpublicDependency'
weak_dependency
(RweakDependencyC
message_type (
2 .google.protobuf.DescriptorProtoR
messageTypeA
enum_type (
2$.google.protobuf.EnumDescriptorProtoRenumTypeA
service (
2'.google.protobuf.ServiceDescriptorProtoRserviceC
extension (
2%.google.protobuf.FieldDescriptorProtoR extension6
options (
2
.google.protobuf.FileOptionsRoptionsI
source_code_info (
2 .google.protobuf.SourceCodeInfoRsourceCodeInfo
syntax
( Rsyntax2
edition (2.google.protobuf.EditionRedition"?
DescriptorProto
name ( Rname;
field (
2%.google.protobuf.FieldDescriptorProtoRfieldC
extension (
2%.google.protobuf.FieldDescriptorProtoR extensionA
nested_type (
2 .google.protobuf.DescriptorProtoR
nestedTypeA
enum_type (
2$.google.protobuf.EnumDescriptorProtoRenumTypeX
extension_range (
2/.google.protobuf.DescriptorProto.ExtensionRangeRextensionRangeD
oneof_decl (
2%.google.protobuf.OneofDescriptorProtoR oneofDecl9
options (
2 .google.protobuf.MessageOptionsRoptionsU
reserved_range (
2..google.protobuf.DescriptorProto.ReservedRangeR
reservedRange#
reserved_name
( R
reservedNamez
ExtensionRange
start (Rstart
end (Rend@
options (
2&.google.protobuf.ExtensionRangeOptionsRoptions7
ReservedRange
start (Rstart
end (Rend"?
ExtensionRangeOptionsX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOptionY
declaration (
22.google.protobuf.ExtensionRangeOptions.DeclarationB?R
declaration7
features2 (
2.google.protobuf.FeatureSetRfeaturesh
verification (28.google.protobuf.ExtensionRangeOptions.VerificationState:
UNVERIFIEDR
verification?
Declaration
number (Rnumber
full_name ( RfullName
type ( Rtype
reserved (Rreserved
repeated (RrepeatedJ"4
VerificationState
DECLARATION�
UNVERIFIED* ?????"?
FieldDescriptorProto
name ( Rname
number (RnumberA
label (2+.google.protobuf.FieldDescriptorProto.LabelRlabel>
type (2*.google.protobuf.FieldDescriptorProto.TypeRtype
type_name ( RtypeName
extendee ( Rextendee#
default_value ( R
defaultValue
oneof_index (R
oneofIndex
json_name
( RjsonName7
options (
2
.google.protobuf.FieldOptionsRoptions'
proto3_optional (Rproto3Optional"?
Type
TYPE_DOUBLE
TYPE_FLOAT
TYPE_INT64
TYPE_UINT64
TYPE_INT32
TYPE_FIXED64
TYPE_FIXED32
TYPE_BOOL
TYPE_STRING
TYPE_GROUP
TYPE_MESSAGE
TYPE_BYTES
TYPE_UINT32
TYPE_ENUM
TYPE_SFIXED32
TYPE_SFIXED64
TYPE_SINT32
TYPE_SINT64"C
Label
LABEL_OPTIONAL
LABEL_REPEATED
LABEL_REQUIRED"c
OneofDescriptorProto
name ( Rname7
options (
2
.google.protobuf.OneofOptionsRoptions"?
EnumDescriptorProto
name ( Rname?
value (
2).google.protobuf.EnumValueDescriptorProtoRvalue6
options (
2
.google.protobuf.EnumOptionsRoptions]
reserved_range (
26.google.protobuf.EnumDescriptorProto.EnumReservedRangeR
reservedRange#
reserved_name ( R
reservedName;
EnumReservedRange
start (Rstart
end (Rend"?
EnumValueDescriptorProto
name ( Rname
number (Rnumber;
options (
2!.google.protobuf.EnumValueOptionsRoptions"?
ServiceDescriptorProto
name ( Rname>
method (
2&.google.protobuf.MethodDescriptorProtoRmethod9
options (
2 .google.protobuf.ServiceOptionsRoptions"?
MethodDescriptorProto
name ( Rname
input_type ( R inputType
output_type ( R
outputType8
options (
2
.google.protobuf.MethodOptionsRoptions0
client_streaming (:falseRclientStreaming0
server_streaming (:falseRserverStreaming"?
FileOptions!
java_package ( R
javaPackage0
java_outer_classname ( RjavaOuterClassname5
java_multiple_files
(:falseRjavaMultipleFilesD
java_generate_equals_and_hash (BRjavaGenerateEqualsAndHash:
java_string_check_utf8 (:falseRjavaStringCheckUtf8S
optimize_for (2).google.protobuf.FileOptions.OptimizeMode:SPEEDR
optimizeFor
go_package
( R goPackage5
cc_generic_services (:falseRccGenericServices9
java_generic_services (:falseRjavaGenericServices5
py_generic_services (:falseRpyGenericServices7
php_generic_services* (:falseRphpGenericServices%
deprecated (:falseR
deprecated.
cc_enable_arenas (:trueRccEnableArenas*
objc_class_prefix$ ( RobjcClassPrefix)
csharp_namespace% ( RcsharpNamespace!
swift_prefix' ( R
swiftPrefix(
php_class_prefix( ( RphpClassPrefix#
php_namespace) ( R
phpNamespace4
php_metadata_namespace, ( RphpMetadataNamespace!
ruby_package- ( R
rubyPackage7
features2 (
2.google.protobuf.FeatureSetRfeaturesX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOption":
OptimizeMode
SPEED
CODE_SIZE
LITE_RUNTIME* ?????J&'"?
MessageOptions<
message_set_wire_format (:falseRmessageSetWireFormatL
no_standard_descriptor_accessor (:falseR
noStandardDescriptorAccessor%
deprecated (:falseR
deprecated
map_entry (RmapEntryV
&deprecated_legacy_json_field_conflicts
(BR"deprecatedLegacyJsonFieldConflicts7
features
(
2.google.protobuf.FeatureSetRfeaturesX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOption* ?????JJJJ J
"?
FieldOptionsA
ctype (2#.google.protobuf.FieldOptions.CType:STRINGRctype
packed (RpackedG
jstype (2$.google.protobuf.FieldOptions.JSType: JS_NORMALRjstype
lazy (:falseRlazy.
unverified_lazy (:falseRunverifiedLazy%
deprecated (:falseR
deprecated
weak
(:falseRweak(
debug_redact (:falseR
debugRedactK
retention (2-.google.protobuf.FieldOptions.OptionRetentionR retentionH
targets (2..google.protobuf.FieldOptions.OptionTargetTypeRtargetsW
edition_defaults (
2,.google.protobuf.FieldOptions.EditionDefaultReditionDefaults7
features (
2.google.protobuf.FeatureSetRfeaturesX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOptionZ
EditionDefault2
edition (2.google.protobuf.EditionRedition
value ( Rvalue"/
CType
STRING�
CORD
STRING_PIECE"5
JSType
JS_NORMAL�
JS_STRING
JS_NUMBER"U
OptionRetention
RETENTION_UNKNOWN�
RETENTION_RUNTIME
RETENTION_SOURCE"?
OptionTargetType
TARGET_TYPE_UNKNOWN�
TARGET_TYPE_FILE
TARGET_TYPE_EXTENSION_RANGE
TARGET_TYPE_MESSAGE
TARGET_TYPE_FIELD
TARGET_TYPE_ONEOF
TARGET_TYPE_ENUM
TARGET_TYPE_ENUM_ENTRY
TARGET_TYPE_SERVICE
TARGET_TYPE_METHOD * ?????JJ"?
OneofOptions7
features (
2.google.protobuf.FeatureSetRfeaturesX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOption* ?????"?
EnumOptions
allow_alias (R
allowAlias%
deprecated (:falseR
deprecatedV
&deprecated_legacy_json_field_conflicts (BR"deprecatedLegacyJsonFieldConflicts7
features (
2.google.protobuf.FeatureSetRfeaturesX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOption* ?????J"?
EnumValueOptions%
deprecated (:falseR
deprecated7
features (
2.google.protobuf.FeatureSetRfeatures(
debug_redact (:falseR
debugRedactX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOption* ?????"?
ServiceOptions7
features" (
2.google.protobuf.FeatureSetRfeatures%
deprecated! (:falseR
deprecatedX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOption* ?????"?
MethodOptions%
deprecated! (:falseR
deprecatedq
idempotency_level" (2/.google.protobuf.MethodOptions.IdempotencyLevel:IDEMPOTENCY_UNKNOWNRidempotencyLevel7
features# (
2.google.protobuf.FeatureSetRfeaturesX
uninterpreted_option? (
2$.google.protobuf.UninterpretedOptionRuninterpretedOption"P
IdempotencyLevel
IDEMPOTENCY_UNKNOWN�
NO_SIDE_EFFECTS
IDEMPOTENT* ?????"?
UninterpretedOptionA
name (
2-.google.protobuf.UninterpretedOption.NamePartRname)
identifier_value ( RidentifierValue,
positive_int_value (RpositiveIntValue,
negative_int_value (RnegativeIntValue!
double_value (R
doubleValue!
string_value (
R
stringValue'
aggregate_value ( RaggregateValueJ
NamePart
name_part ( RnamePart!
is_extension (R
isExtension"?
FeatureSet?
field_presence (2).google.protobuf.FeatureSet.FieldPresenceB9????
EXPLICIT??
IMPLICIT??
EXPLICIT?R
fieldPresencef
enum_type (2$.google.protobuf.FeatureSet.EnumTypeB#????
CLOSED?? OPEN?RenumType?
repeated_field_encoding (21.google.protobuf.FeatureSet.RepeatedFieldEncodingB'????
EXPANDED??
PACKED?RrepeatedFieldEncodingx
utf8_validation (2*.google.protobuf.FeatureSet.Utf8ValidationB#???? NONE??
VERIFY?Rutf8Validationx
message_encoding (2+.google.protobuf.FeatureSet.MessageEncodingB ????LENGTH_PREFIXED?RmessageEncoding|
json_format (2&.google.protobuf.FeatureSet.JsonFormatB3?????LEGACY_BEST_EFFORT??
ALLOW?R
jsonFormat"\
FieldPresence
FIELD_PRESENCE_UNKNOWN�
EXPLICIT
IMPLICIT
LEGACY_REQUIRED"7
EnumType
ENUM_TYPE_UNKNOWN�
OPEN
CLOSED"V
RepeatedFieldEncoding#
REPEATED_FIELD_ENCODING_UNKNOWN�
PACKED
EXPANDED"C
Utf8Validation
UTF8_VALIDATION_UNKNOWN�
NONE
VERIFY"S
MessageEncoding
MESSAGE_ENCODING_UNKNOWN�
LENGTH_PREFIXED
DELIMITED"H
JsonFormat
JSON_FORMAT_UNKNOWN�
ALLOW
LEGACY_BEST_EFFORT*??*??*?N?NJ??"?
FeatureSetDefaultsX
defaults (
2<.google.protobuf.FeatureSetDefaults.FeatureSetEditionDefaultRdefaultsA
minimum_edition (2.google.protobuf.EditionRminimumEditionA
maximum_edition (2.google.protobuf.EditionRmaximumEdition?
FeatureSetEditionDefault2
edition (2.google.protobuf.EditionRedition7
features (
2.google.protobuf.FeatureSetRfeatures"?
SourceCodeInfoD
location (
2(.google.protobuf.SourceCodeInfo.LocationRlocation?
Location
path (BRpath
span (BRspan)
leading_comments ( RleadingComments+
trailing_comments ( RtrailingComments:
leading_detached_comments ( RleadingDetachedComments"?
GeneratedCodeInfoM
annotation (
2-.google.protobuf.GeneratedCodeInfo.AnnotationR
annotation?
Annotation
path (BRpath
source_file ( R
sourceFile
begin (Rbegin
end (RendR
semantic (26.google.protobuf.GeneratedCodeInfo.Annotation.SemanticRsemantic"(
Semantic
NONE�
SET
ALIAS*?
Edition
EDITION_UNKNOWN�
EDITION_PROTO2?
EDITION_PROTO3?
EDITION_2023?
EDITION_1_TEST_ONLY
EDITION_2_TEST_ONLY
EDITION_99997_TEST_ONLY??
EDITION_99998_TEST_ONLY??
EDITION_99999_TEST_ONLY??B~
com.google.protobufBDescriptorProtosHZ-google.golang.org/protobuf/types/descriptorpb??GPB?Google.Protobuf.ReflectionJ??
&�?
?
&�2?
Protocol Buffers - Google's data interchange format
Copyright 2008 Google Inc. All rights reserved.
https://developers.google.com/protocol-buffers/
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
2? Author: [email protected] (Kenton Varda)
Based on original Protocol Buffers design by
Sanjay Ghemawat, Jeff Dean, and others.
The messages in this file describe the definitions found in .proto files.
A valid .proto file can be translated directly to a FileDescriptorProto
without any other information (e.g. without reading its imports).
(�
*�D
*�D
+�,
+�,
,�1
,�1
-�7
%-�7
.�!
$.�!
/�
/�
3�
3�
t descriptor.proto must be optimized for speed because reflection-based
algorithms don't work during bootstrapping.
j
�7�9^ The protocol compiler can output a FileDescriptorSet containing the .proto
files it parses.
�7
��8(
��8
��8
��8 #
��8&'
-
�<�S! The full set of known editions.
�<
:
��>- A placeholder for an unknown edition value.
��>
��>
?
�D? Legacy syntax "editions". These pre-date editions, but behave much like
distinct editions. These can't be used to specify the edition of proto
files, but feature definitions must supply proto2/proto3 defaults for
backwards compatibility.
�D
�D
�E
�E
�E
?
�J? Editions that have been released. The specific values are arbitrary and
should not be depended on, but they will always be time-ordered for easy
comparison.
�J
�J
}
�Np Placeholder editions for testing feature resolution. These should not be
used or relyed on outside of tests.
�N
�N
�O
�O
�O
�P"
�P
�P
!
�Q"
�Q
�Q
!
�R"
�R
�R
!
/
V�x# Describes a complete .proto file.
V
9
�W", file name, relative to root of source tree
�W
�W
�W
�W
*
X
"
e.g. "foo", "foo.bar", etc.
X
X
X
X
4
[!' Names of files imported by this file.
[
[
[
[
Q
](D Indexes of the public imported files in the dependency list above.
]
]
]"
]%'
z
`&m Indexes of the weak imported files in the dependency list.
For Google-internal migration only. Do not use.
`
`
`
`#%
6
c,) All top-level definitions in this file.
c
c
c'
c*+
d-
d
d
d (
d+,
e.
e
e
!
e")
e,-
f.
f
f
f )
f,-
h#
h
h
h
h!"
?
n/? This field contains optional information about the original source code.
You may safely remove this entire field without harming runtime
functionality of the descriptors -- the information is needed only by
development tools.
n
n
n*
n-.
?
t
? The syntax of the proto file.
The supported values are "proto2", "proto3", and "editions".
If `edition` is present, this value must be "editions".
t
t
t
t
-
w The edition of the proto file.
w
w
w
w
(
{�? Describes a message type.
{
�|
�|
�|
�|
�|
~*
~
~
~ %
~()
.
)
,-
?+
?
?
?&
?)*
?-
?
?
? (
?+,
�??
�?
��?
"
Inclusive.
��?
��?
��?
��?
�?"
Exclusive.
�?
�?
�?
�?
�?/
�?
�?
"
�?#*
�?-.
?.
?
?
?)
?,-
?/
?
?
? *
?-.
?&
?
?
?!
?$%
?
??? Range of reserved tag numbers. Reserved tag numbers may not be used by
fields or extension ranges in the same message. Reserved ranges may
not overlap.
?
�?
"
Inclusive.
�?
�?
�?
�?
?"
Exclusive.
?
?
?
?
?,
?
?
?'
?*+
?
?%u Reserved field names, which may not be used by fields in the same message.
A given name may only be reserved once.
?
?
?
?"$
?�?
?
O
�?:A The parser stores options it doesn't recognize here. See above.
�?
�?
�? 3
�?69
�??
�?
K
��?
; The extension number declared within the extension range.
��?
��?
��?
��?
z
�?"j The fully-qualified name of the extension field. There must be a leading
dot in front of the full name.
�?
�?
�?
�? !
?
�?
? The fully-qualified type name of the extension field. Unlike
Metadata.type, Declaration.type must have a leading dot for messages
and enums.
�?
�?
�?
�?
?
�? ? If true, indicates that the number is reserved in the extension range,
and any extension field with the number will fail to compile. Set this
when a declared extension field is deleted.
�?
�?
�?
�?
?
�? z If true, indicates that the extension must be defined as repeated.
Otherwise the extension must be defined as optional.
�?
�?
�?
�?
$
� ?" removed is_repeated
� �?
� �?
� �?
?
?F? For external users: DO NOT USE. We are in the process of open sourcing
extension declaration and executing internal cleanups before it can be
used externally.
?
?
?"
?%&
?'E
?(D
=
?$/ Any features defined in the specific edition.
?
?
?
?!#
@
�??0 The verification state of the extension range.
�?
C
��?3 All the extensions of the range must be declared.
��?
��?
�?
�?
�?
?
?E~ The verification state of the range.
TODO: flip the default to DECLARATION once all empty ranges
are marked as UNVERIFIED.
?
?
?
)
?,-
?.D
?9C
Z
?M Clients can define custom options in extensions of this message. See above.
�?
�?
�?
3
?�?% Describes a field within a message.
?
�??
�?
S
��?C 0 is reserved for errors.
Order is weird for historical reasons.
��?
��?
�?
�?
�?
w
�?g Not ZigZag encoded. Negative numbers take 10 bytes. Use TYPE_SINT64 if
negative values are likely.
�?
�?
�?
�?
�?
w
�?g Not ZigZag encoded. Negative numbers take 10 bytes. Use TYPE_SINT32 if
negative values are likely.
�?
�?
�?
�?
�?
�?
�?
�?
�?
�?
�?
�?
�?
�?
?
� ?? Tag-delimited aggregate.
Group type is deprecated and not supported after google.protobuf. However, Proto3
implementations should still be able to parse the group wire format and
treat group fields as unknown fields. In Editions, the group wire format
can be enabled via the `message_encoding` feature.
� ?
� ?
-
�
?"
Length-delimited aggregate.
�
?
�
?
#
�
? New in version 2.
�
?
�
?
�
?
�
?
�
?
�
?
�
?
�
?
�?
�?
�?
�?
�?
�?
'
�?" Uses ZigZag encoding.
�?
�?
'
�?" Uses ZigZag encoding.
�?
�?
??
?
*
�? 0 is reserved for errors
�?
�?
?
?
?
?
?? The required label is only allowed in google.protobuf. In proto3 and Editions
it's explicitly prohibited. In Editions, the `field_presence` feature
can be used to get this behavior.
?
?
�?
�?
�?
�?
�?
?
?
?
?
?
?
?
?
?
?
?
?? If type_name is set, this need not be set. If both this and type_name
are set, this must be one of TYPE_ENUM, TYPE_MESSAGE or TYPE_GROUP.
?
?
?
?
?
? ? For message and enum types, this is the name of the type. If the name
starts with a '.', it is fully-qualified. Otherwise, C++-like scoping
rules are used to find the type (i.e. first the nested types within this
message are searched, then within the parent, on up to the root
namespace).
?
?
?
?
~
? p For extensions, this is the name of the type being extended. It is
resolved in the same manner as type_name.
?
?
?
?
?
?$? For numeric types, contains the original text representation of the value.
For booleans, "true" or "false".
For strings, contains the default text contents (not escaped in any way).
For bytes, contains the C escaped value. All bytes >= 128 are escaped.
?
?
?
?"#
?
?!v If set, gives the index of a oneof in the containing type's oneof_decl
list. This field is a member of that oneof.
?
?
?
?
?
?!? JSON name of this field. The value is set by protocol compiler. If the
user has set a "json_name" option on this field, that option's value
will be used. Otherwise, it's deduced from the field's name by converting
it to camelCase.
?
?
?
?
?$
?
?
?
?"#
?
?%? If true, this is a proto3 "optional". When a proto3 field is optional, it
tracks presence regardless of field type.
When proto3_optional is true, this field must be belong to a oneof to
signal to old proto3 clients that presence is tracked for this field. This
oneof is known as a "synthetic" oneof, and this field must be its sole
member (each proto3 optional field gets its own synthetic oneof). Synthetic
oneofs exist in the descriptor only, and do not generate any API. Synthetic
oneofs must be ordered after all "real" oneofs.
For message fields, proto3_optional doesn't create any semantic change,
since non-repeated message fields always track presence. However it still
indicates the semantic detail of whether the user wrote "optional" or not.
This can be useful for round-tripping the .proto file. For consistency we
give message fields a synthetic oneof also, even though it is not required
to track presence. This is especially important because the parser can't
tell if a field is a message or an enum, so it must always create a
synthetic oneof.
Proto2 optional fields do not set this flag, because they already indicate
optional with `LABEL_OPTIONAL`.
?
?
?
?"$
"
?�? Describes a oneof.
?
�?
�?
�?
�?
�?
?$
?
?
?
?"#
'
?�? Describes an enum type.
?
�?
�?
�?
�?
�?
?.
?
?
#
?$)
?,-
?#
?
?
?
?!"
?
�??? Range of reserved numeric values. Reserved values may not be used by
entries in the same enum. Reserved ranges may not overlap.
Note that this is distinct from DescriptorProto.ReservedRange in that it
is inclusive such that it can appropriately represent the entire int32
domain.
�?
��?
"
Inclusive.
��?
��?
��?
��?
�?"
Inclusive.
�?
�?
�?
�?
?
?0? Range of reserved numeric values. Reserved numeric values may not be used
by enum values in the same enum declaration. Reserved ranges may not
overlap.
?
?
?
+
?./
l
?$^ Reserved enum value names, which may not be reused. A given name may only
be reserved once.
?
?
?
?"#
1
?�?# Describes a value within an enum.
?
�?
�?
�?
�?
�?
?
?
?
?
?
?(
?
?
?
#
?&'
$
?�? Describes a service.
?
�?
�?
�?
�?
�?
?,
?
?
?!'
?*+
?&
?
?
?!
?$%
0
?�?" Describes a method of a service.
?
�?
�?
�?
�?
�?
?
?!? Input and output type names. These are resolved in the same way as
FieldDescriptorProto.type_name, but must refer to a message type.
?
?
?
?
?"
?
?
?
? !
?%
?
?
?
?#$
E
?77 Identifies if client streams multiple client messages
?
?
?
?#$
?%6
?05
E
?77 Identifies if server streams multiple server messages
?
?
?
?#$
?%6
?05
?
?�?2N ===================================================================
Options
2?
Each of the definitions above may have "options" attached. These are
just annotations which may cause code to be generated slightly differently
or may contain hints for code that manipulates protocol messages.
Clients may define custom options as extensions of the *Options messages.
These extensions may not yet be known at parsing time, so the parser cannot
store the values in them. Instead it stores them in a field in the *Options
message called uninterpreted_option. This field must have the same name
across all *Options messages. We then use this field to populate the
extensions when we build a descriptor, at which point all protos have been
parsed and so all extensions are known.
Extension numbers for custom options may be chosen as follows:
* For options which will only be used within a single application or
organization, or for experimental options, use field numbers 50000
through 99999. It is up to you to ensure that you do not use the
same number for multiple options.
* For options which will be published and used publicly by multiple
independent entities, e-mail [email protected]
to reserve extension numbers. Simply provide your project name (e.g.
Objective-C plugin) and your project website (if available) -- there's no
need to explain how you intend to use them. Usually you only need one
extension number. You can declare multiple options with only one extension
number by putting them in a sub-message. See the Custom Options section of
the docs for examples:
https://developers.google.com/protocol-buffers/docs/proto#options
If this turns out to be popular, a web service will be set up
to automatically assign option numbers.
?
?
�?#? Sets the Java package where classes generated from this .proto will be
placed. By default, the proto package is used, but this is often
inappropriate because proto packages do not normally start with backwards
domain names.
�?
�?
�?
�?!"
?
?+? Controls the name of the wrapper Java class generated for the .proto file.
That class will always contain the .proto file's getDescriptor() method as
well as any top-level extensions defined in the .proto file.
If java_multiple_files is disabled, then all the other classes from the
.proto file will be nested inside the single wrapper outer class.
?
?
?&
?)*
?
?;? If enabled, then the Java code generator will generate a separate .java
file for each top-level message, enum, and service defined in the .proto
file. Thus, these types will *not* be nested inside the wrapper class
named by java_outer_classname. However, the wrapper class will still be
generated to contain the file's getDescriptor() method as well as any
top-level extensions defined in the file.
?
?
?#
?&(
?):
?49
)
?E This option does nothing.
?
?
?-
?02
?3D
?4C
?
?>? If set true, then the Java2 code generator will generate code that
throws an exception whenever an attempt is made to assign a non-UTF-8
byte sequence to a string field.
Message reflection will do the same.
However, an extension field still accepts non-UTF-8 byte sequences.
This option has no effect on when used with the lite runtime.
?
?
?&
?)+
?,=
?7<
L
�??< Generated classes can be optimized for speed or code size.
�?
D
��?"4 Generate complete code for parsing, serialization,
��?
��?
G
�? etc.
"/ Use ReflectionOps to implement these methods.
�?
�?
G
�?"7 Generate code using MessageLite and the lite runtime.
�?
�?
?;
?
?
?$
?'(
?):
?49
?
?"? Sets the Go package where structs generated from this .proto will be
placed. If omitted, the Go package will be derived from the following:
- The basename of the package import path, if provided.
- Otherwise, the package statement in the .proto file, if present.
- Otherwise, the basename of the .proto file, without extension.
?
?
?
? !
?
?;? Should generic services be generated in each language? "Generic" services
are not specific to any particular RPC system. They are generated by the
main code generators in each language (without additional plugins).
Generic services were the only kind of service generation supported by
early versions of google.protobuf.
Generic services are now considered deprecated in favor of using plugins
that generate code specific to your particular RPC system. Therefore,
these default to false. Old code which depends on generic services should
explicitly set them to true.
?
?
?#
?&(
?):
?49
?=
?
?
?%
?(*
?+<
?6;
?;
?
?
?#
?&(
?):
?49
?<
?
?
?$
?')
?*;
?5:
?
?2? Is this file deprecated?
Depending on the target platform, this can emit Deprecated annotations
for everything in the file, or it will be completely ignored; in the very
least, this is a formalization for deprecating files.
?
?
?
?
? 1
?+0
?7q Enables the use of arenas for the proto messages in this file. This applies
only to generated classes for C++.
?
?
?
?#%
?&6
?15
?
?)? Sets the objective c class prefix which is prepended to all objective c
generated classes from this .proto. There is no default.
?
?
?#
?&(
I
?(; Namespace for generated classes; defaults to the package.
?
?
?"
?%'
?
?$? By default Swift generators will take the proto package and CamelCase it
replacing '.' with underscore and use that to prefix the types/symbols
defined. When this options is provided, they will use this value instead
to prefix the types/symbols defined.
?
?
?
?!#
~
?(p Sets the php class prefix which is prepended to all php generated classes
from this .proto. Default is empty.
?
?
?"
?%'
?
?%? Use this option to change the namespace of php generated classes. Default
is empty. When this option is empty, the package name will be used for
determining the namespace.
?
?
?
?"$
?
?.? Use this option to change the namespace of php generated metadata classes.
Default is empty. When this option is empty, the proto file name will be
used for determining the namespace.
?
?
?(
?+-
?
?$? Use this option to change the package of ruby generated classes. Default
is empty. When this option is not set, the package name will be used for
determining the ruby package.
?
?
?
?!#
=
?$/ Any features defined in the specific edition.
?
?
?
?!#
|
?:n The parser stores options it doesn't recognize here.
See the documentation for the "Options" section above.
?
?
? 3
?69
?
?z Clients can define custom options in extensions of this message.
See the documentation for the "Options" section above.
�?
�?
�?
?
�?
�?
�?
?�?
?
?
�?>? Set true to use the old proto1 MessageSet wire format for extensions.
This is provided for backwards-compatibility with the MessageSet wire
format. You should not use this for any other reason: It's less
efficient, has fewer features, and is more complicated.
The message must be defined exactly as follows:
message Foo {
option message_set_wire_format = true;
extensions 4 to max;
}
Note that the message cannot have any defined fields; MessageSets only
have extensions.
All extensions of your type must be singular messages; e.g. they cannot
be int32s, enums, or repeated messages.
Because this is an option, the above two restrictions are not enforced by
the protocol compiler.
�?
�?
�?'
�?*+
�?,=
�?7<
?
?F? Disables the generation of the standard "descriptor()" accessor, which can
conflict with a field of the same name. This is meant to make migration
from proto1 easier; new code should avoid fields named "descriptor".
?
?
?/
?23
?4E
??D
?
?1? Is this message deprecated?
Depending on the target platform, this can emit Deprecated annotations
for the message, or it will be completely ignored; in the very least,
this is a formalization for deprecating messages.
?
?
?
?
? 0
?*/
?
�?
�?
�?
?
?
?
?
?
?
?
?
? NOTE: Do not set the option in .proto files. Always use the maps syntax
instead. The option should only be implicitly set by the proto compiler
parser.
Whether the message is an automatically generated map entry type for the
maps field.
For maps fields:
map map_field = 1;
The parsed descriptor looks like:
message MapFieldEntry {
option map_entry = true;
optional KeyType key = 1;
optional ValueType value = 2;
}
repeated MapFieldEntry map_field = 1;
Implementations may choose not to generate the map_entry=true message, but
use a native map in the target language to hold the keys and values.
The reflection APIs in such implementations still need to work as
if the field is a repeated message field.
?
?
?
?
$
?
" javalite_serializable
?
?
?
?
" javanano_as_lite
?
?
?
?
?P? Enable the legacy handling of JSON field name conflicts. This lowercases
and strips underscored from the fields before comparison in proto3 only.
The new behavior takes `json_name` into account and applies to proto2 as
well.
This should only be used as a temporary measure against broken builds due
to the change in behavior for JSON field name conflicts.
TODO This is legacy behavior we plan to remove once downstream
teams have had time to migrate.
?
?
?6
?9;
?
�>
l
�a Magic number in this file derived from top 28bit of SHA256 digest of
"udpa.annotation.status".
�+
�"
�
�
�!*
��
�
.
��! Unknown package version status.
��
��
5
�
( This version of the package is frozen.
�
�
M
�
@ This version of the package is the active development version.
�
�
?
�
#? This version of the package is the candidate for the next major version. It
is typically machine generated from the active development version.
�
�
!"
�!�'
�!
N
��#
A The entity is work-in-progress and subject to breaking changes.
��#
��#
��#
M
�&2@ The entity belongs to a package with the given version status.
�&
�&-
�&01bproto3
?%
google/protobuf/duration.protogoogle.protobuf":
Duration
seconds (Rseconds
nanos (RnanosB?
com.google.protobufB
DurationProtoPZ1google.golang.org/protobuf/types/known/durationpb??GPB?
Google.Protobuf.WellKnownTypesJ?#
�r
?
�2?
Protocol Buffers - Google's data interchange format
Copyright 2008 Google Inc. All rights reserved.
https://developers.google.com/protocol-buffers/
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
�
"�
"�
#�H
#�H
$�,
$�,
%�.
%�.
&�"
&�"
'�!
$'�!
(�;
%(�;
?
�e�r? A Duration represents a signed, fixed-length span of time represented
as a count of seconds and fractions of seconds at nanosecond
resolution. It is independent of any calendar and concepts like "day"
or "month". It is related to Timestamp in that the difference between
two Timestamp values is a Duration and it can be added or subtracted
from a Timestamp. Range is approximately +-10,000 years.
# Examples
Example 1: Compute Duration from two Timestamps in pseudo code.
Timestamp start = ...;
Timestamp end = ...;
Duration duration = ...;
duration.seconds = end.seconds - start.seconds;
duration.nanos = end.nanos - start.nanos;
if (duration.seconds < 0 && duration.nanos > 0) {
duration.seconds += 1;
duration.nanos -= 1000000000;
} else if (duration.seconds > 0 && duration.nanos < 0) {
duration.seconds -= 1;
duration.nanos += 1000000000;
}
Example 2: Compute Timestamp from Timestamp + Duration in pseudo code.
