Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
syntax = "proto3";
package envoy.config.bootstrap.v3;
import "envoy/config/accesslog/v3/accesslog.proto";
import "envoy/config/cluster/v3/cluster.proto";
import "envoy/config/core/v3/address.proto";
import "envoy/config/core/v3/base.proto";
import "envoy/config/core/v3/config_source.proto";
import "envoy/config/core/v3/event_service_config.proto";
import "envoy/config/core/v3/extension.proto";
import "envoy/config/core/v3/resolver.proto";
import "envoy/config/core/v3/socket_option.proto";
import "envoy/config/listener/v3/listener.proto";
import "envoy/config/metrics/v3/stats.proto";
import "envoy/config/overload/v3/overload.proto";
import "envoy/config/trace/v3/http_tracer.proto";
import "envoy/extensions/transport_sockets/tls/v3/secret.proto";
import "envoy/type/v3/percent.proto";
import "google/protobuf/duration.proto";
import "google/protobuf/struct.proto";
import "google/protobuf/wrappers.proto";
import "envoy/annotations/deprecation.proto";
import "udpa/annotations/migrate.proto";
import "udpa/annotations/security.proto";
import "udpa/annotations/status.proto";
import "udpa/annotations/versioning.proto";
import "validate/validate.proto";
option java_package = "io.envoyproxy.envoy.config.bootstrap.v3";
option java_outer_classname = "BootstrapProto";
option java_multiple_files = true;
option go_package = "github.com/envoyproxy/go-control-plane/envoy/config/bootstrap/v3;bootstrapv3";
option (udpa.annotations.file_status).package_version_status = ACTIVE;
// [#protodoc-title: Bootstrap]
// This proto is supplied via the :option:`-c` CLI flag and acts as the root
// of the Envoy v3 configuration. See the :ref:`v3 configuration overview
// ` for more detail.
// Bootstrap :ref:`configuration overview `.
// [#next-free-field: 36]
message Bootstrap {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.Bootstrap";
message StaticResources {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.Bootstrap.StaticResources";
// Static :ref:`Listeners `. These listeners are
// available regardless of LDS configuration.
repeated listener.v3.Listener listeners = 1;
// If a network based configuration source is specified for :ref:`cds_config
// `, it's necessary
// to have some initial cluster definitions available to allow Envoy to know
// how to speak to the management server. These cluster definitions may not
// use :ref:`EDS ` (i.e. they should be static
// IP or DNS-based).
repeated cluster.v3.Cluster clusters = 2;
// These static secrets can be used by :ref:`SdsSecretConfig
// `
repeated envoy.extensions.transport_sockets.tls.v3.Secret secrets = 3;
}
// [#next-free-field: 7]
message DynamicResources {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.Bootstrap.DynamicResources";
reserved 4;
// All :ref:`Listeners ` are provided by a single
// :ref:`LDS ` configuration source.
core.v3.ConfigSource lds_config = 1;
// xdstp:// resource locator for listener collection.
// [#not-implemented-hide:]
string lds_resources_locator = 5;
// All post-bootstrap :ref:`Cluster ` definitions are
// provided by a single :ref:`CDS `
// configuration source.
core.v3.ConfigSource cds_config = 2;
// xdstp:// resource locator for cluster collection.
// [#not-implemented-hide:]
string cds_resources_locator = 6;
// A single :ref:`ADS ` source may be optionally
// specified. This must have :ref:`api_type
// ` :ref:`GRPC
// `. Only
// :ref:`ConfigSources ` that have
// the :ref:`ads ` field set will be
// streamed on the ADS channel.
core.v3.ApiConfigSource ads_config = 3;
}
reserved 10, 11;
reserved "runtime";
// Node identity to present to the management server and for instance
// identification purposes (e.g. in generated headers).
core.v3.Node node = 1;
// A list of :ref:`Node ` field names
// that will be included in the context parameters of the effective
// xdstp:// URL that is sent in a discovery request when resource
// locators are used for LDS/CDS. Any non-string field will have its JSON
// encoding set as the context parameter value, with the exception of
// metadata, which will be flattened (see example below). The supported field
// names are:
// - "cluster"
// - "id"
// - "locality.region"
// - "locality.sub_zone"
// - "locality.zone"
// - "metadata"
// - "user_agent_build_version.metadata"
// - "user_agent_build_version.version"
// - "user_agent_name"
// - "user_agent_version"
//
// The node context parameters act as a base layer dictionary for the context
// parameters (i.e. more specific resource specific context parameters will
// override). Field names will be prefixed with “udpa.node.” when included in
// context parameters.
