| // Copyright 2017 Istio Authors |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| |
| syntax = "proto3"; |
| |
| import "gogoproto/gogo.proto"; |
| import "google/protobuf/duration.proto"; |
| |
| import "mixer/v1/attributes.proto"; |
| import "mixer/v1/config/client/api_spec.proto"; |
| import "mixer/v1/config/client/quota.proto"; |
| |
| // $title: Mixer Client |
| // $description: Configuration state for the Mixer client library. |
| // $location: https://istio.io/docs/reference/config/policy-and-telemetry/istio.mixer.v1.config.client |
| |
| // Describes the configuration state for the Mixer client library that's built into Envoy. |
| package istio.mixer.v1.config.client; |
| |
| option go_package = "istio.io/api/mixer/v1/config/client"; |
| |
| option (gogoproto.goproto_getters_all) = false; |
| option (gogoproto.equal_all) = false; |
| option (gogoproto.gostring_all) = false; |
| option (gogoproto.stable_marshaler_all) = true; |
| |
| // Specifies the behavior when the client is unable to connect to Mixer. |
| message NetworkFailPolicy { |
| |
| // Example of single-value enum. |
| enum FailPolicy { |
| // If network connection fails, request is allowed and delivered to the |
| // service. |
| FAIL_OPEN = 0; |
| } |
| |
| // Specifies the behavior when the client is unable to connect to Mixer. |
| FailPolicy policy = 1; |
| |
| // Max retries on transport error. |
| uint32 max_retry = 2; |
| |
| // Base time to wait between retries. Will be adjusted by exponential |
| // backoff and jitter. |
| google.protobuf.Duration base_retry_wait = 3; |
| |
| // Max time to wait between retries. |
| google.protobuf.Duration max_retry_wait = 4; |
| } |
| |
| // Defines the per-service client configuration. |
| message ServiceConfig { |
| // If true, do not call Mixer Check. |
| bool disable_check_calls = 1; |
| |
| // If true, do not call Mixer Report. |
| bool disable_report_calls = 2; |
| |
| // Send these attributes to Mixer in both Check and Report. This |
| // typically includes the "destination.service" attribute. |
| // In case of a per-route override, per-route attributes take precedence |
| // over the attributes supplied in the client configuration. |
| Attributes mixer_attributes = 3; |
| |
| // HTTP API specifications to generate API attributes. |
| repeated HTTPAPISpec http_api_spec = 4; |
| |
| // Quota specifications to generate quota requirements. |
| repeated QuotaSpec quota_spec = 5; |
| |
| // Specifies the behavior when the client is unable to connect to Mixer. |
| // This is the service-level policy. It overrides |
| // [mesh-level |
| // policy][istio.mixer.v1.config.client.TransportConfig.network_fail_policy]. |
| NetworkFailPolicy network_fail_policy = 7; |
| |
| // Default attributes to forward to upstream. This typically |
| // includes the "source.ip" and "source.uid" attributes. |
| // In case of a per-route override, per-route attributes take precedence |
| // over the attributes supplied in the client configuration. |
| // |
| // Forwarded attributes take precedence over the static Mixer attributes. |
| // The full order of application is as follows: |
| // 1. static Mixer attributes from the filter config; |
| // 2. static Mixer attributes from the route config; |
| // 3. forwarded attributes from the source filter config (if any); |
| // 4. forwarded attributes from the source route config (if any); |
| // 5. derived attributes from the request metadata. |
| Attributes forward_attributes = 8; |
| } |
| |
| // Defines the transport config on how to call Mixer. |
| message TransportConfig { |
| // The flag to disable check cache. |
| bool disable_check_cache = 1; |
| |
| // The flag to disable quota cache. |
| bool disable_quota_cache = 2; |
| |
| // The flag to disable report batch. |
| bool disable_report_batch = 3; |
| |
| // Specifies the behavior when the client is unable to connect to Mixer. |
| // This is the mesh level policy. The default value for policy is FAIL_OPEN. |
| NetworkFailPolicy network_fail_policy = 4; |
| |
| // Specify refresh interval to write Mixer client statistics to Envoy share |
| // memory. If not specified, the interval is 10 seconds. |
| google.protobuf.Duration stats_update_interval = 5; |
| |
| // Name of the cluster that will forward check calls to a pool of mixer |
| // servers. Defaults to "mixer_server". By using different names for |
| // checkCluster and reportCluster, it is possible to have one set of |
| // Mixer servers handle check calls, while another set of Mixer servers |
| // handle report calls. |
| // |
| // NOTE: Any value other than the default "mixer_server" will require the |
| // Istio Grafana dashboards to be reconfigured to use the new name. |
| string check_cluster = 6; |
| |
| // Name of the cluster that will forward report calls to a pool of mixer |
| // servers. Defaults to "mixer_server". By using different names for |
| // checkCluster and reportCluster, it is possible to have one set of |
| // Mixer servers handle check calls, while another set of Mixer servers |
| // handle report calls. |
| // |
| // NOTE: Any value other than the default "mixer_server" will require the |
| // Istio Grafana dashboards to be reconfigured to use the new name. |
| string report_cluster = 7; |
| |
| // Default attributes to forward to Mixer upstream. This typically |
| // includes the "source.ip" and "source.uid" attributes. These |
| // attributes are consumed by the proxy in front of mixer. |
| Attributes attributes_for_mixer_proxy = 8; |
| } |
| |
| // Defines the client config for HTTP. |
| message HttpClientConfig { |
| // The transport config. |
| TransportConfig transport = 1; |
| |
| // Map of control configuration indexed by destination.service. This |
| // is used to support per-service configuration for cases where a |
| // mixerclient serves multiple services. |
| map<string, ServiceConfig> service_configs = 2; |
| |
| // Default destination service name if none was specified in the |
| // client request. |
| string default_destination_service = 3; |
| |
| // Default attributes to send to Mixer in both Check and |
| // Report. This typically includes "destination.ip" and |
| // "destination.uid" attributes. |
| Attributes mixer_attributes = 4; |
| |
| // Default attributes to forward to upstream. This typically |
| // includes the "source.ip" and "source.uid" attributes. |
| Attributes forward_attributes = 5; |
| } |
| |
| // Defines the client config for TCP. |
| message TcpClientConfig { |
| // The transport config. |
| TransportConfig transport = 1; |
| |
| // Default attributes to send to Mixer in both Check and |
| // Report. This typically includes "destination.ip" and |
| // "destination.uid" attributes. |
| Attributes mixer_attributes = 2; |
| |
| // If set to true, disables Mixer check calls. |
| bool disable_check_calls = 3; |
| |
| // If set to true, disables Mixer check calls. |
| bool disable_report_calls = 4; |
| |
| // Quota specifications to generate quota requirements. |
| // It applies on the new TCP connections. |
| QuotaSpec connection_quota_spec = 5; |
| |
| // Specify report interval to send periodical reports for long TCP |
| // connections. If not specified, the interval is 10 seconds. This interval |
| // should not be less than 1 second, otherwise it will be reset to 1 second. |
| google.protobuf.Duration report_interval = 6; |
| } |