Timestamp start = ...;
Duration duration = ...;
Timestamp end = ...;
end.seconds = start.seconds + duration.seconds;
end.nanos = start.nanos + duration.nanos;
if (end.nanos < 0) {
end.seconds -= 1;
end.nanos += 1000000000;
} else if (end.nanos >= 1000000000) {
end.seconds += 1;
end.nanos -= 1000000000;
}
Example 3: Compute Duration from datetime.timedelta in Python.
td = datetime.timedelta(days=3, minutes=10)
duration = Duration()
duration.FromTimedelta(td)
# JSON Mapping
In JSON format, the Duration type is encoded as a string rather than an
object, where the string ends in the suffix "s" (indicating seconds) and
is preceded by the number of seconds, with nanoseconds expressed as
fractional seconds. For example, 3 seconds with 0 nanoseconds should be
encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should
be expressed in JSON format as "3.000000001s", and 3 seconds and 1
microsecond should be expressed in JSON format as "3.000001s".
�e
?
��i? Signed seconds of the span of time. Must be from -315,576,000,000
to +315,576,000,000 inclusive. Note: these bounds are computed from:
60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
��i
��i
��i
?
�q? Signed fractions of a second at nanosecond resolution of the span
of time. Durations less than one second are represented with a 0
`seconds` field and a positive or negative `nanos` field. For durations
of one second or more, a non-zero value for the `nanos` field must be
of the same sign as the `seconds` field. Must be from -999,999,999
to +999,999,999 inclusive.
�q
�q
�qbproto3
?1
google/protobuf/timestamp.protogoogle.protobuf";
Timestamp
seconds (Rseconds
nanos (RnanosB?
com.google.protobufBTimestampProtoPZ2google.golang.org/protobuf/types/known/timestamppb??GPB?
Google.Protobuf.WellKnownTypesJ?/
�?
?
�2?
Protocol Buffers - Google's data interchange format
Copyright 2008 Google Inc. All rights reserved.
https://developers.google.com/protocol-buffers/
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
�
"�
"�
#�I
#�I
$�,
$�,
%�/
%�/
&�"
&�"
'�!
$'�!
(�;
%(�;
?
�?�??
A Timestamp represents a point in time independent of any time zone or local
calendar, encoded as a count of seconds and fractions of seconds at
nanosecond resolution. The count is relative to an epoch at UTC midnight on
January 1, 1970, in the proleptic Gregorian calendar which extends the
Gregorian calendar backwards to year one.
All minutes are 60 seconds long. Leap seconds are "smeared" so that no leap
second table is needed for interpretation, using a [24-hour linear
smear](https://developers.google.com/time/smear).
The range is from 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z. By
restricting to that range, we ensure that we can convert to and from [RFC
3339](https://www.ietf.org/rfc/rfc3339.txt) date strings.
# Examples
Example 1: Compute Timestamp from POSIX `time()`.
Timestamp timestamp;
timestamp.set_seconds(time(NULL));
timestamp.set_nanos(0);
Example 2: Compute Timestamp from POSIX `gettimeofday()`.
struct timeval tv;
gettimeofday(&tv, NULL);
Timestamp timestamp;
timestamp.set_seconds(tv.tv_sec);
timestamp.set_nanos(tv.tv_usec * 1000);
Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`.
FILETIME ft;
GetSystemTimeAsFileTime(&ft);
UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime;
// A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z
// is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z.
Timestamp timestamp;
timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL));
timestamp.set_nanos((INT32) ((ticks % 10000000) * 100));
Example 4: Compute Timestamp from Java `System.currentTimeMillis()`.
long millis = System.currentTimeMillis();
Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000)
.setNanos((int) ((millis % 1000) * 1000000)).build();
Example 5: Compute Timestamp from Java `Instant.now()`.
Instant now = Instant.now();
Timestamp timestamp =
Timestamp.newBuilder().setSeconds(now.getEpochSecond())
.setNanos(now.getNano()).build();
Example 6: Compute Timestamp from current time in Python.
timestamp = Timestamp()
timestamp.GetCurrentTime()
# JSON Mapping
In JSON format, the Timestamp type is encoded as a string in the
[RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the
format is "{year}-{month}-{day}T{hour}:{min}:{sec}[.{frac_sec}]Z"
where {year} is always expressed using four digits while {month}, {day},
{hour}, {min}, and {sec} are zero-padded to two digits each. The fractional
seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution),
are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone
is required. A proto3 JSON serializer should always use UTC (as indicated by
"Z") when printing the Timestamp type and a proto3 JSON parser should be
able to accept both UTC and other timezones (as indicated by an offset).
For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past
01:30 UTC on January 15, 2017.
In JavaScript, one can convert a Date object to this format using the
standard
[toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString)
method. In Python, a standard `datetime.datetime` object can be converted
to this format using
[`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with
the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use
the Joda Time's [`ISODateTimeFormat.dateTime()`](
http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime()
) to obtain a formatter capable of generating timestamps in this format.
�?
?
��?? Represents seconds of UTC time since Unix epoch
1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
9999-12-31T23:59:59Z inclusive.
��?
��?
��?
?
�?? Non-negative fractions of a second at nanosecond resolution. Negative
second values with fractions must still have non-negative nanos values
that count forward in time. Must be from 0 to 999,999,999
inclusive.
�?
�?
�?bproto3
??
validate/validate.protovalidate google/protobuf/descriptor.proto
google/protobuf/duration.proto google/protobuf/timestamp.proto"?
FieldRules0
message (
2.validate.MessageRulesRmessage,
float (
2.validate.FloatRulesH�Rfloat/
double (
2.validate.DoubleRulesH�Rdouble,
int32 (
2.validate.Int32RulesH�Rint32,
int64 (
2.validate.Int64RulesH�Rint64/
uint32 (
2.validate.UInt32RulesH�Ruint32/
uint64 (
2.validate.UInt64RulesH�Ruint64/
sint32 (
2.validate.SInt32RulesH�Rsint32/
sint64 (
2.validate.SInt64RulesH�Rsint642
fixed32 (
2.validate.Fixed32RulesH�Rfixed322
fixed64
(
2.validate.Fixed64RulesH�Rfixed645
sfixed32
(
2.validate.SFixed32RulesH�Rsfixed325
sfixed64
(
2.validate.SFixed64RulesH�Rsfixed64)
bool
(
2.validate.BoolRulesH�Rbool/
string (
2.validate.StringRulesH�Rstring,
bytes (
2.validate.BytesRulesH�Rbytes)
enum (
2.validate.EnumRulesH�Renum5
repeated (
2.validate.RepeatedRulesH�Rrepeated&
map (
2.validate.MapRulesH�Rmap&
any (
2.validate.AnyRulesH�Rany5
duration (
2.validate.DurationRulesH�Rduration8
timestamp (
2.validate.TimestampRulesH�R timestampB
type"?
FloatRules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
DoubleRules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
Int32Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
Int64Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
UInt32Rules
const (
Rconst
lt (
Rlt
lte (
Rlte
gt (
Rgt
gte (
Rgte
in (
Rin
not_in (
RnotIn!
ignore_empty (R
ignoreEmpty"?
UInt64Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
SInt32Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
SInt64Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
Fixed32Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
Fixed64Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
SFixed32Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"?
SFixed64Rules
const (Rconst
lt (Rlt
lte (Rlte
gt (Rgt
gte (Rgte
in (Rin
not_in (RnotIn!
ignore_empty (R
ignoreEmpty"!
BoolRules
const (Rconst"?
StringRules
const ( Rconst
len (Rlen
min_len (RminLen
max_len (RmaxLen
len_bytes (RlenBytes
min_bytes (RminBytes
max_bytes (RmaxBytes
pattern ( Rpattern
prefix ( Rprefix
suffix ( Rsuffix
contains ( Rcontains!
not_contains ( R
notContains
in
( Rin
not_in
( RnotIn
email
(H�Remail
hostname
(H�Rhostname
ip (H�Rip
ipv4 (H�Ripv4
ipv6 (H�Ripv6
uri (H�Ruri
uri_ref (H�RuriRef
address (H�Raddress
uuid (H�Ruuid@
well_known_regex (2.validate.KnownRegexH�RwellKnownRegex
strict (:trueRstrict!
ignore_empty (R
ignoreEmptyB
well_known"?
BytesRules
const (
Rconst
len
(Rlen
min_len (RminLen
max_len (RmaxLen
pattern ( Rpattern
prefix (
Rprefix
suffix (
Rsuffix
contains (
Rcontains
in (
Rin
not_in (
RnotIn
ip
(H�Rip
ipv4
(H�Ripv4
ipv6
(H�Ripv6!
ignore_empty (R
ignoreEmptyB
well_known"k
EnumRules
const (Rconst!
defined_only (R
definedOnly
in (Rin
not_in (RnotIn">
MessageRules
skip (Rskip
required (Rrequired"?
RepeatedRules
min_items (RminItems
max_items (RmaxItems
unique (Runique*
items (
2.validate.FieldRulesRitems!
ignore_empty (R
ignoreEmpty"?
MapRules
min_pairs (RminPairs
max_pairs (RmaxPairs
no_sparse (RnoSparse(
keys (
2.validate.FieldRulesRkeys,
values (
2.validate.FieldRulesRvalues!
ignore_empty (R
ignoreEmpty"M
AnyRules
required (Rrequired
in ( Rin
not_in ( RnotIn"?
DurationRules
required (Rrequired/
const (
2.google.protobuf.DurationRconst)
lt (
2.google.protobuf.DurationRlt+
lte (
2.google.protobuf.DurationRlte)
gt (
2.google.protobuf.DurationRgt+
gte (
2.google.protobuf.DurationRgte)
in (
2.google.protobuf.DurationRin0
not_in (
2.google.protobuf.DurationRnotIn"?
TimestampRules
required (Rrequired0
const (
2.google.protobuf.TimestampRconst*
lt (
2.google.protobuf.TimestampRlt,
lte (
2.google.protobuf.TimestampRlte*
gt (
2.google.protobuf.TimestampRgt,
gte (
2.google.protobuf.TimestampRgte
lt_now (RltNow
gt_now (RgtNow1
within (
2.google.protobuf.DurationRwithin*F
KnownRegex
UNKNOWN�
HTTP_HEADER_NAME
HTTP_HEADER_VALUE:<
disabled .google.protobuf.MessageOptions? (Rdisabled::
ignored .google.protobuf.MessageOptions? (Rignored::
required
.google.protobuf.OneofOptions? (Rrequired:J
rules
.google.protobuf.FieldOptions? (
2.validate.FieldRulesRrulesBP
io.envoyproxy.pgv.validateZ2github.com/envoyproxy/protoc-gen-validate/validateJ?
��?
��
�
�I
�I
�3
�3
��*
�(
�)
:
�/ Validation rules applied at the message level
?
�"? Disabled nullifies any validation rules for this message, including any
message fields associated with it that do support validation.
�
%
�
�
�
�
!
L
!A Ignore skips generation of validation methods for this message.
%
8
�- Validation rules applied at the oneof level
?
"} Required ensures that exactly one the field options in a oneof is set;
validation fails if no fields in the oneof are set.
#
!
8
� - Validation rules applied at the field level
?
%w Rules specify the validations to be performed on this field. By default,
no validation is performed against a field.
#
$
?
�#�A? FieldRules encapsulates the rules for each type of field. Depending on the
field, the correct set should be used to ensure proper validations.
�#
��$'
��$
��$
��$!
��$$&
��%@
��%
!
�'# Scalar Field Types
�'
�'
�'!"
�(#
�(
�(
�(!"
�)#
�)
�)
�)!"
�*#
�*
�*
�*!"
�+#
�+
�+
�+!"
�,#
�,
�,
�,!"
�-#
�-
�-
�-!"
�.#
�.
�.
�.!"
� /#
� /
� /
� /!"
�
0$
�
0
�
0
�
0!#
�
1$
�
1
�
1
�
1!#
�
2$
�
2
�
2
�
2!#
�
3$
�
3
�
3
�
3!#
�4$
�4
�4
�4!#
�5$
�5
�5
�5!#
"
�8$ Complex Field Types
�8
�8
�8!#
�9$
�9
�9
�9!#
�:$
�:
�:
�:!#
%
�=& Well-Known Field Types
�=
�=
�=#%
�>&
�>
�>
�>#%
�?&
�?
�?
�?#%
L
D�e@ FloatRules describes the constraints applied to `float` values
D
R
�F
E Const specifies that this field must be exactly the specified value
�F
�F
�F
�F
]
JP Lt specifies that this field must be less than the specified value,
exclusive
J
J
J
J
j
N] Lte specifies that this field must be less than or equal to the
specified value, inclusive
N
N
N
N
?
S? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
S
S
S
S
?
X? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
X
X
X
X
Y
\L In specifies that this field must be equal to one of the specified
values
\
\
\
\
^
`
Q NotIn specifies that this field cannot be equal to one of the specified
values
`
`
`
`
?
d#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
d
d
d
d!"
O
h�?B DoubleRules describes the constraints applied to `double` values
h
R
�j
E Const specifies that this field must be exactly the specified value
�j
�j
�j
�j
]
nP Lt specifies that this field must be less than the specified value,
exclusive
n
n
n
n
j
r
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
r
r
r
r
?
w? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
w
w
w
w
?
|
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
|
|
|
|
Z
?L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
? Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
N
?�?@ Int32Rules describes the constraints applied to `int32` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
?
Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
N
?�?@ Int64Rules describes the constraints applied to `int64` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
?
Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
P
?�?B UInt32Rules describes the constraints applied to `uint32` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
? Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
P
?�?B UInt64Rules describes the constraints applied to `uint64` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
? Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
P
?�?B SInt32Rules describes the constraints applied to `sint32` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
? Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
P
?�?B SInt64Rules describes the constraints applied to `sint64` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
? Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
R
?�?D Fixed32Rules describes the constraints applied to `fixed32` values
?
S
�? E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?
P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?
? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?
L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
? Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
R
?�?D Fixed64Rules describes the constraints applied to `fixed64` values
?
S
�? E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?
P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?
? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?
L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
? Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
T
?�?F SFixed32Rules describes the constraints applied to `sfixed32` values
?
S
�? E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?
P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?
? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?
L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
?!Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
T
?�?F SFixed64Rules describes the constraints applied to `sfixed64` values
?
S
�? E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
^
?
P Lt specifies that this field must be less than the specified value,
exclusive
?
?
?
?
k
?
] Lte specifies that this field must be less than or equal to the
specified value, inclusive
?
?
?
?
?
?
? Gt specifies that this field must be greater than the specified value,
exclusive. If the value of Gt is larger than a specified Lt or Lte, the
range is reversed.
?
?
?
?
?
?
? Gte specifies that this field must be greater than or equal to the
specified value, inclusive. If the value of Gte is larger than a
specified Lt or Lte, the range is reversed.
?
?
?
?
Z
?
L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
?!Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
L
?�?> BoolRules describes the constraints applied to `bool` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
O
?�?A StringRules describe the constraints applied to `string` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
?
?
? Len specifies that this field must be the specified number of
characters (Unicode code points). Note that the number of
characters may differ from the number of bytes in the string.
?
?
?
?
?
? ? MinLen specifies that this field must be the specified number of
characters (Unicode code points) at a minimum. Note that the number of
characters may differ from the number of bytes in the string.
?
?
?
?
?
? ? MaxLen specifies that this field must be the specified number of
characters (Unicode code points) at a maximum. Note that the number of
characters may differ from the number of bytes in the string.
?
?
?
?
X
?#J LenBytes specifies that this field must be the specified number of bytes
?
?
?
? "
f
?"X MinBytes specifies that this field must be the specified number of bytes
at a minimum
?
?
?
? !
f
?"X MaxBytes specifies that this field must be the specified number of bytes
at a maximum
?
?
?
? !
?
?!? Pattern specifies that this field must match against the specified
regular expression (RE2 syntax). The included expression should elide
any delimiters.
?
?
?
?
s
?!e Prefix specifies that this field must have the specified substring at
the beginning of the string.
?
?
?
?
m
?!_ Suffix specifies that this field must have the specified substring at
the end of the string.
?
?
?
?
m
?!_ Contains specifies that this field must have the specified substring
anywhere in the string.
?
?
?
?
r
?&d NotContains specifies that this field cannot have the specified substring
anywhere in the string.
?
?
?
?#%
Z
? L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
? Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
^
�??N WellKnown rules provide advanced constraints against common string
patterns
�?
d
?V Email specifies that the field must be a valid email address as
defined by RFC 5322
?
?
?
?
?? Hostname specifies that the field must be a valid hostname as
defined by RFC 1034. This constraint does not support
internationalized domain names (IDNs).
?
?
?
?
?? Ip specifies that the field must be a valid IP (v4 or v6) address.
Valid IPv6 addresses should not include surrounding square brackets.
?
?
?
K
?= Ipv4 specifies that the field must be a valid IPv4 address.
?
?
?
?
?? Ipv6 specifies that the field must be a valid IPv6 address. Valid
IPv6 addresses should not include surrounding square brackets.
?
?
?
b
?T Uri specifies that the field must be a valid, absolute URI as defined
by RFC 3986
?
?
?
|
?n UriRef specifies that the field must be a valid URI as defined by RFC
3986 and may be relative or absolute.
?
?
?
?
?? Address specifies that the field must be either a valid hostname as
defined by RFC 1034 (which does not support internationalized domain
names or IDNs), or it can be a valid IP (v4 or v6).
?
?
?
Z
?L Uuid specifies that the field must be a valid UUID as defined by
RFC 4122
?
?
?
X
?)J WellKnownRegex specifies a common well known pattern defined as a regex.
?
?#
?&(
?
?-? This applies to regexes HTTP_HEADER_NAME and HTTP_HEADER_VALUE to enable
strict header validation.
By default, this is true, and HTTP header validations are RFC-compliant.
Setting to false will enable a looser validations that only disallows
\r\n\0 characters, which can be used to bypass header matching rules.
?
?
?
?
?
,
?'+
?
?"s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
? !
@
�?�?2 WellKnownRegex contain some well-known patterns.
�?
��?
��?
��?
8
�?* HTTP header name as defined by RFC 7230.
�?
�?
9
�?+ HTTP header value as defined by RFC 7230.
�?
�?
M
?�?? BytesRules describe the constraints applied to `bytes` values
?
S
�?
E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?
S
?
E Len specifies that this field must be the specified number of bytes
?
?
?
?
d
? V MinLen specifies that this field must be the specified number of bytes
at a minimum
?
?
?
?
d
? V MaxLen specifies that this field must be the specified number of bytes
at a maximum
?
?
?
?
?
?!? Pattern specifies that this field must match against the specified
regular expression (RE2 syntax). The included expression should elide
any delimiters.
?
?
?
?
o
?!a Prefix specifies that this field must have the specified bytes at the
beginning of the string.
?
?
?
?
i
?![ Suffix specifies that this field must have the specified bytes at the
end of the string.
?
?
?
?
i
?![ Contains specifies that this field must have the specified bytes
anywhere in the string.
?
?
?
?
Z
?
L In specifies that this field must be equal to one of the specified
values
?
?
?
?
_
?
Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?
\
�??L WellKnown rules provide advanced constraints against common byte
patterns
�?
a
?S Ip specifies that the field must be a valid IP (v4 or v6) address in
byte format
?
?
?
Z
?L Ipv4 specifies that the field must be a valid IPv4 address in byte
format
?
?
?
Z
?L Ipv6 specifies that the field must be a valid IPv6 address in byte
format
?
?
?
?
?$s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!#
I
?�?; EnumRules describe the constraints applied to enum values
?
S
�?$E Const specifies that this field must be exactly the specified value
�?
�?
�?
�?"#
?
?$~ DefinedOnly specifies that this field must be only one of the defined
values for this enum, failing on any undefined value.
?
?
?
?"#
Z
?$L In specifies that this field must be equal to one of the specified
values
?
?
?
?"#
_
?$Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
?
?"#
?
?�?? MessageRules describe the constraints applied to embedded message values.
For message-type fields, validation is performed recursively.
?
_
�? Q Skip specifies that the validation rules of this field should not be
evaluated
�?
�?
�?
�?
>
? 0 Required specifies that this field must be set
?
?
?
?
S
?�?E RepeatedRules describe the constraints applied to `repeated` values
?
h
�?"Z MinItems specifies that this field must have the specified number of
items at a minimum
�?
�?
�?
�? !
h
?"Z MaxItems specifies that this field must have the specified number of
items at a maximum
?
?
?
? !
?
?"? Unique specifies that all elements in this field must be unique. This
constraint is only applicable to scalar and enum types (messages are not
supported).
?
?
?
? !
?
?"? Items specifies the constraints to be applied to each item in the field.
Repeated message fields will still execute validation against each item
unless skip is specified here.
?
?
?
? !
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
I
?�?; MapRules describe the constraints applied to `map` values
?
f
�?"X MinPairs specifies that this field must have the specified number of
KVs at a minimum
�?
�?
�?
�? !
f
?"X MaxPairs specifies that this field must have the specified number of
KVs at a maximum
?
?
?
? !
~
? p NoSparse specifies values in this field cannot be unset. This only
applies to map's with message value types.
?
?
?
?
V
?#H Keys specifies the constraints to be applied to each key in the field.
?
?
?
?!"
?
?#? Values specifies the constraints to be applied to the value of each key
in the field. Message values will still have their validations evaluated
unless skip is specified here.
?
?
?
?!"
?
?#s IgnoreEmpty specifies that the validation rules of this field should be
evaluated only if the field is not empty
?
?
?
?!"
o
?�?a AnyRules describe constraints applied exclusively to the
`google.protobuf.Any` well-known type
?
>
�? 0 Required specifies that this field must be set
�?
�?
�?
�?
h
? Z In specifies that this field's `type_url` must be equal to one of the
specified values.
?
?
?
?
o
? a NotIn specifies that this field's `type_url` must not be equal to any of
the specified values.
?
?
?
?
}
?�?o DurationRules describe the constraints applied exclusively to the
`google.protobuf.Duration` well-known type
?
>
�? 0 Required specifies that this field must be set
�?
�?
�?
�?
S
?0E Const specifies that this field must be exactly the specified value
?
?
%
?&+
?./
^
?-P Lt specifies that this field must be less than the specified value,
exclusive
?
?
%
?&(
?+,
^
?.P Lt specifies that this field must be less than the specified value,
inclusive
?
?
%
?&)
?,-
a
?-S Gt specifies that this field must be greater than the specified value,
exclusive
?
?
%
?&(
?+,
b
?.T Gte specifies that this field must be greater than the specified value,
inclusive
?
?
%
?&)
?,-
Z
?-L In specifies that this field must be equal to one of the specified
values
?
?
%
?&(
?+,
_
?1Q NotIn specifies that this field cannot be equal to one of the specified
values
?
?
%
?&,
?/0
?�?q TimestampRules describe the constraints applied exclusively to the
`google.protobuf.Timestamp` well-known type
?
>
�? 0 Required specifies that this field must be set
�?
�?
�?
�?
S
?1E Const specifies that this field must be exactly the specified value
?
?
&
?',
?/0
^
?.P Lt specifies that this field must be less than the specified value,
exclusive
?
?
&
?')
?,-
_
?/Q Lte specifies that this field must be less than the specified value,
inclusive
?
?
&
?'*
?-.
a
?.S Gt specifies that this field must be greater than the specified value,
exclusive
?
?
&
?')
?,-
b
?/T Gte specifies that this field must be greater than the specified value,
inclusive
?
?
&
?'*
?-.
{
?
m LtNow specifies that this must be less than the current time. LtNow
can only be used with the Within rule.
?
?
?
?
~
?
p GtNow specifies that this must be greater than the current time. GtNow
can only be used with the Within rule.
?
?
?
?
?
?1? Within specifies that this field must be within this duration of the
current time. This constraint can be used alone or with the LtNow and
GtNow rules.
?
?
%
?&,
?/0
?
$envoy/config/core/v3/extension.protoenvoy.config.core.v3google/protobuf/any.proto
udpa/annotations/status.protovalidate/validate.proto"v
TypedExtensionConfig
name ( B?BrRnameA
typed_config (
2.google.protobuf.AnyB?B?R
typedConfigB?
"io.envoyproxy.envoy.config.core.v3BExtensionProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?
��
��
�
��#
�'
�!
�;
�;
�/
�/
�"
�"
�Y
�Y
�F
???j
�F
?
�� ? Message type for extension configuration.
[#next-major-version: revisit all existing typed_config that doesn't use this wrapper.].
2, [#protodoc-title: Extension configuration]
�
?
��;z The name of an extension. This is not used to select the extension, instead
it serves the role of an opaque identifier.
��
��
��
��:
��?9
?
�
Q? The typed config for the extension. The type URL will be used to identify
the extension. In the case that the type URL is ``xds.type.v3.TypedStruct``
(or, for historical reasons, ``udpa.type.v1.TypedStruct``), the inner type
URL of ``TypedStruct`` will be utilized. See the
:ref:`extension configuration overview
` for further details.
�
�
"
�
%&
�
'P
�?
(Obproto3
?
!udpa/annotations/versioning.protoudpa.annotations google/protobuf/descriptor.proto"J
VersioningAnnotation2
previous_message_type ( RpreviousMessageType:j
versioning .google.protobuf.MessageOptionsӈ? (
2&.udpa.annotations.VersioningAnnotationR
versioningB)Z'github.com/cncf/xds/go/udpa/annotationsJ?
�
?
�2? THIS FILE IS DEPRECATED
Users should instead use the corresponding proto in the xds tree.
No new changes will be accepted here.
�
��*
�>
�>
�
G
�,< Magic number derived from 0x78 ('x') 0x44 ('D') 0x53 ('S')
�
%
�
�!
�$+
��
�
?
��#? Track the previous message type. E.g. this message might be
udpa.foo.v3alpha.Foo and it was previously udpa.bar.v2.Bar. This
information is consumed by UDPA via proto descriptors.
��
��
��!"bproto3
?
(envoy/config/core/v3/socket_option.protoenvoy.config.core.v3
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
SocketOption
description ( R
description
level (Rlevel
name (Rname
int_value (H�RintValue
buf_value (
H�RbufValueN
state (2..envoy.config.core.v3.SocketOption.SocketStateB?B?Rstate"F
SocketState
STATE_PREBIND�
STATE_BOUND
STATE_LISTENING:%?ň
envoy.api.v2.core.SocketOptionB
value?B"b
SocketOptionsOverrideI
socket_options (
2".envoy.config.core.v3.SocketOptionR
socketOptionsB?
"io.envoyproxy.envoy.config.core.v3BSocketOptionProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?
��P
��
�
��'
�+
�!
�;
�;
�2
�2
�"
�"
�Y
�Y
�F
???j
�F
?
�'�L? Generic socket option message. This would be used to set socket options that
might not exist in upstream kernels or precompiled Envoy binaries.
For example:
.. code-block:: json
{
"description": "support tcp keep alive",
"state": 0,
"level": 1,
"name": 9,
"int_value": 1,
}
1 means SOL_SOCKET and 9 means SO_KEEPALIVE on Linux.
With the above configuration, `TCP Keep-Alives `_
can be enabled in socket with Linux, which can be used in
:ref:`listener's` or
:ref:`admin's ` socket_options etc.
It should be noted that the name or level may have different values on different platforms.
[#next-free-field: 7]
2" [#protodoc-title: Socket option]
�'
�(`
�ӈ?(`
��*3
��*
i
���,Z Socket options are applied after socket creation but before binding the socket to a port
���,
���,
j
��/[ Socket options are applied after binding the socket to a port but before calling listen()
��/
��/
B
��23 Socket options are applied after calling listen()
��2
��2
?
��7? An optional name to give this socket option for debugging, etc.
Uniqueness is not required and no special meaning is assumed.
��7
��7
��7
Y
�:L Corresponding to the level value passed to setsockopt, such as IPPROTO_TCP
�:
�:
�:
7
�=* The numeric name as passed to setsockopt
�=
�=
�=
��?G
��?
��@&
��?@&
7
�C* Because many sockopts take an int value.
�C
�C
�C
,
�F Otherwise it's a byte buffer.
�F
�F
�F
?
�KGz The state in which the option will be applied. When used in BindConfig
STATE_PREBIND is currently the only valid value.
�K
�K
�K
�KF
�?KE
N�P
N
�O+
�O
�O
�O&
�O)*bproto3
?#
google/protobuf/wrappers.protogoogle.protobuf"#
DoubleValue
value (Rvalue""
FloatValue
value (Rvalue""
Int64Value
value (Rvalue"#
UInt64Value
value (Rvalue""
Int32Value
value (Rvalue"#
UInt32Value
value (
Rvalue"!
BoolValue
value (Rvalue"#
StringValue
value ( Rvalue""
BytesValue
value (
RvalueB?
com.google.protobufB
WrappersProtoPZ1google.golang.org/protobuf/types/known/wrapperspb??GPB?
Google.Protobuf.WellKnownTypesJ?
(�z
?
(�2? Protocol Buffers - Google's data interchange format
Copyright 2008 Google Inc. All rights reserved.
https://developers.google.com/protocol-buffers/
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Wrappers for primitive (non-message) types. These types are useful
for embedding primitives in the `google.protobuf.Any` type and for places
where we need to distinguish between the absence of a primitive
typed field and its default value.
These wrappers have no meaningful use within repeated fields as they lack
the ability to detect presence on individual elements.
These wrappers have no meaningful use within a map or a oneof since
individual entries of a map or fields of a oneof can already detect presence.
*�
,�
,�
-�H
-�H
.�,
.�,
/�.
/�.
0�"
0�"
1�!
$1�!
2�;
%2�;
g
�7�:[ Wrapper message for `double`.
The JSON representation for `DoubleValue` is JSON number.
�7
��9 The double value.
��9
��9
��9
e
?�BY Wrapper message for `float`.
The JSON representation for `FloatValue` is JSON number.
?
�A The float value.
�A
�A
�A
e
G�JY Wrapper message for `int64`.
The JSON representation for `Int64Value` is JSON string.
G
�I The int64 value.
�I
�I
�I
g
O�R[ Wrapper message for `uint64`.
The JSON representation for `UInt64Value` is JSON string.
O
�Q The uint64 value.
�Q
�Q
�Q
e
W�ZY Wrapper message for `int32`.
The JSON representation for `Int32Value` is JSON number.
W
�Y The int32 value.
�Y
�Y
�Y
g
_�b[ Wrapper message for `uint32`.
The JSON representation for `UInt32Value` is JSON number.
_
�a The uint32 value.
�a
�a
�a
o
g�jc Wrapper message for `bool`.
The JSON representation for `BoolValue` is JSON `true` and `false`.
g
�i The bool value.
�i
�i
�i
g
o�r[ Wrapper message for `string`.
The JSON representation for `StringValue` is JSON string.
o
�q The string value.
�q
�q
�q
e
w�zY Wrapper message for `bytes`.
The JSON representation for `BytesValue` is JSON string.
w
�y The bytes value.
�y
�y
�ybproto3
?
#envoy/annotations/deprecation.protoenvoy.annotations google/protobuf/descriptor.proto:T
disallowed_by_default
.google.protobuf.FieldOptions筮Z (RdisallowedByDefault:_
deprecated_at_minor_version
.google.protobuf.FieldOptions??K ( RdeprecatedAtMinorVersion:a
disallowed_by_default_enum!.google.protobuf.EnumValueOptions?ζ! (RdisallowedByDefaultEnum:l
deprecated_at_minor_version_enum!.google.protobuf.EnumValueOptions???V ( R
deprecatedAtMinorVersionEnumB:Z8github.com/envoyproxy/go-control-plane/envoy/annotationsJ?
��!
��
�
�O
�O
��*
?
�? Magic number in this file derived from top 28bit of SHA256 digest of
"envoy.annotation.disallowed_by_default" and "envoy.annotation.deprecated_at_minor_version"
2? [#protodoc-title: Deprecation]
Adds annotations for deprecated fields and enums to allow tagging proto
fields as fatal by default and the minor version on which the field was
deprecated. One Envoy release after deprecation, deprecated fields will be
disallowed by default, a state which is reversible with
:ref:`runtime overrides `.
�)
�#
�
�
� (
?
1{ The API major and minor version on which the field was deprecated
(e.g., "3.5" for major version 3 and minor version 5).
#
$
'0
?
�!? Magic number in this file derived from top 28bit of SHA256 digest of
"envoy.annotation.disallowed_by_default_enum" and
"envoy.annotation.deprecated_at_minor_version_eum"
-
'
!