//
// For example, if node_context_params is ``["user_agent_name", "metadata"]``,
// the implied context parameters might be::
//
// node.user_agent_name: "envoy"
// node.metadata.foo: "{\"bar\": \"baz\"}"
// node.metadata.some: "42"
// node.metadata.thing: "\"thing\""
//
// [#not-implemented-hide:]
repeated string node_context_params = 26;
// Statically specified resources.
StaticResources static_resources = 2;
// xDS configuration sources.
DynamicResources dynamic_resources = 3;
// Configuration for the cluster manager which owns all upstream clusters
// within the server.
ClusterManager cluster_manager = 4;
// Health discovery service config option.
// (:ref:`core.ApiConfigSource `)
core.v3.ApiConfigSource hds_config = 14;
// Optional file system path to search for startup flag files.
string flags_path = 5;
// Optional set of stats sinks.
repeated metrics.v3.StatsSink stats_sinks = 6;
// Configuration for internal processing of stats.
metrics.v3.StatsConfig stats_config = 13;
// Optional duration between flushes to configured stats sinks. For
// performance reasons Envoy latches counters and only flushes counters and
// gauges at a periodic interval. If not specified the default is 5000ms (5
// seconds). Only one of ``stats_flush_interval`` or ``stats_flush_on_admin``
// can be set.
// Duration must be at least 1ms and at most 5 min.
google.protobuf.Duration stats_flush_interval = 7 [
(validate.rules).duration = {
lt {seconds: 300}
gte {nanos: 1000000}
},
(udpa.annotations.field_migrate).oneof_promotion = "stats_flush"
];
oneof stats_flush {
// Flush stats to sinks only when queried for on the admin interface. If set,
// a flush timer is not created. Only one of ``stats_flush_on_admin`` or
// ``stats_flush_interval`` can be set.
bool stats_flush_on_admin = 29 [(validate.rules).bool = {const: true}];
}
// Optional watchdog configuration.
// This is for a single watchdog configuration for the entire system.
// Deprecated in favor of ``watchdogs`` which has finer granularity.
Watchdog watchdog = 8
[deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
// Optional watchdogs configuration.
// This is used for specifying different watchdogs for the different subsystems.
// [#extension-category: envoy.guarddog_actions]
Watchdogs watchdogs = 27;
// Configuration for an external tracing provider.
//
// .. attention::
// This field has been deprecated in favor of :ref:`HttpConnectionManager.Tracing.provider
// `.
trace.v3.Tracing tracing = 9
[deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
// Configuration for the runtime configuration provider. If not
// specified, a “null” provider will be used which will result in all defaults
// being used.
LayeredRuntime layered_runtime = 17;
// Configuration for the local administration HTTP server.
Admin admin = 12;
// Optional overload manager configuration.
overload.v3.OverloadManager overload_manager = 15 [
(udpa.annotations.security).configure_for_untrusted_downstream = true,
(udpa.annotations.security).configure_for_untrusted_upstream = true
];
// Enable :ref:`stats for event dispatcher `, defaults to false.
// Note that this records a value for each iteration of the event loop on every thread. This
// should normally be minimal overhead, but when using
// :ref:`statsd `, it will send each observed value
// over the wire individually because the statsd protocol doesn't have any way to represent a
// histogram summary. Be aware that this can be a very large volume of data.
bool enable_dispatcher_stats = 16;
// Optional string which will be used in lieu of x-envoy in prefixing headers.
//
// For example, if this string is present and set to X-Foo, then x-envoy-retry-on will be
// transformed into x-foo-retry-on etc.
//
// Note this applies to the headers Envoy will generate, the headers Envoy will sanitize, and the
// headers Envoy will trust for core code and core extensions only. Be VERY careful making
// changes to this string, especially in multi-layer Envoy deployments or deployments using
// extensions which are not upstream.
string header_prefix = 18;
// Optional proxy version which will be used to set the value of :ref:`server.version statistic
// ` if specified. Envoy will not process this value, it will be sent as is to
// :ref:`stats sinks `.
google.protobuf.UInt64Value stats_server_version_override = 19;
// Always use TCP queries instead of UDP queries for DNS lookups.
// This may be overridden on a per-cluster basis in cds_config,
// when :ref:`dns_resolvers ` and
// :ref:`use_tcp_for_dns_lookups ` are
// specified.
// This field is deprecated in favor of ``dns_resolution_config``
// which aggregates all of the DNS resolver configuration in a single message.
bool use_tcp_for_dns_lookups = 20
[deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
// DNS resolution configuration which includes the underlying dns resolver addresses and options.
// This may be overridden on a per-cluster basis in cds_config, when
// :ref:`dns_resolution_config `
// is specified.
// This field is deprecated in favor of
// :ref:`typed_dns_resolver_config `.
core.v3.DnsResolutionConfig dns_resolution_config = 30
[deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
// DNS resolver type configuration extension. This extension can be used to configure c-ares, apple,
// or any other DNS resolver types and the related parameters.
// For example, an object of
// :ref:`CaresDnsResolverConfig `
// can be packed into this ``typed_dns_resolver_config``. This configuration replaces the
// :ref:`dns_resolution_config `
// configuration.
// During the transition period when both ``dns_resolution_config`` and ``typed_dns_resolver_config`` exists,
// when ``typed_dns_resolver_config`` is in place, Envoy will use it and ignore ``dns_resolution_config``.
// When ``typed_dns_resolver_config`` is missing, the default behavior is in place.
// [#extension-category: envoy.network.dns_resolver]
core.v3.TypedExtensionConfig typed_dns_resolver_config = 31;
// Specifies optional bootstrap extensions to be instantiated at startup time.
// Each item contains extension specific configuration.
// [#extension-category: envoy.bootstrap]
repeated core.v3.TypedExtensionConfig bootstrap_extensions = 21;
// Specifies optional extensions instantiated at startup time and
// invoked during crash time on the request that caused the crash.
repeated FatalAction fatal_actions = 28;
// Configuration sources that will participate in
// xdstp:// URL authority resolution. The algorithm is as
// follows:
// 1. The authority field is taken from the xdstp:// URL, call
// this ``resource_authority``.
// 2. ``resource_authority`` is compared against the authorities in any peer
// ``ConfigSource``. The peer ``ConfigSource`` is the configuration source
// message which would have been used unconditionally for resolution
// with opaque resource names. If there is a match with an authority, the
// peer ``ConfigSource`` message is used.
// 3. ``resource_authority`` is compared sequentially with the authorities in
// each configuration source in ``config_sources``. The first ``ConfigSource``
// to match wins.
// 4. As a fallback, if no configuration source matches, then
// ``default_config_source`` is used.
// 5. If ``default_config_source`` is not specified, resolution fails.
// [#not-implemented-hide:]
repeated core.v3.ConfigSource config_sources = 22;
// Default configuration source for xdstp:// URLs if all
// other resolution fails.
// [#not-implemented-hide:]
core.v3.ConfigSource default_config_source = 23;
// Optional overriding of default socket interface. The value must be the name of one of the
// socket interface factories initialized through a bootstrap extension
string default_socket_interface = 24;
// Global map of CertificateProvider instances. These instances are referred to by name in the
// :ref:`CommonTlsContext.CertificateProviderInstance.instance_name
// `
// field.