$,
?
6? The API major and minor version on which the enum value was deprecated
(e.g., "3.5" for major version 3 and minor version 5).
'
)
,5bproto3
?U
"envoy/config/core/v3/address.protoenvoy.config.core.v3$envoy/config/core/v3/extension.proto(envoy/config/core/v3/socket_option.proto
google/protobuf/wrappers.proto#envoy/annotations/deprecation.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"`
Pipe
path ( B?BrRpath
mode (
B?B*?Rmode:
?ň
envoy.api.v2.core.Pipe"?
EnvoyInternalAddress2
server_listener_name ( H�RserverListenerName
endpoint_id ( R
endpointIdB
address_name_specifier?B"?
SocketAddressR
protocol (2,.envoy.config.core.v3.SocketAddress.ProtocolB?B?Rprotocol!
address ( B?BrRaddress*
port_value (
B ?B*??H�R portValue
named_port ( H�R namedPort#
resolver_name ( R
resolverName
ipv4_compat (R
ipv4Compat"
Protocol
TCP�
UDP:&?ň
!
envoy.api.v2.core.SocketAddressB
port_specifier?B"?
TcpKeepaliveG
keepalive_probes (
2
.google.protobuf.UInt32ValueRkeepaliveProbesC
keepalive_time (
2
.google.protobuf.UInt32ValueR
keepaliveTimeK
keepalive_interval (
2
.google.protobuf.UInt32ValueRkeepaliveInterval:%?ň
envoy.api.v2.core.TcpKeepalive"?
ExtraSourceAddressG
address (
2#.envoy.config.core.v3.SocketAddressB?B?RaddressR
socket_options (
2+.envoy.config.core.v3.SocketOptionsOverrideR
socketOptions"?
BindConfigJ
source_address (
2#.envoy.config.core.v3.SocketAddressR
sourceAddress6
freebind (
2.google.protobuf.BoolValueRfreebindI
socket_options (
2".envoy.config.core.v3.SocketOptionR
socketOptions^
extra_source_addresses (
2(.envoy.config.core.v3.ExtraSourceAddressRextraSourceAddressesp
additional_source_addresses (
2#.envoy.config.core.v3.SocketAddressB
?dž?3.0RadditionalSourceAddresses`
local_address_selector (
2*.envoy.config.core.v3.TypedExtensionConfigRlocalAddressSelector:#?ň
envoy.api.v2.core.BindConfig"?
AddressL
socket_address (
2#.envoy.config.core.v3.SocketAddressH�R
socketAddress0
pipe (
2.envoy.config.core.v3.PipeH�Rpipeb
envoy_internal_address (
2*.envoy.config.core.v3.EnvoyInternalAddressH�RenvoyInternalAddress: ?ň
envoy.api.v2.core.AddressB
address?B"?
CidrRange.
address_prefix ( B?BrR
addressPrefixE
prefix_len (
2
.google.protobuf.UInt32ValueB?B*?R prefixLen:"?ň
envoy.api.v2.core.CidrRangeB?
"io.envoyproxy.envoy.config.core.v3B
AddressProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?B
��?
��
�
��.
�2
�(
�-
�'
�+
�!
�;
�;
�-
�-
�"
�"
�Y
�Y
�F
???j�F
2
��!2& [#protodoc-title: Network addresses]
�
�X
�ӈ?X
?
��
;? Unix Domain Socket path. On Linux, paths starting with '@' will use the
abstract namespace. The starting '@' is replaced by a null byte by Envoy.
Paths starting with '@' will result in an error in environments other than
Linux.
��
��
��
��
:
��?
9
J
� 9= The mode for the Pipe. Not applicable for abstract sockets.
�
�
�
� 8
�? 7
?
%�2? The address represents an envoy internal listener.
[#comment: TODO(asraa): When address available, remove workaround from test/server/server_fuzz_test.cc:30.]
%
�&,
�&
�'&
�?'&
y
�+$l Specifies the :ref:`name ` of the
internal listener.
�+
�+
�+"#
?
1? Specifies an endpoint identifier to distinguish between multiple endpoints for the same internal listener in a
single upstream pool. Only used in the upstream addresses for tracking changes to individual endpoints. This, for
example, may be set to the final destination IP for the target internal listener.
1
1
1
#
5�c [#next-free-field: 7]
5
6a
ӈ?6a
�8;
�8
��9
��9
��9
�:
�:
�:
�=G
�=
�=
�=
�=F
�?=E
?
J>? The address for this socket. :ref:`Listeners ` will bind
to the address. An empty address is not allowed. Specify ``0.0.0.0`` or ``::``
to bind to any address. [#comment:TODO(zuercher) reinstate when implemented:
It is possible to distinguish a Listener address via the prefix/suffix matching
in :ref:`FilterChainMatch `.] When used
within an upstream :ref:`BindConfig `, the address
controls the source address of outbound connections. For :ref:`clusters
`, the cluster type determines whether the
address must be an IP (``STATIC`` or ``EDS`` clusters) or a hostname resolved by DNS
(``STRICT_DNS`` or ``LOGICAL_DNS`` clusters). Address resolution can be customized
via :ref:`resolver_name `.
J
J
J
J=
?J<
�LU
�L
�M&
�?M&
OC
O
O
O
OB
?OA
?
T? This is only valid if :ref:`resolver_name
` is specified below and the
named resolver is capable of named port resolution.
T
T
T
?
\? The name of the custom resolver. This must have been registered with Envoy. If
this is empty, a context dependent default applies. If the address is a concrete
IP address, no resolution will occur. If address is a hostname this
should be set for resolution other than DNS. Specifying a custom resolver with
``STRICT_DNS`` or ``LOGICAL_DNS`` will generate an error at runtime.
\
\
\
?
b? When binding to an IPv6 address above, this enables `IPv4 compatibility
`_. Binding to ``::`` will
allow both IPv4 and IPv6 connections, with peer IPv4 addresses mapped into
IPv6 space as ``::FFFF:``.
b
b
b
e�u
e
f`
ӈ?f`
?
�k3? Maximum number of keepalive probes to send without response before deciding
the connection is dead. Default is to use the OS level configuration (unless
overridden, Linux defaults to 9.)
�k
�k
.
�k12
?
p1? The number of seconds a connection needs to be idle before keep-alive probes
start being sent. Default is to use the OS level configuration (unless
overridden, Linux defaults to 7200s (i.e., 2 hours.)
p
p
,
p/0
?
t5? The number of seconds between keep-alive probes. Default is to use the OS
level configuration (unless overridden, Linux defaults to 75s.)
t
t
0
t34
w�?
w
.
�yJ! The additional address to bind.
�y
�y
�y
�y
I
�?y
H
?
?+? Additional socket options that may not be present in Envoy source code or
precompiled binaries. If specified, this will override the
:ref:`socket_options `
in the BindConfig. If specified with no
:ref:`socket_options `
or an empty list of :ref:`socket_options `,
it means no socket option will apply.
?
?&
?)*
%
?�? [#next-free-field: 7]
?
?^
ӈ??^
>
�?#0 The address to bind to when creating a socket.
�?
�?
�?!"
?
?)? Whether to set the ``IP_FREEBIND`` option when creating the socket. When this
flag is set to true, allows the :ref:`source_address
` to be an IP address
that is not configured on the system running Envoy. When this flag is set
to false, the option ``IP_FREEBIND`` is disabled on the socket. When this
flag is not set (default), the socket is not modified, i.e. the option is
neither enabled nor disabled.
?
?
$
?'(
p
?+b Additional socket options that may not be present in Envoy source code or
precompiled binaries.
?
?
?&
?)*
?
?9? Extra source addresses appended to the address specified in the ``source_address``
field. This enables to specify multiple source addresses.
The source address selection is determined by :ref:`local_address_selector
`.
?
?
?
4
?78
?
??St Deprecated by
:ref:`extra_source_addresses `
?
?
?4
?78
?R
?
??K?Q
?
?2? Custom local address selector to override the default (i.e.
:ref:`DefaultLocalAddressSelector
`).
[#extension-category: envoy.upstream.local_address_selector]
?
?-
?01
?
?�?? Addresses specify either a logical or physical address and port, which are
used to tell Envoy where to bind/listen, connect to upstream and find
management servers.
?
?[
ӈ??[
�??
�?
�?&
�??&
�?%
�?
�?
�?#$
?
?
?
?
?
?4? Specifies a user-space address handled by :ref:`internal listeners
`.
?
?/
?23
?
?�?? CidrRange specifies an IP Address and a prefix length to construct
the subnet mask for a `CIDR `_ range.
?
?]
ӈ??]
K
�?E= IPv4 or IPv6 address, e.g. ``192.0.0.0`` or ``2001:db8::``.
�?
�?
�?
�?
D
�??
C
G
?T9 Length of prefix, e.g. 0, 32. Defaults to 0 when unset.
?
?
(
?+,
?-S
??.Rbproto3
?
"envoy/config/core/v3/backoff.protoenvoy.config.core.v3
google/protobuf/duration.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
BackoffStrategyN
base_interval (
2.google.protobuf.DurationB?B
?2??=R
baseIntervalF
max_interval (
2.google.protobuf.DurationB?B?*�R
maxInterval:(?ň
#
!envoy.api.v2.core.BackoffStrategyB?
"io.envoyproxy.envoy.config.core.v3B
BackoffProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?
��$
��
�
��(
�'
�+
�!
�;
�;
�-
�-
�"
�"
�Y
�Y
�F
???j�F
u
��$B Configuration defining a jittered exponential back off strategy.
2% [#protodoc-title: Backoff strategy]
�
�c
�ӈ?c
?
��
? The base interval to be used for the next back off computation. It should
be greater than zero and less than or equal to :ref:`max_interval
`.
��
��(
��+,
��-
��?.
?
�#R? Specifies the maximum interval between retries. This parameter is optional,
but must be greater than or equal to the :ref:`base_interval
` if set. The default
is 10 times the :ref:`base_interval
`.
�#
�#'
�#*+
�#,Q
�?#-Pbproto3
?
#envoy/config/core/v3/http_uri.protoenvoy.config.core.v3
google/protobuf/duration.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
HttpUri
uri ( B?BrRuri#
cluster ( B?BrH�RclusterG
timeout (
2.google.protobuf.DurationB?B?
????2�Rtimeout: ?ň
envoy.api.v2.core.HttpUriB
http_upstream_type?BB?
"io.envoyproxy.envoy.config.core.v3B
HttpUriProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?
��9
��
�
��(
�'
�+
�!
�;
�;
�-
�-
�"
�"
�Y
�Y
�F
???j�F
S
��9 Envoy external URI descriptor
2& [#protodoc-title: HTTP service URI ]
�
�[
�ӈ?[
?
��
:? The HTTP server URI. It should be a full FQDN with protocol, host and path.
Example:
.. code-block:: yaml
uri: https://www.googleapis.com/oauth2/v1/certs
��
��
��
��
9
��?
8
?
��$1? Specify how ``uri`` is to be fetched. Today, this requires an explicit
cluster, but in the future we may support dynamic cluster creation or
inline DNS resolution. See `issue
`_.
��$
��%&
��?%&
?
�0@? A cluster is created in the Envoy "cluster_manager" config
section. This field specifies the cluster name.
Example:
.. code-block:: yaml
cluster: jwks_cluster
�0
�0
�0
�0?
�?0>
j
�48\ Sets the maximum duration in milliseconds that a response can take to arrive upon request.
�4
�4"
�4%&
�4'8
�?4(8bproto3
?
envoy/type/v3/percent.proto
envoy.type.v3
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"S
Percent-
value (B?B������Y@)��������Rvalue:?ň
envoy.type.Percent"?
FractionalPercent
numerator (
R numerator\
denominator (20.envoy.type.v3.FractionalPercent.DenominatorTypeB?B?R
denominator"=
DenominatorType
HUNDRED�
TEN_THOUSAND
MILLION:#?ň
envoy.type.FractionalPercentBr
io.envoyproxy.envoy.type.v3B
PercentProtoPZ;github.com/envoyproxy/go-control-plane/envoy/type/v3;typev3????J?
��8
��
�
��'
�+
�!
�4
�4
�-
�-
�"
�"
�R
�R
�F
???j
�F
_
��5 Identifies a percentage, in the range [0.0, 100.0].
2
[#protodoc-title: Percent]
�
�T
�ӈ?T
��E
��
��
��
��D
��?C
?
�8? A fractional percentage is used in cases in which for performance reasons performing floating
point to integer conversions during randomness calculations is undesirable. The message includes
both a numerator and denominator that together determine the final fractional value.
* **Example**: 1/100 = 1%.
* **Example**: 3/10000 = 0.03%.
^
ӈ?
^
N
�!0@ Fraction percentages support several fixed denominator values.
�!
0
��%! 100.
**Example**: 1/100 = 1%.
��%
��%
8
�*) 10,000.
**Example**: 1/10000 = 0.01%.
�*
�*
?
�/0 1,000,000.
**Example**: 1/1000000 = 0.0001%.
�/
�/
6
�3) Specifies the numerator. Defaults to 0.
�3
�3
�3
?
7Q? Specifies the denominator. If the denominator specified is less than the numerator, the final
fractional percentage is capped at 1 (100%).
7
7
7 !
7"P
?7#Obproto3
?
$envoy/type/v3/semantic_version.proto
envoy.type.v3
udpa/annotations/status.proto!udpa/annotations/versioning.proto"?
SemanticVersion!
major_number (
R
majorNumber!
minor_number (
R
minorNumber
patch (
Rpatch:!?ň
envoy.type.SemanticVersionBz
io.envoyproxy.envoy.type.v3BSemanticVersionProtoPZ;github.com/envoyproxy/go-control-plane/envoy/type/v3;typev3????J?
��
��
�
��'
�+
�4
�4
�5
�5
�"
�"
�R
�R
�F
???j
�F
?
��? Envoy uses SemVer (https://semver.org/). Major/minor versions indicate
expected behaviors and APIs, the patch version field is used only
for security fixes and can be generally ignored.
2% [#protodoc-title: Semantic version]
�
�\
�ӈ?\
��
��
��
��
�
�
�
�
�
�
�
�bproto3
?"
google/protobuf/struct.protogoogle.protobuf"?
Struct;
fields (
2#.google.protobuf.Struct.FieldsEntryRfieldsQ
FieldsEntry
key ( Rkey,
value (
2.google.protobuf.ValueRvalue:8"?
Value;
null_value (2.google.protobuf.NullValueH�R nullValue#
number_value (H�R
numberValue#
string_value ( H�R
stringValue
bool_value (H�R boolValue<
struct_value (
2.google.protobuf.StructH�R
structValue;
list_value (
2.google.protobuf.ListValueH�R listValueB
kind";
ListValue.
values (
2.google.protobuf.ValueRvalues*
NullValue
NULL_VALUE�B
com.google.protobufB
StructProtoPZ/google.golang.org/protobuf/types/known/structpb??GPB?
Google.Protobuf.WellKnownTypesJ?
�^
?
�2?
Protocol Buffers - Google's data interchange format
Copyright 2008 Google Inc. All rights reserved.
https://developers.google.com/protocol-buffers/
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
�
"�
"�
#�F
#�F
$�,
$�,
%�,
%�,
&�"
&�"
'�!
$'�!
(�;
%(�;
?
�2�5? `Struct` represents a structured data value, consisting of fields
which map to dynamically typed values. In some languages, `Struct`
might be supported by a native representation. For example, in
scripting languages like JS a struct is represented as an
object. The details of that representation are described together
with the proto support for the language.
The JSON representation for `Struct` is JSON object.
�2
9
��4 , Unordered map of dynamically typed values.
��4
��4
��4
?
=�M? `Value` represents a dynamically typed value which can be either
null, a number, a string, a boolean, a recursive struct value, or a
list of values. A producer of value is expected to set one of these
variants. Absence of any variant indicates an error.
The JSON representation for `Value` is JSON value.
=
"
�?L The kind of value.
�?
'
�A
Represents a null value.
�A
�A
�A
)
C
Represents a double value.
C
C
C
)
E
Represents a string value.
E
E
E
*
G
Represents a boolean value.
G
G
G
-
I
Represents a structured value.
I
I
I
-
K
Represents a repeated `Value`.
K
K
K
?
�S�V? `NullValue` is a singleton enumeration to represent the null value for the
`Value` type union.
The JSON representation for `NullValue` is JSON `null`.
�S
��U
Null value.
��U
��U
?
[�^v `ListValue` is a wrapper around a repeated field of values.
The JSON representation for `ListValue` is JSON array.
[
:
�]
- Repeated field of dynamically typed values.
�]
�]
�]
�]bproto3
?
xds/annotations/v3/status.protoxds.annotations.v3 google/protobuf/descriptor.proto"@
FileStatusAnnotation(
work_in_progress (RworkInProgress"C
MessageStatusAnnotation(
work_in_progress (RworkInProgress"A
FieldStatusAnnotation(
work_in_progress (RworkInProgress"?
StatusAnnotation(
work_in_progress (RworkInProgress^
package_version_status (2(.xds.annotations.v3.PackageVersionStatusRpackageVersionStatus*]
PackageVersionStatus
UNKNOWN�
FROZEN
ACTIVE
NEXT_MAJOR_VERSION_CANDIDATE:j
file_status
.google.protobuf.FileOptions?Ȕl (
2(.xds.annotations.v3.FileStatusAnnotationR
fileStatus:v
message_status .google.protobuf.MessageOptions?Ȕl (
2+.xds.annotations.v3.MessageStatusAnnotationR
messageStatus:n
field_status
.google.protobuf.FieldOptions?Ȕl (
2).xds.annotations.v3.FieldStatusAnnotationR
fieldStatusB+Z)github.com/cncf/xds/go/xds/annotations/v3J?
��:
��
�
��*
�@
�@
o
�
d Magic number in this file derived from top 28bit of SHA256 digest of
"xds.annotations.v3.status".
�
/
�
"
�
�
"
�
%.
�
5
%
(
+4
�
1
#
$
'0
��
�
N
��
A The entity is work-in-progress and subject to breaking changes.
��
��
��
�
N
�
A The entity is work-in-progress and subject to breaking changes.
�
�
�
�#
N
�"
A The entity is work-in-progress and subject to breaking changes.
�"
�"
�"
�%�2
�%
.
��'! Unknown package version status.
��'
��'
5
�*
( This version of the package is frozen.
�*
�*
M
�-
@ This version of the package is the active development version.
�-
�-
?
�1#? This version of the package is the candidate for the next major version. It
is typically machine generated from the active development version.
�1
�1!"
4�:
4
N
�6
A The entity is work-in-progress and subject to breaking changes.
�6
�6
�6
M
92@ The entity belongs to a package with the given version status.
9
9-
901bproto3
?
xds/core/v3/context_params.proto
xds.core.v3 xds/annotations/v3/status.proto"?
ContextParams>
params (
2&.xds.core.v3.ContextParams.ParamsEntryRparams9
ParamsEntry
key ( Rkey
value ( Rvalue:8BZ
com.github.xds.core.v3BContextParamsProtoPZ"github.com/cncf/xds/go/xds/core/v3?Ƥ?J?
��
��
�
��)
�3
�3
�"
�"
�/
�/
�9
�9
�@
?Ȕl
�@
?
��? Additional parameters that can be used to select resource variants. These include any
global context parameters, per-resource type client feature capabilities and per-resource
type functional attributes. All per-resource type attributes will be `xds.resource.`
prefixed and some of these are documented below:
`xds.resource.listening_address`: The value is "IP:port" (e.g. "10.1.1.3:8080") which is
the listening address of a Listener. Used in a Listener resource query.
�
��#
��
��
��!"bproto3
?
udpa/annotations/migrate.protoudpa.annotations google/protobuf/descriptor.proto"+
MigrateAnnotation
rename ( Rrename"Y
FieldMigrateAnnotation
rename ( Rrename'
oneof_promotion ( RoneofPromotion"?
FileMigrateAnnotation&
move_to_package ( R
moveToPackage:p
message_migrate .google.protobuf.MessageOptions???Q (
2#.udpa.annotations.MigrateAnnotationRmessageMigrate:o
field_migrate
.google.protobuf.FieldOptions???Q (
2(.udpa.annotations.FieldMigrateAnnotationR
fieldMigrate:g
enum_migrate
.google.protobuf.EnumOptions???Q (
2#.udpa.annotations.MigrateAnnotationR
enumMigrate:w
enum_value_migrate!.google.protobuf.EnumValueOptions???Q (
2#.udpa.annotations.MigrateAnnotationRenumValueMigrate:k
file_migrate
.google.protobuf.FileOptions???Q (
2'.udpa.annotations.FileMigrateAnnotationR
fileMigrateB)Z'github.com/cncf/xds/go/udpa/annotationsJ?
�6
?
�2? THIS FILE IS DEPRECATED
Users should instead use the corresponding proto in the xds tree.
No new changes will be accepted here.
�
��*
�>
�>
m
�2b Magic number in this file derived from top 28bit of SHA256 digest of
"udpa.annotation.migrate".
�0
�%
�
�#
�&/
�
3
#
&
)2
�
-
"
#,
�
3
'
&
)2
�!
1
"
$
'0
�#�&
�#
B
��%5 Rename the message/enum/enum value in next version.
��%
��%
��%
(�0
(
0
�*# Rename the field in next version.
�*
�*
�*
?
/
? Add the field to a named oneof in next version. If this already exists, the
field will join its siblings under the oneof, otherwise a new oneof will be
created with the given name.
/
/
/
2�6
2
e
�5
X Move all types in the file to another package, this implies changing proto
file path.
�5
�5
�5
bproto3
??
envoy/config/core/v3/base.protoenvoy.config.core.v3"envoy/config/core/v3/address.proto"envoy/config/core/v3/backoff.proto#envoy/config/core/v3/http_uri.protoenvoy/type/v3/percent.proto$envoy/type/v3/semantic_version.protogoogle/protobuf/any.proto
google/protobuf/struct.proto
google/protobuf/wrappers.proto xds/core/v3/context_params.proto#envoy/annotations/deprecation.proto
udpa/annotations/migrate.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"t
Locality
region ( Rregion
zone ( Rzone
sub_zone ( RsubZone:!?ň
envoy.api.v2.core.Locality"?
BuildVersion8
version (
2
.envoy.type.v3.SemanticVersionRversion3
metadata (
2.google.protobuf.StructRmetadata:%?ň
envoy.api.v2.core.BuildVersion"?
Extension
name ( Rname
category ( Rcategory4
type_descriptor ( B
?dž?3.0RtypeDescriptor<
version (
2".envoy.config.core.v3.BuildVersionRversion
disabled (Rdisabled
type_urls ( RtypeUrls:"?ň
envoy.api.v2.core.Extension"?
Node
id ( Rid
cluster ( Rcluster3
metadata (
2.google.protobuf.StructRmetadata`
dynamic_parameters
(
21.envoy.config.core.v3.Node.DynamicParametersEntryRdynamicParameters:
locality (
2
.envoy.config.core.v3.LocalityRlocality&
user_agent_name ( R
userAgentName.
user_agent_version ( H�RuserAgentVersion]
user_agent_build_version (
2".envoy.config.core.v3.BuildVersionH�RuserAgentBuildVersion?
extensions (
2 .envoy.config.core.v3.ExtensionR
extensions'
client_features
( RclientFeatures[
listening_addresses
(
2
.envoy.config.core.v3.AddressB
?dž?3.0RlisteningAddresses`
DynamicParametersEntry
key ( Rkey0
value (
2.xds.core.v3.ContextParamsRvalue:8:
?ň
envoy.api.v2.core.NodeB
user_agent_version_typeJR
build_version"?
Metadatai
filter_metadata (
22.envoy.config.core.v3.Metadata.FilterMetadataEntryB
?B ?"rRfilterMetadatay
typed_filter_metadata (
27.envoy.config.core.v3.Metadata.TypedFilterMetadataEntryB
?B ?"rRtypedFilterMetadataZ
FilterMetadataEntry
key ( Rkey-
value (
2.google.protobuf.StructRvalue:8\
TypedFilterMetadataEntry
key ( Rkey*
value (
2.google.protobuf.AnyRvalue:8:!?ň
envoy.api.v2.core.Metadata"?
RuntimeUInt32#
default_value (
R
defaultValue(
runtime_key ( B?BrR
runtimeKey:&?ň
!
envoy.api.v2.core.RuntimeUInt32"w
RuntimePercent;
default_value (
2.envoy.type.v3.PercentR
defaultValue(
runtime_key ( B?BrR
runtimeKey"?
RuntimeDouble#
default_value (R
defaultValue(
runtime_key ( B?BrR
runtimeKey:&?ň
!
envoy.api.v2.core.RuntimeDouble"?
RuntimeFeatureFlagI
default_value (
2.google.protobuf.BoolValueB?B?R
defaultValue(
runtime_key ( B?BrR
runtimeKey:+?ň
&
$envoy.api.v2.core.RuntimeFeatureFlag"A
QueryParameter
key ( B?BrRkey
value ( Rvalue"?
HeaderValue#
key ( B?Br
(????�Rkey7
value ( B!?B
r
(????�???
value_typeRvalue:
raw_value (
B
?Bz�?????
value_typeRrawValue:$?ň
envoy.api.v2.core.HeaderValue"?
HeaderValueOptionC
header (
2!.envoy.config.core.v3.HeaderValueB?B?Rheader?
append (
2.google.protobuf.BoolValueB
?dž?3.0Rappendi
append_action (2:.envoy.config.core.v3.HeaderValueOption.HeaderAppendActionB?B?R
appendAction(
keep_empty_value (RkeepEmptyValue"}
HeaderAppendAction
APPEND_IF_EXISTS_OR_ADD�
ADD_IF_ABSENT
OVERWRITE_IF_EXISTS_OR_ADD
OVERWRITE_IF_EXISTS:*?ň
%
#envoy.api.v2.core.HeaderValueOption"l
HeaderMap;
headers (
2!.envoy.config.core.v3.HeaderValueRheaders:"?ň
envoy.api.v2.core.HeaderMap"/
WatchedDirectory
path ( B?BrRpath"?
DataSource%
filename ( B?BrH�Rfilename#
inline_bytes (
H�R
inlineBytes%
inline_string ( H�R
inlineString<
environment_variable ( B?BrH�RenvironmentVariable:#?ň
envoy.api.v2.core.DataSourceB
specifier?B"?
RetryPolicyK
retry_back_off (
2%.envoy.config.core.v3.BackoffStrategyR
retryBackOffR
num_retries (
2
.google.protobuf.UInt32ValueB???
max_retriesR
numRetries
retry_on ( RretryOnV
retry_priority (
2/.envoy.config.core.v3.RetryPolicy.RetryPriorityR
retryPriorityf
retry_host_predicate (
24.envoy.config.core.v3.RetryPolicy.RetryHostPredicateRretryHostPredicateH
!host_selection_retry_max_attempts (R
hostSelectionRetryMaxAttemptsv
RetryPriority
name ( B?BrRname9
typed_config (
2.google.protobuf.AnyH�R
typedConfigB
config_type{
RetryHostPredicate
name ( B?BrRname9
typed_config (
2.google.protobuf.AnyH�R
typedConfigB
config_type:$?ň
envoy.api.v2.core.RetryPolicy"?
RemoteDataSourceB
http_uri (
2
.envoy.config.core.v3.HttpUriB?B?RhttpUri
sha256 ( B?BrRsha256D
retry_policy (
2!.envoy.config.core.v3.RetryPolicyR
retryPolicy:)?ň
$
"envoy.api.v2.core.RemoteDataSource"?
AsyncDataSource8
local (
2 .envoy.config.core.v3.DataSourceH�Rlocal@
remote (
2&.envoy.config.core.v3.RemoteDataSourceH�Rremote:(?ň
#
!envoy.api.v2.core.AsyncDataSourceB
specifier?B"?
TransportSocket
name ( B?BrRname9
typed_config (
2.google.protobuf.AnyH�R
typedConfig:(?ň
#
!envoy.api.v2.core.TransportSocketB
config_typeJRconfig"?
RuntimeFractionalPercentO
default_value (
2 .envoy.type.v3.FractionalPercentB?B?R
defaultValue
runtime_key ( R
runtimeKey:1?ň
,
*envoy.api.v2.core.RuntimeFractionalPercent"U
ControlPlane
identifier ( R
identifier:%?ň
envoy.api.v2.core.ControlPlane*(
RoutingPriority
DEFAULT�
HIGH*?
RequestMethod
METHOD_UNSPECIFIED�
GET
HEAD
POST
PUT
DELETE
CONNECT
OPTIONS
TRACE
PATCH *>
TrafficDirection
UNSPECIFIED�
INBOUND
OUTBOUNDB}
"io.envoyproxy.envoy.config.core.v3B BaseProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?
��?
��
�
��,
�,
�-
�%
�.
�#
�&
�(
�*
�-
�(
�'
�+
�!
�;
�;
�*
�*
�"
�"
�Y
�Y
�F
???j�F
?
�%�(? Envoy supports :ref:`upstream priority routing
` both at the route and the virtual
cluster level. The current priority implementation uses different connection
pool and circuit breaking settings for each priority level. This means that
even for HTTP/2 requests, two physical connections will be used to an
upstream host. In the future Envoy will likely support true HTTP/2 priority
over a single upstream connection.
2! [#protodoc-title: Common types]
�%
��&
��&
��&
�'
�'
�'
"
+�6 HTTP request method.
+
�,
�,
�,
-
-
-
.
.
.
/
/
/
0
0
0
1
1
1
2
2
2
3
3
3
4
4
4
5
5
5
R
9�BF Identifies the direction of the traffic relative to the local Envoy.
9
-
�; Default option is unspecified.
�;
�;
:
>- The transport is used for incoming traffic.
>
>
:
A- The transport is used for outgoing traffic.
A
A
Y
�E�YM Identifies location of where either Envoy runs or where upstream hosts run.
�E
�F\
�ӈ?F\
d
��IW Region this :ref:`zone ` belongs to.
��I
��I
��I
?
�S? Defines the local service zone where Envoy is running. Though optional, it
should be set if discovery service routing is used and the discovery
service exposes :ref:`zone data `,
either in this message or via :option:`--service-zone`. The meaning of zone
is context dependent, e.g. `Availability Zone (AZ)
`_
on AWS, `Zone `, :ref:`CDS
`, and :ref:`HTTP tracing
`, either in this message or via
:option:`--service-node`.
�?
�?
�?
?
?? Defines the local service cluster name where Envoy is running. Though
optional, it should be set if any of the following features are used:
:ref:`statsd `, :ref:`health check cluster
verification
`,
:ref:`runtime override directory `,
:ref:`user agent addition
`,
:ref:`HTTP global rate limiting `,
:ref:`CDS `, and :ref:`HTTP tracing
`, either in this message or via
:option:`--service-cluster`.
?
?
?
w
?&i Opaque metadata extending the node identifier. Envoy will pass this
directly to the management server.
?
?!
?$%
?
?A? Map from xDS resource type URL to dynamic context parameters. These may vary at runtime (unlike
other fields in this message). For example, the xDS client may have a shard identifier that
changes during the lifetime of the xDS client. In Envoy, this would be achieved by updating the
dynamic context on the Server::Instance's LocalInfo context provider. The shard ID dynamic
parameter then appears in this field during future discovery requests.
?(
?);
?>@
H
?: Locality specifying where the Envoy instance is running.
?
?
?
f
?
X Free-form string that identifies the entity requesting config.
E.g. "envoy" or "grpc"
?
?
?
�??
�?
?
?"? Free-form string that identifies the version of the entity requesting config.
E.g. "1.12.2" or "abcd1234", or "SpecialEnvoyBuild"
?
?
? !
C
?.5 Structured version of the entity requesting config.
?
?)
?,-
L
?$> List of extensions and their versions supported by the node.
?
?
?
?"#
?
?'? Client feature support list. These are well known features described
in the Envoy API repository for a given major version of an API. Client features
use reverse DNS naming scheme, for example ``com.acme.feature``.
See :ref:`the list of features ` that xDS client may
support.
?
?
?!
?$&
?
??S? Known listening ports on the node as a generic hint to the management server
for filtering :ref:`listeners ` to be returned. For example,
if there is a listener bound to port 80, the list can optionally contain the
SocketAddress ``(0.0.0.0,80)``. The field is optional and just a hint.