// [#not-implemented-hide:]
map certificate_provider_instances = 25;
// Specifies a set of headers that need to be registered as inline header. This configuration
// allows users to customize the inline headers on-demand at Envoy startup without modifying
// Envoy's source code.
//
// Note that the 'set-cookie' header cannot be registered as inline header.
repeated CustomInlineHeader inline_headers = 32;
// Optional path to a file with performance tracing data created by "Perfetto" SDK in binary
// ProtoBuf format. The default value is "envoy.pftrace".
string perf_tracing_file_path = 33;
// Optional overriding of default regex engine.
// If the value is not specified, Google RE2 will be used by default.
// [#extension-category: envoy.regex_engines]
core.v3.TypedExtensionConfig default_regex_engine = 34;
// Optional XdsResourcesDelegate configuration, which allows plugging custom logic into both
// fetch and load events during xDS processing.
// If a value is not specified, no XdsResourcesDelegate will be used.
// TODO(abeyad): Add public-facing documentation.
// [#not-implemented-hide:]
core.v3.TypedExtensionConfig xds_delegate_extension = 35;
}
// Administration interface :ref:`operations documentation
// `.
// [#next-free-field: 7]
message Admin {
option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Admin";
// Configuration for :ref:`access logs `
// emitted by the administration server.
repeated accesslog.v3.AccessLog access_log = 5;
// The path to write the access log for the administration server. If no
// access log is desired specify ‘/dev/null’. This is only required if
// :ref:`address ` is set.
// Deprecated in favor of ``access_log`` which offers more options.
string access_log_path = 1
[deprecated = true, (envoy.annotations.deprecated_at_minor_version) = "3.0"];
// The cpu profiler output path for the administration server. If no profile
// path is specified, the default is ‘/var/log/envoy/envoy.prof’.
string profile_path = 2;
// The TCP address that the administration server will listen on.
// If not specified, Envoy will not start an administration server.
core.v3.Address address = 3;
// Additional socket options that may not be present in Envoy source code or
// precompiled binaries.
repeated core.v3.SocketOption socket_options = 4;
// Indicates whether :ref:`global_downstream_max_connections `
// should apply to the admin interface or not.
bool ignore_global_conn_limit = 6;
}
// Cluster manager :ref:`architecture overview `.
message ClusterManager {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.ClusterManager";
message OutlierDetection {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.ClusterManager.OutlierDetection";
// Specifies the path to the outlier event log.
string event_log_path = 1;
// [#not-implemented-hide:]
// The gRPC service for the outlier detection event service.
// If empty, outlier detection events won't be sent to a remote endpoint.
core.v3.EventServiceConfig event_service = 2;
}
// Name of the local cluster (i.e., the cluster that owns the Envoy running
// this configuration). In order to enable :ref:`zone aware routing
// ` this option must be set.
// If ``local_cluster_name`` is defined then :ref:`clusters
// ` must be defined in the :ref:`Bootstrap
// static cluster resources
// `. This is unrelated to
// the :option:`--service-cluster` option which does not `affect zone aware
// routing `_.
string local_cluster_name = 1;
// Optional global configuration for outlier detection.
OutlierDetection outlier_detection = 2;
// Optional configuration used to bind newly established upstream connections.
// This may be overridden on a per-cluster basis by upstream_bind_config in the cds_config.
core.v3.BindConfig upstream_bind_config = 3;
// A management server endpoint to stream load stats to via
// ``StreamLoadStats``. This must have :ref:`api_type
// ` :ref:`GRPC
// `.
core.v3.ApiConfigSource load_stats_config = 4;
}
// Allows you to specify different watchdog configs for different subsystems.
// This allows finer tuned policies for the watchdog. If a subsystem is omitted
// the default values for that system will be used.
message Watchdogs {
// Watchdog for the main thread.
Watchdog main_thread_watchdog = 1;
// Watchdog for the worker threads.
Watchdog worker_watchdog = 2;
}
// Envoy process watchdog configuration. When configured, this monitors for
// nonresponsive threads and kills the process after the configured thresholds.
// See the :ref:`watchdog documentation ` for more information.
// [#next-free-field: 8]
message Watchdog {
option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Watchdog";
message WatchdogAction {
// The events are fired in this order: KILL, MULTIKILL, MEGAMISS, MISS.
// Within an event type, actions execute in the order they are configured.
// For KILL/MULTIKILL there is a default PANIC that will run after the
// registered actions and kills the process if it wasn't already killed.
// It might be useful to specify several debug actions, and possibly an
// alternate FATAL action.
enum WatchdogEvent {
UNKNOWN = 0;
KILL = 1;
MULTIKILL = 2;
MEGAMISS = 3;
MISS = 4;
}
// Extension specific configuration for the action.
core.v3.TypedExtensionConfig config = 1;
WatchdogEvent event = 2 [(validate.rules).enum = {defined_only: true}];
}
// Register actions that will fire on given WatchDog events.
// See ``WatchDogAction`` for priority of events.
repeated WatchdogAction actions = 7;
// The duration after which Envoy counts a nonresponsive thread in the
// ``watchdog_miss`` statistic. If not specified the default is 200ms.
google.protobuf.Duration miss_timeout = 1;
// The duration after which Envoy counts a nonresponsive thread in the
// ``watchdog_mega_miss`` statistic. If not specified the default is
// 1000ms.
google.protobuf.Duration megamiss_timeout = 2;
// If a watched thread has been nonresponsive for this duration, assume a
// programming error and kill the entire Envoy process. Set to 0 to disable
// kill behavior. If not specified the default is 0 (disabled).
google.protobuf.Duration kill_timeout = 3;
// Defines the maximum jitter used to adjust the ``kill_timeout`` if ``kill_timeout`` is
// enabled. Enabling this feature would help to reduce risk of synchronized
// watchdog kill events across proxies due to external triggers. Set to 0 to
// disable. If not specified the default is 0 (disabled).
google.protobuf.Duration max_kill_timeout_jitter = 6 [(validate.rules).duration = {gte {}}];
// If ``max(2, ceil(registered_threads * Fraction(*multikill_threshold*)))``
// threads have been nonresponsive for at least this duration kill the entire
// Envoy process. Set to 0 to disable this behavior. If not specified the
// default is 0 (disabled).
google.protobuf.Duration multikill_timeout = 4;
// Sets the threshold for ``multikill_timeout`` in terms of the percentage of
// nonresponsive threads required for the ``multikill_timeout``.
// If not specified the default is 0.
type.v3.Percent multikill_threshold = 5;
}
// Fatal actions to run while crashing. Actions can be safe (meaning they are
// async-signal safe) or unsafe. We run all safe actions before we run unsafe actions.
// If using an unsafe action that could get stuck or deadlock, it important to
// have an out of band system to terminate the process.
//
// The interface for the extension is ``Envoy::Server::Configuration::FatalAction``.
// ``FatalAction`` extensions live in the ``envoy.extensions.fatal_actions`` API
// namespace.
message FatalAction {
// Extension specific configuration for the action. It's expected to conform
// to the ``Envoy::Server::Configuration::FatalAction`` interface.
core.v3.TypedExtensionConfig config = 1;
}
// Runtime :ref:`configuration overview ` (deprecated).
message Runtime {
option (udpa.annotations.versioning).previous_message_type = "envoy.config.bootstrap.v2.Runtime";
// The implementation assumes that the file system tree is accessed via a
// symbolic link. An atomic link swap is used when a new tree should be
// switched to. This parameter specifies the path to the symbolic link. Envoy
// will watch the location for changes and reload the file system tree when
// they happen. If this parameter is not set, there will be no disk based
// runtime.
string symlink_root = 1;
// Specifies the subdirectory to load within the root directory. This is
// useful if multiple systems share the same delivery mechanism. Envoy
// configuration elements can be contained in a dedicated subdirectory.
string subdirectory = 2;
// Specifies an optional subdirectory to load within the root directory. If
// specified and the directory exists, configuration values within this
// directory will override those found in the primary subdirectory. This is
// useful when Envoy is deployed across many different types of servers.