?
?
?&
?)+
?R
?
??K?Q
?
?�?? Metadata provides additional inputs to filters based on matched listeners,
filter chains, routes and endpoints. It is structured as a map, usually from
filter name (in reverse DNS format) to metadata specific to the filter. Metadata
key-values for a filter are merged as connection and request handling occurs,
with later values for the same key overriding earlier values.
An example use of metadata is providing additional values to
http_connection_manager in the envoy.http_connection_manager.access_log
namespace.
Another example use of metadata is to per service config info in cluster metadata, which may get
consumed by multiple filters.
For load balancing, Metadata provides a means to subset cluster endpoints.
Endpoints have a Metadata object associated and routes contain a Metadata
object to match against. There are some well defined metadata used today for
this purpose:
* ``{"envoy.lb": {"canary": }}`` This indicates the canary status of an
endpoint and is also used during header processing
(x-envoy-upstream-canary) and for stats purposes.
[#next-major-version: move to type/metadata/v2]
?
?\
ӈ??\
?
�??<? Key is the reverse DNS filter name, e.g. com.acme.widget. The ``envoy.*``
namespace is reserved for Envoy's built-in filters.
If both ``filter_metadata`` and
:ref:`typed_filter_metadata `
fields are present in the metadata with same keys,
only ``typed_filter_metadata`` field will be parsed.
�?%
�?&5
�?89
�?;
�??:
?
??<? Key is the reverse DNS filter name, e.g. com.acme.widget. The ``envoy.*``
namespace is reserved for Envoy's built-in filters.
The value is encoded as google.protobuf.Any.
If both :ref:`filter_metadata `
and ``typed_filter_metadata`` fields are present in the metadata with same keys,
only ``typed_filter_metadata`` field will be parsed.
?"
?#8
?;<
?;
??:
I
?�?; Runtime derived uint32 with a default when not specified.
?
?a
ӈ??a
@
�?2 Default value if runtime value is not available.
�?
�?
�?
W
?BI Runtime key to get value for comparison. This value is used if defined.
?
?
?
?A
??@
M
?�?? Runtime derived percentage with a default when not specified.
?
@
�?$2 Default value if runtime value is not available.
�?
�?
�?"#
W
?BI Runtime key to get value for comparison. This value is used if defined.
?
?
?
?A
??@
I
?�?; Runtime derived double with a default when not specified.
?
?a
ӈ??a
@
�?2 Default value if runtime value is not available.
�?
�?
�?
W
?BI Runtime key to get value for comparison. This value is used if defined.
?
?
?
?A
??@
G
?�?9 Runtime derived bool with a default when not specified.
?
??-
ӈ???-
@
�?\2 Default value if runtime value is not available.
�?
�?
)
�?,-
�?.[
�??/Z
?
?B? Runtime key to get value for comparison. This value is used if defined. The boolean value must
be represented via its
`canonical JSON encoding `_.
?
?
?
?A
??@
0
?�?" Query parameter name/value pair.
?
?
�?:1 The key of the query parameter. Case sensitive.
�?
�?
�?
�?9
�??8
1
?# The value of the query parameter.
?
?
?
'
?�? Header name/value pair.
?
?_
ӈ??_
�??[ Header name.
�?
�?
�?
�??Z
�???Y
?
??? Header value.
The same :ref:`format specifier ` as used for
:ref:`HTTP access logging ` applies here, however
unknown header values are replaced with the empty string instead of ``-``.
Header value is encoded as string. This does not work for non-utf8 characters.
Only one of ``value`` or ``raw_value`` can be set.
?
?
?
??
??b
???Q?C
?
??} Header value is encoded as bytes which can support non-utf8 characters.
Only one of ``value`` or ``raw_value`` can be set.
?
?
?
??
??8
???Q?C
N
?�?@ Header name/value pair plus option to control append behavior.
?
??,
ӈ???,
Q
�??A Describes the supported actions types for header append action.
�?
?
��? ? If the header already exists, this action will result in:
- Comma-concatenated for predefined inline headers.
- Duplicate header added in the ``HeaderMap`` for other headers.
If the header doesn't exist then this will add new header with specified key and value.
��?
��?
?
�?w This action will add the header if it doesn't already exist. If the header
already exists then this will be a no-op.
�?
�?
?
�?#? This action will overwrite the specified value by discarding any existing values if
the header already exists. If the header doesn't exist then this will add the header
with specified key and value.
�?
�?!"
?
�?
? This action will overwrite the specified value by discarding any existing values if
the header already exists. If the header doesn't exist then this will be no-op.
�?
�?
C
�?G5 Header name/value pair that this option applies to.
�?
�?
�?
�?F
�??E
?
??S? Should the value be appended? If true (default), the value is appended to
existing values. Otherwise it replaces any existing values.
This field is deprecated and please use
:ref:`append_action ` as replacement.
.. note::
The :ref:`external authorization service ` and
:ref:`external processor service ` have
default value (``false``) for this field.
?
?
"
?%&
?R
?
??K?Q
?
?V? Describes the action taken to append/overwrite the given value for an existing header
or to only add this header if it's absent.
Value defaults to :ref:`APPEND_IF_EXISTS_OR_ADD
`.
?
?"
?%&
?'U
??(T
?
?
? Is the header value allowed to be empty? If false (default), custom headers with empty values are dropped,
otherwise they are added.
?
?
?
-
?�? Wrapper for a set of headers.
?
?]
ӈ??]
�?#
�?
�?
�?
�?!"
?
?�?? A directory that is watched for changes, e.g. by inotify on Linux. Move/rename
events inside this directory trigger the watch.
?
(
�?; Directory path to watch.
�?
�?
�?
�?:
�??9
^
?�?P Data source consisting of a file, an inline value, or an environment variable.
?
?^
ӈ??^
�??
�?
�?&
�??&
-
�?A Local filesystem data source.
�?
�?
�?
�?@
�???
3
?% Bytes inlined in the configuration.
?
?
?
4
?
& String inlined in the configuration.
?
?
?
1
?M# Environment variable data source.
?
?
?"#
?$L
??%K
x
?�?j The message specifies the retry policy of remote data source when fetching fails.
[#next-free-field: 7]
?
?_
ӈ??_
k
�??[ See :ref:`RetryPriority `.
�?
��?=
��?
��?
��?
��?<
��??;
��??
��?
�?+
�?
�?&
�?)*
v
??f See :ref:`RetryHostPredicate `.
?
�?=
�?
�?
�?
�?<
�??;
�??
�?
?+
?
?&
?)*
?
�?%? Specifies parameters that control :ref:`retry backoff strategy `.
This parameter is optional, in which case the default base interval is 1000 milliseconds. The
default maximum interval is 10 times the base interval.
�?
�?
�?#$
i
??@Y Specifies the allowed number of retries. This parameter is optional and
defaults to 1.
?
?
)
?,-
??
???Q?>
k
?] For details, see :ref:`retry_on `.
?
?
?
w
?#i For details, see :ref:`retry_priority `.
?
?
?!"
?
?7s For details, see :ref:`RetryHostPredicate `.
?
?
?
2
?56
?
?.? For details, see :ref:`host_selection_retry_max_attempts `.
?
?)
?,-
Y
?�?K The message specifies how to fetch data from remote and how to verify it.
?
?d
ӈ??d
6
�?E( The HTTP URI to fetch the remote data.
�?
�?
�?
�?D
�??C
1
?=# SHA256 string for verifying data.
?
?
?
?<
??;
6
? ( Retry policy for fetching remote data.
?
?
?
A
?�?3 Async data source which support async data fetch.
?
?c
ӈ??c
�??
�?
�?&
�??&
(
�? Local async data source.
�?
�?
�?
)
? Remote async data source.
?
?
?
?
?�?? Configuration for transport socket in :ref:`listeners ` and
:ref:`clusters `. If the configuration is
empty, a default transport socket implementation and configuration will be
chosen based on the platform and existence of tls_context.
?
?c
ӈ??c
?
�?
�?
�?
?
�?
?
�?;t The name of the transport socket to instantiate. The name must match a supported transport
socket implementation.
�?
�?
�?
�?:
�??9
?
�??? Implementation specific configuration which depends on the implementation being instantiated.
See the supported transport socket implementations for further documentation.
�?
?)
?
?$
?'(
?
?�?? Runtime derived FractionalPercent with defaults for when the numerator or denominator is not
specified via a runtime key.
.. note::
Parsing of the runtime key's data is implemented such that it may be represented as a
:ref:`FractionalPercent ` proto represented as JSON/YAML
and may also be represented as an integer with the assumption that the value is an integral
percentage out of 100. For instance, a runtime key lookup returning the value "42" would parse
as a ``FractionalPercent`` whose numerator is 42 and denominator is HUNDRED.
?
??3
ӈ???3
j
�?\\ Default value if the runtime value's for the numerator/denominator keys are not available.
�?
�?
)
�?,-
�?.[
�??/Z
M
?? Runtime key for a YAML representation of a FractionalPercent.
?
?
?
W
?�?I Identifies a specific ControlPlane instance that Envoy is connected to.
?
?`
ӈ??`
?
�?? An opaque control plane identifier that uniquely identifies an instance
of control plane. This can be used to identify which control plane instance,
the Envoy is connected to.
�?
�?
�?bproto3
?0
-envoy/config/cluster/v3/circuit_breaker.protoenvoy.config.cluster.v3 envoy/config/core/v3/base.protoenvoy/type/v3/percent.proto
google/protobuf/wrappers.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
CircuitBreakersS
thresholds (
23.envoy.config.cluster.v3.CircuitBreakers.ThresholdsR
thresholdsc
per_host_thresholds (
23.envoy.config.cluster.v3.CircuitBreakers.ThresholdsRperHostThresholds?
ThresholdsK
priority (2%.envoy.config.core.v3.RoutingPriorityB?B?RpriorityE
max_connections (
2
.google.protobuf.UInt32ValueRmaxConnectionsN
max_pending_requests (
2
.google.protobuf.UInt32ValueRmaxPendingRequests?
max_requests (
2
.google.protobuf.UInt32ValueR
maxRequests=
max_retries (
2
.google.protobuf.UInt32ValueR
maxRetriesb
retry_budget (
2?.envoy.config.cluster.v3.CircuitBreakers.Thresholds.RetryBudgetR
retryBudget'
track_remaining (RtrackRemainingN
max_connection_pools (
2
.google.protobuf.UInt32ValueRmaxConnectionPools?
RetryBudget=
budget_percent (
2.envoy.type.v3.PercentR
budgetPercentP
min_retry_concurrency (
2
.google.protobuf.UInt32ValueRminRetryConcurrency:B?ň
=
;envoy.api.v2.cluster.CircuitBreakers.Thresholds.RetryBudget:6?ň
1
/envoy.api.v2.cluster.CircuitBreakers.Thresholds:+?ň
&
$envoy.api.v2.cluster.CircuitBreakersB?
%io.envoyproxy.envoy.config.cluster.v3BCircuitBreakerProtoPZHgithub.com/envoyproxy/go-control-plane/envoy/config/cluster/v3;clusterv3????J?$
��x
��
�
��)
�%
�(
�'
�+
�!
�>
�>
�4
�4
�"
�"
�_
�_
�F
???j�F
?
��xy :ref:`Circuit breaking` settings can be
specified individually for each defined priority.
2% [#protodoc-title: Circuit breakers]
�
�-
�ӈ?-
?
��
c? A Thresholds defines CircuitBreaker settings for a
:ref:`RoutingPriority`.
[#next-free-field: 9]
��
�� :
��ӈ? :
���"2
���"
���#$H
���ӈ?#$H
?
����+)? Specifies the limit on concurrent retries as a percentage of the sum of active requests and
active pending requests. For example, if there are 100 active requests and the
budget_percent is set to 25, there may be 25 active retries.
This parameter is optional. Defaults to 20%.
����+
����+$
����+'(
?
���1<? Specifies the minimum retry concurrency allowed for the retry budget. The limit on the
number of active retries may never go below this number.
This parameter is optional. Defaults to 3.
���1!
���1"7
���1:;
?
���6X The :ref:`RoutingPriority`
the specified CircuitBreaker settings apply to.
���6
���6
$
���6'(
���6)W
���?6*V
?
��:4y The maximum number of connections that Envoy will make to the upstream
cluster. If not specified, the default is 1024.
��:
��: /
��:23
?
��?9? The maximum number of pending requests that Envoy will allow to the
upstream cluster. If not specified, the default is 1024.
This limit is applied as a connection limit for non-HTTP traffic.
��?
��? 4
��?78
?
��D1? The maximum number of parallel requests that Envoy will make to the
upstream cluster. If not specified, the default is 1024.
This limit does not apply to non-HTTP traffic.
��D
��D ,
��D/0
?
��H0| The maximum number of parallel retries that Envoy will allow to the
upstream cluster. If not specified, the default is 3.
��H
��H +
��H./
?
��Q!? Specifies a limit on concurrent retries in relation to the number of active requests. This
parameter is optional.
.. note::
If this field is set, the retry budget will override any configured retry circuit
breaker.
��Q
��Q
��Q
?
��[
? If track_remaining is true, then stats will be published that expose
the number of resources remaining until the circuit breakers open. If
not specified, the default is false.
.. note::
If a retry budget is used in lieu of the max_retries circuit breaker,
the remaining retry resources remaining will not be tracked.
��[
��[
��[
?
��b9? The maximum number of connection pools per cluster that Envoy will concurrently support at
once. If not specified, the default is unlimited. Set this for clusters which create a
large number of connection pools. See
:ref:`Circuit Breaking ` for
more details.
��b
��b 4
��b78
?
��j%? If multiple :ref:`Thresholds`
are defined with the same :ref:`RoutingPriority`,
the first one in the list is used. If no Thresholds is defined for a given
:ref:`RoutingPriority`, the default values
are used.
��j
��j
��j
��j#$
?
�w.? Optional per-host limits which apply to each individual host in a cluster.
.. note::
currently only the :ref:`max_connections
` field is supported for per-host limits.
If multiple per-host :ref:`Thresholds`
are defined with the same :ref:`RoutingPriority`,
the first one in the list is used. If no per-host Thresholds are defined for a given
:ref:`RoutingPriority`,
the cluster will not have per-host limits.
�w
�w
�w)
�w,-bproto3
?
google/protobuf/empty.protogoogle.protobuf"
EmptyB}
com.google.protobufB
EmptyProtoPZ.google.golang.org/protobuf/types/known/emptypb??GPB?
Google.Protobuf.WellKnownTypesJ?
�2
?
�2?
Protocol Buffers - Google's data interchange format
Copyright 2008 Google Inc. All rights reserved.
https://developers.google.com/protocol-buffers/
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
�
"�E
"�E
#�,
#�,
$�+
$�+
%�"
%�"
&�!
$&�!
'�;
%'�;
(�
(�
?
�2�? A generic empty message that you can re-use to avoid defining duplicated
empty messages in your APIs. A typical example is to use it as the request
or the response type of an API method. For instance:
service Foo {
rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
}
�2
bproto3
?
udpa/annotations/sensitive.protoudpa.annotations google/protobuf/descriptor.proto:>
sensitive
.google.protobuf.FieldOptions???$ (R sensitiveB)Z'github.com/cncf/xds/go/udpa/annotationsJ?
�
?
�2? THIS FILE IS DEPRECATED
Users should instead use the corresponding proto in the xds tree.
No new changes will be accepted here.
�
��*
�>
�>
�
?
�
? Magic number is the 28 most significant bits in the sha256sum of "udpa.annotations.sensitive".
When set to true, `sensitive` indicates that this field contains sensitive data, such as
personally identifiable information, passwords, or private keys, and should be redacted for
display by tools aware of this annotation. Note that that this has no effect on standard
Protobuf functions such as `TextFormat::PrintToString`.
�
#
�
�
�bproto3
??
'envoy/config/core/v3/grpc_service.protoenvoy.config.core.v3 envoy/config/core/v3/base.protogoogle/protobuf/any.proto
google/protobuf/duration.protogoogle/protobuf/empty.proto
google/protobuf/struct.proto
google/protobuf/wrappers.proto udpa/annotations/sensitive.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?"
GrpcServiceL
envoy_grpc (
2+.envoy.config.core.v3.GrpcService.EnvoyGrpcH�R envoyGrpcO
google_grpc (
2,.envoy.config.core.v3.GrpcService.GoogleGrpcH�R
googleGrpc3
timeout (
2.google.protobuf.DurationRtimeoutL
initial_metadata (
2!.envoy.config.core.v3.HeaderValueRinitialMetadataD
retry_policy (
2!.envoy.config.core.v3.RetryPolicyR
retryPolicy?
EnvoyGrpc*
cluster_name ( B?BrR
clusterName/
authority ( B?Br
�(????�R authorityD
retry_policy (
2!.envoy.config.core.v3.RetryPolicyR
retryPolicyY
max_receive_message_length (
2
.google.protobuf.UInt32ValueRmaxReceiveMessageLength:.?ň
)
'envoy.api.v2.core.GrpcService.EnvoyGrpc?
GoogleGrpc&
target_uri ( B?BrR targetUrip
channel_credentials (
2?.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelCredentialsRchannelCredentialsg
call_credentials (
2<.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentialsRcallCredentials(
stat_prefix ( B?BrR
statPrefix8
credentials_factory_name ( RcredentialsFactoryName/
config (
2.google.protobuf.StructRconfig^
per_stream_buffer_limit_bytes (
2
.google.protobuf.UInt32ValueRperStreamBufferLimitBytes[
channel_args (
28.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgsR
channelArgs?
SslCredentials?
root_certs (
2 .envoy.config.core.v3.DataSourceR rootCertsI
private_key (
2 .envoy.config.core.v3.DataSourceB????R
privateKey?
cert_chain (
2 .envoy.config.core.v3.DataSourceR certChain:>?ň
9
7envoy.api.v2.core.GrpcService.GoogleGrpc.SslCredentials`
GoogleLocalCredentials:F?ň
A
?envoy.api.v2.core.GrpcService.GoogleGrpc.GoogleLocalCredentials?
ChannelCredentialsf
ssl_credentials (
2;.envoy.config.core.v3.GrpcService.GoogleGrpc.SslCredentialsH�RsslCredentials?
google_default (
2.google.protobuf.EmptyH�R
googleDefaultr
local_credentials (
2C.envoy.config.core.v3.GrpcService.GoogleGrpc.GoogleLocalCredentialsH�RlocalCredentials:B?ň
=
;envoy.api.v2.core.GrpcService.GoogleGrpc.ChannelCredentialsB
credential_specifier?B?
CallCredentials#
access_token ( H�R
accessTokenL
google_compute_engine (
2.google.protobuf.EmptyH�RgoogleComputeEngine2
google_refresh_token ( H�RgoogleRefreshToken?
service_account_jwt_access (
2_.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentialsH�RserviceAccountJwtAccessr
google_iam (
2Q.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentialsH�R googleIam}
from_plugin (
2Z.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPluginH�R
fromPluginj
sts_service (
2G.envoy.config.core.v3.GrpcService.GoogleGrpc.CallCredentials.StsServiceH�R
stsService?
"ServiceAccountJWTAccessCredentials
json_key ( RjsonKey4
token_lifetime_seconds (RtokenLifetimeSeconds:b?ň
]
[envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.ServiceAccountJWTAccessCredentials?
GoogleIAMCredentials/
authorization_token ( RauthorizationToken-
authority_selector ( RauthoritySelector:T?ň
O
Menvoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.GoogleIAMCredentials?
MetadataCredentialsFromPlugin
name ( Rname9
typed_config (
2.google.protobuf.AnyH�R
typedConfig:]?ň
X
Venvoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.MetadataCredentialsFromPluginB
config_typeJRconfig?
StsService;
token_exchange_service_uri ( RtokenExchangeServiceUri
resource ( Rresource
audience ( Raudience
scope ( Rscope0
requested_token_type ( RrequestedTokenType5
subject_token_path ( B?BrRsubjectTokenPath5
subject_token_type ( B?BrRsubjectTokenType(
actor_token_path ( RactorTokenPath(
actor_token_type ( RactorTokenType:J?ň
E
Cenvoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentials.StsService:??ň
:
8envoy.api.v2.core.GrpcService.GoogleGrpc.CallCredentialsB
credential_specifier?B?
ChannelArgsV
args (
2B.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.ArgsEntryRargsc
Value#
string_value ( H�R
stringValue
int_value (H�RintValueB
value_specifier?Bw
ArgsEntry
key ( RkeyT
value (
2>.envoy.config.core.v3.GrpcService.GoogleGrpc.ChannelArgs.ValueRvalue:8:/?ň
*
(envoy.api.v2.core.GrpcService.GoogleGrpc:$?ň
envoy.api.v2.core.GrpcServiceB
target_specifier?BJB?
"io.envoyproxy.envoy.config.core.v3BGrpcServiceProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?]
��?
��
�
��)
�#
�(
�%
�&
�(
�*
�'
�+
�!
�;
�;
�1
�1
�"
�"
�Y
�Y
�F
???j�F
?
�
�?? gRPC service configuration. This is used by :ref:`ApiConfigSource
` and filter configurations.
[#next-free-field: 7]
2" [#protodoc-title: gRPC services]
�
�
_
�ӈ?
_
�� 9
��
�� !2
��ӈ? !2
?
���&E? The name of the upstream gRPC cluster. SSL credentials will be supplied
in the :ref:`Cluster ` :ref:`transport_socket
`.
���&
���&
���&
���&
D
���?&
C
?
��*,^? The ``:authority`` header in the grpc request. If this field is not set, the authority header value will be ``cluster_name``.
Note that this authority does not override the SNI. The SNI is provided by the transport socket of the cluster.
��*
��*
��*
��+,]
��?+ ,\
?
��2!? Indicates the retry policy for re-establishing the gRPC stream
This field is optional. If max interval is not provided, it will be set to ten times the provided base interval.
Currently only supported for xDS gRPC streams.
If not set, xDS gRPC streams default base interval:500ms, maximum interval:30s will be applied.
��2
��2
��2
?
��8?? Maximum gRPC message size that is allowed to be received.
If a message over this limit is received, the gRPC stream is terminated with the RESOURCE_EXHAUSTED error.
This limit is applied to individual messages in the streaming response and not the total size of streaming response.
Defaults to 0, which means unlimited.
��8
��8 :
��8=>
&
�<? [#next-free-field: 9]
�<
�=>3
�ӈ?=>3
[
��AMK See https://grpc.io/grpc/cpp/structgrpc_1_1_ssl_credentials_options.html.
��A
��BCD
��ӈ?BCD
8
���F ' PEM encoded server root certificates.
���F
���F
���F
2
��IG! PEM encoded client private key.
��I
��I
��I
��I!F
��???$I"E
8
��L ' PEM encoded client certificate chain.
��L
��L
��L
y
�QTi Local channel credentials. Only UDS is supported for now.
See https://github.com/grpc/grpc/pull/15909.
�Q
"
�RSL
�ӈ?RSL
~
�Xfn See https://grpc.io/docs/guides/auth.html#credential-types to understand Channel and Call
credential types.
�X
�YZH
�ӈ?YZH
��\e
��\
��]*
��?]*
��_+
��_
��_&
��_)*
`
�b1O https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61
�b
�b
,
�b/0
�d5
�d
�d 0
�d34
(
�i? [#next-free-field: 8]
�i
�jkE
�ӈ?jkE
��mu
��m0
��np1
��ӈ?np1
���r
���r
���r
���r
��t*
��t
��t%
��t()
�w~
�w"
�xy\
�ӈ?xy\
��{'
��{
��{"
��{%&
�}&
�}
�}!
�}$%
�??
�?+
�??,
�ӈ???,
� ?
� �?
� �?
� �?
�
?
�
�?
��?
��?
��?
��?
E
��?? / [#extension-category: envoy.grpc_credentials]
��?
�?
/
�?
�?
*
�?-.
?
�??? Security token service configuration that allows Google gRPC to
fetch security token from an OAuth 2.0 authorization server.
See https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16 and
https://github.com/grpc/grpc/pull/19587.
[#next-free-field: 10]
�?
�??R
�ӈ???R
?
��?.? URI of the token exchange service that handles token exchange requests.
[#comment:TODO(asraa): Add URI validation when implemented. Tracked by
https://github.com/bufbuild/protoc-gen-validate/issues/303]
��?
��?)
��?,-
�?
k Location of the target service or resource where the client
intends to use the requested security token.
�?
�?
�?
w
�?
c Logical name of the target service where the client intends to
use the requested security token.
�?
�?
�?
?
�?| The desired scope of the requested security token in the
context of the service or resource where the token will be used.
�?
�?
�?
;
�?(' Type of the requested security token.
�?
�?#
�?&'
?
�?O? The path of subject token, a security token that represents the
identity of the party on behalf of whom the request is being made.
�?
�?!
�?$%
�?&N
�??'M
0
�?O
Type of the subject token.
�?
�?!
�?$%
�?&N
�??'M
?
�?$? The path of actor token, a security token that represents the identity
of the acting party. The acting party is authorized to use the
requested security token and act on behalf of the subject.
�?
�?
�?"#
.
�?$ Type of the actor token.
�?
�?
�?"#
��??
��?
��?*
��??*
}
��? k Access token credentials.
https://grpc.io/grpc/cpp/namespacegrpc.html#ad3a80da696ffdaea943f0f858d7a360d.
��?
��?
��?
?
�?8s Google Compute Engine credentials.
https://grpc.io/grpc/cpp/namespacegrpc.html#a6beb3ac70ff94bd2ebbd89b8f21d1f61
�?
�?
3
�?67
?
�?(s Google refresh token credentials.
https://grpc.io/grpc/cpp/namespacegrpc.html#a96901c997b91bc6513b08491e0dca37c.
�?
�?#
�?&'
?
�?Jy Service Account JWT Access credentials.
https://grpc.io/grpc/cpp/namespacegrpc.html#a92a9f959d6102461f66ee973d8e9d3aa.
�?*
�?+E
�?HI
{
�?,i Google IAM credentials.
https://grpc.io/grpc/cpp/namespacegrpc.html#a9fc1fc101b41e680d47028166e76f9d0.
�?
�?
'
�?*+
?
�?6? Custom authenticator credentials.
https://grpc.io/grpc/cpp/namespacegrpc.html#a823c6a4b19ffc71fb33e90154ee2ad07.
https://grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms.
�?%
�?&1
�?45
?
�?#? Custom security token service which implements OAuth 2.0 token exchange.
https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16
See https://github.com/grpc/grpc/pull/19587.
�?
�?
�?!"
&
�?? Channel arguments.
�?
��??
��?
v
���?? ` Pointer values are not supported, since they don't make any sense when
delivered via the API.
���?
���?
,
���??
,
���?
"
���?
���?
���? !
��?
��?
��?
��?
O
��?"= See grpc_types.h GRPC_ARG #defines for keys that work here.
��?
��?
��? !
?
��?C? The target URI when using the `Google C++ gRPC client
`_. SSL credentials will be supplied in
:ref:`channel_credentials `.
��?
��?
��?
��?B
��??A
�?/
�?
�?*
�?-.
?
�?2? A set of call credentials that can be composed with `channel credentials
`_.
�?
�?
�?
-
�?01
?
�?D? The human readable prefix to use when emitting statistics for the gRPC
service.
.. csv-table::
:header: Name, Type, Description
:widths: 1, 1, 2
streams_total, Counter, Total number of streams opened
streams_closed_, Counter, Total streams closed with
�?
�?
�?
�?C
�??
B
?
�?(? The name of the Google gRPC credentials factory to use. This must have been registered with
Envoy. If this is empty, a default credentials factory will be used that sets up channel
credentials based on other configuration parameters.
�?
�?
#
�?&'
h
�?&X Additional configuration for site-specific customizations of the Google
gRPC library.
�?
�?!
�?$%
?
�?Bt How many bytes each stream can buffer internally.
If not set an implementation defined default is applied (1MiB).
�?
�? =
�?@A
'
�?! Custom channels args.
�?
�?
�?
� ?
� �?
� �?
� �?
��??
��?
��?&
��??&
?
��?
? Envoy's in-built gRPC client.
See the :ref:`gRPC services overview `
documentation for discussion on gRPC client selection.
��?
��?
��?
?
�? ? `Google C++ gRPC client `_
See the :ref:`gRPC services overview `
documentation for discussion on gRPC client selection.
�?
�?
�?
^
�?'P The timeout for the gRPC request. This is the timeout for a specific
request.
�?
�?"
�?%&
?
�?,? Additional metadata to include in streams initiated to the GrpcService. This can be used for
scenarios in which additional ad hoc authorization headers (e.g. ``x-foo-bar: baz-key``) are to
be injected. For more information, including details on header value syntax, see the
documentation on :ref:`custom request headers
`.
�?
�?
�?'
�?*+
?
�? ? Optional default retry policy for streams toward the service.
If an async stream doesn't have retry policy configured in its stream options, this retry policy is used.
�?
�?
�?
bproto3
?
xds/core/v3/authority.proto
xds.core.v3 xds/annotations/v3/status.protovalidate/validate.proto"(
Authority
name ( B?BrRnameBV
com.github.xds.core.v3BAuthorityProtoPZ"github.com/cncf/xds/go/xds/core/v3?Ƥ?J?
��
��
�
��)
�!
�/
�/
�"
�"
�/
�/
�9
�9
�@
?Ȕl
�@
(
��
xDS authority information.
�
��;
��
��
��
��:
��?9bproto3
?{
(envoy/config/core/v3/config_source.protoenvoy.config.core.v3 envoy/config/core/v3/base.proto$envoy/config/core/v3/extension.proto'envoy/config/core/v3/grpc_service.protogoogle/protobuf/any.proto
google/protobuf/duration.proto
google/protobuf/wrappers.protoxds/core/v3/authority.proto#envoy/annotations/deprecation.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
ApiConfigSourceR
api_type (2-.envoy.config.core.v3.ApiConfigSource.ApiTypeB?B?RapiType^
transport_api_version (2 .envoy.config.core.v3.ApiVersionB?B?RtransportApiVersion#
cluster_names ( R
clusterNamesF
grpc_services (
2!.envoy.config.core.v3.GrpcServiceR
grpcServices>
refresh_delay (
2.google.protobuf.DurationR
refreshDelayL
request_timeout (
2.google.protobuf.DurationB?B?*�RrequestTimeoutW
rate_limit_settings (
2'.envoy.config.core.v3.RateLimitSettingsRrateLimitSettingsA
set_node_on_first_message_only (RsetNodeOnFirstMessageOnlyW
config_validators (
2*.envoy.config.core.v3.TypedExtensionConfigRconfigValidators"?
ApiType3
%DEPRECATED_AND_UNAVAILABLE_DO_NOT_USE�????
REST
GRPC
DELTA_GRPC
AGGREGATED_GRPC
AGGREGATED_DELTA_GRPC:(?ň
#
!envoy.api.v2.core.ApiConfigSource"I
AggregatedConfigSource:/?ň
*
(envoy.api.v2.core.AggregatedConfigSource"?
SelfConfigSource^
transport_api_version (2 .envoy.config.core.v3.ApiVersionB?B?RtransportApiVersion:)?ň
$
"envoy.api.v2.core.SelfConfigSource"?
RateLimitSettings;
max_tokens (
2
.google.protobuf.UInt32ValueR maxTokensI
fill_rate (
2
.google.protobuf.DoubleValueB?B
!��������RfillRate:*?ň
%
#envoy.api.v2.core.RateLimitSettings"?
PathConfigSource
path ( B?BrRpathS
watched_directory (
2&.envoy.config.core.v3.WatchedDirectoryRwatchedDirectory"?
ConfigSource8
authorities (
2.xds.core.v3.AuthorityR
authorities!
path ( B
?dž?3.0H�RpathV
path_config_source (
2&.envoy.config.core.v3.PathConfigSourceH�RpathConfigSourceS
api_config_source (
2%.envoy.config.core.v3.ApiConfigSourceH�RapiConfigSource@
ads (
2,.envoy.config.core.v3.AggregatedConfigSourceH�Rads<
self (
2&.envoy.config.core.v3.SelfConfigSourceH�RselfM
initial_fetch_timeout (
2.google.protobuf.DurationRinitialFetchTimeout\
resource_api_version (2 .envoy.config.core.v3.ApiVersionB?B?RresourceApiVersion:%?ň
envoy.api.v2.core.ConfigSourceB
config_source_specifier?B"?