// Sometimes it is useful to have a per service cluster directory for runtime
// configuration. See below for exactly how the override directory is used.
string override_subdirectory = 3;
// Static base runtime. This will be :ref:`overridden
// ` by other runtime layers, e.g.
// disk or admin. This follows the :ref:`runtime protobuf JSON representation
// encoding `.
google.protobuf.Struct base = 4;
}
// [#next-free-field: 6]
message RuntimeLayer {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.RuntimeLayer";
// :ref:`Disk runtime ` layer.
message DiskLayer {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.RuntimeLayer.DiskLayer";
// The implementation assumes that the file system tree is accessed via a
// symbolic link. An atomic link swap is used when a new tree should be
// switched to. This parameter specifies the path to the symbolic link.
// Envoy will watch the location for changes and reload the file system tree
// when they happen. See documentation on runtime :ref:`atomicity
// ` for further details on how reloads are
// treated.
string symlink_root = 1;
// Specifies the subdirectory to load within the root directory. This is
// useful if multiple systems share the same delivery mechanism. Envoy
// configuration elements can be contained in a dedicated subdirectory.
string subdirectory = 3;
// :ref:`Append ` the
// service cluster to the path under symlink root.
bool append_service_cluster = 2;
}
// :ref:`Admin console runtime ` layer.
message AdminLayer {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.RuntimeLayer.AdminLayer";
}
// :ref:`Runtime Discovery Service (RTDS) ` layer.
message RtdsLayer {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.RuntimeLayer.RtdsLayer";
// Resource to subscribe to at ``rtds_config`` for the RTDS layer.
string name = 1;
// RTDS configuration source.
core.v3.ConfigSource rtds_config = 2;
}
// Descriptive name for the runtime layer. This is only used for the runtime
// :http:get:`/runtime` output.
string name = 1 [(validate.rules).string = {min_len: 1}];
oneof layer_specifier {
option (validate.required) = true;
// :ref:`Static runtime ` layer.
// This follows the :ref:`runtime protobuf JSON representation encoding
// `. Unlike static xDS resources, this static
// layer is overridable by later layers in the runtime virtual filesystem.
google.protobuf.Struct static_layer = 2;
DiskLayer disk_layer = 3;
AdminLayer admin_layer = 4;
RtdsLayer rtds_layer = 5;
}
}
// Runtime :ref:`configuration overview `.
message LayeredRuntime {
option (udpa.annotations.versioning).previous_message_type =
"envoy.config.bootstrap.v2.LayeredRuntime";
// The :ref:`layers ` of the runtime. This is ordered
// such that later layers in the list overlay earlier entries.
repeated RuntimeLayer layers = 1;
}
// Used to specify the header that needs to be registered as an inline header.
//
// If request or response contain multiple headers with the same name and the header
// name is registered as an inline header. Then multiple headers will be folded
// into one, and multiple header values will be concatenated by a suitable delimiter.
// The delimiter is generally a comma.
//
// For example, if 'foo' is registered as an inline header, and the headers contains
// the following two headers:
//
// .. code-block:: text
//
// foo: bar
// foo: eep
//
// Then they will eventually be folded into:
//
// .. code-block:: text
//
// foo: bar, eep
//
// Inline headers provide O(1) search performance, but each inline header imposes
// an additional memory overhead on all instances of the corresponding type of
// HeaderMap or TrailerMap.
message CustomInlineHeader {
enum InlineHeaderType {
REQUEST_HEADER = 0;
REQUEST_TRAILER = 1;
RESPONSE_HEADER = 2;
RESPONSE_TRAILER = 3;
}
// The name of the header that is expected to be set as the inline header.
string inline_header_name = 1
[(validate.rules).string = {min_len: 1 well_known_regex: HTTP_HEADER_NAME strict: false}];
// The type of the header that is expected to be set as the inline header.
InlineHeaderType inline_header_type = 2 [(validate.rules).enum = {defined_only: true}];
}