ExtensionConfigSourceQ
config_source (
2".envoy.config.core.v3.ConfigSourceB?B?R
configSource;
default_config (
2.google.protobuf.AnyR
defaultConfigN
$apply_default_config_without_warming (R applyDefaultConfigWithoutWarming%
type_urls ( B?B?RtypeUrls*@
ApiVersion
AUTO�
????3.0
V2
????3.0
V3B?
"io.envoyproxy.envoy.config.core.v3BConfigSourceProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?c
��?
��
�
��)
�.
�1
�#
�(
�(
�%
�-
�'
�+
�!
�;
�;
�2
�2
�"
�"
�Y
�Y
�F
???j�F
?
�
�(? xDS API and non-xDS services version. This is used to describe both resource and transport
protocol versions (in distinct configuration fields).
2* [#protodoc-title: Configuration sources]
�
?
��!]? When not specified, we assume v2, to ease migration to Envoy's stable API
versioning. If a client does not support v2 (e.g. due to deprecation), this
is an invalid value.
��!
��!
��!
\
��!
��???V! [
�$[ Use xDS v2 API.
�$
�$
�$ Z
�$
�???V$
Y
�' Use xDS v3 API.
�'
�'
?
�-�z? API configuration source. This identifies the API type and cluster that Envoy
will use to fetch an xDS API.
[#next-free-field: 10]
�-
�.c
�ӈ?.c
<
��1M. APIs may be fetched via either REST or gRPC.
��1
?
���45S? Ideally this would be 'reserved 0' but one can't reserve the default
value. Instead we throw an exception if this is ever used.
���4)
���4,-
���5R
���5
���?ζ!5
Q
?
��:
? REST-JSON v2 API. The `canonical JSON encoding
`_ for
the v2 protos is used.
��:
��:
#
��=
SotW gRPC service.
��=
��=
?
��B? Using the delta xDS gRPC service, i.e. DeltaDiscovery{Request,Response}
rather than Discovery{Request,Response}. Rather than sending Envoy the entire state
with every update, the xDS server only sends what has changed since the last update.
��B
��B
?
��G? SotW xDS gRPC with ADS. All resources which resolve to this configuration source will be
multiplexed on a single connection to an ADS endpoint.
[#not-implemented-hide:]
��G
��G
?
��L
? Delta xDS gRPC with ADS. All resources which resolve to this configuration source will be
multiplexed on a single connection to an ADS endpoint.
[#not-implemented-hide:]
��L
��L
0
��PF# API type (gRPC, REST, delta gRPC)
��P
��P
��P
��PE
��?PD
?
�TV? API version for xDS transport protocol. This describes the xDS gRPC/REST
endpoint and version of [Delta]DiscoveryRequest/Response used on the wire.
�T
�T
"
�T%&
�T'U
�?T(T
?
�^$? Cluster names should be used only with REST. If > 1
cluster is defined, clusters will be cycled through if any kind of failure
occurs.
.. note::
The cluster with name ``cluster_name`` must be statically defined and its
type must not be ``EDS``.
�^
�^
�^
�^"#
?
�b)? Multiple gRPC services be provided for GRPC. If > 1 cluster is defined,
services will be cycled through if any kind of failure occurs.
�b
�b
�b$
�b'(
A
�e-4 For REST APIs, the delay between successive polls.
�e
�e(
�e+,
b
�hUU For REST APIs, the request timeout. If not set, a default value of 1s will be used.
�h
�h*
�h-.
�h/T
�?h0S
z
�l,m For GRPC APIs, the rate limit settings. If present, discovery requests made by Envoy will be
rate limited.
�l
�l'
�l*+
i
�o*\ Skip the node identifier in subsequent discovery requests for streaming gRPC config types.
�o
�o%
�o()
?
�y6? A list of config validators that will be executed when a new update is
received from the ApiConfigSource. Note that each validator handles a
specific xDS service type, and only the validators corresponding to the
type url (in ``:ref: DiscoveryResponse`` or ``:ref: DeltaDiscoveryResponse``)
will be invoked.
If the validator returns false or throws an exception, the config will be rejected by
the client, and a NACK will be sent.
[#extension-category: envoy.config.validators]
�y
�y
�y 1
�y45
?
�?? Aggregated Discovery Service (ADS) options. This is currently empty, but when
set in :ref:`ConfigSource ` can be used to
specify that ADS is to be used.
??1
ӈ???1
?
?�?? [#not-implemented-hide:]
Self-referencing config source options. This is currently empty, but when
set in :ref:`ConfigSource ` can be used to
specify that other data can be obtained from the same server.
?
?d
ӈ??d
?
�?V? API version for xDS transport protocol. This describes the xDS gRPC/REST
endpoint and version of [Delta]DiscoveryRequest/Response used on the wire.
�?
�?
"
�?%&
�?'U
�??(T
W
?�?I Rate Limit settings to be applied for discovery requests made by Envoy.
?
??,
ӈ???,
?
�?-? Maximum number of tokens to be used for rate limiting discovery request calls. If not set, a
default value of 100 will be used.
�?
�?
(
�?+,
?
?R? Rate at which tokens will be filled per second. If not set, a default fill rate of 10 tokens
per second will be used. The minimal fill rate is once per year. Lower
fill rates will be set to once per year.
?
?
'
?*+
?,Q
??-P
;
?�?- Local filesystem path configuration source.
?
?
�?;? Path on the filesystem to source and watch for configuration updates.
When sourcing configuration for a :ref:`secret `,
the certificate and key files are also watched for updates.
.. note::
The path to the source must exist at config load time.
.. note::
If ``watched_directory`` is *not* configured, Envoy will watch the file path for *moves*.
This is because in general only moves are atomic. The same method of swapping files as is
demonstrated in the :ref:`runtime documentation ` can be
used here also. If ``watched_directory`` is configured, no watch will be placed directly on
this path. Instead, the configured ``watched_directory`` will be used to trigger reloads of
this path. This is required in certain deployment scenarios. See below for more information.
�?
�?
�?
�?:
�??9
?
?)? If configured, this directory will be watched for *moves*. When an entry in this directory is
moved to, the ``path`` will be reloaded. This is required in certain deployment scenarios.
Specifically, if trying to load an xDS resource using a
`Kubernetes ConfigMap `, :ref:`clusters
`, :ref:`routes
`, :ref:`endpoints
` etc. may either be sourced from the
filesystem or from an xDS API source. Filesystem configs are watched with
inotify for updates.
[#next-free-field: 9]
?
?`
ӈ??`
?
�?1? Authorities that this config source may be used for. An authority specified in a xdstp:// URL
is resolved to a ``ConfigSource`` prior to configuration fetch. This field provides the
association between authority name and configuration source.
[#not-implemented-hide:]
�?
�?
�?!,
�?/0
�??
�?
�?&
�??&
V
?aH Deprecated in favor of ``path_config_source``. Use that field instead.
?
?
?
?`
?&
??K?(_
;
?,- Local filesystem path configuration source.
?
?'
?*+
)
?* API configuration source.
?
?%
?()
?
?#z When set, ADS will be used to fetch resources. The ADS API configuration
source in the bootstrap configuration is used.
?
?
?!"
?
?
? [#not-implemented-hide:]
When set, the client will access the resources from the same server it got the
ConfigSource from, although not necessarily from the same stream. This is similar to the
:ref:`ads` field, except that the client may use a
different stream to the same server. As a result, this field can be used for things
like LRS that cannot be sent on an ADS stream. It can also be used to link from (e.g.)
LDS to RDS on the same server without requiring the management server to know its name
or required credentials.
[#next-major-version: In xDS v3, consider replacing the ads field with this one, since
this field can implicitly mean to use the same stream in the case where the ConfigSource
is provided via ADS and the specified data can also be obtained via ADS.]
?
?
?
?
?5? When this timeout is specified, Envoy will wait no longer than the specified time for first
config response on this xDS subscription during the :ref:`initialization process
`. After reaching the timeout, Envoy will move to the next
initialization phase, even if the first config is not delivered yet. The timer is activated
when the xDS API subscription starts, and is disarmed on first config update or on error. 0
means no timeout - Envoy will wait indefinitely for the first xDS config (unless another
timeout applies). The default is 15s.
?
?0
?34
?
?U? API version for xDS resources. This implies the type URLs that the client
will request for resources and the resource type that the client will in
turn expect to be delivered.
?
?
!
?$%
?&T
??'S
?
?�?? Configuration source specifier for a late-bound extension configuration. The
parent resource is warmed until all the initial extension configurations are
received, unless the flag to apply the default configuration is set.
Subsequent extension updates are atomic on a per-worker basis. Once an
extension configuration is applied to a request or a connection, it remains
constant for the duration of processing. If the initial delivery of the
extension configuration fails, due to a timeout for example, the optional
default configuration is applied. Without a default configuration, the
extension is disabled, until an extension configuration is received. The
behavior of a disabled extension depends on the context. For example, a
filter chain with a disabled extension filter rejects all incoming streams.
?
�?K
�?
�?
�?
�?!J
�??"I
?
?)? Optional default configuration to use as the initial configuration if
there is a failure to receive the initial extension configuration or if
``apply_default_config_without_warming`` flag is set.
?
?$
?'(
?
?0? Use the default config as the initial configuration without warming and
waiting for the first discovery response. Requires the default configuration
to be supplied.
?
?+
?./
?
?M? A set of permitted extension type URLs. Extension configuration updates are rejected
if they do not match any type URL in the set.
?
?
?
?
? L
??!Kbproto3
?
$envoy/config/cluster/v3/filter.protoenvoy.config.cluster.v3(envoy/config/core/v3/config_source.protogoogle/protobuf/any.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
Filter
name ( B?BrRname7
typed_config (
2.google.protobuf.AnyR
typedConfigV
config_discovery (
2+.envoy.config.core.v3.ExtensionConfigSourceRconfigDiscovery:"?ň
envoy.api.v2.cluster.FilterB?
%io.envoyproxy.envoy.config.cluster.v3B
FilterProtoPZHgithub.com/envoyproxy/go-control-plane/envoy/config/cluster/v3;clusterv3????J?
��'
��
�
��2
�#
�'
�+
�!
�>
�>
�,
�,
�"
�"
�_
�_
�F
???j�F
?
��'2 [#protodoc-title: Upstream network filters]
Upstream network filters apply to the connections to the upstream cluster hosts.
�
�]
�ӈ?]
4
��;' The name of the filter configuration.
��
��
��
��:
��?9
?
� '? Filter specific configuration which depends on the filter being
instantiated. See the supported filters for further documentation.
Note that Envoy's :ref:`downstream network
filters ` are not valid upstream network filters.
Only one of typed_config or config_discovery can be used.
�
� "
� %&
?
�&5? Configuration source specifier for an extension configuration discovery
service. In case of a failure and without the default configuration, the
listener closes the connections.
Only one of typed_config or config_discovery can be used.
�&
�& 0
�&34bproto3
?\
/envoy/config/cluster/v3/outlier_detection.protoenvoy.config.cluster.v3$envoy/config/core/v3/extension.proto
google/protobuf/duration.proto
google/protobuf/wrappers.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
OutlierDetectionE
consecutive_5xx (
2
.google.protobuf.UInt32ValueRconsecutive5xx?
interval (
2.google.protobuf.DurationB?B?*�RintervalQ
base_ejection_time (
2.google.protobuf.DurationB?B?*�RbaseEjectionTimeW
max_ejection_percent (
2
.google.protobuf.UInt32ValueB?B*dRmaxEjectionPercenta
enforcing_consecutive_5xx (
2
.google.protobuf.UInt32ValueB?B*dRenforcingConsecutive5xx[
enforcing_success_rate (
2
.google.protobuf.UInt32ValueB?B*dRenforcingSuccessRateY
success_rate_minimum_hosts (
2
.google.protobuf.UInt32ValueRsuccessRateMinimumHosts[
success_rate_request_volume (
2
.google.protobuf.UInt32ValueRsuccessRateRequestVolumeW
success_rate_stdev_factor (
2
.google.protobuf.UInt32ValueRsuccessRateStdevFactor\
consecutive_gateway_failure
(
2
.google.protobuf.UInt32ValueRconsecutiveGatewayFailurex
%enforcing_consecutive_gateway_failure
(
2
.google.protobuf.UInt32ValueB?B*dR"enforcingConsecutiveGatewayFailureJ
"split_external_local_origin_errors
(R
splitExternalLocalOriginErrorse
consecutive_local_origin_failure
(
2
.google.protobuf.UInt32ValueR
consecutiveLocalOriginFailure?
*enforcing_consecutive_local_origin_failure (
2
.google.protobuf.UInt32ValueB?B*dR&enforcingConsecutiveLocalOriginFailures
#enforcing_local_origin_success_rate (
2
.google.protobuf.UInt32ValueB?B*dR enforcingLocalOriginSuccessRateg
failure_percentage_threshold (
2
.google.protobuf.UInt32ValueB?B*dRfailurePercentageThresholdg
enforcing_failure_percentage (
2
.google.protobuf.UInt32ValueB?B*dRenforcingFailurePercentage
)enforcing_failure_percentage_local_origin (
2
.google.protobuf.UInt32ValueB?B*dR%enforcingFailurePercentageLocalOrigine
failure_percentage_minimum_hosts (
2
.google.protobuf.UInt32ValueR
failurePercentageMinimumHostsg
!failure_percentage_request_volume (
2
.google.protobuf.UInt32ValueR
failurePercentageRequestVolumeO
max_ejection_time (
2.google.protobuf.DurationB?B?*�RmaxEjectionTimeR
max_ejection_time_jitter (
2.google.protobuf.DurationRmaxEjectionTimeJitterw
+successful_active_health_check_uneject_host (
2.google.protobuf.BoolValueR&successfulActiveHealthCheckUnejectHostF
monitors (
2*.envoy.config.core.v3.TypedExtensionConfigRmonitors:,?ň
'
%envoy.api.v2.cluster.OutlierDetectionB?
%io.envoyproxy.envoy.config.cluster.v3BOutlierDetectionProtoPZHgithub.com/envoyproxy/go-control-plane/envoy/config/cluster/v3;clusterv3????J?F
��?
��
�
��.
�(
�(
�'
�+
�!
�>
�>
�6
�6
�"
�"
�_
�_
�F
???j�F
?
��?? See the :ref:`architecture overview ` for
more information on outlier detection.
[#next-free-field: 25]
2& [#protodoc-title: Outlier detection]
�
�.
�ӈ?.
?
�� 2? The number of consecutive server-side error responses (for HTTP traffic,
5xx responses; for TCP traffic, connection failures; for Redis, failure to
respond PONG; etc.) before a consecutive 5xx ejection occurs. Defaults to 5.
��
��
-
�� 01
?
�$N? The time interval between ejection analysis sweeps. This can result in
both new ejections as well as hosts being returned to service. Defaults
to 10000ms or 10s.
�$
�$#
�$&'
�$(M
�?$)L
?
�*X? The base time that a host is ejected for. The real time is equal to the
base time multiplied by the number of times the host has been ejected and is
capped by :ref:`max_ejection_time`.
Defaults to 30000ms or 30s.
�*
�*-
�*01
�*2W
�?*3V
?
�.^? The maximum % of an upstream cluster that can be ejected due to outlier
detection. Defaults to 10% but will eject at least one host regardless of the value.
�.
�.
2
�.56
�.7]
�?.8\
?
�3c? The % chance that a host will be actually ejected when an outlier status
is detected through consecutive 5xx. This setting can be used to disable
ejection or to ramp it up slowly. Defaults to 100.
�3
�3
7
�3:;
�3=? The number of hosts in a cluster that must have enough request volume to
detect success rate outliers. If the number of hosts is less than this
setting, outlier detection via success rate statistics is not performed
for any host in the cluster. Defaults to 5.
�>
�>
8
�>;<
?
�E>? The minimum number of total requests that must be collected in one
interval (as defined by the interval duration above) to include this host
in success rate based outlier detection. If the volume is lower than this
setting, outlier detection via success rate statistics is not performed
for that host. Defaults to 100.
�E
�E
9
�E<=
?
�N<? This factor is used to determine the ejection threshold for success rate
outlier ejection. The ejection threshold is the difference between the
mean success rate, and the product of this factor and the standard
deviation of the mean success rate: mean - (stdev *
success_rate_stdev_factor). This factor is divided by a thousand to get a
double. That is, if the desired factor is 1.9, the runtime value should
be 1900. Defaults to 1900.
�N
�N
7
�N:;
?
� R?? The number of consecutive gateway failures (502, 503, 504 status codes)
before a consecutive gateway failure ejection occurs. Defaults to 5.
� R
� R
9
� R<>
?
�
WX-? The % chance that a host will be actually ejected when an outlier status
is detected through consecutive gateway failures. This setting can be
used to disable ejection or to ramp it up slowly. Defaults to 0.
�
W
�
W
C
�
WFH
�
X,
�
?X+
?
�
a/? Determines whether to distinguish local origin failures from external errors. If set to true
the following configuration parameters are taken into account:
:ref:`consecutive_local_origin_failure`,
:ref:`enforcing_consecutive_local_origin_failure`
and
:ref:`enforcing_local_origin_success_rate`.
Defaults to false.
�
a
�
a)
�
a,.
?
�
gD? The number of consecutive locally originated failures before ejection
occurs. Defaults to 5. Parameter takes effect only when
:ref:`split_external_local_origin_errors`
is set to true.
�
g
�
g
>
�
gAC
?
�
op-? The % chance that a host will be actually ejected when an outlier status
is detected through consecutive locally originated failures. This setting can be
used to disable ejection or to ramp it up slowly. Defaults to 100.
Parameter takes effect only when
:ref:`split_external_local_origin_errors`
is set to true.
�
o
�
o
H
�
oKM
�
p,
�
?p+
?
�xy-? The % chance that a host will be actually ejected when an outlier status
is detected through success rate statistics for locally originated errors.
This setting can be used to disable ejection or to ramp it up slowly. Defaults to 100.
Parameter takes effect only when
:ref:`split_external_local_origin_errors`
is set to true.
�x
�x
A
�xDF
�y,
�?y+
?
�~-? The failure percentage to use when determining failure percentage-based outlier detection. If
the failure percentage of a given host is greater than or equal to this value, it will be
ejected. Defaults to 85.
�~
�~
:
�~=?
�,
�?+
?
�??-? The % chance that a host will be actually ejected when an outlier status is detected through
failure percentage statistics. This setting can be used to disable ejection or to ramp it up
slowly. Defaults to 0.
[#next-major-version: setting this without setting failure_percentage_threshold should be
invalid in v4.]
�?
�?
:
�?=?
�?,
�??+
?
�??-? The % chance that a host will be actually ejected when an outlier status is detected through
local-origin failure percentage statistics. This setting can be used to disable ejection or to
ramp it up slowly. Defaults to 0.
�?
�?
G
�?JL
�?,
�??+
?
�?D? The minimum number of hosts in a cluster in order to perform failure percentage-based ejection.
If the total number of hosts in the cluster is less than this value, failure percentage-based
ejection will not be performed. Defaults to 5.
�?
�?
>
�?AC
?
�?E? The minimum number of total requests that must be collected in one interval (as defined by the
interval duration above) to perform failure percentage-based ejection for this host. If the
volume is lower than this setting, failure percentage-based ejection will not be performed for
this host. Defaults to 50.
�?
�?
?
�?BD
?
�?X? The maximum time that a host is ejected for. See :ref:`base_ejection_time`
for more information. If not specified, the default value (300000ms or 300s) or
:ref:`base_ejection_time` value is applied, whatever is larger.
�?
�?,
�?/1
�?2W
�??3V
?
�?9? The maximum amount of jitter to add to the ejection time, in order to prevent
a 'thundering herd' effect where all proxies try to reconnect to host at the same time.
See :ref:`max_ejection_time_jitter`
Defaults to 0s.
�?
�?3
�?68
?
�?M? If active health checking is enabled and a host is ejected by outlier detection, a successful active health check
unejects the host by default and considers it as healthy. Unejection also clears all the outlier detection counters.
To change this default behavior set this config to ``false`` where active health checking will not uneject the host.
Defaults to true.
�?
�?
G
�?JL
I
�?6; Set of host's passive monitors.
[#not-implemented-hide:]
�?
�?
'
�?(0
�?35bproto3
?
/envoy/config/core/v3/event_service_config.protoenvoy.config.core.v3'envoy/config/core/v3/grpc_service.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
EventServiceConfigF
grpc_service (
2!.envoy.config.core.v3.GrpcServiceH�R
grpcService:+?ň
&
$envoy.api.v2.core.EventServiceConfigB
config_source_specifier?BB?
"io.envoyproxy.envoy.config.core.v3BEventServiceConfigProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J?
��
��
�
��1
�'
�+
�!
�;
�;
�8
�8
�"
�"
�Y
�Y
�F
???j�F
^
��
R [#not-implemented-hide:]
Configuration of the event reporting service endpoint.
�
�-
�ӈ?-
��
��
��&
��?&
Q
��!D Specifies the gRPC service that hosts the event reporting service.
��
��
�� bproto3
?'
!envoy/type/matcher/v3/regex.protoenvoy.type.matcher.v3
google/protobuf/wrappers.proto#envoy/annotations/deprecation.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
RegexMatcher[
google_re2 (
2-.envoy.type.matcher.v3.RegexMatcher.GoogleRE2B
?dž?3.0H�R googleRe2
regex ( B?BrRregex?
GoogleRE2S
max_program_size (
2
.google.protobuf.UInt32ValueB
?dž?3.0RmaxProgramSize:0?ň
+
)envoy.type.matcher.RegexMatcher.GoogleRE2:&?ň
!
envoy.type.matcher.RegexMatcherB
engine_type"?
RegexMatchAndSubstituteG
pattern (
2#.envoy.type.matcher.v3.RegexMatcherB?B?Rpattern/
substitution ( B
?Br??�R
substitution:1?ň
,
*envoy.type.matcher.RegexMatchAndSubstituteB?
#io.envoyproxy.envoy.type.matcher.v3B
RegexProtoPZFgithub.com/envoyproxy/go-control-plane/envoy/type/matcher/v3;matcherv3????J?
��`
��
�
��(
�-
�'
�+
�!
�<
�<
�+
�+
�"
�"
�]
�]
�F
???j�F
u
��BE A regex matcher designed for safety when used with untrusted input.
2" [#protodoc-title: Regex matcher]
�
�a
�ӈ?a
?
��$7? Google's `RE2 `_ regex engine. The regex string must adhere to
the documented `syntax `_. The engine is designed
to complete execution in linear time as well as limit the amount of memory used.
Envoy supports program size checking via runtime. The runtime keys ``re2.max_program_size.error_level``
and ``re2.max_program_size.warn_level`` can be set to integers as the maximum program size or
complexity that a compiled regex can have before an exception is thrown or a warning is
logged, respectively. ``re2.max_program_size.error_level`` defaults to 100, and
``re2.max_program_size.warn_level`` has no default if unset (will not check/log a warning).
Envoy emits two stats for tracking the program size of regexes: the histogram ``re2.program_size``,
which records the program size, and the counter ``re2.exceeded_warn_level``, which is incremented
each time the program size exceeds the warn level threshold.
��$
��%&4
��ӈ?%&4
?
���56U? This field controls the RE2 "program size" which is a rough estimate of how complex a
compiled regex is to evaluate. A regex that has a program size greater than the configured
value will fail to compile. In this case, the configured max program size can be increased
or the regex can be simplified. If not specified, the default is 100.
This field is deprecated; regexp validation should be performed on the management server
instead of being done by each individual client.
.. note::
Although this field is deprecated, the program size will still be checked against the
global ``re2.max_program_size.error_level`` runtime value.
���5
���5 0
���534
���6T
���6
���??K6
S
��9=
��9
*
��;`_ regular expression engine uses a
backslash followed by the capture group number to denote a numbered
capture group. E.g., ``\1`` refers to capture group 1, and ``\2`` refers
to capture group 2.
^
^
^
_U
?_Tbproto3
?
xds/core/v3/extension.proto
xds.core.v3validate/validate.protogoogle/protobuf/any.proto"v
TypedExtensionConfig
name ( B?BrRnameA
typed_config (
2.google.protobuf.AnyB?B?R
typedConfigBN
com.github.xds.core.v3BExtensionProtoPZ"github.com/cncf/xds/go/xds/core/v3J?
��
��
�
�/
�/
�"
�"
�/
�/
�9
�9
� �!
�#
7
�
�+ Message type for extension configuration.
�
?
��;z The name of an extension. This is not used to select the extension, instead
it serves the role of an opaque identifier.
��
��
��
��:
��?9
?
�Q? The typed config for the extension. The type URL will be used to identify
the extension. In the case that the type URL is *xds.type.v3.TypedStruct*
(or, for historical reasons, *udpa.type.v1.TypedStruct*), the inner type
URL of *TypedStruct* will be utilized. See the
:ref:`extension configuration overview
` for further details.
�
�"
�%&
�'P
�?(Obproto3
?
"envoy/type/matcher/v3/string.protoenvoy.type.matcher.v3!envoy/type/matcher/v3/regex.protoxds/core/v3/extension.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
StringMatcher
exact ( H�Rexact!
prefix ( B?BrH�Rprefix!
suffix ( B?BrH�RsuffixN
safe_regex (
2#.envoy.type.matcher.v3.RegexMatcherB?B?H�R safeRegex%
contains ( B?BrH�Rcontains;
custom (
2!.xds.core.v3.TypedExtensionConfigH�Rcustom
ignore_case (R
ignoreCase:'?ň
"
envoy.type.matcher.StringMatcherB
match_pattern?BJRregex"?
ListStringMatcherJ
patterns (
2$.envoy.type.matcher.v3.StringMatcherB?B?Rpatterns:+?ň
&
$envoy.type.matcher.ListStringMatcherB?
#io.envoyproxy.envoy.type.matcher.v3B
StringProtoPZFgithub.com/envoyproxy/go-control-plane/envoy/type/matcher/v3;matcherv3????J?
��S
��
�
��+
�%
�'
�+
�!
�<
�<
�,
�,
�"
�"
�]
�]
�F
???j�F
n
��K= Specifies the way to match a string.
[#next-free-field: 9]
2# [#protodoc-title: String matcher]
�
�b
�ӈ?b
�
� �
� �
� �
�
�
�
��
E
��
��
&
��?
&
?
��%x The input string must match exactly the string specified here.
Examples:
* ``abc`` only matches the value ``abc``.
��%
��%
��%
?
�-?? The input string must have the prefix specified here.
Note: empty prefix is not allowed, please use regex instead.
Examples:
* ``abc`` matches the value ``abc.xyz``
�-
�-
�-
�->
�?-=
?
�5?? The input string must have the suffix specified here.
Note: empty prefix is not allowed, please use regex instead.
Examples:
* ``abc`` matches the value ``xyz.abc``
�5
�5
�5
�5>
�?5=
Q
�8ND The input string must match the regular expression specified here.
�8
�8
�8
�8 M
�?8!L
?
�@A? The input string must have the substring specified here.
Note: empty contains match is not allowed, please use regex instead.
Examples:
* ``abc`` matches the value ``xyz.abc.def``
�@
�@
�@
�@@
�?@?
a
�D0T Use an extension as the matcher type.
[#extension-category: envoy.string_matcher]
�D$
�D%+
�D./
?
�J? If true, indicates the exact/prefix/suffix/contains matching should be case insensitive. This
has no effect for the safe_regex match.
For example, the matcher ``data`` will match both input string ``Data`` and ``data`` if set to true.
�J
�J
�J
9
N�S- Specifies a list of ways to match a string.
N
OP-
ӈ?OP-
�RS
�R
�R
�R!
�R$%
�R&R
�?R'Qbproto3
?
envoy/type/v3/http.proto
envoy.type.v3
udpa/annotations/status.proto*2
CodecClientType
HTTP1�
HTTP2
HTTP3Bo
io.envoyproxy.envoy.type.v3B HttpProtoPZ;github.com/envoyproxy/go-control-plane/envoy/type/v3;typev3????J?
��
��
�
��'
�4
�4
�*
�*
�"
�"
�R
�R
�F
???j
�F
%
��2 [#protodoc-title: HTTP]
�
��
��
��
�
�
�
?
�
? [#not-implemented-hide:] QUIC implementation is not production ready yet. Use this enum with
caution to prevent accidental execution of QUIC code. I.e. `!= HTTP2` is no longer sufficient
to distinguish HTTP1 and HTTP2 traffic.
�
�
bproto3
?
envoy/type/v3/range.proto
envoy.type.v3
udpa/annotations/status.proto!udpa/annotations/versioning.proto"R
Int64Range
start (Rstart
end (Rend:
?ň
envoy.type.Int64Range"R
Int32Range
start (Rstart
end (Rend:
?ň
envoy.type.Int32Range"T
DoubleRange
start (Rstart
end (Rend:
?ň
envoy.type.DoubleRangeBp
io.envoyproxy.envoy.type.v3B
RangeProtoPZ;github.com/envoyproxy/go-control-plane/envoy/type/v3;typev3????J?
��1
��
�
��'
�+
�4
�4
�+
�+
�"
�"
�R
�R
�F
???j
�F
?
��b Specifies the int64 start and end of the range using half-open interval semantics [start,
end).
2 [#protodoc-title: Range]
�
�W
�ӈ?W
-
�� start of the range (inclusive)
��
��
��
+
�
end of the range (exclusive)
�
�
�
n
�%b Specifies the int32 start and end of the range using half-open interval semantics [start,
end).
W
ӈ?
W
-
�! start of the range (inclusive)
�!
�!
�!
+
$
end of the range (exclusive)
$
$
$
o
)�1c Specifies the double start and end of the range using half-open interval semantics [start,
end).
)
*X
ӈ?*X
-
�- start of the range (inclusive)
�-
�-
�-
+
0
end of the range (exclusive)
0
0
0bproto3
??
'envoy/config/core/v3/health_check.protoenvoy.config.core.v3 envoy/config/core/v3/base.proto/envoy/config/core/v3/event_service_config.proto$envoy/config/core/v3/extension.proto"envoy/type/matcher/v3/string.protoenvoy/type/v3/http.protoenvoy/type/v3/range.protogoogle/protobuf/any.proto
google/protobuf/duration.proto
google/protobuf/struct.proto
google/protobuf/wrappers.proto#envoy/annotations/deprecation.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"`
HealthStatusSetM
statuses (2".envoy.config.core.v3.HealthStatusB
?B
?"?Rstatuses"?
HealthCheck?
timeout (
2.google.protobuf.DurationB
?B?*�RtimeoutA
interval (
2.google.protobuf.DurationB
?B?*�Rinterval@
initial_jitter (
2.google.protobuf.DurationR
initialJitterB
interval_jitter (
2.google.protobuf.DurationRintervalJitter6
interval_jitter_percent (
RintervalJitterPercentW
unhealthy_threshold (
2
.google.protobuf.UInt32ValueB?B?RunhealthyThresholdS
healthy_threshold (
2
.google.protobuf.UInt32ValueB?B?RhealthyThreshold7
alt_port (
2
.google.protobuf.UInt32ValueRaltPortE
reuse_connection (
2.google.protobuf.BoolValueRreuseConnection_
http_health_check (
21.envoy.config.core.v3.HealthCheck.HttpHealthCheckH�RhttpHealthCheck\
tcp_health_check (
20.envoy.config.core.v3.HealthCheck.TcpHealthCheckH�RtcpHealthCheck_
grpc_health_check
(
21.envoy.config.core.v3.HealthCheck.GrpcHealthCheckH�RgrpcHealthChecke
custom_health_check
(
23.envoy.config.core.v3.HealthCheck.CustomHealthCheckH�RcustomHealthCheckS
no_traffic_interval
(
2.google.protobuf.DurationB?B?*�RnoTrafficIntervalb
no_traffic_healthy_interval (
2.google.protobuf.DurationB?B?*�RnoTrafficHealthyIntervalR
unhealthy_interval (
2.google.protobuf.DurationB?B?*�RunhealthyInterval[
unhealthy_edge_interval (
2.google.protobuf.DurationB?B?*�RunhealthyEdgeIntervalW
healthy_edge_interval (
2.google.protobuf.DurationB?B?*�RhealthyEdgeInterval1
event_log_path ( B
?dž?3.0R
eventLogPathM
event_logger (
2*.envoy.config.core.v3.TypedExtensionConfigR
eventLoggerM
event_service (
2(.envoy.config.core.v3.EventServiceConfigR
eventServiceF
always_log_health_check_failures (R
alwaysLogHealthCheckFailuresD
always_log_health_check_success (RalwaysLogHealthCheckSuccessM
tls_options (
2,.envoy.config.core.v3.HealthCheck.TlsOptionsR
tlsOptions^
transport_socket_match_criteria (
2.google.protobuf.StructR
transportSocketMatchCriteria?
Payload
text ( B?BrH�Rtext
binary (
H�Rbinary:,?ň
'
%envoy.api.v2.core.HealthCheck.PayloadB
payload?B?
HttpHealthCheck
host ( B?Br?Rhost
path ( B
?Br?Rpath=
send (
2).envoy.config.core.v3.HealthCheck.PayloadRsendC
receive (
2).envoy.config.core.v3.HealthCheck.PayloadRreceiveW
response_buffer_size (
2
.google.protobuf.UInt64ValueB?B2(�RresponseBufferSizeg
request_headers_to_add (
2'.envoy.config.core.v3.HeaderValueOptionB ?B??RrequestHeadersToAddK
request_headers_to_remove ( B?B
?
"r??�RrequestHeadersToRemoveF
expected_statuses (
2.envoy.type.v3.Int64RangeRexpectedStatusesH
retriable_statuses
(
2.envoy.type.v3.Int64RangeRretriableStatusesT
codec_client_type
(2
.envoy.type.v3.CodecClientTypeB?B?RcodecClientTypeV
service_name_matcher
(
2$.envoy.type.matcher.v3.StringMatcherRserviceNameMatcherG
method
(2#.envoy.config.core.v3.RequestMethodB
?B? Rmethod:4?ň
/
-envoy.api.v2.core.HealthCheck.HttpHealthCheckJJR
service_nameR use_http2?
TcpHealthCheck=
send (
2).envoy.config.core.v3.HealthCheck.PayloadRsendC
receive (
2).envoy.config.core.v3.HealthCheck.PayloadRreceive:3?ň
.
,envoy.api.v2.core.HealthCheck.TcpHealthCheck[
RedisHealthCheck
key ( Rkey:5?ň
0
.envoy.api.v2.core.HealthCheck.RedisHealthCheck?
GrpcHealthCheck!
service_name ( R
serviceName)
authority ( B
?Br??�R authority]
initial_metadata (
2'.envoy.config.core.v3.HeaderValueOptionB ?B??RinitialMetadata:4?ň
/
-envoy.api.v2.core.HealthCheck.GrpcHealthCheck?
CustomHealthCheck
name ( B?BrRname9
typed_config (
2.google.protobuf.AnyH�R
typedConfig:6?ň
1
/envoy.api.v2.core.HealthCheck.CustomHealthCheckB
config_typeJRconfigd
TlsOptions%
alpn_protocols ( R
alpnProtocols:/?ň
*
(envoy.api.v2.core.HealthCheck.TlsOptions:$?ň
envoy.api.v2.core.HealthCheckB
health_checker?BJ
*`
HealthStatus
UNKNOWN�
HEALTHY
UNHEALTHY
DRAINING
TIMEOUT
DEGRADEDB?
"io.envoyproxy.envoy.config.core.v3BHealthCheckProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J??
��?
��
�
��)
�9
�.
�,
�"
�#
�#
�(
�&
�(
�-
�'
�+
�!
�;
�;
�1
�1
�"
�"
�Y
�Y
�F
???j�F
?
�!�8 Endpoint health status.
2? [#protodoc-title: Health check]
* Health checking :ref:`architecture overview `.
* If health checking is configured for a cluster, additional statistics are emitted. They are
documented :ref:`here `.
�!
[
��#N The health status is not known. This is interpreted by Envoy as ``HEALTHY``.
��#
��#
�&
Healthy.
�&
�&
�)
Unhealthy.
�)
�)
?
�0? Connection draining in progress. E.g.,
``_.
This is interpreted by Envoy as ``UNHEALTHY``.
�0
�0
i
�4\ Health check timed out. This is part of HDS and is interpreted by Envoy as
``UNHEALTHY``.
�4
�4
�7
Degraded.
�7
�7
�:�>
�:
:
��<=H, An order-independent set of health status.
��<
��<
��<
��<#$
��=G
��?=F
%
A�? [#next-free-field: 27]
A
B_
ӈ?B_
K
�ER= Describes the encoding of the payload bytes in the payload.
�E
�FG0
�ӈ?FG0
��IQ
��I
��J(
��?J(
7
��M?( Hex encoded payload. E.g., "000000FF".
��M
��M
��M
��M>
��?M=
�P Binary payload.
�P
�P
�P
'
U? [#next-free-field: 15]
U
VW8
ӈ?VW8
Y
�Y
�Y
�Y
Y
Y
Y
[)
�[
[
(
?
�aV? The value of the host header in the HTTP health check request. If
left empty (default value), the name of the cluster this health check is associated
with will be used. The host header can be customized for a specific endpoint by setting the
:ref:`hostname ` field.
�a
�a
�a
�aU
�?aT
v
eag Specifies the HTTP path that will be requested during health checking. For example
``/healthcheck``.
e
e
e
e`
?e_
@
h1 [#not-implemented-hide:] HTTP specific payload.
h
h
h
?
s!? Specifies a list of HTTP expected responses to match in the first ``response_buffer_size`` bytes of the response body.
If it is set, both the expected response check and status code determine the health check.
When checking the response, “fuzzy” matching is performed such that each payload block must be found,
and in the order specified, but not necessarily contiguous.
.. note::
It is recommended to set ``response_buffer_size`` based on the total Payload size for efficiency.
The default buffer size is 1024 bytes when it is not set.
s
s
s
s
?
w_? Specifies the size of response buffer in bytes that is used to Payload match.
The default value is 1024. Setting to 0 implies that the Payload will be matched against the entire response.
w
w 4
w79
w:^
?w;]
?
}~8? Specifies a list of HTTP headers that should be added to each request that is sent to the
health checked cluster. For more information, including details on header value syntax, see
the documentation on :ref:`custom request headers
`.
}
}
} 5
}89
~7
?~ 6
?
??x Specifies a list of HTTP headers that should be removed from each request that is sent to the
health checked cluster.
?
?
?-
?01
?2?
??3?
?
?6? Specifies a list of HTTP response statuses considered healthy. If provided, replaces default
200-only policy - 200 must be included explicitly as needed. Ranges follow half-open
semantics of :ref:`Int64Range `. The start and end of each
range are required. Only statuses in the range [100, 600) are allowed.
?
?
? 1
?45
?
?8? Specifies a list of HTTP response statuses considered retriable. If provided, responses in this range
will count towards the configured :ref:`unhealthy_threshold `,
but will not result in the host being considered immediately unhealthy. Ranges follow half-open semantics of
:ref:`Int64Range `. The start and end of each range are required.
Only statuses in the range [100, 600) are allowed. The :ref:`expected_statuses `
field takes precedence for any range overlaps with this field i.e. if status code 200 is both retriable and expected, a 200 response will
be considered a successful health check. By default all responses not in
:ref:`expected_statuses ` will result in
the host being considered immediately unhealthy i.e. if status code 200 is expected and there are no configured retriable statuses, any
non-200 response will result in the host being marked unhealthy.
?
?
? 2
?57
G
?b7 Use specified application protocol for health checks.
?
?
-
?02
?3a
??4`
?
?<? An optional service name parameter which is used to validate the identity of
the health checked cluster using a :ref:`StringMatcher
`. See the :ref:`architecture overview
` for more information.
?!
?"6
?9;
?
?W? HTTP Method that will be used for health checking, default is "GET".
GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH methods are supported, but making request body is not supported.
CONNECT method is disallowed because it is not appropriate for health check request.
If a non-200 response is expected by the method, it needs to be set in :ref:`expected_statuses `.
?
?
?
?
V
?? U
??
?
??7
ӈ???7
C
�?3 Empty payloads imply a connect-only health check.
�?
�?
�?
?
?!? When checking the response, “fuzzy” matching is performed such that each
payload block must be found, and in the order specified, but not
necessarily contiguous.
?
?
?
?
??
?
??9
ӈ???9
?
�?? If set, optionally perform ``EXISTS `` instead of ``PING``. A return value
from Redis of 0 (does not exist) is considered a passing healthcheck. A return value other
than 0 is considered a failure. This allows the user to mark a Redis instance for maintenance
by setting the specified key to any value and waiting for traffic to drain.
�?
�?
�?
?
??? `grpc.health.v1.Health
`_-based
healthcheck. See `gRPC doc `_
for details.
?
??8
ӈ???8
?
�?
? An optional service name parameter which will be sent to gRPC service in
`grpc.health.v1.HealthCheckRequest
`_.
message. See `gRPC health-checking overview
`_ for more information.
�?
�?
�?
?
??X? The value of the :authority header in the gRPC health check request. If
left empty (default value), the name of the cluster this health check is associated
with will be used. The authority header can be customized for a specific endpoint by setting
the :ref:`hostname ` field.
?
?
?
?W
?? V
?
?d? Specifies a list of key-value pairs that should be added to the metadata of each GRPC call
that is sent to the health checked cluster. For more information, including details on header value syntax,
see the documentation on :ref:`custom request headers
`.
?
?
? /
?23
?4c
??5b
&
?? Custom health check.
?
??:
ӈ???:
?
�?
�?
�?
?
�?
C
�?=3 The registered name of the custom health checker.
�?
�?
�?
�?<
�??;
?
�??? A custom health checker specific configuration which depends on the custom health checker
being instantiated. See :api:`envoy/config/health_checker` for reference.
[#extension-category: envoy.health_checkers]
�?
?+
?
?&
?)*
?
??? Health checks occur over the transport socket specified for the cluster. This implies that if a
cluster is using a TLS-enabled transport socket, the health check will also occur over TLS.
This allows overriding the cluster TLS settings, just for health check connections.
?
??3
ӈ???3
?
�?'? Specifies the ALPN protocols for health check connections. This is useful if the
corresponding upstream is using ALPN-based :ref:`FilterChainMatch
` along with different protocols for health checks
versus data connections. If empty, no ALPN protocols will be set on health check connections.
�?
�?
�?"
�?%&
?
�?
�?
�?
?
�??? The time to wait for a health check response. If the timeout is reached the
health check attempt will be considered a failure.
�?
�?"
�?%&
�?'?
�??(?
5
??% The interval between health checks.
?
?#
?&'
?(?
??)?
?
?/? An optional jitter amount in milliseconds. If specified, Envoy will start health
checking after for a random time in ms between 0 and initial_jitter. This only
applies to the first health check.
?
?)
?,.
?
?/? An optional jitter amount in milliseconds. If specified, during every
interval Envoy will add interval_jitter to the wait time.
?
?*
?-.
?
?&? An optional jitter amount as a percentage of interval_ms. If specified,
during every interval Envoy will add ``interval_ms`` *
``interval_jitter_percent`` / 100 to the wait time.
If interval_jitter_ms and interval_jitter_percent are both set, both of
them will be used to increase the wait time.
?
?
?#%
?
?d? The number of unhealthy health checks required before a host is marked
unhealthy. Note that for ``http`` health checking if a host responds with a code not in
:ref:`expected_statuses `
or :ref:`retriable_statuses `,
this threshold is ignored and the host is considered immediately unhealthy.
?
?
1
?45
?6c
??7b
?
?b? The number of healthy health checks required before a host is marked
healthy. Note that during startup, only a single successful health check is
required to mark a host healthy.
?
?
/
?23
?4a
??5`
N
?+@ [#not-implemented-hide:] Non-serving port for health checking.
?
?
&
?)*
U
?1G Reuse health check connection between health checks. Default is true.
?
?
,
?/0
�??
�?
�?&
�??&
"
?* HTTP health check.
?
?%
?()
!
?( TCP health check.
?
?#
?&'
"
?+ gRPC health check.
?
?%
?(*
$
?/ Custom health check.
?
?)
?,.
?
?Z? The "no traffic interval" is a special health check interval that is used when a cluster has
never had traffic routed to it. This lower interval allows cluster information to be kept up to
date, without sending a potentially large amount of active health checking traffic for no
reason. Once a cluster has been used for traffic routing, Envoy will shift back to using the
standard health check interval that is defined. Note that this interval takes precedence over
any other.
The default value for "no traffic interval" is 60 seconds.
?
?.
?13
?4Y
??5X
?
?b? The "no traffic healthy interval" is a special health check interval that
is used for hosts that are currently passing active health checking
(including new hosts) when the cluster has received no traffic.
This is useful for when we want to send frequent health checks with
``no_traffic_interval`` but then revert to lower frequency ``no_traffic_healthy_interval`` once
a host in the cluster is marked as healthy.
Once a cluster has been used for traffic routing, Envoy will shift back to using the
standard health check interval that is defined.
If no_traffic_healthy_interval is not set, it will default to the
no traffic interval and send that interval regardless of health state.
?
?6
?9;
?` and
:ref:`event_log_path `
in the file sink extension.
Specifies the path to the :ref:`health check event log `.
?
?
?
?R
?
??K?Q
?
?2u A list of event log sinks to process the health check event.
[#extension-category: envoy.health_check.event_sinks]
?
?
? ,
?/1
?
?(? [#not-implemented-hide:]
The gRPC service for the health check event service.
If empty, health check events won't be sent to a remote endpoint.
?
?"
?%'
?
?-? If set to true, health check failure events will always be logged. If set to false, only the
initial health check failure event will be logged.
The default value is false.
?
?'
?*,
?
?,? If set to true, health check success events will always be logged. If set to false, only host addition event will be logged
if it is the first successful health check, or if the healthy threshold is reached.
The default value is false.
?
?&
?)+
c
?
U This allows overriding the cluster TLS settings, just for health check connections.
?
?
?
?
?>?
Optional key/value pairs that will be used to match a transport socket from those specified in the cluster's
:ref:`tranport socket matches `.
For example, the following match criteria
.. code-block:: yaml
transport_socket_match_criteria:
useMTLS: true
Will match the following :ref:`cluster socket match `
.. code-block:: yaml
transport_socket_matches:
- name: "useMTLS"
match:
useMTLS: true
transport_socket:
name: envoy.transport_sockets.tls
config: { ... } # tls socket configuration
If this field is set, then for health checks it will supersede an entry of ``envoy.transport_socket`` in the
:ref:`LbEndpoint.Metadata `.
This allows using different transport socket capabilities for health checking versus proxying to the
endpoint.
If the key/values pairs specified do not match any
:ref:`transport socket matches `,
the cluster's :ref:`transport socket `
will be used for health check socket configuration.
?
?8
?;=bproto3
??
#envoy/config/core/v3/protocol.protoenvoy.config.core.v3$envoy/config/core/v3/extension.protoenvoy/type/v3/percent.proto
google/protobuf/duration.proto
google/protobuf/wrappers.proto xds/annotations/v3/status.proto#envoy/annotations/deprecation.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"A
TcpProtocolOptions:+?ň
&
$envoy.api.v2.core.TcpProtocolOptions"?
QuicKeepAliveSettingsJ
max_interval (
2.google.protobuf.DurationB
?B ?"�2R
maxIntervalR
initial_interval (
2.google.protobuf.DurationB
?B ?"�2RinitialInterval"?
QuicProtocolOptions[
max_concurrent_streams (
2
.google.protobuf.UInt32ValueB?B*(RmaxConcurrentStreamsg
initial_stream_window_size (
2
.google.protobuf.UInt32ValueB
?B *???(RinitialStreamWindowSizeo
initial_connection_window_size (
2
.google.protobuf.UInt32ValueB
?B *???
(RinitialConnectionWindowSizez
&num_timeouts_to_trigger_port_migration (
2
.google.protobuf.UInt32ValueB ?B*(�R!numTimeoutsToTriggerPortMigration^
connection_keepalive (
2+.envoy.config.core.v3.QuicKeepAliveSettingsRconnectionKeepalive-
connection_options ( RconnectionOptions:
client_connection_options ( RclientConnectionOptions\
idle_network_timeout (
2.google.protobuf.DurationB?B
? "?2RidleNetworkTimeout"?
UpstreamHttpProtocolOptions
auto_sni (RautoSni.
auto_san_validation (RautoSanValidationD
override_auto_sni_header ( B
?Br??RoverrideAutoSniHeader:4?ň
/
-envoy.api.v2.core.UpstreamHttpProtocolOptions"?
AlternateProtocolsCacheOptions
name ( B?BrRnameF
max_entries (
2
.google.protobuf.UInt32ValueB?B* �R
maxEntries_
key_value_store_config (
2*.envoy.config.core.v3.TypedExtensionConfigRkeyValueStoreConfig?
prepopulated_entries (
2Q.envoy.config.core.v3.AlternateProtocolsCacheOptions.AlternateProtocolsCacheEntryRprepopulatedEntries-
canonical_suffixes ( RcanonicalSuffixesh
AlternateProtocolsCacheEntry'
hostname ( B
?Br??Rhostname
port (
B
?B*?? �Rport"?
HttpProtocolOptions<
idle_timeout (
2.google.protobuf.DurationR
idleTimeoutQ
max_connection_duration (
2.google.protobuf.DurationRmaxConnectionDurationQ
max_headers_count (
2
.google.protobuf.UInt32ValueB?B*(RmaxHeadersCountI
max_stream_duration (
2.google.protobuf.DurationRmaxStreamDuration?
headers_with_underscores_action (2F.envoy.config.core.v3.HttpProtocolOptions.HeadersWithUnderscoresActionR
headersWithUnderscoresAction[
max_requests_per_connection (
2
.google.protobuf.UInt32ValueRmaxRequestsPerConnection"N
HeadersWithUnderscoresAction
ALLOW�
REJECT_REQUEST
DROP_HEADER:,?ň
'
%envoy.api.v2.core.HttpProtocolOptions"?
Http1ProtocolOptionsH
allow_absolute_url (
2.google.protobuf.BoolValueRallowAbsoluteUrl$
accept_http_10 (R
acceptHttp106
default_host_for_http_10 ( RdefaultHostForHttp10f
header_key_format (
2:.envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormatRheaderKeyFormat'
enable_trailers (RenableTrailers0
allow_chunked_length (RallowChunkedLengthz
-override_stream_error_on_invalid_http_message (
2.google.protobuf.BoolValueR'overrideStreamErrorOnInvalidHttpMessage7
send_fully_qualified_url (RsendFullyQualifiedUrlN
use_balsa_parser (
2.google.protobuf.BoolValueB?Ƥ?RuseBalsaParser:
allow_custom_methods
(B?Ƥ?RallowCustomMethods?
HeaderKeyFormatx
proper_case_words (
2J.envoy.config.core.v3.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWordsH�RproperCaseWords[
stateful_formatter (
2*.envoy.config.core.v3.TypedExtensionConfigH�RstatefulFormatter`
ProperCaseWords:M?ň
H
Fenvoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormat.ProperCaseWords:=?ň
8
6envoy.api.v2.core.Http1ProtocolOptions.HeaderKeyFormatB
header_format?B:-?ň
(
&envoy.api.v2.core.Http1ProtocolOptions"?
KeepaliveSettingsC
interval (
2.google.protobuf.DurationB
?B ?2??=RintervalC
timeout (
2.google.protobuf.DurationB?B
?2??=Rtimeout?
interval_jitter (
2.envoy.type.v3.PercentRintervalJittera
connection_idle_interval (
2.google.protobuf.DurationB
?B ?2??=RconnectionIdleInterval"?
Http2ProtocolOptionsF
hpack_table_size (
2
.google.protobuf.UInt32ValueRhpackTableSizea
max_concurrent_streams (
2
.google.protobuf.UInt32ValueB
?B
*????(RmaxConcurrentStreamsj
initial_stream_window_size (
2
.google.protobuf.UInt32ValueB?B
*
????(??RinitialStreamWindowSizer
initial_connection_window_size (
2
.google.protobuf.UInt32ValueB?B
*
????(??RinitialConnectionWindowSize#
allow_connect (R
allowConnect%
allow_metadata (R
allowMetadataU
max_outbound_frames (
2
.google.protobuf.UInt32ValueB?B*(RmaxOutboundFramesd
max_outbound_control_frames (
2
.google.protobuf.UInt32ValueB?B*(RmaxOutboundControlFrames?
1max_consecutive_inbound_frames_with_empty_payload (
2
.google.protobuf.UInt32ValueR+maxConsecutiveInboundFramesWithEmptyPayloado
&max_inbound_priority_frames_per_stream
(
2
.google.protobuf.UInt32ValueR!maxInboundPriorityFramesPerStream?
4max_inbound_window_update_frames_per_data_frame_sent
(
2
.google.protobuf.UInt32ValueB?B*(R,maxInboundWindowUpdateFramesPerDataFrameSent^
&stream_error_on_invalid_http_messaging
(B
?dž?3.0R!streamErrorOnInvalidHttpMessagingz
-override_stream_error_on_invalid_http_message (
2.google.protobuf.BoolValueR'overrideStreamErrorOnInvalidHttpMessagez
custom_settings_parameters
(
2<.envoy.config.core.v3.Http2ProtocolOptions.SettingsParameterRcustomSettingsParametersZ
connection_keepalive (
2'.envoy.config.core.v3.KeepaliveSettingsRconnectionKeepaliveP
use_oghttp2_codec (
2.google.protobuf.BoolValueB?Ƥ?RuseOghttp2Codec?
SettingsParameterN
identifier (
2
.google.protobuf.UInt32ValueB?B
*??(�?R
identifier<
value (
2
.google.protobuf.UInt32ValueB?B?Rvalue:??ň
:
8envoy.api.v2.core.Http2ProtocolOptions.SettingsParameter:-?ň
(
&envoy.api.v2.core.Http2ProtocolOptions"?
GrpcProtocolOptions`
http2_protocol_options (
2*.envoy.config.core.v3.Http2ProtocolOptionsRhttp2ProtocolOptions:,?ň
'
%envoy.api.v2.core.GrpcProtocolOptions"?
Http3ProtocolOptions]
quic_protocol_options (
2).envoy.config.core.v3.QuicProtocolOptionsRquicProtocolOptionsz
-override_stream_error_on_invalid_http_message (
2.google.protobuf.BoolValueR'overrideStreamErrorOnInvalidHttpMessage>
allow_extended_connect (B?Ƥ?RallowExtendedConnect%
allow_metadata (R
allowMetadata"t
SchemeHeaderTransformationD
scheme_to_overwrite ( B?Br
RhttpRhttpsH�RschemeToOverwriteB
transformationB?
"io.envoyproxy.envoy.config.core.v3B
ProtocolProtoPZBgithub.com/envoyproxy/go-control-plane/envoy/config/core/v3;corev3????J??
��?
��
�
��.
�%
�(
�(
�)
�-
�'
�+
�!
�;
�;
�.
�.
�"
�"
�Y
�Y
�F
???j�F
M
��
[#not-implemented-hide:]
2% [#protodoc-title: Protocol options]
�
�
-
�ӈ?
-
?
"�7? Config for keepalive probes in a QUIC connection.
Note that QUIC keep-alive probing packets work differently from HTTP/2 keep-alive PINGs in a sense that the probing packet
itself doesn't timeout waiting for a probing response. Quic has a shorter idle timeout than TCP, so it doesn't rely on such probing to discover dead connections. If the peer fails to respond, the connection will idle timeout eventually. Thus, they are configured differently from :ref:`connection_keepalive `.
"
?
�),? The max interval for a connection to send keep-alive probing packets (with PING or PATH_RESPONSE). The value should be smaller than :ref:`connection idle_timeout ` to prevent idle timeout while not less than 1s to avoid throttling the connection or flooding the peer with probes.
If :ref:`initial_interval ` is absent or zero, a client connection will use this value to start probing.
If zero, disable keepalive probing.
If absent, use the QUICHE default interval to probe.
�)
�)'
�)*+
�),,
�?)-,
?
36? The interval to send the first few keep-alive probing packets to prevent connection from hitting the idle timeout. Subsequent probes will be sent, each one with an interval exponentially longer than previous one, till it reaches :ref:`max_interval `. And the probes afterwards will always use :ref:`max_interval `.
The value should be smaller than :ref:`connection idle_timeout ` to prevent idle timeout and smaller than max_interval to take effect.
If absent or zero, disable keepalive probing for a server connection. For a client connection, if :ref:`max_interval ` is also zero, do not keepalive, otherwise use max_interval or QUICHE default to probe all the time.
3
3+
3./
306
?316
s
;�qg QUIC protocol options which apply to both downstream and upstream connections.
[#next-free-field: 9]
;
m
�>^` Maximum number of streams that the client can negotiate per connection. 100
if not specified.
�>
�>
4
�>78
�>9]
�?>:\
?
JK9? `Initial stream-level flow-control receive window
`_ size. Valid values range from
1 to 16777216 (2^24, maximum supported by QUICHE) and defaults to 16777216 (16 * 1024 * 1024).
NOTE: 16384 (2^14) is the minimum window size supported in Google QUIC. If configured smaller than it, we will use 16384 instead.
QUICHE IETF Quic implementation supports 1 bytes window. We only support increasing the default window size now, so it's also the minimum.
This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the
QUIC stream send and receive buffers. Once the buffer reaches this pointer, watermark callbacks will fire to
stop the flow of data to the stream buffers.
J
J
8
J;<
K8
?K7
?
ST9? Similar to ``initial_stream_window_size``, but for connection-level
flow-control. Valid values rage from 1 to 25165824 (24MB, maximum supported by QUICHE) and defaults
to 25165824 (24 * 1024 * 1024).
NOTE: 16384 (2^14) is the minimum window size supported in Google QUIC. We only support increasing the default
window size now, so it's also the minimum.
S
S
<
S?@
T8
?T7
?
Z[2? The number of timeouts that can occur before port migration is triggered for QUIC clients.
This defaults to 4. If set to 0, port migration will not occur on path degrading.
Timeout here refers to QUIC internal path degrading timeout mechanism, such as PTO.
This has no effect on server sessions.
Z
Z
D
ZGH
[1
?[0
?
_1? Probes the peer at the configured interval to solicit traffic, i.e. ACK or PATH_RESPONSE, from the peer to push back connection idle timeout.
If absent, use the default keepalive behavior of which a client connection sends PINGs every 15s, and a server connection doesn't do anything.
_
_,
_/0
?
c ? A comma-separated list of strings representing QUIC connection options defined in
`QUICHE `_ and to be sent by upstream connections.
c
c
c
?
g'? A comma-separated list of strings representing QUIC client connection options defined in
`QUICHE `_ and to be sent by upstream connections.
g
g "
g%&
?
mp? The duration that a QUIC connection stays idle before it closes itself. If this field is not present, QUICHE
default 600s will be applied.
For internal corporate network, a long timeout is often fine.
But for client facing network, 30s is usually a good choice.
m
m/
m23
m4p
?m5p
s�?
s#
tu6
ӈ?tu6
?
�|? Set transport socket `SNI `_ for new
upstream connections based on the downstream HTTP host/authority header or any other arbitrary
header when :ref:`override_auto_sni_header `
is set, as seen by the :ref:`router filter `.
Does nothing if a filter before the http router filter sets the corresponding metadata.
�|
�|
�|
?
? ? Automatic validate upstream presented certificate for new upstream connections based on the
downstream HTTP host/authority header or any other arbitrary header when :ref:`override_auto_sni_header `
is set, as seen by the :ref:`router filter `.
This field is intended to be set with ``auto_sni`` field.
Does nothing if a filter before the http router filter sets the corresponding metadata.
?
?
?
?
??Z? An optional alternative to the host/authority header to be used for setting the SNI value.
It should be a valid downstream HTTP header, as seen by the
:ref:`router filter `.
If unset, host/authority header will be used for populating the SNI. If the specified header
is not found or the value is empty, host/authority header will be used instead.
This field is intended to be set with ``auto_sni`` and/or ``auto_san_validation`` fields.
If none of these fields are set then setting this would be a no-op.
Does nothing if a filter before the http router filter sets the corresponding metadata.
?
? !
?$%
?Y
??X
?
?�?? Configures the alternate protocols cache which tracks alternate protocols that can be used to
make an HTTP connection to an origin server. See https://tools.ietf.org/html/rfc7838 for
HTTP Alternative Services and https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-04
for the "HTTPS" DNS resource record.
[#next-free-field: 6]
?&
?
�??? Allows pre-populating the cache with HTTP/3 alternate protocols entries with a 7 day lifetime.
This will cause Envoy to attempt HTTP/3 to those upstreams, even if the upstreams have not
advertised HTTP/3 support. These entries will be overwritten by alt-svc
response headers or cached values.
As with regular cached entries, if the origin response would result in clearing an existing
alternate protocol cache entry, pre-populated entries will also be cleared.
Adding a cache entry with hostname=foo.com port=123 is the equivalent of getting
response headers
alt-svc: h3=:"123"; ma=86400" in a response to a request to foo.com:123
�?
&
C
��??\1 The host name for the alternate protocol entry.
��?
��?
��?
��?[
��?? Z
<
�?B, The port for the alternate protocol entry.
�?
�?
�?
�?A
�??@
?
�?;? The name of the cache. Multiple named caches allow independent alternate protocols cache
configurations to operate within a single Envoy process using different configurations. All
alternate protocols cache options with the same name *must* be equal in all fields when
referenced from different configuration components. Configuration will fail to load if this is
not the case.
�?
�?
�?
�?:
�??9
?
?R? The maximum number of entries that the cache will hold. If not specified defaults to 1024.
.. note:
The implementation is approximate and enforced independently on each worker thread, thus
it is possible for the maximum entries in the cache to go slightly above the configured
value depending on timing. This is similar to how other circuit breakers work.
?
?
)
?,-
?.Q
??/P
?
?2? Allows configuring a persistent
:ref:`key value store ` to flush
alternate protocols entries to disk.
This function is currently only supported if concurrency is 1
Cached entries will take precedence over pre-populated entries below.
?
?-
?01
Q
?AC Allows pre-populating the cache with entries, as described above.
?
?
'
?(<
??@
?
?)? Optional list of hostnames suffixes for which Alt-Svc entries can be shared. For example, if
this list contained the value ``.c.example.com``, then an Alt-Svc entry for ``foo.c.example.com``
could be shared with ``bar.c.example.com`` but would not be shared with ``baz.example.com``. On
the other hand, if the list contained the value ``.example.com`` then all three hosts could share
Alt-Svc entries. Each entry must start with ``.``. If a hostname matches multiple suffixes, the
first listed suffix will be used.
Since lookup in this list is O(n), it is recommended that the number of suffixes be limited.
[#not-implemented-hide:]
?
?
?$
?'(
%
?�? [#next-free-field: 7]
?
??.
ӈ???.
?
�??? Action to take when Envoy receives client request with header names containing underscore
characters.
Underscore character is allowed in header names by the RFC-7230 and this behavior is implemented
as a security measure due to systems that treat '_' and '-' as interchangeable. Envoy by default allows client request headers with underscore
characters.
�?#
O
��?? Allow headers with underscores. This is the default behavior.
��?
��?
?
�?? Reject client request. HTTP/1 requests are rejected with the 400 status. HTTP/2 requests
end with the stream reset. The "httpN.requests_rejected_with_underscores_in_headers" counter
is incremented for each rejected request.
�?
�?
?
�?? Drop the client header with name containing underscores. The header is dropped before the filter chain is
invoked and as such filters will not see dropped headers. The
"httpN.dropped_headers_with_underscores" is incremented for each dropped header.
�?
�?
?
�?,? The idle timeout for connections. The idle timeout is defined as the
period in which there are no active requests. When the
idle timeout is reached the connection will be closed. If the connection is an HTTP/2
downstream connection a drain sequence will occur prior to closing the connection, see
:ref:`drain_timeout
`.
Note that request based timeouts mean that HTTP/2 PINGs will not keep the connection alive.
If not specified, this defaults to 1 hour. To disable idle timeouts explicitly set this to 0.
.. warning::
Disabling this timeout has a highly likelihood of yielding connection leaks due to lost TCP
FIN packets, etc.
If the :ref:`overload action ` "envoy.overload_actions.reduce_timeouts"
is configured, this timeout is scaled for downstream connections according to the value for
:ref:`HTTP_DOWNSTREAM_CONNECTION_IDLE `.
�?
�?'
�?*+
?
?7? The maximum duration of a connection. The duration is defined as a period since a connection
was established. If not set, there is no max duration. When max_connection_duration is reached
and if there are no active streams, the connection will be closed. If the connection is a
downstream connection and there are any active streams, the drain sequence will kick-in,
and the connection will be force-closed after the drain period. See :ref:`drain_timeout
`.
?
?2
?56
?
?Y? The maximum number of headers. If unconfigured, the default
maximum number of request headers allowed is 100. Requests that exceed this limit will receive
a 431 response for HTTP/1.x and cause a stream reset for HTTP/2.
?
?
/
?23
?4X
??5W
?
?3? Total duration to keep alive an HTTP request/response stream. If the time limit is reached the stream will be
reset independent of any other timeouts. If not specified, this value is not set.
?
?.
?12
?
?C? Action to take when a client request with a header name containing underscore characters is received.
If this setting is not specified, the value defaults to ALLOW.
Note: upstream responses are not affected by this setting.
Note: this only affects client headers. It does not affect headers added
by Envoy filters and does not have any impact if added to cluster config.
?
? >
?AB
?
?>? Optional maximum requests for both upstream and downstream connections.
If not specified, there is no limit.
Setting this parameter to 1 will effectively disable keep alive.
For HTTP/2 and HTTP/3, due to concurrent stream processing, the limit is approximate.
?
?
9
?<=
&
?�? [#next-free-field: 11]
?
??/
ӈ???/
'
�?? [#next-free-field: 9]
�?
�??A
�ӈ???A
��??
��?
��??S
��ӈ???S
��??
��?
��?(
��??(
?
��?,? Formats the header by proper casing words: the first character and any character following
a special character will be capitalized if it's an alpha character. For example,
"content-type" becomes "Content-Type", and "foo$b#$are" becomes "Foo$B#$Are".
Note that while this results in most headers following conventional casing, certain headers
are not covered. For example, the "TE" header will be formatted as "Te".
��?
��?'
��?*+
?
�?2? Configuration for stateful formatter extensions that allow using received headers to
affect the output of encoding headers. E.g., preserving case during proxying.
[#extension-category: envoy.http.stateful_header_formatters]
�?
�?-
�?01
?
�?3? Handle HTTP requests with absolute URLs in the requests. These requests
are generally sent by clients to forward/explicit proxies. This allows clients to configure
envoy as their HTTP proxy. In Unix, for example, this is typically done by setting the
``http_proxy`` environment variable.
�?
�?
.
�?12
?
?? Handle incoming HTTP/1.0 and HTTP 0.9 requests.
This is off by default, and not fully standards compliant. There is support for pre-HTTP/1.1
style connect logic, dechunking, and handling lack of client host iff
``default_host_for_http_10`` is configured.
?
?
?
?
?&? A default host for HTTP/1.0 requests. This is highly suggested if ``accept_http_10`` is true as
Envoy does not otherwise support HTTP/1.0 without a Host header.
This is a no-op if ``accept_http_10`` is not true.
?
? !
?$%
~
?(p Describes how the keys for response headers should be formatted. By default, all header keys
are lower cased.
?
?#
?&'
?
?? Enables trailers for HTTP/1. By default the HTTP/1 codec drops proxied trailers.
.. attention::
Note that this only happens when Envoy is chunk encoding which occurs when:
- The request is HTTP/1.1.
- Is neither a HEAD only request nor a HTTP Upgrade.
- Not a response to a HEAD request.
- The content length header is not present.
?
?
?
?
? ? Allows Envoy to process requests/responses with both ``Content-Length`` and ``Transfer-Encoding``
headers set. By default such messages are rejected, but if option is enabled - Envoy will
remove Content-Length header and process message.
See `RFC7230, sec. 3.3.3 `_ for details.
.. attention::
Enabling this option might lead to request smuggling vulnerability, especially if traffic
is proxied via multiple layers of proxies.
[#comment:TODO: This field is ignored when the
:ref:`header validation configuration `
is present.]
?
?
?
?
?N? Allows invalid HTTP messaging. When this option is false, then Envoy will terminate
HTTP/1.1 connections upon receiving an invalid HTTP message. However,
when this option is true, then Envoy will leave the HTTP/1.1 connection
open where possible.
If set, this overrides any HCM :ref:`stream_error_on_invalid_http_messaging
`.
?
?
I
?LM
?
?$? Allows sending fully qualified URLs when proxying the first line of the
response. By default, Envoy will only send the path components in the first line.
If this is true, Envoy will create a fully qualified URI composing scheme
(inferred if not present), host (from the host/:authority header) and path
(from first line or :path header).
?
?
?"#
?
??B? [#not-implemented-hide:] Hiding so that field can be removed after BalsaParser is rolled out.
If set, force HTTP/1 parser: BalsaParser if true, http-parser if false.
If unset, HTTP/1 parser is selected based on
envoy.reloadable_features.http1_use_balsa_parser.
See issue #21245.
?
?
,
?/0
?A
?Ȕl?@
?
?]? [#not-implemented-hide:] Hiding so that field can be removed.
If true, and BalsaParser is used (either `use_balsa_parser` above is true,
or `envoy.reloadable_features.http1_use_balsa_parser` is true and
`use_balsa_parser` is unset), then every non-empty method with only valid
characters is accepted. Otherwise, methods not on the hard-coded list are
rejected.
Once UHV is enabled, this field should be removed, and BalsaParser should
allow any method. UHV validates the method, rejecting empty string or
invalid characters, and provides :ref:`restrict_http_methods
`
to reject custom methods.
?
?
?
?!\
?Ȕl?"[
?�?
?
?
�?]? Send HTTP/2 PING frames at this period, in order to test that the connection is still alive.
If this is zero, interval PINGs will not be sent.
�?
�?#
�?&'
�?(\
�??)[
?
??? How long to wait for a response to a keepalive PING. If a response is not received within this
time period, the connection will be aborted. Note that in order to prevent the influence of
Head-of-line (HOL) blocking the timeout period is extended when *any* frame is received on
the connection, under the assumption that if a frame is received the connection is healthy.
?
?"
?%&
?'?
??(?
?
?&? A random jitter amount as a percentage of interval that will be added to each interval.
A value of zero means there will be no jitter.
The default value is 15%.
?
?!
?$%
?
??;? If the connection has been idle for this duration, send a HTTP/2 ping ahead
of new stream creation, to quickly detect dead connections.
If this is zero, this type of PING will not be sent.
If an interval ping is outstanding, a second ping will not be sent as the
interval ping will determine if the connection is dead.
The same feature for HTTP/3 is given by inheritance from QUICHE which uses :ref:`connection idle_timeout ` and the current PTO of the connection to decide whether to probe before sending a new request.
?
?3
?67
?:
??9
&
?�? [#next-free-field: 17]
?
??/
ӈ???/
?
�??? Defines a parameter to be sent in the SETTINGS frame.
See `RFC7540, sec. 6.5.1 `_ for details.
�?
�??C
�ӈ???C
4
��??" The 16 bit parameter identifier.
��?
��? *
��?-.
��?/?
��??3
��??1
-
�?X
The 32 bit parameter value.
�?
�? %
�?()
�?*W
�??+V
?
�?3? `Maximum table size `_
(in octets) that the encoder is permitted to use for the dynamic HPACK table. Valid values
range from 0 to 4294967295 (2^32 - 1) and defaults to 4096. 0 effectively disables header
compression.
�?
�?
.
�?12
?
??;? `Maximum concurrent streams `_
allowed for peer on one HTTP/2 connection. Valid values range from 1 to 2147483647 (2^31 - 1)
and defaults to 2147483647.
For upstream connections, this also limits how many streams Envoy will initiate concurrently
on a single connection. If the limit is reached, Envoy may queue requests or establish
additional connections (as allowed per circuit breaker limits).
This acts as an upper bound: Envoy will lower the max concurrent streams allowed on a given
connection based on upstream settings. Config dumps will reflect the configured upper bound,
not the per-connection negotiated limits.
?
?
4
?78
?:
??9
?
???? `Initial stream-level flow-control window
`_ size. Valid values range from 65535
(2^16 - 1, HTTP/2 default) to 2147483647 (2^31 - 1, HTTP/2 maximum) and defaults to 268435456
(256 * 1024 * 1024).
NOTE: 65535 is the initial window size from HTTP/2 spec. We only support increasing the default
window size now, so it's also the minimum.
This field also acts as a soft limit on the number of bytes Envoy will buffer per-stream in the
HTTP/2 codec buffers. Once the buffer reaches this pointer, watermark callbacks will fire to
stop the flow of data to the codec buffers.
?
?
8
?;<
?>
??=
?
???? Similar to ``initial_stream_window_size``, but for connection-level flow-control
window. Currently, this has the same minimum/maximum/default as ``initial_stream_window_size``.
?
?
<
??@
?>
??=
M
?? Allows proxying Websocket and other upgrades over H2 connect.
?
?
?
?
?? [#not-implemented-hide:] Hiding until Envoy has full metadata support.
Still under implementation. DO NOT USE.
Allows sending and receiving HTTP/2 METADATA frames. See [metadata
docs](https://github.com/envoyproxy/envoy/blob/main/source/docs/h2_metadata.md) for more
information.
?
?
?
?
?[? Limit the number of pending outbound downstream frames of all types (frames that are waiting to
be written into the socket). Exceeding this limit triggers flood mitigation and connection is
terminated. The ``http2.outbound_flood`` stat tracks the number of terminated connections due
to flood mitigation. The default limit is 10000.
?
?
1
?45
?6Z
??7Y
?
?c? Limit the number of pending outbound downstream frames of types PING, SETTINGS and RST_STREAM,
preventing high memory utilization when receiving continuous stream of these frames. Exceeding
this limit triggers flood mitigation and connection is terminated. The
``http2.outbound_control_flood`` stat tracks the number of terminated connections due to flood
mitigation. The default limit is 1000.
?
?
9
?<=
?>b
???a
?
?T? Limit the number of consecutive inbound frames of types HEADERS, CONTINUATION and DATA with an
empty payload and no end stream flag. Those frames have no legitimate use and are abusive, but
might be a result of a broken HTTP/2 implementation. The `http2.inbound_empty_frames_flood``
stat tracks the number of connections terminated due to flood mitigation.
Setting this to 0 will terminate connection upon receiving first frame with an empty payload
and no end stream flag. The default limit is 1.
?
?
O
?RS
?
?J? Limit the number of inbound PRIORITY frames allowed per each opened stream. If the number
of PRIORITY frames received over the lifetime of connection exceeds the value calculated
using this formula::
``max_inbound_priority_frames_per_stream`` * (1 + ``opened_streams``)
the connection is terminated. For downstream connections the ``opened_streams`` is incremented when
Envoy receives complete response headers from the upstream server. For upstream connection the
``opened_streams`` is incremented when Envoy send the HEADERS frame for a new stream. The
``http2.inbound_priority_frames_flood`` stat tracks
the number of connections terminated due to flood mitigation. The default limit is 100.
?
?
D
?GI
?
??+? Limit the number of inbound WINDOW_UPDATE frames allowed per DATA frame sent. If the number
of WINDOW_UPDATE frames received over the lifetime of connection exceeds the value calculated
using this formula::
5 + 2 * (``opened_streams`` +
``max_inbound_window_update_frames_per_data_frame_sent`` * ``outbound_data_frames``)
the connection is terminated. For downstream connections the ``opened_streams`` is incremented when
Envoy receives complete response headers from the upstream server. For upstream connections the
``opened_streams`` is incremented when Envoy sends the HEADERS frame for a new stream. The
``http2.inbound_priority_frames_flood`` stat tracks the number of connections terminated due to
flood mitigation. The default max_inbound_window_update_frames_per_data_frame_sent value is 10.
Setting this to 1 should be enough to support HTTP/2 implementations with basic flow control,
but more complex implementations that try to estimate available bandwidth require at least 2.
?
?
R
?UW
?*
??)
?
??S? Allows invalid HTTP messaging and headers. When this option is disabled (default), then
the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However,
when this option is enabled, only the offending stream is terminated.
This is overridden by HCM :ref:`stream_error_on_invalid_http_messaging
`
iff present.
This is deprecated in favor of :ref:`override_stream_error_on_invalid_http_message
`
See `RFC7540, sec. 8.1 `_ for details.
?
?-
?02
?R
?
??K?Q
?
?O? Allows invalid HTTP messaging and headers. When this option is disabled (default), then
the whole HTTP/2 connection is terminated upon receiving invalid HEADERS frame. However,
when this option is enabled, only the offending stream is terminated.
This overrides any HCM :ref:`stream_error_on_invalid_http_messaging
`
See `RFC7540, sec. 8.1 `_ for details.
?
?
I
?LN
?
?=? [#not-implemented-hide:]
Specifies SETTINGS frame parameters to be sent to the peer, with two exceptions:
1. SETTINGS_ENABLE_PUSH (0x2) is not configurable as HTTP/2 server push is not supported by
Envoy.
2. SETTINGS_ENABLE_CONNECT_PROTOCOL (0x8) is only configurable through the named field
'allow_connect'.
Note that custom parameters specified through this field can not also be set in the
corresponding named parameters:
.. code-block:: text
ID Field Name
----------------
0x1 hpack_table_size
0x3 max_concurrent_streams
0x4 initial_stream_window_size
Collisions will trigger config validation failure on load/update. Likewise, inconsistencies
between custom parameters with the same identifier will trigger a failure.
See `IANA HTTP/2 Settings
`_ for
standardized identifiers.
?
?
?
7
?:<
?
?.? Send HTTP/2 PING frames to verify that the connection is still healthy. If the remote peer
does not respond within the configured timeout, the connection will be aborted.
?
?(
?+-
?
??B? [#not-implemented-hide:] Hiding so that the field can be removed after oghttp2 is rolled out.
If set, force use of a particular HTTP/2 codec: oghttp2 if true, nghttp2 if false.
If unset, HTTP/2 codec is selected based on envoy.reloadable_features.http2_use_oghttp2.
?
?
-
?02
?A
?Ȕl?@
(
?�? [#not-implemented-hide:]
?
??.
ӈ???.
�?2
�?
�?-
�?01
K
?�?= A message which allows using HTTP/3.
[#next-free-field: 7]
?
�?0
�?
�?+
�?./
?
?N? Allows invalid HTTP messaging and headers. When this option is disabled (default), then
the whole HTTP/3 connection is terminated upon receiving invalid HEADERS frame. However,
when this option is enabled, only the offending stream is terminated.
If set, this overrides any HCM :ref:`stream_error_on_invalid_http_messaging
`.
?
?
I
?LM
?
?^? Allows proxying Websocket and other upgrades over HTTP/3 CONNECT using
the header mechanisms from the `HTTP/2 extended connect RFC
`_
and settings `proposed for HTTP/3
` and
:ref:`authority `). Setting this
to a non-empty value allows overriding the cluster level configuration for a specific
endpoint.
��-
��-
��-
?
��4 ? Optional alternative health check host address.
.. attention::
The form of the health check host address is expected to be a direct IP address.
��4
��4
��4
?
��8)? Optional flag to control if perform active health check for this endpoint.
Active health check is enabled by default if there is a health checker.
��8
��8 $
��8'(
�;>
�;
I
��= : Additional address that is associated with the endpoint.
��=
��=
��=
?
��I
? The upstream host address.
.. attention::
The form of host address depends on the given cluster type. For STATIC or EDS,
it is expected to be a direct IP address (or something resolvable by the
specified :ref:`resolver `
in the Address). For LOGICAL or STRICT DNS, it is expected to be hostname,
and will be resolved via DNS.
��I
��I
��I
?
�R,? The optional health check configuration is used as configuration for the
health checker to contact the health checked host.
.. attention::
This takes into effect only for upstream clusters with
:ref:`active health checking ` enabled.
�R
�R'
�R*+
?
�X? The hostname associated with this endpoint. This hostname is not used for routing or address
resolution. If provided, it will be associated with the endpoint, and can be used for features
that require a hostname, like
:ref:`auto_host_rewrite `.
�X
�X
�X
?
�_6? An ordered list of addresses that together with ``address`` comprise the
list of addresses for an endpoint. The address given in the ``address`` is
prepended to this list. It is assumed that the list must already be
sorted by preference order of the addresses. This will only be supported
for STATIC and EDS clusters.
�_
�_
�_
1
�_45
R
d�?E An Endpoint that Envoy can route traffic to.
[#next-free-field: 6]
d
eb
ӈ?eb
>
�hm0 Upstream host identifier or a named reference.
�h
�i
�i
�i
�i
'
l
[#not-implemented-hide:]
l
l
l
L
p)? Optional health status when known and supplied by EDS server.
p
p$
p'(
?
y ? The endpoint metadata specifies values that may be used by the load
balancer to select endpoints in a cluster for a given request. The filter
name should be specified as ``envoy.lb``. An example boolean key-value pair
is ``canary``, providing the optional canary status of the upstream host.
This may be matched against in a route's
:ref:`RouteAction ` metadata_match field
to subset the endpoints considered in cluster load balancing.
y
y
y
?
?]? The optional load balancing weight of the upstream host; at least 1.
Envoy uses the load balancing weight in some of the built in load
balancers. The load balancing weight for an endpoint is divided by the sum
of the weights of all endpoints in the endpoint's locality to produce a
percentage of traffic for the endpoint. This percentage is then further
weighted by the endpoint's locality's load balancing weight from
LocalityLbEndpoints. If unspecified, will be treated as 1. The sum
of the weights of all endpoints in the endpoint's locality must not
exceed uint32_t maximal value (4294967295).
?
?
3
?67
?8\
??9[
P
?�?B [#not-implemented-hide:]
A configuration for a LEDS collection.
?!
L
�?'> Configuration for the source of LEDS updates for a Locality.
�?
�?"
�?%&
?
?"{ The xDS transport protocol glob collection resource name.
The service is only supported in delta xDS (incremental) mode.
?
?
? !
?
?�?? A group of endpoints belonging to a Locality.
One can have multiple LocalityLbEndpoints for a locality, but only if
they have different priorities.
[#next-free-field: 9]
?
??2
ӈ???2
W
�??G [#not-implemented-hide:]
A list of endpoints of a specific locality.
�?
��?)
��?
��?
��?$
��?'(
D
�? 6 Identifies location of where the upstream hosts run.
�?
�?
�?
?
?'? The group of endpoints belonging to the locality specified.
[#comment:TODO(adisuissa): Once LEDS is implemented this field needs to be
deprecated and replaced by ``load_balancer_endpoints``.]
?
?
?"
?%&
*
�?? [#not-implemented-hide:]
�?
?
?/? The group of endpoints belonging to the locality.
[#comment:TODO(adisuissa): Once LEDS is implemented the ``lb_endpoints`` field
needs to be deprecated.]
?
?*
?-.
<
??. LEDS Configuration for the current locality.
?
?
:
?=>
?
?]? Optional: Per priority/region/zone/sub_zone weight; at least 1. The load
balancing weight for a locality is divided by the sum of the weights of all
localities at the same priority level to produce the effective percentage
of traffic for the locality. The sum of the weights of all localities at
the same priority level must not exceed uint32_t maximal value (4294967295).
Locality weights are only considered when :ref:`locality weighted load
balancing ` is
configured. These weights are ignored otherwise. If no weights are
specified when locality weighted load balancing is enabled, the locality is
assigned no load.
?
?
3
?67
?8\
??9[
?
?=? Optional: the priority for this LocalityLbEndpoints. If unspecified this will
default to the highest priority (0).
Under usual circumstances, Envoy will only select endpoints for the highest
priority (0). In the event that enough endpoints for a particular priority are
unavailable/unhealthy, Envoy will fail over to selecting endpoints for the
next highest priority group. Read more at :ref:`priority levels `.
Priorities should range from 0 (highest) to N (lowest) without skipping.
?
?
?
?<
??;
?
?,? Optional: Per locality proximity value which indicates how close this
locality is from the source locality. This value only provides ordering
information (lower the value, closer it is to the source locality).
This will be consumed by load balancing schemes that need proximity order
to determine where to route the requests.
[#not-implemented-hide:]
?
?
'
?*+bproto3
?4
'envoy/config/endpoint/v3/endpoint.protoenvoy.config.endpoint.v32envoy/config/endpoint/v3/endpoint_components.protoenvoy/type/v3/percent.proto
google/protobuf/duration.proto
google/protobuf/wrappers.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
ClusterLoadAssignment*
cluster_name ( B?BrR
clusterNameK
endpoints (
2-.envoy.config.endpoint.v3.LocalityLbEndpointsR endpointsl
named_endpoints (
2C.envoy.config.endpoint.v3.ClusterLoadAssignment.NamedEndpointsEntryRnamedEndpointsN
policy (
26.envoy.config.endpoint.v3.ClusterLoadAssignment.PolicyRpolicy?
Policyj
drop_overloads (
2C.envoy.config.endpoint.v3.ClusterLoadAssignment.Policy.DropOverloadR
dropOverloads^
overprovisioning_factor (
2
.google.protobuf.UInt32ValueB?B* �RoverprovisioningFactorU
endpoint_stale_after (
2.google.protobuf.DurationB?B?*�RendpointStaleAfter8
weighted_priority_health (RweightedPriorityHealth?
DropOverload#
category ( B?BrRcategoryI
drop_percentage (
2 .envoy.type.v3.FractionalPercentRdropPercentage:=?ň
8
6envoy.api.v2.ClusterLoadAssignment.Policy.DropOverload:0?ň
+
)envoy.api.v2.ClusterLoadAssignment.PolicyJJRdisable_overprovisioninge
NamedEndpointsEntry
key ( Rkey8
value (
2".envoy.config.endpoint.v3.EndpointRvalue:8:)?ň
$
"envoy.api.v2.ClusterLoadAssignmentB?
&io.envoyproxy.envoy.config.endpoint.v3B
EndpointProtoPZJgithub.com/envoyproxy/go-control-plane/envoy/config/endpoint/v3;endpointv3????J?'
��?
��
�!
��<
�%
�(
�(
�'
�+
�!
�?
�?
�.
�.
�"
�"
�a
�a
�F
???j�F
?
�!�?? Each route from RDS will map to a single cluster or traffic split across
clusters using weights expressed in the RDS WeightedCluster.
With EDS, each cluster is treated independently from a LB perspective, with
LB taking place between the Localities within a cluster and at a finer
granularity between the hosts within a locality. The percentage of traffic
for each endpoint is determined by both its load_balancing_weight, and the
load_balancing_weight of its locality. First, a locality will be selected,
then an endpoint within that locality will be chose based on its weight.
[#next-free-field: 6]
2? [#protodoc-title: Endpoint configuration]
Endpoint discovery :ref:`architecture overview `
�!
�"d
�ӈ?"d
F
��&p8 Load balancing policy settings.
[#next-free-field: 7]
��&
��'(4
��ӈ?'(4
���*3
���*
���+,C
���ӈ?+,C
A
����/C0 Identifier for the policy specifying the drop.
����/
����/
����/
����/B
����?/A
Q
���24@ Percentage of traffic that should be dropped for the category.
���2
���2 /
���223
�� 5
�� �5
�� �5
�� �5
�� 5
�� 5
�� 5
��
7(
��
�7
'
?
���O-? Action to trim the overall incoming traffic to protect the upstream
hosts. This action allows protection in case the hosts are unable to
recover from an outage, or unable to autoscale or unable to handle
incoming traffic volume for any reason.
At the client each category is applied one after the other to generate
the 'actual' drop percentage on all outgoing traffic. For example:
.. code-block:: json
{ "drop_overloads": [
{ "category": "throttle", "drop_percentage": 60 }
{ "category": "lb", "drop_percentage": 50 }
]}
The actual drop percentages applied to the traffic at the clients will be
"throttle"_drop = 60%
"lb"_drop = 20% // 50% of the remaining 'actual' load, which is 40%.
actual_outgoing_load = 20% // remaining after applying all categories.
Envoy supports only one element and will NACK if more than one element is present.
Other xDS-capable data planes will not necessarily have this limitation.
���O
���O
���O(
���O+,
?
��_`? Priority levels and localities are considered overprovisioned with this
factor (in percentage). This means that we don't consider a priority
level or locality unhealthy until the fraction of healthy hosts
multiplied by the overprovisioning factor drops below 100.
With the default value 140(1.4), Envoy doesn't consider a priority level
or a locality unhealthy until their percentage of healthy hosts drops
below 72%. For example:
.. code-block:: json
{ "overprovisioning_factor": 100 }
Read more at :ref:`priority levels ` and
:ref:`localities `.
��_
��_ 7
��_:;
��_<_
��?_=^
?
��e\? The max time until which the endpoints from this assignment can be used.
If no new assignments are received before this time expires the endpoints
are considered stale and should be marked unhealthy.
Defaults to 0 which means endpoints never go stale.
��e
��e
1
��e45
��e6[
��?e7Z
?
��o&? If true, use the :ref:`load balancing weight
` of healthy and unhealthy
hosts to determine the health of the priority level. If false, use the number of healthy and unhealthy hosts
to determine the health of the priority level, or in other words assume each host has a weight of 1 for
this calculation.
Note: this is not currently implemented for
:ref:`locality weighted load balancing `.
��o
��o !
��o$%
?
��vC? Name of the cluster. This will be the :ref:`service_name
` value if specified
in the cluster :ref:`EdsClusterConfig
`.
��v
��v
��v
��vB
��?vA
4
�y-' List of endpoints to load balance to.
�y
�y
�y (
�y+,
n
�},a Map of named endpoints that can be referenced in LocalityLbEndpoints.
[#not-implemented-hide:]
�}
�}'
�}*+
/
�?! Load balancing policy settings.
�?
�?
�?bproto3
?
%envoy/type/metadata/v3/metadata.protoenvoy.type.metadata.v3
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"?
MetadataKey
key ( B?BrRkeyM
path (
2/.envoy.type.metadata.v3.MetadataKey.PathSegmentB?B?Rpathq
PathSegment
key ( B?BrH�Rkey:5?ň
0
.envoy.type.metadata.v2.MetadataKey.PathSegmentB
segment?B:)?ň
$
"envoy.type.metadata.v2.MetadataKey"?
MetadataKindH
request (
2,.envoy.type.metadata.v3.MetadataKind.RequestH�RrequestB
route (
2*.envoy.type.metadata.v3.MetadataKind.RouteH�RrouteH
cluster (
2,.envoy.type.metadata.v3.MetadataKind.ClusterH�Rcluster?
host (
2).envoy.type.metadata.v3.MetadataKind.HostH�Rhost=
Request:2?ň
-
+envoy.type.metadata.v2.MetadataKind.Request9
Route:0?ň
+
)envoy.type.metadata.v2.MetadataKind.Route=
Cluster:2?ň
-
+envoy.type.metadata.v2.MetadataKind.Cluster7
Host:/?ň
*
(envoy.type.metadata.v2.MetadataKind.Host:*?ň
%
#envoy.type.metadata.v2.MetadataKindB
kind?BB?
$io.envoyproxy.envoy.type.metadata.v3B
MetadataProtoPZHgithub.com/envoyproxy/go-control-plane/envoy/type/metadata/v3;metadatav3????J?
��r
��
�
��'
�+
�!
�=
�=
�.
�.
�"
�"
�_
�_
�F
???j
�F
?
�'�C? MetadataKey provides a general interface using ``key`` and ``path`` to retrieve value from
:ref:`Metadata `.
For example, for the following Metadata:
.. code-block:: yaml
filter_metadata:
envoy.xxx:
prop:
foo: bar
xyz:
hello: envoy
The following MetadataKey will retrieve a string value "bar" from the Metadata.
.. code-block:: yaml
key: envoy.xxx
path:
- key: prop
- key: foo
2
[#protodoc-title: Metadata]
�'
�(d
�ӈ?(d
?
��,6? Specifies the segment in a path to retrieve value from Metadata.
Currently it is only supported to specify the key, i.e. field name, as one segment of a path.
��,
��-.9
��ӈ?-.9
���05
���0
���1(
���?1(
M
���4>> If specified, use the key to retrieve the value in a Struct.
���4
���4
���4
���4=
���?4<
?
��::? The key name of Metadata to retrieve the Struct from the metadata.
Typically, it represents a builtin subsystem or custom extension.
��:
��:
��:
��:9
��?:8
?
�BM? The path to retrieve the Value from the Struct. It can be a prefix or a full path,
e.g. ``[prop, xyz]`` for a struct or ``[prop, foo]`` for a string in the example,
which depends on the particular scenario.
Note: Due to that only the key type segment is supported, the path can not specify a list
unless the list is the last segment.
�B
�B
�B
�B
�B L
�?B!K
.
F�r" Describes what kind of metadata.
F
GH,
ӈ?GH,
H
�KN: Represents dynamic metadata associated with the request.
�K
�LM6
�ӈ?LM6
m
QT_ Represents metadata from :ref:`the route`.
Q
RS4
ӈ?RS4
|
WZn Represents metadata from :ref:`the upstream cluster`.
W
XY6
ӈ?XY6
~
^ap Represents metadata from :ref:`the upstream
host`.
^
_`3
ӈ?_`3
�cq
�c
�d&
�?d&
(
�g Request kind of metadata.
�g
�g
�g
&
j Route kind of metadata.
j
j
j
(
m Cluster kind of metadata.
m
m
m
%
p Host kind of metadata.
p
p
pbproto3
?(
"xds/core/v3/resource_locator.proto
xds.core.v3 xds/annotations/v3/status.proto xds/core/v3/context_params.protovalidate/validate.proto"?
ResourceLocatorE
scheme (2#.xds.core.v3.ResourceLocator.SchemeB?B?Rscheme
id ( Rid
authority ( R authority,
resource_type ( B?BrR
resourceTypeA
exact_context (
2.xds.core.v3.ContextParamsH�R
exactContextF
directives (
2&.xds.core.v3.ResourceLocator.DirectiveR
directives?
Directive0
alt (
2
.xds.core.v3.ResourceLocatorH�Ralt7
entry ( B ?B
r2^[0-9a-zA-Z_\-\./~:]+$H�RentryB
directive?B"'
Scheme
XDSTP�
HTTP
FILEB
context_param_specifierB\
com.github.xds.core.v3BResourceLocatorProtoPZ"github.com/cncf/xds/go/xds/core/v3?Ƥ?J?"
��u
��
�
��)
�*
�!
�5
�5
�"
�"
�/
�/
�9
�9
�@
?Ȕl�@
?
�!�u? xDS resource locators identify a xDS resource name and instruct the
data-plane load balancer on how the resource may be located.
Resource locators have a canonical xdstp:// URI representation:
xdstp://{authority}/{type_url}/{id}?{context_params}{#directive,*}
where context_params take the form of URI query parameters.
Resource locators have a similar canonical http:// URI representation:
http://{authority}/{type_url}/{id}?{context_params}{#directive,*}
Resource locators also have a simplified file:// URI representation:
file:///{id}{#directive,*}
�!
��"&
��"
���#
���#
���#
��$
��$
��$
��%
��%
��%
��)C
URI scheme.
��)
��)
��)
��)B
��?)A
?
�.? Opaque identifier for the resource. Any '/' will not be escaped during URI
encoding and will form part of the URI path. This may end
with ‘*’ for glob collection references.
�.
�.
�.
?
�4? Logical authority for resource (not necessarily transport network address).
Authorities are opaque in the xDS API, data-plane load balancers will map
them to concrete network transports such as an xDS management server, e.g.
via envoy.config.core.v3.ConfigSource.
�4
�4
�4
d
�8DW Fully qualified resource type (as in type URL without types.googleapis.com/
prefix).
�8
�8
�8
�8C
�?8
B
��:B
��:
?
�?$? Additional parameters that can be used to select resource variants.
Matches must be exact, i.e. all context parameters must match exactly and
there must be no additional context parameters set on the matched
resource.
�?
�?
�?"#
?
��Yn? Directives provide information to data-plane load balancers on how xDS
resource names are to be interpreted and potentially further resolved. For
example, they may provide alternative resource locators for when primary
resolution fails. Directives are not part of resource names and do not
appear in a xDS transport discovery request.
When encoding to URIs, directives take the form:
=
For example, we can have alt=xdstp://foo/bar or entry=some%20thing. Each
directive value type may have its own string encoding, in the case of
ResourceLocator there is a recursive URI encoding.
Percent encoding applies to the URI encoding of the directive value.
Multiple directives are comma-separated, so the reserved characters that
require percent encoding in a directive value are [',', '#', '[', ']',
'%']. These are the RFC3986 fragment reserved characters with the addition
of the xDS scheme specific ','. See
https://tools.ietf.org/html/rfc3986#page-49 for further details on URI ABNF
and reserved characters.
��Y
���Zm
���Z
���[(
���?[(
?
���e
? An alternative resource locator for fallback if the resource is
unavailable. For example, take the resource locator:
xdstp://foo/some-type/some-route-table#alt=xdstp://bar/some-type/another-route-table
If the data-plane load balancer is unable to reach `foo` to fetch the
resource, it will fallback to `bar`. Alternative resources do not need
to have equivalent content, but they should be functional substitutes.
���e
���e
���e
?
��le? List collections support inlining of resources via the entry field in
Resource. These inlined Resource objects may have an optional name
field specified. When specified, the entry directive allows
ResourceLocator to directly reference these inlined resources, e.g.
xdstp://.../foo#entry=bar.
��l
��l
��l
��ld
��?lc
?
�t$? A list of directives that appear in the xDS resource locator #fragment.
When encoding to URI form, directives are percent encoded with comma
separation.
�t
�t
�t
�t"#bproto3
?
"xds/core/v3/collection_entry.proto
xds.core.v3google/protobuf/any.proto xds/annotations/v3/status.proto"xds/core/v3/resource_locator.protovalidate/validate.proto"?
CollectionEntry8
locator (
2
.xds.core.v3.ResourceLocatorH�RlocatorM
inline_entry (
2(.xds.core.v3.CollectionEntry.InlineEntryH�R
inlineEntry?
InlineEntry0
name ( B
?Br2^[0-9a-zA-Z_\-\.~:]+$Rname
version ( Rversion0
resource (
2.google.protobuf.AnyRresourceB
resource_specifier?BB\
com.github.xds.core.v3BCollectionEntryProtoPZ"github.com/cncf/xds/go/xds/core/v3?Ƥ?J?
��6
��
�
��#
�)
�,
�!
�5
�5
�"
�"
�/
�/
�9
�9
�@
?Ȕl�@
?
�
�6? xDS collection resource wrapper. This encapsulates a xDS resource when
appearing inside a list collection resource. List collection resources are
regular Resource messages of type:
.. code-block:: proto
message Collection {
repeated CollectionEntry resources = 1;
}
�
'
��
+ Inlined resource entry.
��
?
���#R? Optional name to describe the inlined resource. Resource names must match
``[a-zA-Z0-9_-\./]+`` (TODO(htuch): turn this into a PGV constraint once
finalized, probably should be a RFC3986 pchar). This name allows
reference via the #entry directive in ResourceLocator.
���#
���#
���#
���#Q
���?#P
?
��'? The resource's logical version. It is illegal to have the same named xDS
resource name at a given version with different resource payloads.
��'
��'
��'
:
��*%+ The resource payload, including type URL.
��*
��*
��*#$
��-5
��-
��.&
��?.&
V
��1 I A resource locator describing how the member resource is to be located.
��1
��1
��1
>
�4!1 The resource is inlined in the list collection.
�4
�4
�4 bproto3
?
udpa/annotations/security.protoudpa.annotations
udpa/annotations/status.proto google/protobuf/descriptor.proto"?
FieldSecurityAnnotationK
"configure_for_untrusted_downstream (R configureForUntrustedDownstreamG
configure_for_untrusted_upstream (R
configureForUntrustedUpstream:g
security
.google.protobuf.FieldOptions?? (
2).udpa.annotations.FieldSecurityAnnotationRsecurityB1Z'github.com/cncf/xds/go/udpa/annotations????J?
�!
?
�2? THIS FILE IS DEPRECATED
Users should instead use the corresponding proto in the xds tree.
No new changes will be accepted here.
�
��'
�*
�>
�>
�>
?
???j�>? All annotations in this file are experimental and subject to change. Their
only consumer today is the Envoy APIs and SecuritAnnotationValidator protoc
plugin in this repository.
�
k
�.` Magic number is the 28 most significant bits in the sha256sum of
"udpa.annotations.security".
�#
�
�"
�%-
x
��!l These annotations indicate metadata for the purpose of understanding the
security significance of fields.
�
L
��
.? Field should be set in the presence of untrusted downstreams.
��
��
)
��
,-
J
� ,= Field should be set in the presence of untrusted upstreams.
�
� '
� *+bproto3
??
%envoy/config/cluster/v3/cluster.protoenvoy.config.cluster.v3-envoy/config/cluster/v3/circuit_breaker.proto$envoy/config/cluster/v3/filter.proto/envoy/config/cluster/v3/outlier_detection.proto"envoy/config/core/v3/address.proto envoy/config/core/v3/base.proto(envoy/config/core/v3/config_source.proto$envoy/config/core/v3/extension.proto'envoy/config/core/v3/health_check.proto#envoy/config/core/v3/protocol.proto#envoy/config/core/v3/resolver.proto'envoy/config/endpoint/v3/endpoint.proto%envoy/type/metadata/v3/metadata.protoenvoy/type/v3/percent.protogoogle/protobuf/any.proto
google/protobuf/duration.proto
google/protobuf/struct.proto
google/protobuf/wrappers.proto"xds/core/v3/collection_entry.proto#envoy/annotations/deprecation.proto
udpa/annotations/migrate.proto udpa/annotations/security.proto
udpa/annotations/status.proto!udpa/annotations/versioning.protovalidate/validate.proto"K
ClusterCollection6
entries (
2
.xds.core.v3.CollectionEntryRentries"?S
Clustero
transport_socket_matches+ (
25.envoy.config.cluster.v3.Cluster.TransportSocketMatchRtransportSocketMatches
name ( B?BrRname>
alt_stat_name
( B???
observability_nameR
altStatNameN
type (2..envoy.config.cluster.v3.Cluster.DiscoveryTypeB?B?H�RtypeW
cluster_type& (
22.envoy.config.cluster.v3.Cluster.CustomClusterTypeH�R
clusterType_
eds_cluster_config (
21.envoy.config.cluster.v3.Cluster.EdsClusterConfigRedsClusterConfigL
connect_timeout (
2.google.protobuf.DurationB?B?*�RconnectTimeouto
!per_connection_buffer_limit_bytes (
2
.google.protobuf.UInt32ValueB???*R
perConnectionBufferLimitBytesP
lb_policy (2).envoy.config.cluster.v3.Cluster.LbPolicyB?B?RlbPolicyX
load_assignment! (
2/.envoy.config.endpoint.v3.ClusterLoadAssignmentRloadAssignmentF
health_checks (
2!.envoy.config.core.v3.HealthCheckR
healthChecksh
max_requests_per_connection (
2
.google.protobuf.UInt32ValueB
?dž?3.0RmaxRequestsPerConnectionS
circuit_breakers
(
2(.envoy.config.cluster.v3.CircuitBreakersRcircuitBreakers?
upstream_http_protocol_options. (
21.envoy.config.core.v3.UpstreamHttpProtocolOptionsB
?dž?3.0RupstreamHttpProtocolOptionsw
common_http_protocol_options
(
2).envoy.config.core.v3.HttpProtocolOptionsB
?dž?3.0RcommonHttpProtocolOptionsk
http_protocol_options
(
2*.envoy.config.core.v3.Http1ProtocolOptionsB
?dž?3.0RhttpProtocolOptionst
http2_protocol_options (
2*.envoy.config.core.v3.Http2ProtocolOptionsB???*?dž?3.0Rhttp2ProtocolOptions?
typed_extension_protocol_options$ (
2C.envoy.config.cluster.v3.Cluster.TypedExtensionProtocolOptionsEntryR
typedExtensionProtocolOptionsQ
dns_refresh_rate (
2.google.protobuf.DurationB
?B ?*??=RdnsRefreshRatee
dns_failure_refresh_rate, (
2,.envoy.config.cluster.v3.Cluster.RefreshRateRdnsFailureRefreshRate&
respect_dns_ttl' (R
respectDnsTtlf
dns_lookup_family (20.envoy.config.cluster.v3.Cluster.DnsLookupFamilyB?B?RdnsLookupFamilyO
dns_resolvers (
2
.envoy.config.core.v3.AddressB
?dž?3.0R
dnsResolversA
use_tcp_for_dns_lookups- (B
?dž?3.0RuseTcpForDnsLookupsj
dns_resolution_config5 (
2).envoy.config.core.v3.DnsResolutionConfigB
?dž?3.0RdnsResolutionConfige
typed_dns_resolver_config7 (
2*.envoy.config.core.v3.TypedExtensionConfigRtypedDnsResolverConfigL
wait_for_warm_on_init6 (
2.google.protobuf.BoolValueRwaitForWarmOnInitV
outlier_detection (
2).envoy.config.cluster.v3.OutlierDetectionRoutlierDetectionN
cleanup_interval (
2.google.protobuf.DurationB?B?*�RcleanupIntervalR
upstream_bind_config (
2 .envoy.config.core.v3.BindConfigRupstreamBindConfigY
lb_subset_config (
2/.envoy.config.cluster.v3.Cluster.LbSubsetConfigRlbSubsetConfigb
ring_hash_lb_config (
21.envoy.config.cluster.v3.Cluster.RingHashLbConfigHRringHashLbConfig[
maglev_lb_config4 (
2/.envoy.config.cluster.v3.Cluster.MaglevLbConfigHRmaglevLbConfigk
original_dst_lb_config" (
24.envoy.config.cluster.v3.Cluster.OriginalDstLbConfigHRoriginalDstLbConfign
least_request_lb_config% (
25.envoy.config.cluster.v3.Cluster.LeastRequestLbConfigHRleastRequestLbConfigh
round_robin_lb_config8 (
23.envoy.config.cluster.v3.Cluster.RoundRobinLbConfigHRroundRobinLbConfigY
common_lb_config (
2/.envoy.config.cluster.v3.Cluster.CommonLbConfigRcommonLbConfigP
transport_socket (
2%.envoy.config.core.v3.TransportSocketRtransportSocket:
metadata (
2
.envoy.config.core.v3.MetadataRmetadatau
protocol_selection (29.envoy.config.cluster.v3.Cluster.ClusterProtocolSelectionB
?dž?3.0RprotocolSelectionr
upstream_connection_options
(
22.envoy.config.cluster.v3.UpstreamConnectionOptionsRupstreamConnectionOptionsU
(close_connections_on_host_health_failure (R#closeConnectionsOnHostHealthFailure@
ignore_health_on_host_removal (RignoreHealthOnHostRemoval9
filters( (
2 .envoy.config.cluster.v3.FilterRfilters`
load_balancing_policy) (
2,.envoy.config.cluster.v3.LoadBalancingPolicyRloadBalancingPolicyA
lrs_server* (
2".envoy.config.core.v3.ConfigSourceR lrsServer?
track_timeout_budgets/ (B
?dž?3.0RtrackTimeoutBudgetsS
upstream_config0 (
2*.envoy.config.core.v3.TypedExtensionConfigRupstreamConfigZ
track_cluster_stats1 (
2*.envoy.config.cluster.v3.TrackClusterStatsRtrackClusterStats^
preconnect_policy2 (
21.envoy.config.cluster.v3.Cluster.PreconnectPolicyRpreconnectPolicyX
)connection_pool_per_downstream_connection3 (R%connectionPoolPerDownstreamConnection?
TransportSocketMatch
name ( B?BrRname-
match (
2.google.protobuf.StructRmatchP
transport_socket (
2%.envoy.config.core.v3.TransportSocketRtransportSocket:0?ň
+
)envoy.api.v2.Cluster.TransportSocketMatch?
CustomClusterType
name ( B?BrRname7
typed_config (
2.google.protobuf.AnyR
typedConfig:-?ň
(
&envoy.api.v2.Cluster.CustomClusterType?
EdsClusterConfigA
eds_config (
2".envoy.config.core.v3.ConfigSourceR edsConfig!
service_name ( R
serviceName:,?ň
'
%envoy.api.v2.Cluster.EdsClusterConfig?
LbSubsetConfigy
fallback_policy (2F.envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetFallbackPolicyB?B?RfallbackPolicy>
default_subset (
2.google.protobuf.StructR
defaultSubsetk
subset_selectors (
2@.envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelectorRsubsetSelectors2
locality_weight_aware (RlocalityWeightAware2
scale_locality_weight (RscaleLocalityWeight$
panic_mode_any (R
panicModeAny
list_as_any (R listAsAny?
metadata_fallback_policy (2N.envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetMetadataFallbackPolicyB?B?RmetadataFallbackPolicy?
LbSubsetSelector
keys ( Rkeys3
single_host_per_subset (RsingleHostPerSubset?
fallback_policy (2_.envoy.config.cluster.v3.Cluster.LbSubsetConfig.LbSubsetSelector.LbSubsetSelectorFallbackPolicyB?B?RfallbackPolicy0
fallback_keys_subset ( RfallbackKeysSubset"y
LbSubsetSelectorFallbackPolicy
NOT_DEFINED�
NO_FALLBACK
ANY_ENDPOINT
DEFAULT_SUBSET
KEYS_SUBSET:;?ň
6
4envoy.api.v2.Cluster.LbSubsetConfig.LbSubsetSelector"O
LbSubsetFallbackPolicy
NO_FALLBACK�
ANY_ENDPOINT
DEFAULT_SUBSET"M
LbSubsetMetadataFallbackPolicy
METADATA_NO_FALLBACK�
FALLBACK_LIST:*?ň
%
#envoy.api.v2.Cluster.LbSubsetConfig?
SlowStartConfigE
slow_start_window (
2.google.protobuf.DurationRslowStartWindowC
aggression (
2#.envoy.config.core.v3.RuntimeDoubleR
aggressionD
min_weight_percent (
2.envoy.type.v3.PercentRminWeightPercentr
RoundRobinLbConfig\
slow_start_config (
20.envoy.config.cluster.v3.Cluster.SlowStartConfigRslowStartConfig?
LeastRequestLbConfigH
choice_count (
2
.google.protobuf.UInt32ValueB?B*(R
choiceCountS
active_request_bias (
2#.envoy.config.core.v3.RuntimeDoubleRactiveRequestBias\
slow_start_config (
20.envoy.config.cluster.v3.Cluster.SlowStartConfigRslowStartConfig:0?ň
+
)envoy.api.v2.Cluster.LeastRequestLbConfig?
RingHashLbConfigT
minimum_ring_size (
2
.google.protobuf.UInt64ValueB
?B2???RminimumRingSizem
hash_function (2>.envoy.config.cluster.v3.Cluster.RingHashLbConfig.HashFunctionB?B?R
hashFunctionT
maximum_ring_size (
2
.google.protobuf.UInt64ValueB
?B2???RmaximumRingSize".
HashFunction
XX_HASH�
MURMUR_HASH_2:,?ň
'
%envoy.api.v2.Cluster.RingHashLbConfigJY
MaglevLbConfigG
table_size (
2
.google.protobuf.UInt64ValueB
?B2˖?R tableSize?
OriginalDstLbConfig&
use_http_header (R
useHttpHeader(
http_header_name ( RhttpHeaderName]
upstream_port_override (
2
.google.protobuf.UInt32ValueB ?B*??RupstreamPortOverrideF
metadata_key (
2#.envoy.type.metadata.v3.MetadataKeyR
metadataKey:/?ň
*
(envoy.api.v2.Cluster.OriginalDstLbConfig?
CommonLbConfigN
healthy_panic_threshold (
2.envoy.type.v3.PercentRhealthyPanicThresholdt
zone_aware_lb_config (
2A.envoy.config.cluster.v3.Cluster.CommonLbConfig.ZoneAwareLbConfigH�RzoneAwareLbConfig?
locality_weighted_lb_config (
2H.envoy.config.cluster.v3.Cluster.CommonLbConfig.LocalityWeightedLbConfigH�RlocalityWeightedLbConfigI
update_merge_window (
2.google.protobuf.DurationRupdateMergeWindowC
ignore_new_hosts_until_first_hc (RignoreNewHostsUntilFirstHcM
$close_connections_on_host_set_change (R closeConnectionsOnHostSetChange?
consistent_hashing_lb_config (
2I.envoy.config.cluster.v3.Cluster.CommonLbConfig.ConsistentHashingLbConfigRconsistentHashingLbConfigW
override_host_status (
2%.envoy.config.core.v3.HealthStatusSetRoverrideHostStatus?
ZoneAwareLbConfig?
routing_enabled (
2.envoy.type.v3.PercentRroutingEnabledF
min_cluster_size (
2
.google.protobuf.UInt64ValueRminClusterSize1
fail_traffic_on_panic (RfailTrafficOnPanic:
�>
!�-
!�-
"�"
"�"
#�_
#�_
$�F
???j$�F
?
�*�,f Cluster list collections. Entries are ``Cluster`` resources or references.
[#not-implemented-hide:]
2* [#protodoc-title: Cluster configuration]
�*
��+*
��+
��+
%
��+()
S
0�? F Configuration for a single upstream cluster.
[#next-free-field: 57]
0
1V
ӈ?1V
?
�5Lr Refer to :ref:`service discovery type `
for an explanation on each type.
�5
}
��8n Refer to the :ref:`static discovery type`
for an explanation.
��8
��8
?
�=w Refer to the :ref:`strict DNS discovery
type`
for an explanation.
�=
�=
?
�By Refer to the :ref:`logical DNS discovery
type`
for an explanation.
�B
�B
{
�F
l Refer to the :ref:`service discovery type`
for an explanation.
�F
�F
?
�K? Refer to the :ref:`original destination discovery
type`
for an explanation.
�K
�K
?
Px? Refer to :ref:`load balancer type ` architecture
overview section for information on each type.
P
Q
�Q
�Q
�Q
S
�S
?
�X} Refer to the :ref:`round robin load balancing
policy`
for an explanation.
�X
�X
?
]? Refer to the :ref:`least request load balancing
policy`
for an explanation.
]
]
?
by Refer to the :ref:`ring hash load balancing
policy`
for an explanation.
b
b
?
gs Refer to the :ref:`random load balancing
policy`
for an explanation.
g
g
?
kr Refer to the :ref:`Maglev load balancing policy`
for an explanation.
k
k
?
p? This load balancer type must be specified if the configured cluster provides a cluster
specific load balancer. Consult the configured cluster's documentation for whether to set
this option or not.
p
p
?
w%? Use the new :ref:`load_balancing_policy
` field to determine the LB policy.
This has been deprecated in favor of using the :ref:`load_balancing_policy
` field without
setting any value in :ref:`lb_policy`.
w
w#$
?
???
When V4_ONLY is selected, the DNS resolver will only perform a lookup for
addresses in the IPv4 family. If V6_ONLY is selected, the DNS resolver will
only perform a lookup for addresses in the IPv6 family. If AUTO is
specified, the DNS resolver will first perform a lookup for addresses in
the IPv6 family and fallback to a lookup for addresses in the IPv4 family.
This is semantically equivalent to a non-existent V6_PREFERRED option.
AUTO is a legacy name that is more opaque than
necessary and will be deprecated in favor of V6_PREFERRED in a future major version of the API.
If V4_PREFERRED is specified, the DNS resolver will first perform a lookup for addresses in the
IPv4 family and fallback to a lookup for addresses in the IPv6 family. i.e., the callback
target will only get v6 addresses if there were NO v4 addresses to return.
If ALL is specified, the DNS resolver will perform a lookup for both IPv4 and IPv6 families,
and return all resolved addresses. When this is used, Happy Eyeballs will be enabled for
upstream connections. Refer to :ref:`Happy Eyeballs Support `
for more information.
For cluster types other than
:ref:`STRICT_DNS` and
:ref:`LOGICAL_DNS`,
this setting is
ignored.
[#next-major-version: deprecate AUTO in favor of a V6_PREFERRED option.]
?
�?
�?
�?
?
?
?
?
?
?
?
?
?
?
?
?
??
?
?
�? ? Cluster can only operate on one of the possible upstream protocols (HTTP1.1, HTTP2).
If :ref:`http2_protocol_options ` are
present, HTTP2 will be used, otherwise HTTP1.1 will be used.
�?
�?
d
? T Use HTTP1.1 or HTTP2, depending on which one is used on the downstream connection.
?
?
?
�??t TransportSocketMatch specifies what transport socket config will be used
when the match conditions are satisfied.
�?
�??4
�ӈ???4
B
��?=2 The name of the match, used in stats generation.
��?
��?
��?
��?<
��??;
?
�?%? Optional endpoint metadata match criteria.
The connection to the endpoint with metadata matching what is set in this field
will use the transport socket configuration specified here.
The endpoint's metadata entry in ``envoy.transport_socket_match`` is used to match
against the values specified in this field.
�?
�?
�?#$
u
�?1e The configuration of the transport socket.
[#extension-category: envoy.transport_sockets.upstream]
�?
�?
,
�?/0
(
?? Extended cluster type.
?
??1
ӈ???1
g
�?=W The type of the cluster to instantiate. The name must match a supported cluster type.
�?
�?
�?
�?<
�??;
?
?)? Cluster specific configuration which depends on the cluster being instantiated.
See the supported cluster for further documentation.
[#extension-category: envoy.clusters]
?
?$
?'(
8
??( Only valid when discovery type is EDS.
?
??0
ӈ???0
O
�?(? Configuration for the source of EDS updates for this Cluster.
�?
�?#
�?&'
?
?
? Optional alternative to cluster name to present to EDS. This does not
have the same restrictions as cluster name, i.e. it may be arbitrary
length. This may be a xdstp:// URL.
?
?
?
?
??? Optionally divide the endpoints in this cluster into subsets defined by
endpoint metadata and selected by route and weighted cluster metadata.
[#next-free-field: 9]
?
??.
ӈ???.
?
�??? If NO_FALLBACK is selected, a result
equivalent to no healthy hosts is reported. If ANY_ENDPOINT is selected,
any cluster endpoint may be returned (subject to policy, health checks,
etc). If DEFAULT_SUBSET is selected, load balancing is performed over the
endpoints matching the values from the default_subset field.
�?
��?
��?
��?
�?
�?
�?
�?
�?
�?
??
? '
C
�? 1 No fallback. Route metadata will be used as-is.
�?
�?
?
?? A special metadata key ``fallback_list`` will be used to provide variants of metadata to try.
Value of ``fallback_list`` key has to be a list. Every list element has to be a struct - it will
be merged with route metadata, overriding keys that appear in both places.
``fallback_list`` entries will be used in order until a host is found.
``fallback_list`` key itself is removed from metadata before subset load balancing is performed.
Example:
for metadata:
.. code-block:: yaml
version: 1.0
fallback_list:
- version: 2.0
hardware: c64
- hardware: c32
- version: 3.0
at first, metadata:
.. code-block:: json
{"version": "2.0", "hardware": "c64"}
will be used for load balancing. If no host is found, metadata:
.. code-block:: json
{"version": "1.0", "hardware": "c32"}
is next to try. If it still results in no host, finally metadata:
.. code-block:: json
{"version": "3.0"}
is used.
?
?
/
�??
Specifications for subsets.
�?
�??A
�ӈ???A
P
��??< Allows to override top level fallback policy per selector.
��?
)
V
���?B If NOT_DEFINED top level config fallback policy is used instead.
���?
���?
f
��?R If NO_FALLBACK is selected, a result equivalent to no healthy hosts is reported.
��?
��?
?
��?m If ANY_ENDPOINT is selected, any cluster endpoint may be returned
(subject to policy, health checks, etc).
��?
��?
?
��?? If DEFAULT_SUBSET is selected, load balancing is performed over the
endpoints matching the values from the default_subset field.
��?
��?
?
��?? If KEYS_SUBSET is selected, subset selector matching is performed again with metadata
keys reduced to
:ref:`fallback_keys_subset`.
It allows for a fallback to a different, less specific selector if some of the keys of
the selector are considered optional.
��?
��?
M
��? ; List of keys to match with the weighted cluster metadata.
��?
��?
��?
��?
?
�?&? Selects a mode of operation in which each subset has only one host. This mode uses the same rules for
choosing a host, but updating hosts is faster, especially for large numbers of hosts.
If a match is found to a host, that host will be used regardless of priority levels.
When this mode is enabled, configurations that contain more than one host with the same metadata value for the single key in ``keys``
will use only one of the hosts with the given key; no requests will be routed to the others. The cluster gauge
:ref:`lb_subsets_single_host_per_subset_duplicate` indicates how many duplicates are
present in the current configuration.
�?
�?
!
�?$%
g
�??9S The behavior used when no endpoint subset matches the selected route's
metadata.
�?$
�?%4
�?78
�?
8
�??
7
?
�?/? Subset of
:ref:`keys` used by
:ref:`KEYS_SUBSET`
fallback policy.
It has to be a non empty list if KEYS_SUBSET fallback policy is selected.
For any other fallback policy the parameter is not used and should not be set.
Only values also present in
:ref:`keys` are allowed, but
``fallback_keys_subset`` cannot be equal to ``keys``.
�?
�?
�?*
�?-.
?
�?^? The behavior used when no endpoint subset matches the selected route's
metadata. The value defaults to
:ref:`NO_FALLBACK`.
�?
�?*
�?-.
�?/]
�??0\
?
?.? Specifies the default subset of endpoints used during fallback if
fallback_policy is
:ref:`DEFAULT_SUBSET`.
Each field in default_subset is
compared to the matching LbEndpoint.Metadata under the ``envoy.lb``
namespace. It is valid for no hosts to match, in which case the behavior
is the same as a fallback_policy of
:ref:`NO_FALLBACK`.
?
?)
?,-
?
?3? For each entry, LbEndpoint.Metadata's
``envoy.lb`` namespace is traversed and a subset is created for each unique
combination of key and value. For example:
.. code-block:: json
{ "subset_selectors": [
{ "keys": [ "version" ] },
{ "keys": [ "stage", "hardware_type" ] }
]}
A subset is matched when the metadata from the selected route and
weighted cluster contains the same keys and values as the subset's
metadata. The same host may appear in multiple subsets.
?
?
?
.
?12
?
?#? If true, routing to subsets will take into account the localities and locality weights of the
endpoints when making the routing decision.
There are some potential pitfalls associated with enabling this feature, as the resulting
traffic split after applying both a subset match and locality weights might be undesirable.
Consider for example a situation in which you have 50/50 split across two localities X/Y
which have 100 hosts each without subsetting. If the subset LB results in X having only 1
host selected but Y having 100, then a lot more load is being dumped on the single host in X
than originally anticipated in the load balancing assignment delivered via EDS.
?
?
?!"
?
?#? When used with locality_weight_aware, scales the weight of each locality by the ratio
of hosts in the subset vs hosts in the original subset. This aims to even out the load
going to an individual locality if said locality is disproportionately affected by the
subset predicate.
?
?
?!"
?
?
? If true, when a fallback policy is configured and its corresponding subset fails to find
a host this will cause any host to be selected instead.
This is useful when using the default subset as the fallback policy, given the default
subset might become empty. With this option enabled, if that happens the LB will attempt
to select a host from the entire cluster.
?
?
?
?
?? If true, metadata specified for a metadata key will be matched against the corresponding
endpoint metadata if the endpoint metadata matches the value exactly OR it is a list value
and any of the elements in the list matches the criteria.
?
?
?
?
??7? Fallback mechanism that allows to try different route metadata until a host is found.
If load balancing process, including all its mechanisms (like
:ref:`fallback_policy`)
fails to select a host, this policy decides if and how the process is repeated using another metadata.
The value defaults to
:ref:`METADATA_NO_FALLBACK`.
?"
?#;
?>?
?6
?? 5
e
??U Configuration for :ref:`slow start mode `.
?
?
�?3? Represents the size of slow start window.
If set, the newly created host remains in slow start mode starting from its creation time
for the duration of slow start window.
�?
�?
.
�?12
?
?)? This parameter controls the speed of traffic increase over the slow start window. Defaults to 1.0,
so that endpoint would get linearly increasing amount of traffic.
When increasing the value for this parameter, the speed of traffic ramp-up increases non-linearly.
The value of aggression parameter should be greater than 0.0.
By tuning the parameter, is possible to achieve polynomial or exponential shape of ramp-up curve.
During slow start window, effective weight of an endpoint would be scaled with time factor and aggression:
``new_weight = weight * max(min_weight_percent, time_factor ^ (1 / aggression))``,
where ``time_factor=(time_since_start_seconds / slow_start_time_seconds)``.
As time progresses, more and more traffic would be sent to endpoint, which is in slow start window.
Once host exits slow start, time_factor and aggression no longer affect its weight.
?
?$
?'(
?
?+? Configures the minimum percentage of origin weight that avoids too small new weight,
which may cause endpoints in slow start mode receive no traffic in slow start window.
If not specified, the default is 10%.
?
?&
?)*
R
??B Specific configuration for the RoundRobin load balancing policy.
?
{
�?*k Configuration for slow start mode.
If this configuration is not set, slow start will not be not enabled.
�?
�?%
�?()
T
??D Specific configuration for the LeastRequest load balancing policy.
?
??4
ӈ???4
?
�?V? The number of random healthy hosts from which the host with the fewest active requests will
be chosen. Defaults to 2 so that we perform two-choice selection if the field is not set.
�?
�? ,
�?/0
�?1U
�??2T
?
?2? The following formula is used to calculate the dynamic weights when hosts have different load
balancing weights:
``weight = load_balancing_weight / (active_requests + 1)^active_request_bias``
The larger the active request bias is, the more aggressively active requests will lower the
effective weight when all host weights are not equal.
``active_request_bias`` must be greater than or equal to 0.0.
When ``active_request_bias == 0.0`` the Least Request Load Balancer doesn't consider the number
of active requests at the time it picks a host and behaves like the Round Robin Load
Balancer.
When ``active_request_bias > 0.0`` the Least Request Load Balancer scales the load balancing
weight by the number of active requests at the time it does a pick.
The value is cached for performance reasons and refreshed whenever one of the Load Balancer's
host sets changes, e.g., whenever there is a host membership update or a host load balancing
weight change.
.. note::
This setting only takes effect if all host weights are not equal.
?
?-
?01
{
?*k Configuration for slow start mode.
If this configuration is not set, slow start will not be not enabled.
?
?%
?()
?
??v Specific configuration for the :ref:`RingHash`
load balancing policy.
?
??0
ӈ???0
N
�??< The hash function used to hash hosts onto the ketama ring.
�?
j
��?X Use `xxHash `_, this is the default hash function.
��?
��?
?
�?? Use `MurmurHash2 in GNU libstdc++ 3.4.20 or above. This is typically the case when compiled
on Linux and not macOS.
�?
�?
?
�?
�?
�?
?
�?a? Minimum hash ring size. The larger the ring is (that is, the more hashes there are for each
provided host) the better the request distribution will reflect the desired weights. Defaults
to 1024 entries, and limited to 8M entries. See also
:ref:`maximum_ring_size`.
�?
�? 1
�?45
�?6`
�??7_
?
?R? The hash function used to hash hosts onto the ketama ring. The value defaults to
:ref:`XX_HASH`.
?
?
?!"
?#Q
??$P
?
?a? Maximum hash ring size. Defaults to 8M entries, and limited to 8M entries, but can be lowered
to further constrain resource use. See also
:ref:`minimum_ring_size`.
?
? 1
?45
?6`
??7_
?
??q Specific configuration for the :ref:`Maglev`
load balancing policy.
?
?
�?Z? The table size for Maglev hashing. Maglev aims for "minimal disruption" rather than an absolute guarantee.
Minimal disruption means that when the set of upstream hosts change, a connection will likely be sent to the same
upstream as it was before. Increasing the table size reduces the amount of disruption.
The table size must be prime number limited to 5000011. If it is not specified, the default is 65537.
�?
�? *
�?-.
�?/Y
�??0X
?
??? Specific configuration for the
:ref:`Original Destination `
load balancing policy.
[#extension: envoy.clusters.original_dst]
?
??3
ӈ???3
?
�?
? When true, a HTTP header can be used to override the original dst address. The default header is
:ref:`x-envoy-original-dst-host `.
.. attention::
This header isn't sanitized by default, so enabling this feature allows HTTP clients to
route traffic to arbitrary hosts and/or ports, which may have serious security
consequences.
.. note::
If the header appears multiple times only the first value is used.
�?
�?
�?
?
? ? The http header to override destination address if :ref:`use_http_header `.
is set to true. If the value is empty, :ref:`x-envoy-original-dst-host